Prosím o kontrolu logu a pomoc trojan

mattz · Příspěvekod **mattz** » 24 lis 2008 21:07

Prosím o kontrolu logu trojan

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:58:11, on 24.11.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.11.1:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: vxanmgbt - {8466B2C2-22F5-4B1C-906D-44AD610FB817} - C:\WINDOWS\vxanmgbt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PSDrvCheck] "c:\program files\pinnacle\edition 5\program\PSDrvCheck.exe" -CheckReg
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CP1510_Series -f PQOptimizerVideo.xml -o remindLater
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdxci.exe] C:\WINDOWS\system32\kdxci.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [bcf1df13] rundll32.exe "C:\WINDOWS\system32\eogsrumq.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MS Shell Services] C:\WINDOWS\system32\rundll32.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\RunServices: [MS Shell Services] C:\WINDOWS\system32\rundll32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2208343271
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3125853750
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BC04B80-51FB-4C14-888C-920F2AB76705}: NameServer = 192.168.17.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FFD0CE5-9FC8-4C69-A84A-569D0817D420}: NameServer = 85.255.112.201;85.255.112.169
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1A47F86-AF67-43D2-9643-5249819AB798}: NameServer = 85.255.112.201;85.255.112.169
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: qxdepnbs - {DA6511A0-116D-4931-B43D-98111C3CFD70} - C:\WINDOWS\qxdepnbs.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 11298 bytes

Reklama

Příspěvekod **jaro3** » 25 lis 2008 10:01

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

mattz · Příspěvekod **mattz** » 27 lis 2008 15:09

Malwarebytes' Anti-Malware 1.30
Verze databáze: 1428
Windows 5.1.2600 Service Pack 2

27.11.2008 15:04:10
mbam-log-2008-11-27 (15-04-10).txt

Typ skenu: Rychlý sken
Objektu skenováno: 65647
Uplynulý cas: 5 minute(s), 42 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 6
Infikované klíce registru: 34
Infikované hodnoty registru: 7
Infikované položky dat registru: 9
Infikované složky: 1
Infikované soubory: 20

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
C:\WINDOWS\system32\iifgFwtr.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ucbdrqfj.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\cbXNFuVo.dll (Trojan.Vundo) -> Delete on reboot.
C:\Program Files\ICQToolbar\toolbaru.dll (Adware.BHO) -> Delete on reboot.
C:\WINDOWS\vxanmgbt.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\qxdepnbs.dll (Trojan.FakeAlert) -> Delete on reboot.

Infikované klíce registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35460667-381b-4d43-8e45-1cf213b39dca} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbxnfuvo (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{35460667-381b-4d43-8e45-1cf213b39dca} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d36d75ab-030d-4c76-9dcc-3a847e44f06a} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{d36d75ab-030d-4c76-9dcc-3a847e44f06a} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35460667-381b-4d43-8e45-1cf213b39dca} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d36d75ab-030d-4c76-9dcc-3a847e44f06a} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{77d6ddfa-7834-4541-b2b3-a8b0fb0e3924} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4bd2d6c3-31dc-b947-23d0-dc52ec4f0c4c} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{855f3b16-6d32-4fe6-8a56-bbb695989046} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{855f3b16-6d32-4fe6-8a56-bbb695989046} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\homeview (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9db421a2-0ddb-4d5f-a0a0-4fa49aef2512} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{464e49ca-d995-4e03-8dc2-e5720149519e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d00cd8c1-2e56-4ccd-bf10-627fad7b4019} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4db35ea8-13d9-4691-ba61-42571e798e6e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4db35ea8-13d9-4691-ba61-42571e798e6e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4db35ea8-13d9-4691-ba61-42571e798e6e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9d2f1733-aa4f-445b-8791-096f79baff77} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{acab921b-62e4-4ef8-bc24-5247826e0cbc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8466b2c2-22f5-4b1c-906d-44ad610fb817} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8466b2c2-22f5-4b1c-906d-44ad610fb817} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{da6511a0-116d-4931-b43d-98111c3cfd70} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bcf1df13 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{35460667-381b-4d43-8e45-1cf213b39dca} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{855f3b16-6d32-4fe6-8a56-bbb695989046} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{855f3b16-6d32-4fe6-8a56-bbb695989046} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{855f3b16-6d32-4fe6-8a56-bbb695989046} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8466b2c2-22f5-4b1c-906d-44ad610fb817} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qxdepnbs (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\iifgfwtr -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger.H) -> Data: kdxci.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\iifgfwtr -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2ffd0ce5-9fc8-4c69-a84a-569d0817d420}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.201;85.255.112.169 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2ffd0ce5-9fc8-4c69-a84a-569d0817d420}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.201;85.255.112.169 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f1a47f86-af67-43d2-9643-5249819ab798}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.201;85.255.112.169 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2ffd0ce5-9fc8-4c69-a84a-569d0817d420}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.201;85.255.112.169 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2ffd0ce5-9fc8-4c69-a84a-569d0817d420}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.201;85.255.112.169 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{f1a47f86-af67-43d2-9643-5249819ab798}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.201;85.255.112.169 -> Delete on reboot.

Infikované složky:
C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Infikované soubory:
C:\WINDOWS\system32\cbXNFuVo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\iifgFwtr.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\rtwFgfii.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rtwFgfii.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ucbdrqfj.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\jfqrdbcu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kdxci.exe (Rootkit.DNSChanger.H) -> Delete on reboot.
C:\Program Files\ICQToolbar\toolbaru.dll (Adware.BHO) -> Delete on reboot.
C:\WINDOWS\etme.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Strih\Local Settings\Temporary Internet Files\Content.IE5\1L46R3R3\zc113432[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Strih\Local Settings\Temporary Internet Files\Content.IE5\9989MOGO\zc113432[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\dqxstgfrsbd.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\vxanmgbt.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\qxdepnbs.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\Strih\Local Settings\Temp\s1402.php (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\tempo-383.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\tempo-B31.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\Strih\Local Settings\Temp\pwrmgr.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Příspěvekod **jaro3** » 27 lis 2008 15:12

Nový log z HJT a info ochování compu.

mattz · Příspěvekod **mattz** » 27 lis 2008 15:42

Comp se chová nestandartně, seká se, najednou z ničeho nic zmizí všechny ikobny a zamrzne. Zdlouhavé spouštění programů.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:35:19, on 27.11.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.11.1:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7856E7C4-34E3-4436-ABE3-3FACD2FC62FC} - C:\WINDOWS\system32\mlJYpOGw.dll (file missing)
O2 - BHO: (no name) - {ECEA117C-4411-4BA9-8360-16126F3EBAF4} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PSDrvCheck] "c:\program files\pinnacle\edition 5\program\PSDrvCheck.exe" -CheckReg
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CP1510_Series -f PQOptimizerVideo.xml -o remindLater
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdxci.exe] C:\WINDOWS\system32\kdxci.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MS Shell Services] C:\WINDOWS\system32\rundll32.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\RunServices: [MS Shell Services] C:\WINDOWS\system32\rundll32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2208343271
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3125853750
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BC04B80-51FB-4C14-888C-920F2AB76705}: NameServer = 192.168.17.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10378 bytes

Příspěvekod **jaro3** » 27 lis 2008 15:51

Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah + nový log z HJT+ mrkni se jestli ti pod Startem nechybí nějaké ikony, zobrazují se ti disky pod Tento počítač....

mattz · Příspěvekod **mattz** » 27 lis 2008 19:28

SDFix: Version 1.240
Run by Strih on źt 27.11.2008 at 18:03

Microsoft Windows XP [Verze 5.1.2600]
Running From: C:\SDFix

Checking Services :

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

Trojan Files Found:

C:\DOCUME~1\Strih\LOCALS~1\Temp\pwrmgr.exe.bat - Deleted
C:\DOCUME~1\Strih\LOCALS~1\Temp\smchk.exe.bat - Deleted
C:\DOCUME~1\Strih\LOCALS~1\Temp\windfr.exe.bat - Deleted

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-27 18:09:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:dc,65,0e,9e,68,66,07,7f,6b,70,0b,4a,6c,a8,00,94,e7,fa,bd,d1,21,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000001
"khjeh"=hex:cb,2d,c1,c5,d2,28,59,d0,d4,ab,2a,64,e7,c6,a3,dc,06,d7,6b,1c,3a,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,01,2e,50,e9,2f,0a,ed,47,e9,2b,3e,aa,5f,36,1a,5f,47,..
"khjeh"=hex:15,45,39,74,f3,eb,ed,c7,48,db,d5,e7,e6,a8,8c,0f,2d,03,b4,e0,fa,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:7e,34,91,d8,31,8f,66,ef,c2,25,45,78,b0,6f,64,ef,aa,8a,ef,31,26,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:dc,65,0e,9e,68,66,07,7f,6b,70,0b,4a,6c,a8,00,94,e7,fa,bd,d1,21,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:dc,65,0e,9e,68,66,07,7f,6b,70,0b,4a,6c,a8,00,94,e7,fa,bd,d1,21,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:dc,65,0e,9e,68,66,07,7f,6b,70,0b,4a,6c,a8,00,94,e7,fa,bd,d1,21,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:dc,65,0e,9e,68,66,07,7f,6b,70,0b,4a,6c,a8,00,94,e7,fa,bd,d1,21,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:dc,65,0e,9e,68,66,07,7f,6b,70,0b,4a,6c,a8,00,94,e7,fa,bd,d1,21,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000001
"khjeh"=hex:cb,2d,c1,c5,d2,28,59,d0,d4,ab,2a,64,e7,c6,a3,dc,06,d7,6b,1c,3a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,01,2e,50,e9,2f,0a,ed,47,e9,2b,3e,aa,5f,36,1a,5f,47,..
"khjeh"=hex:15,45,39,74,f3,eb,ed,c7,48,db,d5,e7,e6,a8,8c,0f,2d,03,b4,e0,fa,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:7e,34,91,d8,31,8f,66,ef,c2,25,45,78,b0,6f,64,ef,aa,8a,ef,31,26,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"\f\1e?r?n?é? ?u?k?a?z?a?t?e?l?e? ?"="C:\WINDOWS\cursors\arrow_r.cur,C:\WINDOWS\cursors\help_r.cur,C:\WINDOWS\cursors\wait_r.cur,C:\WINDOWS\cursors\busy_r.cur,C:\WINDOWS\cursors\cross_r.cur,C:\WINDOWS\cursors\beam_r.cur,C:\WINDOWS\cursors\pen_r.cur,C:\WINDOWS\cursors\no_r.cur,C:\WINDOWS\cursors\size4_r.cur,C:\WINDOWS\cursors\size3_r.cur,C:\WINDOWS\cursors\size2_r.cur,C:\WINDOWS\cursors\size1_r.cur,C:\WINDOWS\cursors\move_r.cur,C:\WINDOWS\cursors\up_r.cur"
"\f\1e?r?n?é? ?u?k?a?z?a?t?e?l?e? ?(?v?e?l?k?é?)?"="C:\WINDOWS\cursors\arrow_rm.cur,C:\WINDOWS\cursors\help_rm.cur,C:\WINDOWS\cursors\wait_rm.cur,C:\WINDOWS\cursors\busy_rm.cur,C:\WINDOWS\cursors\cross_rm.cur,C:\WINDOWS\cursors\beam_rm.cur,C:\WINDOWS\cursors\pen_rm.cur,C:\WINDOWS\cursors\no_rm.cur,C:\WINDOWS\cursors\size4_rm.cur,C:\WINDOWS\cursors\size3_rm.cur,C:\WINDOWS\cursors\size2_rm.cur,C:\WINDOWS\cursors\size1_rm.cur,C:\WINDOWS\cursors\move_rm.cur,C:\WINDOWS\cursors\up_rm.cur"
"\f\1e?r?n?é? ?u?k?a?z?a?t?e?l?e? ?(?n?e?j?v?\e\1t?a\1í?)?"="C:\WINDOWS\cursors\arrow_rl.cur,C:\WINDOWS\cursors\help_rl.cur,C:\WINDOWS\cursors\wait_rl.cur,C:\WINDOWS\cursors\busy_rl.cur,C:\WINDOWS\cursors\cross_rl.cur,C:\WINDOWS\cursors\beam_rl.cur,C:\WINDOWS\cursors\pen_rl.cur,C:\WINDOWS\cursors\no_rl.cur,C:\WINDOWS\cursors\size4_rl.cur,C:\WINDOWS\cursors\size3_rl.cur,C:\WINDOWS\cursors\size2_rl.cur,C:\WINDOWS\cursors\size1_rl.cur,C:\WINDOWS\cursors\move_rl.cur,C:\WINDOWS\cursors\up_rl.cur"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG10.00.00.01WORKSTATION"="AC3F42189121FBA8181DB5CF011DF9D58A672BBC72B77EE06ED807EA120FCA2738DFA8CD5C9D20D487AF2BE8AB8F360EA163858A98B374AFB2AF6C8B9F6D059D62A69129A4CAB5A1B78A25EA3793AAD7502EB21BB8F95AAEDEEACAC94155E176899EF4E45F68A27D84C101DF25C033C18B8897E8829DA3ABA6142830F16D88DEBB3A1F3D7856DF1977CFEED4EDCFBD9E7D9267739950D1BAED975F4F2583B0CD3D4EAF71CC1B7C69D214735A7AA04F8483D5ACBB97E9FD3251C420B9BC892979059419C7AFE09B280A5069092CB7FDCCAF3E454A0766D42E9F516D88941251DD3E2AA588E3F472FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933BA7FD869164D6794A9C6AECB7A5D1407BA7FD869164D6794462397A274DA32E63B54C9CB5A81311230BA4E890623686C2251D938C9865609B13AFA4A8E396C2EAE98943C6A515CF7B8B0725DC9F66F48EC5BEEEBA240F10825D09E78BD60AEB8C5B49CA08B9F76501B81519B892D40704C395F0ABC38CC5F546C90A6345F66DF138B59B99FE7A7CB6B8E6A667ACFDA88F46755BA3BA7DDC6B448BFA323BD248FEDB4A29A0A9EB82A036C1D37CDDF614962975B7E45B7C18A02510113C2F21C4BF3FCB72CB42A1844FE63335A40CD1B7CD12F5FA4828AB80C3C2D0E6C4F6D2A268462B7298AE15602C0EFD3720F04720345C736D3A5B3A5BE262F8078090CC7CA44982A217D16AAE1ECC21072FBD976CD832E1686DEBB90A9C6E35A56B1A697761C88F77982086F786CC059A4CAA1DA6696E49B88641EA56B69097F7A1283DD7A364CEDE7906E21E96D8106A4471C75E5CB21467EF24AB4B29C90B9A9F561833B84B33C79A67162F0E05150623E01C2FDB64CF7DBC7A4B1C4B422B301ACF01732B9C27B0DC332F8DBFAB256A402FB5FEFAD0579EAA506B4F848187F6D0956C66D4FAFA2D7EC3F500DB5589B03E62B9014C81BF54A54B979BCB1000FB0642CE98D016810602AA173FACD2C85EB4622BAD568947D6B9D805F10911EBDE4197EF6484E0A85030A51952F45C9DE9D01E76B34AC2C01134F8C6C85C96745F2084E8DE67BE927EE9ABC0EC8E081D5AEF577CE417D4E5A5DBC08C548828648981411ECC5918EFE2973C6D37A29D7FC868A3FBAA6051CC4353D8E391225DA4A6AA4AF79D75C33F9872AC40889EA864B63A9A3241EAE6C5E5E2BAEB43463F6334E2686BDA06B486BB8DD01694FB8F81A55417A26F630C6ABEC64EDCE922E20507F07E6E5BA14F006392EB9E0BC67CF29C0C18E80157D6B13CC4CC4BDA6BD51D00CBC17C2D1ED8465DEBE2075D10F60195FA09F156ED1C9E03A491DDCFA0E3A4AD7BD4EC829D48F05513ADAD7A60E32F1BDD9E06B90AA08C3484658AD315C3CB49885BB9194E7"

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Avid\\Avid Liquid 7\\Program\\RM.exe"="C:\\Program Files\\Avid\\Avid Liquid 7\\Program\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Avid\\Avid Liquid 7\\Program\\StudioU.mod"="C:\\Program Files\\Avid\\Avid Liquid 7\\Program\\StudioU.mod:*:Enabled:Liquid"
"C:\\Program Files\\Pinnacle\\Edition 5\\Program\\RM.exe"="C:\\Program Files\\Pinnacle\\Edition 5\\Program\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\Edition 5\\Program\\studiou.mod"="C:\\Program Files\\Pinnacle\\Edition 5\\Program\\studiou.mod:*:Enabled:Desktop"
"C:\\Program Files\\ICQ6\\ICQ.exe"="C:\\Program Files\\ICQ6\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Documents and Settings\\Strih\\Plocha\\sdc205\\StrongDC.exe"="C:\\Documents and Settings\\Strih\\Plocha\\sdc205\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\Program Files\\SmartFTP Client\\SmartFTP.exe"="C:\\Program Files\\SmartFTP Client\\SmartFTP.exe:*:Enabled:SmartFTP Client 2.5"
"C:\\Program Files\\WinSCP\\WinSCP.exe"="C:\\Program Files\\WinSCP\\WinSCP.exe:*:Enabled:Windows SFTP, FTP and SCP client"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"="C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"="C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:uTorrent"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Documents and Settings\\Strih\\Local Settings\\Temp\\Rar$EX00.547\\StrongDC.exe"="C:\\Documents and Settings\\Strih\\Local Settings\\Temp\\Rar$EX00.547\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\\Documents and Settings\\Strih\\Plocha\\sdc221\\StrongDC.exe"="C:\\Documents and Settings\\Strih\\Plocha\\sdc221\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\Program Files\\Outlook Express\\msimn.exe"="C:\\Program Files\\Outlook Express\\msimn.exe:*:Enabled:Outlook Express"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Mon 7 Jan 2008 352 A..H. --- "C:\WINDOWS\nod32fixtemdono.reg"
Mon 29 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

Finished!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:22:54, on 27.11.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.11.1:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7856E7C4-34E3-4436-ABE3-3FACD2FC62FC} - C:\WINDOWS\system32\mlJYpOGw.dll (file missing)
O2 - BHO: (no name) - {ECEA117C-4411-4BA9-8360-16126F3EBAF4} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PSDrvCheck] "c:\program files\pinnacle\edition 5\program\PSDrvCheck.exe" -CheckReg
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CP1510_Series -f PQOptimizerVideo.xml -o remindLater
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdxci.exe] C:\WINDOWS\system32\kdxci.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MS Shell Services] C:\WINDOWS\system32\rundll32.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\RunServices: [MS Shell Services] C:\WINDOWS\system32\rundll32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2208343271
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3125853750
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BC04B80-51FB-4C14-888C-920F2AB76705}: NameServer = 192.168.17.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10490 bytes

Příspěvekod **jaro3** » 27 lis 2008 19:36

Já nevím , kde to pořád sbíráte...
Vypni rez. ochranu NOD32.
Stáhni si ComboFix (by sUBs)

a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

mattz · Příspěvekod **mattz** » 27 lis 2008 21:41

ComboFix 08-11-27.03 - Strih 2008-11-27 20:59:12.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.1411 [GMT 1:00]
Spuštěný z: c:\documents and settings\Strih\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\KEI
c:\documents and settings\All Users\Data aplikací\KEI\KEIU.exe
c:\documents and settings\Strih\Nabídka Start\Programy\Download programs.url
c:\documents and settings\Strih\Nabídka Start\Programy\Games.url
c:\documents and settings\Strih\Nabídka Start\Programy\Translator.url
c:\documents and settings\Strih\Nabídka Start\Programy\Videos.url
c:\documents and settings\Strih\Oblíbené položky\Download programs.url
c:\documents and settings\Strih\Oblíbené položky\Translator.url
c:\documents and settings\Strih\Oblíbené položky\Videos.url
c:\windows\system32\dyyuyhrc.ini
c:\windows\system32\favsfolb.ini
c:\windows\system32\htceekea.ini
c:\windows\system32\lsrupomi.ini
c:\windows\system32\qmursgoe.ini
c:\windows\system32\wGOpYJlm.ini
c:\windows\system32\wGOpYJlm.ini2
D:\resycled
F:\Autorun.inf
F:\resycled

.
((((((((((((((((((((((((( Soubory vytvořené od 2008-10-27 do 2008-11-27 )))))))))))))))))))))))))))))))
.

2008-11-27 17:59 . 2008-11-27 18:00 <DIR> d-------- c:\windows\ERUNT
2008-11-27 17:54 . 2008-11-27 18:11 <DIR> d-------- C:\SDFix
2008-11-27 14:52 . 2008-11-27 14:52 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-27 14:52 . 2008-11-27 14:52 <DIR> d-------- c:\documents and settings\Strih\Data aplikací\Malwarebytes
2008-11-27 14:52 . 2008-11-27 14:52 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2008-11-27 14:52 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-27 14:52 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-24 21:05 . 2008-01-07 14:29 352 --ah----- c:\windows\nod32fixtemdono.reg
2008-11-24 20:49 . 2008-11-24 20:49 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\ESET
2008-11-24 20:33 . 2008-11-24 20:33 <DIR> d-------- c:\documents and settings\Strih\Data aplikací\ESET
2008-11-24 20:32 . 2008-11-24 21:27 <DIR> d-------- c:\program files\ESET
2008-11-24 13:00 . 2008-11-24 13:00 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-24 13:00 . 2008-11-24 13:00 1,409 --a------ c:\windows\QTFont.for
2008-11-20 19:33 . 2008-11-20 19:33 <DIR> d-------- c:\windows\system32\windows media
2008-11-20 19:33 . 2008-11-20 19:33 <DIR> d-------- c:\program files\Windows Media Components
2008-11-18 22:24 . 2008-11-18 22:24 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\FLEXnet
2008-11-18 21:59 . 2008-11-18 21:59 <DIR> d-------- c:\program files\Bonjour
2008-11-18 21:52 . 2008-11-18 21:52 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2008-11-18 21:47 . 2008-11-18 00:07 102,400 --a------ c:\windows\tskerxag.exe
2008-11-18 21:21 . 2008-11-18 21:21 27,904 --a------ c:\windows\system32\drivers\ndisprot.sys
2008-11-13 21:19 . 2008-11-13 21:19 <DIR> d-------- c:\program files\Seagate
2008-11-13 21:19 . 2008-11-13 21:19 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Seagate
2008-11-13 21:18 . 2008-11-13 21:18 <DIR> d-------- c:\program files\MSXML 6.0
2008-11-08 22:15 . 2008-11-08 22:15 <DIR> d-------- c:\program files\Sports Interactive
2008-11-08 22:13 . 2008-11-19 11:32 <DIR> d-------- c:\program files\DAEMON Tools Toolbar
2008-11-08 22:12 . 2008-11-08 22:13 <DIR> d-------- c:\program files\DAEMON Tools Lite
2008-11-08 22:09 . 2008-11-08 22:09 <DIR> d-------- c:\documents and settings\Strih\Data aplikací\DAEMON Tools
2008-10-27 12:32 . 2008-10-27 12:32 <DIR> d-------- c:\program files\Common Files\PCSuite
2008-10-27 12:31 . 2008-10-27 12:31 <DIR> d-------- c:\program files\PC Connectivity Solution
2008-10-27 12:31 . 2007-09-17 15:53 21,632 --a------ c:\windows\system32\drivers\pccsmcfd.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-27 20:03 --------- d-----w c:\documents and settings\Strih\Data aplikací\Skype
2008-11-27 17:12 --------- d-----w c:\documents and settings\Strih\Data aplikací\skypePM
2008-11-27 14:08 --------- d-----w c:\program files\ICQToolbar
2008-11-24 23:36 --------- d-----w c:\program files\Common Files\LogiShrd
2008-11-24 23:36 --------- d-----w c:\documents and settings\All Users\Data aplikací\Logishrd
2008-11-24 20:05 --------- d-----w c:\documents and settings\Strih\Data aplikací\uTorrent
2008-11-21 18:27 --------- d-----w c:\documents and settings\All Users\Data aplikací\DVD Shrink
2008-11-20 17:20 --------- d-----w c:\program files\KAO the Kangaroo
2008-11-18 20:59 --------- d-----w c:\program files\Common Files\Adobe
2008-11-13 20:19 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-08 21:09 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-10-27 11:33 --------- d-----w c:\documents and settings\All Users\Data aplikací\Installations
2008-10-27 11:32 --------- d-----w c:\program files\Nokia
2008-10-27 11:32 --------- d-----w c:\program files\Common Files\Nokia
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-21 09:53 --------- d-----w c:\documents and settings\Strih\Data aplikací\ICQ Toolbar
2008-10-21 08:09 --------- d-----w c:\documents and settings\Strih\Data aplikací\Sony
2008-10-02 16:02 --------- d-----w c:\program files\SopCast
2008-05-19 16:28 232,424 ----a-w c:\documents and settings\Strih\Data aplikací\GDIPFONTCACHEV1.DAT
2008-05-18 21:28 22,328 ----a-w c:\documents and settings\Strih\Data aplikací\PnkBstrK.sys
2007-12-26 11:27 32 ----a-w c:\documents and settings\All Users\Data aplikací\ezsid.dat
.

((((((((((((((((((((((((((((( snapshot@2008-05-21_13.23.43.95 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:49:58 297,984 ----a-w c:\windows\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:07:37 15,072 ----a-w c:\windows\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:07:42 215,776 ----a-w c:\windows\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:07:36 22,752 ----a-w c:\windows\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:07:59 720,096 ----a-w c:\windows\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:08:50 379,616 ----a-w c:\windows\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:18:25 759,160 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2008-05-02 13:41:37 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:05:52 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:45:26 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:18:25 759,160 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-04-23 04:21:13 124,928 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 04:21:13 347,136 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 04:21:13 214,528 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 04:21:13 132,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 04:21:13 63,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 04:21:13 153,088 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 04:21:13 230,400 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 04:21:14 383,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 04:21:14 388,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 04:21:14 6,068,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 04:21:14 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 04:21:14 267,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 04:21:14 27,648 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 04:21:15 459,264 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 04:21:15 52,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 04:21:15 3,593,728 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 04:21:15 478,208 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 04:21:15 193,024 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 04:21:15 671,232 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 04:21:15 102,912 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 04:21:15 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 04:21:15 105,984 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 04:21:15 1,162,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 04:21:15 233,472 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 04:21:15 827,392 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:07:32 15,072 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:07:37 215,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:07:30 22,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:07:59 720,096 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:08:50 379,616 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:19:07 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:29:06 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:25:38 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:02 759,160 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:02 391,032 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:41:08 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:06:23 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-11 22:23:36 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:20 759,160 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:05:49 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:35:31 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:30 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:25 759,160 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:26 391,032 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:17:41 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 16:00:20 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:22:46 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:18:25 759,160 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:18:26 391,032 ----a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 05:03:13 1,290,752 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:00 1,290,752 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:05:01 1,290,752 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:14:41 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:37:39 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:37:39 247,296 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:49:25 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:49:25 247,296 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:44:39 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:44:39 247,296 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:02 759,160 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:02 391,032 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-01 15:06:53 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:37:29 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:39:57 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:18:25 759,160 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:18:26 391,032 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:30:59 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:28 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:54:26 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 15:41:22 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 15:41:22 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 15:41:22 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 15:41:22 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 15:41:22 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 15:41:22 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 15:41:22 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 15:41:22 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 15:41:23 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 15:41:24 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 15:41:24 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 15:41:24 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 15:41:25 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 15:41:25 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 15:41:25 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 15:41:26 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 15:41:27 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 15:41:27 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 15:41:27 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 15:41:27 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 15:41:27 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 15:41:27 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 15:41:28 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 15:41:28 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 15:41:29 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:07:32 15,072 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:07:37 215,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:07:30 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:07:59 720,096 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:08:50 379,616 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-09-15 15:16:44 1,846,912 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 15:27:55 1,846,400 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 15:21:44 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:36:04 759,160 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-08-26 09:12:01 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:12:01 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:12:01 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:12:01 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:12:01 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:12:01 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:12:01 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:12:01 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:12:01 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 16:23:25 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:12:02 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:12:02 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:12:02 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:12:02 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:12:02 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:12:03 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:12:03 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:12:03 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:12:03 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:12:03 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:12:03 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:12:03 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:12:03 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:12:03 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:12:03 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:07:37 15,072 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:07:42 215,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:07:36 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:07:59 720,096 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:08:50 379,616 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:18:25 759,160 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:18:26 391,032 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:40:43 2,144,768 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlmp.exe
+ 2008-08-14 13:40:50 2,065,152 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
+ 2008-08-14 13:40:40 2,022,912 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrpamp.exe
+ 2008-08-14 13:40:46 2,188,160 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
+ 2008-08-14 13:26:30 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 13:26:42 2,068,224 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 13:26:27 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 13:26:30 2,191,360 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 13:56:47 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 17:26:52 2,068,224 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:56:45 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 17:26:50 2,191,360 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:36:11 391,032 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:18:25 759,160 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:18:26 391,032 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-10-15 16:55:53 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP2QFE\netapi32.dll
+ 2008-10-15 16:38:26 337,408 ----a-w c:\windows\$hf_mig$\KB958644\SP3GDR\netapi32.dll
+ 2008-10-15 16:32:25 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE\netapi32.dll
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll
+ 2007-11-30 11:18:25 759,160 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe
+ 2007-11-30 11:18:26 391,032 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll
+ 2006-03-02 12:00:00 294,400 -c----w c:\windows\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:07:42 215,776 -c----w c:\windows\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:08:50 379,616 -c----w c:\windows\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB938464$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB938464$\spuninst\updspapi.dll
+ 2004-08-17 13:58:18 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB946648$\spuninst\updspapi.dll
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2005-07-26 04:42:50 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe
+ 2007-11-30 12:39:02 391,032 -c----w c:\windows\$NtUninstallKB950974$\spuninst\updspapi.dll
+ 2007-08-21 06:18:05 683,520 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB951066$\spuninst\updspapi.dll
+ 2007-11-30 11:18:25 233,848 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\updspapi.dll
+ 2007-11-13 11:31:11 60,416 -c----w c:\windows\$NtUninstallKB951072-v2$\tzchange.exe
+ 2008-04-14 15:53:43 272,128 -c----w c:\windows\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:18:25 233,848 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:18:26 391,032 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2007-11-30 11:18:25 233,848 -c----w c:\windows\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:18:26 391,032 -c----w c:\windows\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:44:31 1,290,240 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:18:25 233,848 -c----w c:\windows\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2006-03-02 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748$\afd.sys
+ 2008-02-20 05:38:19 148,992 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll
+ 2006-03-02 12:00:00 247,296 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:02 391,032 -c----w c:\windows\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys
+ 2006-03-02 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
+ 2007-11-30 11:18:25 233,848 -c----w c:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe
+ 2007-11-30 11:18:26 391,032 -c----w c:\windows\$NtUninstallKB952287$\spuninst\updspapi.dll
+ 2005-06-29 01:52:57 74,240 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB952954$\spuninst\updspapi.dll
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB953839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB953839$\spuninst\updspapi.dll
+ 2007-07-27 06:17:18 233,848 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe
+ 2007-07-27 08:41:48 382,840 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\updspapi.dll
+ 2006-10-18 20:47:20 295,936 -c----w c:\windows\$NtUninstallKB954154_WM11$\wmpeffects.dll
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi.dll
+ 2008-03-20 08:09:45 1,845,248 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2007-11-30 12:39:09 233,848 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe
+ 2007-11-30 12:39:10 391,032 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2007-11-30 11:18:25 233,848 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe
+ 2007-11-30 11:18:26 391,032 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll
+ 2007-02-28 16:04:51 2,138,112 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlmp.exe
+ 2007-02-28 16:04:49 2,017,792 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
+ 2007-02-28 16:04:49 2,017,792 -c----w c:\windows\$NtUninstallKB956841$\ntkrpamp.exe
+ 2007-02-28 16:04:51 2,138,112 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-11-30 11:18:25 233,848 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe
+ 2008-07-09 07:36:11 391,032 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi.dll
+ 2007-11-30 11:18:25 233,848 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe
+ 2007-11-30 11:18:26 391,032 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
+ 2006-08-17 12:29:57 332,288 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll
+ 2007-11-30 11:18:25 233,848 -c----w c:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe
+ 2007-11-30 11:18:26 391,032 -c----w c:\windows\$NtUninstallKB958644$\spuninst\updspapi.dll
+ 2006-11-02 05:22:52 51,680 -c----w c:\windows\$NtUninstallWdf01005$\spuninst\Kmdfcustom.dll
+ 2006-10-08 19:51:14 221,488 -c----w c:\windows\$NtUninstallWdf01005$\spuninst\spuninst.exe
+ 2006-10-08 19:51:14 379,184 -c----w c:\windows\$NtUninstallWdf01005$\spuninst\updspapi.dll
+ 2008-06-25 18:36:59 10,752 ----a-w c:\windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\interop.hpqusg.dll
+ 2008-10-04 19:16:46 1,887,080 ----a-w c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2008-06-14 18:00:16 272,128 ----a-w c:\windows\Driver Cache\i386\bthport.sys
- 2006-05-05 09:41:45 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 16:04:51 2,138,112 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:46:36 2,138,112 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 16:05:02 2,059,776 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:46:44 2,059,904 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 16:04:49 2,017,792 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:46:32 2,017,792 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 16:05:00 2,182,528 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:46:42 2,182,528 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX\ERDNT.EXE
+ 2008-11-27 17:00:21 8,585,216 ----a-w c:\windows\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2008-11-27 17:00:21 278,528 ----a-w c:\windows\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-08-07 14:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-11-27 17:00:05 8,585,216 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2008-11-27 17:00:05 278,528 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
- 2000-08-31 06:00:00 89,504 ----a-w c:\windows\fdsv.exe
+ 2000-08-31 07:00:00 89,504 ----a-w c:\windows\fdsv.exe
- 2000-08-31 06:00:00 80,412 ----a-w c:\windows\grep.exe
+ 2000-08-31 07:00:00 80,412 ----a-w c:\windows\grep.exe
+ 2008-06-25 18:39:31 172,033 ----a-w c:\windows\hppins09.dat
+ 2007-11-19 15:26:34 3,425 ------w c:\windows\hppmdl09.dat
+ 2008-03-01 13:02:06 124,928 -c----w c:\windows\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 13:02:06 347,136 -c----w c:\windows\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 13:02:06 214,528 -c----w c:\windows\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 13:02:06 133,120 -c----w c:\windows\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 13:02:06 63,488 -c----w c:\windows\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:53:54 70,656 -c----w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 13:02:06 153,088 -c----w c:\windows\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 13:02:06 230,400 -c----w c:\windows\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w c:\windows\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 13:02:06 383,488 -c----w c:\windows\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 13:02:07 384,512 -c----w c:\windows\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 13:02:07 6,066,176 -c----w c:\windows\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 13:02:07 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 13:02:07 267,776 -c----w c:\windows\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:54:19 625,664 -c----w c:\windows\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 13:02:07 27,648 -c----w c:\windows\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 13:02:07 459,264 -c----w c:\windows\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 13:02:07 52,224 -c----w c:\windows\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:32:10 3,591,680 -c----w c:\windows\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 13:02:08 478,208 -c----w c:\windows\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 13:02:08 193,024 -c----w c:\windows\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 13:02:09 671,232 -c----w c:\windows\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 13:02:09 102,912 -c----w c:\windows\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 13:02:09 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:07:37 215,776 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:08:50 379,616 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:02:09 105,984 -c----w c:\windows\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 13:02:09 1,159,680 -c----w c:\windows\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 13:02:09 233,472 -c----w c:\windows\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 13:02:09 826,368 -c----w c:\windows\ie7updates\KB950759-IE7\wininet.dll
+ 2008-04-23 04:16:30 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:30 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:30 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:30 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:30 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:38:44 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:30 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:30 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:30 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:30 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:31 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:31 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:31 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:39:04 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:31 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:32 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:32 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 20:16:34 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:32 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:32 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:32 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:32 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:32 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:07:37 215,776 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:08:50 379,616 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:32 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:32 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:32 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:32 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll
+ 2008-06-23 16:42:04 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:42:04 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:42:04 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:42:04 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:42:04 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:19:04 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:42:04 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:42:04 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:42:04 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:42:04 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:42:06 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:42:06 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:42:07 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:19:22 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:42:07 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:42:07 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:42:07 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 08:42:10 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:42:09 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:42:09 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:42:10 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:42:10 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:42:10 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:07:42 215,776 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:08:50 379,616 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:42:10 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:42:11 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:42:11 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:42:11 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll

mattz · Příspěvekod **mattz** » 27 lis 2008 21:43

+ 2008-06-25 18:37:13 65,536 ----a-r c:\windows\Installer\{10E1E87C-656C-4D08-86D6-5443D28583BE}\NewShortcut1.A6CC6977_F7B4_4C0B_9510_BCD847D4BDB2.exe
+ 2008-10-27 11:32:00 10,134 ----a-r c:\windows\Installer\{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}\ARPPRODUCTICON.exe
+ 2008-06-25 18:37:51 25,214 ----a-r c:\windows\Installer\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}\ARPPRODUCTICON.exe
+ 2008-06-25 18:37:51 25,214 ----a-r c:\windows\Installer\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}\hpqSSupply.exe
+ 2008-11-24 20:28:28 10,134 ----a-r c:\windows\Installer\{608B3334-B5BE-4868-BE37-7042C98E548C}\callmsi.exe
+ 2008-11-24 20:28:28 136,448 ----a-r c:\windows\Installer\{608B3334-B5BE-4868-BE37-7042C98E548C}\egui.exe
+ 2008-11-12 22:09:54 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2008-06-04 14:27:16 10,134 ----a-r c:\windows\Installer\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\ARPPRODUCTICON.exe
- 2008-05-14 12:12:51 167,936 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2008-10-15 20:11:57 167,936 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2008-05-14 12:12:51 2,560 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2008-10-15 20:11:57 2,560 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2008-05-14 12:12:52 81,920 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2008-10-15 20:11:57 81,920 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2008-05-14 12:12:51 34,304 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2008-10-15 20:11:57 34,304 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2008-05-14 12:12:52 8,192 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2008-10-15 20:11:57 8,192 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2008-05-14 12:12:52 3,584 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2008-10-15 20:11:57 3,584 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2008-05-14 12:12:52 114,688 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2008-10-15 20:11:57 114,688 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2008-05-14 12:12:51 16,384 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2008-10-15 20:11:57 16,384 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2008-05-14 12:12:51 30,720 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2008-10-15 20:11:57 30,720 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2008-05-14 12:12:52 22,528 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2008-10-15 20:11:57 22,528 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2008-05-14 12:12:51 45,056 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2008-10-15 20:11:57 45,056 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2008-05-14 12:12:51 90,112 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-10-15 20:11:57 90,112 ----a-r c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-07-14 21:24:13 10,134 ----a-r c:\windows\Installer\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\ARPPRODUCTICON.exe
+ 2008-10-27 11:32:50 15,086 ----a-r c:\windows\Installer\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\ARPPRODUCTICON.exe
+ 2008-06-30 10:44:47 295,606 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1029-7B44-A81200000003}\SC_Reader.exe
+ 2008-11-13 20:19:46 81,920 ----a-r c:\windows\Installer\{B1D89E54-08B1-4542-A69B-E634AEF10A40}\ARPPRODUCTICON.exe
+ 2008-11-13 20:19:46 45,056 ----a-r c:\windows\Installer\{B1D89E54-08B1-4542-A69B-E634AEF10A40}\NewShortcut1_68F918D3F91F411B8936985CC2BD4192.exe
+ 2008-11-13 20:19:46 81,920 ----a-r c:\windows\Installer\{B1D89E54-08B1-4542-A69B-E634AEF10A40}\NewShortcut2_B7AA0888E8864144BA725EAA61DC15D5.exe
+ 2008-11-13 20:19:46 81,920 ----a-r c:\windows\Installer\{B1D89E54-08B1-4542-A69B-E634AEF10A40}\NewShortcut3_3AA20A2C6BEF43A6A3B4F09C5D78D1D4.exe
+ 2008-10-27 11:30:56 3,262 ----a-r c:\windows\Installer\{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}\ARPPRODUCTICON.exe
+ 2008-10-27 11:35:11 689,456 ----a-r c:\windows\Installer\{FE57DE70-95DE-4B64-9266-84DA811053DB}\HPSUShortcut_BB85ED9CAFC943BDB8DC258C3C7DF72E.exe
- 2000-08-31 06:00:00 28,160 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NIRCMD.exe
- 2007-10-13 20:21:42 76,487 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
+ 2008-10-26 12:33:17 76,487 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
- 2007-10-13 20:21:42 2,378 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2008-10-26 12:33:17 2,378 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2002-12-11 14:16:58 7,680 ----a-w c:\windows\RegisteredPackages\{3695EB93-6443-448D-8E2E-1F6F4FC79BC1}\asferror.dll
+ 2002-11-06 01:10:14 167,936 ----a-w c:\windows\RegisteredPackages\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}\wmserror.dll
+ 2002-11-06 01:45:32 327,680 ----a-w c:\windows\RegisteredPackages\{89FDAB62-6F46-4C7E-A559-E00B9A0BACB6}\wmsservertypelib.dll
- 2000-08-31 06:00:00 98,816 ----a-w c:\windows\sed.exe
+ 2000-08-31 07:00:00 98,816 ----a-w c:\windows\sed.exe
- 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-31 07:00:00 161,792 ----a-w c:\windows\SWREG.exe
- 2000-08-31 06:00:00 136,704 ----a-w c:\windows\swsc.exe
+ 2000-08-31 07:00:00 136,704 ----a-w c:\windows\SWSC.exe
- 2000-08-31 06:00:00 212,480 ----a-w c:\windows\swxcacls.exe
+ 2000-08-31 07:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe
- 2001-02-28 06:29:36 397,312 ----a-w c:\windows\system32\Adobe\SVG Viewer\AceLite.dll
+ 2001-04-16 16:39:02 397,312 ----a-w c:\windows\system32\Adobe\SVG Viewer\AceLite.dll
- 2001-03-14 07:06:02 1,138,688 ----a-w c:\windows\system32\Adobe\SVG Viewer\Agm.dll
+ 2001-09-05 14:10:34 1,138,688 ----a-w c:\windows\system32\Adobe\SVG Viewer\Agm.dll
- 2001-01-20 19:13:36 147,456 ----a-w c:\windows\system32\Adobe\SVG Viewer\Bib.dll
+ 2001-04-16 16:39:02 147,456 ----a-w c:\windows\system32\Adobe\SVG Viewer\Bib.dll
- 2001-03-14 07:06:02 1,441,792 ----a-w c:\windows\system32\Adobe\SVG Viewer\CoolType.dll
+ 2002-03-21 21:12:44 1,441,792 ----a-w c:\windows\system32\Adobe\SVG Viewer\CoolType.dll
- 2001-03-14 11:10:56 299,059 ----a-w c:\windows\system32\Adobe\SVG Viewer\NPSVGVw.dll
+ 2001-03-14 14:10:56 299,059 ----a-w c:\windows\system32\Adobe\SVG Viewer\NPSVGVw.dll
- 2001-03-14 11:14:00 491,574 ----a-w c:\windows\system32\Adobe\SVG Viewer\SVGControl.dll
+ 2001-03-14 14:14:00 491,574 ----a-w c:\windows\system32\Adobe\SVG Viewer\SVGControl.dll
- 2001-03-14 11:06:24 12,288 ----a-w c:\windows\system32\Adobe\SVG Viewer\SVGRSRC.DLL
+ 2001-03-14 14:06:24 12,288 ----a-w c:\windows\system32\Adobe\SVG Viewer\SVGRSRC.DLL
- 2001-03-14 11:07:52 1,597,491 ----a-w c:\windows\system32\Adobe\SVG Viewer\SVGView.dll
+ 2001-03-14 14:07:52 1,597,491 ----a-w c:\windows\system32\Adobe\SVG Viewer\SVGView.dll
- 2008-03-01 13:02:06 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-26 08:26:56 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2006-03-20 08:00:00 749,568 ----a-r c:\windows\system32\agissi.dll
- 2007-01-05 19:50:32 6,656 ----a-w c:\windows\system32\asferror.dll
+ 2002-12-11 14:16:58 7,680 ----a-w c:\windows\system32\asferror.dll
- 2007-03-29 21:00:40 203,264 ----a-r c:\windows\system32\CddbCdda.dll
+ 2007-03-29 22:00:40 203,264 ----a-r c:\windows\system32\CddbCdda.dll
- 2007-07-30 17:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
+ 2008-07-18 20:10:48 94,920 ----a-w c:\windows\system32\cdm.dll
+ 2008-11-24 19:45:56 262,144 ----a-w c:\windows\system32\config\systemprofile\NtUser.dat
- 2008-03-01 13:02:06 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-26 08:26:56 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
- 2006-03-02 12:00:00 138,496 -c--a-w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\dllcache\afd.sys
- 2007-01-05 19:50:32 6,656 -c--a-w c:\windows\system32\dllcache\asferror.dll
+ 2002-12-11 14:16:58 7,680 -c--a-w c:\windows\system32\dllcache\asferror.dll
+ 2004-08-03 21:10:00 13,696 ----a-w c:\windows\system32\dllcache\avcstrm.sys
+ 2008-06-14 18:00:16 272,128 ----a-w c:\windows\system32\dllcache\bthport.sys
- 2007-07-30 17:19:20 92,504 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-07-18 20:10:48 94,920 -c--a-w c:\windows\system32\dllcache\cdm.dll
- 2008-02-20 05:38:19 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:42:16 148,992 ----a-w c:\windows\system32\dllcache\dnsapi.dll
- 2008-03-01 13:02:06 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-26 08:26:56 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-03-01 13:02:06 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-26 08:26:56 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
- 2005-07-26 04:42:50 243,200 -c--a-w c:\windows\system32\dllcache\es.dll
+ 2008-07-07 20:32:25 253,952 ----a-w c:\windows\system32\dllcache\es.dll
- 2008-03-01 13:02:06 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-26 08:26:56 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
- 2008-03-01 13:02:06 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-08-26 08:26:56 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-02-29 08:53:54 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-25 08:36:29 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-03-01 13:02:06 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-08-26 08:26:56 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
- 2008-03-01 13:02:06 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-26 08:26:56 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
- 2008-03-01 13:02:06 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-08-26 08:26:56 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-03-01 13:02:07 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-26 08:26:57 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-03-01 13:02:07 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-03 17:26:29 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-03-01 13:02:07 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
+ 2008-08-26 08:26:58 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
- 2008-03-01 13:02:07 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-08-26 08:26:58 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:51 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-02-29 08:54:19 625,664 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\system32\dllcache\iexplore.exe
- 2007-08-21 06:18:05 683,520 -c--a-w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:55 683,520 ----a-w c:\windows\system32\dllcache\inetcomm.dll
- 2008-03-01 13:02:07 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-26 08:26:59 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
- 2006-05-05 09:41:45 453,120 -c----w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 -c--a-w c:\windows\system32\dllcache\mrxsmb.sys
- 2006-03-02 12:00:00 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:33:02 331,776 ----a-w c:\windows\system32\dllcache\msadce.dll
- 2005-06-29 01:52:57 74,240 -c--a-w c:\windows\system32\dllcache\mscms.dll
+ 2008-06-24 16:24:32 74,240 ----a-w c:\windows\system32\dllcache\mscms.dll
- 2006-03-02 12:00:00 294,400 -c--a-w c:\windows\system32\dllcache\msctf.dll
+ 2008-02-26 12:01:27 294,912 ----a-w c:\windows\system32\dllcache\msctf.dll
- 2008-03-01 13:02:07 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-08-26 08:26:59 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-03-01 13:02:07 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-08-26 08:26:59 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-03-01 16:32:10 3,591,680 -c----w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-27 09:27:02 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll
- 2008-03-01 13:02:08 478,208 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-26 08:27:01 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
- 2008-03-01 13:02:08 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-26 08:27:01 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2004-08-03 21:10:00 49,024 ----a-w c:\windows\system32\dllcache\mstape.sys
- 2008-03-01 13:02:09 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-26 08:27:01 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
- 2006-03-02 12:00:00 247,296 -c--a-w c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:42:16 247,296 ----a-w c:\windows\system32\dllcache\mswsock.dll
- 2007-06-26 06:10:33 1,104,896 -c--a-w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 16:46:06 1,106,944 -c--a-w c:\windows\system32\dllcache\msxml3.dll
- 2006-08-17 12:29:57 332,288 -c--a-w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 17:00:47 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
- 2007-02-28 16:04:51 2,138,112 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 13:46:36 2,138,112 ----a-w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-02-28 16:05:02 2,059,776 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 13:46:44 2,059,904 ----a-w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 16:04:49 2,017,792 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 13:46:32 2,017,792 ----a-w c:\windows\system32\dllcache\ntkrpamp.exe
- 2007-02-28 16:05:00 2,182,528 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 13:46:42 2,182,528 ----a-w c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-03-01 13:02:09 102,912 -c----w c:\windows\system32\dllcache\occache.dll
+ 2008-08-26 08:27:01 102,912 -c----w c:\windows\system32\dllcache\occache.dll
- 2008-03-01 13:02:09 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-26 08:27:01 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
- 2007-10-29 22:44:31 1,290,240 -c--a-w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:16:21 1,290,240 ----a-w c:\windows\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w c:\windows\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w c:\windows\system32\dllcache\rmcast.sys
- 2006-08-14 10:34:41 332,928 -c--a-w c:\windows\system32\dllcache\srv.sys
+ 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\dllcache\srv.sys
- 2007-10-30 17:20:55 360,064 -c--a-w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\dllcache\tcpip6.sys
- 2008-03-01 13:02:09 105,984 -c----w c:\windows\system32\dllcache\url.dll
+ 2008-08-26 08:27:01 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-03-01 13:02:09 1,159,680 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-26 08:27:02 1,159,680 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-03 21:01:26 25,856 ----a-w c:\windows\system32\dllcache\usbprint.sys
+ 2004-08-03 21:08:44 25,600 ----a-w c:\windows\system32\dllcache\usbser.sys
- 2008-03-01 13:02:09 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2008-08-26 08:27:02 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
- 2008-03-20 08:09:45 1,845,248 -c--a-w c:\windows\system32\dllcache\win32k.sys
+ 2008-09-15 15:40:58 1,846,016 ----a-w c:\windows\system32\dllcache\win32k.sys
- 2008-03-01 13:02:09 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-26 08:27:02 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
- 2007-07-30 17:19:36 549,720 -c--a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-07-18 20:09:44 563,912 -c--a-w c:\windows\system32\dllcache\wuapi.dll
- 2007-07-30 17:19:16 53,080 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-07-18 20:10:42 53,448 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-07-18 20:09:42 1,811,656 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2007-07-30 17:19:32 325,976 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-07-18 20:09:46 325,832 -c--a-w c:\windows\system32\dllcache\wucltui.dll
- 2007-07-30 17:18:40 33,624 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-07-18 20:10:20 36,552 -c--a-w c:\windows\system32\dllcache\wups.dll
- 2007-07-30 17:19:46 203,096 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-07-18 20:09:44 205,000 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2006-02-28 11:41:34 61,440 ----a-w c:\windows\system32\dns-sd.exe
- 2008-02-20 05:38:19 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:42:16 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2006-02-28 11:41:22 53,248 ----a-w c:\windows\system32\dnssd.dll
- 2006-03-02 12:00:00 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2004-08-03 21:10:00 13,696 ----a-w c:\windows\system32\drivers\avcstrm.sys
+ 2008-06-14 18:00:16 272,128 ----a-w c:\windows\system32\drivers\bthport.sys
+ 2008-06-10 17:47:42 39,944 ----a-w c:\windows\system32\drivers\eamon.sys
+ 2008-06-10 17:48:38 53,256 ----a-w c:\windows\system32\drivers\easdrv.sys
+ 2008-06-10 17:56:10 34,312 ----a-w c:\windows\system32\drivers\epfwtdir.sys
+ 2007-07-16 15:29:33 17,432 ----a-r c:\windows\system32\drivers\hpfxbulk.sys
+ 2007-07-16 15:29:33 26,136 ----a-r c:\windows\system32\drivers\hpfxgen.sys
- 2007-03-06 16:54:40 41,376 ----a-w c:\windows\system32\drivers\LVUSBSta.sys
+ 2007-10-12 02:00:42 41,752 ----a-w c:\windows\system32\drivers\LVUSBSta.sys
+ 2004-08-03 21:10:00 49,024 ----a-w c:\windows\system32\drivers\mstape.sys
+ 2003-08-11 08:07:46 14,604 ----a-w c:\windows\system32\drivers\pfc.sys
- 2008-05-21 09:15:58 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
+ 2008-08-28 16:29:35 136,888 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
- 2006-07-13 08:48:58 202,240 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w c:\windows\system32\drivers\rmcast.sys
- 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\drivers\srv.sys
- 2007-10-30 17:20:55 360,064 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2004-08-03 21:01:26 25,856 ----a-w c:\windows\system32\drivers\usbprint.sys
+ 2004-08-03 21:08:44 25,600 ----a-w c:\windows\system32\drivers\usbser.sys
+ 2006-11-02 05:22:54 492,000 ----a-w c:\windows\system32\drivers\wdf01000.sys
+ 2006-11-02 05:22:52 32,224 ----a-w c:\windows\system32\drivers\wdfldr.sys
+ 2008-05-07 06:38:20 17,536 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_8BBEC91EFF51E4A1A9EC754A696F267BFDD220D5\ccdcmb.sys
+ 2008-05-07 06:38:24 90,624 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_8BBEC91EFF51E4A1A9EC754A696F267BFDD220D5\nmwcdcls.dll
+ 2008-05-07 06:38:34 659,968 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_8BBEC91EFF51E4A1A9EC754A696F267BFDD220D5\nmwcdcocls.dll
+ 2008-05-07 06:39:22 1,419,232 -c--a-w c:\windows\system32\DRVSTORE\ccdcmb_8BBEC91EFF51E4A1A9EC754A696F267BFDD220D5\wdfcoinstaller01005.dll
+ 2008-05-07 06:38:36 8,064 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbcj_8BBEC91EFF51E4A1A9EC754A696F267BFDD220D5\usbser_lowerfltj.sys
+ 2008-06-06 08:24:44 8,064 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbm_8BBEC91EFF51E4A1A9EC754A696F267BFDD220D5\usbser_lowerflt.sys
+ 2008-05-07 06:38:20 20,864 -c--a-w c:\windows\system32\DRVSTORE\ccdcmbo_8BBEC91EFF51E4A1A9EC754A696F267BFDD220D5\ccdcmbo.sys
+ 2007-07-16 15:29:23 20,504 -c--a-r c:\windows\system32\DRVSTORE\hppaew09_1EAA1335385FD45BBAB8DEF7B0D0500928EA776E\hpfx64bulk.sys
+ 2007-07-16 15:29:33 31,256 -c--a-r c:\windows\system32\DRVSTORE\hppaew09_1EAA1335385FD45BBAB8DEF7B0D0500928EA776E\hpfx64gen.sys
+ 2007-07-16 15:29:33 17,432 -c--a-r c:\windows\system32\DRVSTORE\hppaew09_1EAA1335385FD45BBAB8DEF7B0D0500928EA776E\hpfxbulk.sys
+ 2007-07-16 15:29:33 26,136 -c--a-r c:\windows\system32\DRVSTORE\hppaew09_1EAA1335385FD45BBAB8DEF7B0D0500928EA776E\hpfxgen.sys
+ 2007-02-05 07:35:49 188,416 -c--a-r c:\windows\system32\DRVSTORE\hppaew09_1EAA1335385FD45BBAB8DEF7B0D0500928EA776E\hppcew09.dll
+ 2007-02-05 07:35:50 234,496 -c--a-r c:\windows\system32\DRVSTORE\hppaew09_1EAA1335385FD45BBAB8DEF7B0D0500928EA776E\hppdew09_x64.dll
+ 2007-09-19 13:40:50 327,680 -c--a-r c:\windows\system32\DRVSTORE\hppcp609_63CC4AF1FBF6F2FADE1265741F06B9F491C77AA7\hppcpr09.dll
+ 2007-09-17 14:53:26 21,632 -c--a-w c:\windows\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.sys
+ 2008-05-20 09:37:00 525,824 -c--a-w c:\windows\system32\DRVSTORE\pccswpddri_66268C3E0C6968D7F539EAEAD801C68E0DB54FE9\PCCSWpdDriver.dll
+ 2008-05-20 09:32:30 831,048 -c--a-w c:\windows\system32\DRVSTORE\pccswpddri_66268C3E0C6968D7F539EAEAD801C68E0DB54FE9\WudfUpdate_01005.dll
- 2008-03-01 13:02:06 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-26 08:26:56 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-03-01 13:02:06 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-26 08:26:56 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2005-07-26 04:42:50 243,200 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:32:25 253,952 ----a-w c:\windows\system32\es.dll
- 2008-03-01 13:02:06 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-08-26 08:26:56 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2008-04-14 13:19:48 722,320 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-11-18 21:08:16 2,003,312 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2007-07-16 13:29:44 59,928 ----a-w c:\windows\system32\fxcompchannel.dll
+ 2007-03-11 19:24:52 1,645,320 ----a-w c:\windows\system32\gdiplus.dll
+ 2008-05-30 07:54:40 53,248 ----a-w c:\windows\system32\hooks.dll
+ 2006-03-20 08:00:00 155,648 ----a-r c:\windows\system32\HP2600IR.dll
+ 2007-02-02 13:38:42 24,576 ----a-w c:\windows\system32\hpbmiapi.dll
+ 2007-02-02 13:38:46 25,600 ----a-w c:\windows\system32\hpboid.dll
+ 2007-02-02 13:38:48 7,680 ----a-w c:\windows\system32\hpboidps.dll
+ 2007-02-02 13:38:46 39,424 ----a-w c:\windows\system32\hpbpro.dll
+ 2007-02-02 13:38:44 7,680 ----a-w c:\windows\system32\hpbprops.dll
+ 2007-04-24 08:33:00 114,688 ----a-w c:\windows\system32\hplbdchn.dll
+ 2007-02-05 07:35:49 188,416 ----a-r c:\windows\system32\hppcew09.dll
+ 2007-09-19 13:40:50 327,680 ----a-r c:\windows\system32\hppcpr09.dll
+ 2008-06-11 15:11:06 171,992 ----a-w c:\windows\system32\hppins09.dat
+ 2007-09-06 19:27:04 118,784 ----a-w c:\windows\system32\HPTcpMib.dll
+ 2007-09-06 19:29:22 172,032 ----a-w c:\windows\system32\HPTcpMon.dll
+ 2007-09-06 19:32:22 245,760 ----a-w c:\windows\system32\HPTcpMUI.dll
+ 2006-11-08 14:35:38 49,152 ----a-w c:\windows\system32\HPZidr12.dll
+ 2006-11-08 14:35:36 43,520 ----a-w c:\windows\system32\HPZinw12.dll
+ 2006-11-08 14:35:38 53,248 ----a-w c:\windows\system32\HPZipm12.dll
+ 2006-11-08 14:35:40 33,280 ----a-w c:\windows\system32\HPZipr12.dll
+ 2006-11-08 14:35:40 29,696 ----a-w c:\windows\system32\hpzipt12.dll
+ 2006-11-08 14:35:40 20,480 ----a-w c:\windows\system32\hpzisn12.dll
+ 2007-04-18 14:31:02 387,584 ----a-w c:\windows\system32\hpzjcd01.dll
+ 2006-10-03 08:55:28 17,408 ----a-w c:\windows\system32\hpzjfw01.dll
+ 2006-10-03 08:55:36 139,264 ----a-w c:\windows\system32\hpzjrd01.dll
- 2008-03-01 13:02:06 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-08-26 08:26:56 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-02-29 08:53:54 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-08-25 08:36:29 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-03-01 13:02:06 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-08-26 08:26:56 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-03-01 13:02:06 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-08-26 08:26:56 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-03-01 13:02:06 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-08-26 08:26:56 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-03-01 13:02:07 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-08-26 08:26:57 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-03-01 13:02:07 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-03 17:26:29 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-03-01 13:02:07 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-08-26 08:26:58 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-03-01 13:02:07 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-08-26 08:26:58 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2006-03-20 08:00:00 28,672 ----a-r c:\windows\system32\IMF32.DLL
- 2007-08-21 06:18:05 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 18:51:55 683,520 ----a-w c:\windows\system32\inetcomm.dll
- 2008-03-01 13:02:07 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-08-26 08:26:59 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2007-03-06 16:50:52 264,992 ----a-w c:\windows\system32\lvcodec2.dll
+ 2007-10-12 01:57:28 416,280 ----a-w c:\windows\system32\LVCodec2.dll
- 2007-03-06 16:54:16 215,840 ----a-w c:\windows\system32\LVUI2.dll
+ 2007-10-12 02:00:20 490,008 ----a-w c:\windows\system32\LVUI2.dll
- 2007-03-06 16:54:28 527,136 ----a-w c:\windows\system32\LVUI2RC.dll
+ 2007-10-12 02:00:32 465,432 ----a-w c:\windows\system32\LVUI2RC.dll
+ 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe
- 2007-06-11 20:34:34 2,115,816 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2007-06-11 20:34:40 190,696 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-10-05 03:24:04 235,936 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-11-26 09:47:02 89,102 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2007-11-12 22:09:43 45,218 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-10-19 12:08:44 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2008-05-09 21:35:04 16,863,864 ----a-w c:\windows\system32\MRT.exe
+ 2008-11-04 00:10:26 17,318,336 ----a-w c:\windows\system32\MRT.exe
- 2005-06-29 01:52:57 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:24:32 74,240 ----a-w c:\windows\system32\mscms.dll
- 2006-03-02 12:00:00 294,400 ----a-w c:\windows\system32\MSCTF.dll
+ 2008-02-26 12:01:27 294,912 ----a-w c:\windows\system32\msctf.dll
- 2008-03-01 13:02:07 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-08-26 08:26:59 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-03-01 13:02:07 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-08-26 08:26:59 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-03-01 16:32:10 3,591,680 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-27 09:27:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-03-01 13:02:08 478,208 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-26 08:27:01 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-03-01 13:02:08 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-08-26 08:27:01 193,024 ----a-w c:\windows\system32\msrating.dll
- 2008-03-01 13:02:09 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-08-26 08:27:01 671,232 ----a-w c:\windows\system32\mstime.dll
- 2002-01-05 05:37:26 344,064 ----a-w c:\windows\system32\msvcr70.dll
+ 2003-08-11 08:13:12 344,064 ----a-r c:\windows\system32\msvcr70.dll
- 2006-03-02 12:00:00 247,296 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:42:16 247,296 ----a-w c:\windows\system32\mswsock.dll
- 2007-06-26 06:10:33 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 16:46:06 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 14:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
+ 2008-08-29 19:06:44 1,350,664 ----a-w c:\windows\system32\msxml6.dll
+ 2006-10-05 03:31:10 79,872 ----a-w c:\windows\system32\msxml6r.dll
- 2007-07-30 17:19:10 271,224 ----a-w c:\windows\system32\mucltui.dll
+ 2008-07-18 20:07:34 270,880 ----a-w c:\windows\system32\mucltui.dll
- 2007-07-30 17:18:34 207,736 ----a-w c:\windows\system32\muweb.dll
+ 2008-07-18 20:07:32 210,976 ----a-w c:\windows\system32\muweb.dll
- 2006-08-17 12:29:57 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 17:00:47 332,800 ----a-w c:\windows\system32\netapi32.dll
- 2007-02-22 09:15:12 90,624 ----a-w c:\windows\system32\nmwcdcls.dll
+ 2008-05-07 06:38:24 90,624 ----a-w c:\windows\system32\nmwcdcls.dll
- 2007-02-28 16:04:49 2,017,792 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 13:46:32 2,017,792 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2007-02-28 16:04:51 2,138,112 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 13:46:36 2,138,112 ----a-w c:\windows\system32\ntoskrnl.exe
- 2008-03-01 13:02:09 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-08-26 08:27:01 102,912 ----a-w c:\windows\system32\occache.dll
- 2008-04-11 12:29:54 78,240 ----a-w c:\windows\system32\perfc005.dat
+ 2008-10-26 12:48:03 78,240 ----a-w c:\windows\system32\perfc005.dat
- 2008-04-11 12:29:54 67,600 ----a-w c:\windows\system32\perfc009.dat
+ 2008-10-26 12:48:03 67,600 ----a-w c:\windows\system32\perfc009.dat
- 2008-04-11 12:29:54 412,892 ----a-w c:\windows\system32\perfh005.dat
+ 2008-10-26 12:48:03 412,892 ----a-w c:\windows\system32\perfh005.dat
- 2008-04-11 12:29:54 415,526 ----a-w c:\windows\system32\perfh009.dat
+ 2008-10-26 12:48:03 415,526 ----a-w c:\windows\system32\perfh009.dat
- 2008-03-01 13:02:09 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-26 08:27:01 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2008-05-21 09:15:51 107,832 ----a-w c:\windows\system32\PnkBstrB.exe
+ 2008-08-28 16:29:28 111,928 ----a-w c:\windows\system32\PnkBstrB.exe
- 2007-10-29 22:44:31 1,290,240 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:16:21 1,290,240 ----a-w c:\windows\system32\quartz.dll
+ 2006-03-02 12:00:00 39,936 ----a-w c:\windows\system32\ReinstallBackups\0017\DriverFiles\i386\intelppm.sys
+ 2005-01-07 15:07:18 138,752 ----a-w c:\windows\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.sys
+ 2005-01-07 15:07:18 138,752 ----a-w c:\windows\system32\ReinstallBackups\0019\DriverFiles\hdaudbus.sys
+ 2006-03-02 12:00:00 39,936 ----a-w c:\windows\system32\ReinstallBackups\0020\DriverFiles\i386\intelppm.sys
+ 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-07-18 20:10:40 45,768 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
+ 2008-04-14 03:22:47 7,680 ----a-w c:\windows\system32\spdwnwxp.exe
- 2008-03-20 12:41:20 14,640 ----a-w c:\windows\system32\spmsg.dll
+ 2008-07-08 12:59:42 18,296 ------w c:\windows\system32\spmsg.dll
+ 2006-03-20 08:00:00 3,919,872 ----a-w c:\windows\system32\spool\drivers\w32x86\3\a2600IP.dll
+ 2006-03-20 08:00:00 155,648 ----a-w c:\windows\system32\spool\drivers\w32x86\3\HP2600IR.dll
+ 2007-09-14 11:52:06 3,019,264 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpbcfgre.DLL
+ 2006-11-30 09:14:06 671,816 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpcdmc32.DLL
+ 2007-06-29 09:55:44 326,144 ----a-w c:\windows\system32\spool\drivers\w32x86\3\HPFIE5k4.DLL
+ 2007-10-15 14:55:08 1,261,568 ----a-w c:\windows\system32\spool\drivers\w32x86\3\HPU5SNP.DLL
+ 2007-10-15 14:52:20 1,253,376 ----a-w c:\windows\system32\spool\drivers\w32x86\3\HPU5SNPL.DLL
+ 2007-10-22 10:24:04 2,669,568 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpz3r5k4.dll
+ 2007-10-22 10:21:38 1,526,272 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpz6r5k4.DLL
+ 2006-12-27 15:29:26 6,656 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzbdi.dll
+ 2007-10-22 10:21:42 152,064 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzbr5k4.dll
+ 2007-10-22 10:21:10 250,880 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzc35k4.DLL
+ 2007-10-22 10:21:16 455,680 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzev5k4.DLL
+ 2007-10-22 10:21:28 1,568,256 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzls5k4.DLL
+ 2007-10-22 10:21:18 200,704 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzpe5k4.DLL
+ 2007-10-22 10:21:38 139,264 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzpi5k4.dll
+ 2007-10-22 10:21:42 117,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzpnp.DLL
+ 2007-10-22 10:07:44 1,012,224 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzss5k4.DLL
+ 2007-10-22 09:59:02 5,734,912 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzst5k4.DLL
+ 2007-10-22 10:21:20 3,380,224 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzui5k4.DLL
+ 2007-10-22 09:58:42 3,461,632 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzur5k4.dll
+ 2006-03-20 08:00:00 28,672 ----a-w c:\windows\system32\spool\drivers\w32x86\3\IMF32.DLL
+ 2006-03-20 08:00:00 36,864 ----a-w c:\windows\system32\spool\drivers\w32x86\3\IMFNT5.DLL
+ 2006-03-20 08:00:00 49,152 ----a-w c:\windows\system32\spool\drivers\w32x86\3\IMFPRINT.DLL
+ 2007-03-09 08:04:04 207,872 ----a-w c:\windows\system32\spool\drivers\w32x86\3\pclxl.DLL
+ 2006-03-20 08:00:00 26,624 ----a-w c:\windows\system32\spool\drivers\w32x86\3\QDPRINT.DLL
+ 2006-03-20 08:00:00 77,824 ----a-w c:\windows\system32\spool\drivers\w32x86\3\Sd32.dll
+ 2006-03-20 08:00:00 61,440 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SDDM32.DLL
+ 2006-03-20 08:00:00 122,880 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SDDMUI.DLL
+ 2006-03-20 08:00:00 249,856 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SDhp2600.DLL
+ 2006-03-20 08:00:00 36,864 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SDIMF32.DLL
+ 2006-03-20 08:00:00 28,672 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SDNT5UI.DLL
+ 2006-03-20 08:00:00 5,632 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SDNTUM4.DLL
+ 2006-03-20 08:00:00 221,184 ----a-w c:\windows\system32\spool\drivers\w32x86\3\Sr32.dll
+ 2006-03-20 08:00:00 634,880 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUhp2600.dll
+ 2006-03-20 08:00:00 241,664 ----a-w c:\windows\system32\spool\drivers\w32x86\3\SUxml.dll
+ 2007-03-09 08:03:52 372,736 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2007-03-09 07:51:20 740,864 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2007-03-09 07:51:24 761,344 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2006-03-20 08:00:00 114,688 ----a-w c:\windows\system32\spool\drivers\w32x86\3\vshp2600.dll
+ 2006-03-20 08:00:00 1,568,768 ----a-w c:\windows\system32\spool\drivers\w32x86\3\xerces-c.dll
+ 2006-03-20 08:00:00 40,960 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ZGDI32.DLL
+ 2006-03-20 08:00:00 45,105 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ZJBIG.dll
+ 2006-03-20 08:00:00 86,016 ----a-w c:\windows\system32\spool\drivers\w32x86\3\zlhp2600.dll
+ 2006-03-20 08:00:00 28,672 ----a-w c:\windows\system32\spool\drivers\w32x86\3\zlm.dll
+ 2006-03-20 08:00:00 319,488 ----a-w c:\windows\system32\spool\drivers\w32x86\3\zshp2600.exe
+ 2006-03-20 08:00:00 86,016 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ZSPOOL.DLL
+ 2006-03-20 08:00:00 40,960 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ZSPOOL32.EXE
+ 2006-03-20 08:00:00 24,576 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ZTAG32.DLL
+ 2006-03-20 08:00:00 147,456 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ZUNINST.EXE
+ 2006-03-20 08:00:00 3,919,872 ----a-r c:\windows\system32\spool\drivers\w32x86\a2600IP.dll
+ 2006-03-20 08:00:00 3,919,872 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\A2600IP.DLL
+ 2006-03-20 08:00:00 155,648 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\HP2600IR.DLL
+ 2006-03-20 08:00:00 28,672 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\IMF32.DLL
+ 2006-03-20 08:00:00 36,864 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\IMFNT5.DLL
+ 2006-03-20 08:00:00 49,152 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\IMFPRINT.DLL
+ 2006-03-20 08:00:00 26,624 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\QDPRINT.DLL
+ 2006-03-20 08:00:00 77,824 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\SD32.DLL
+ 2006-03-20 08:00:00 61,440 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\SDDM32.DLL
+ 2006-03-20 08:00:00 122,880 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\SDDMUI.DLL
+ 2006-03-20 08:00:00 249,856 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\SDhp2600.DLL
+ 2006-03-20 08:00:00 36,864 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\SDIMF32.DLL
+ 2006-03-20 08:00:00 28,672 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\SDNT5UI.DLL
+ 2006-03-20 08:00:00 5,632 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\SDNTUM4.DLL
+ 2006-03-20 08:00:00 221,184 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\SR32.DLL
+ 2006-03-20 08:00:00 634,880 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\SUhp2600.DLL
+ 2006-03-20 08:00:00 241,664 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\SUXML.DLL
+ 2006-03-20 08:00:00 114,688 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\VSHP2600.DLL
+ 2006-03-20 08:00:00 1,568,768 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\XERCES-C.DLL
+ 2006-03-20 08:00:00 40,960 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZGDI32.DLL
+ 2006-03-20 08:00:00 45,105 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZJBIG.DLL
+ 2006-03-20 08:00:00 86,016 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZLHP2600.DLL
+ 2006-03-20 08:00:00 28,672 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZLM.DLL
+ 2006-03-20 08:00:00 319,488 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZSHP2600.EXE
+ 2006-03-20 08:00:00 86,016 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZSPOOL.DLL
+ 2006-03-20 08:00:00 40,960 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZSPOOL32.EXE
+ 2006-03-20 08:00:00 24,576 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZTAG32.DLL
+ 2006-03-20 08:00:00 147,456 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZUNINST.EXE
+ 2007-09-14 11:52:06 3,019,264 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpbcfgre.DLL
+ 2006-11-30 09:14:06 671,816 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpcdmc32.DLL
+ 2007-06-29 09:55:44 326,144 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\HPFIE5k4.DLL
+ 2007-10-15 14:55:08 1,261,568 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\HPU5SNP.DLL
+ 2007-10-15 14:52:20 1,253,376 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\HPU5SNPL.DLL
+ 2007-10-22 10:24:04 2,669,568 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpz3r5k4.dll
+ 2007-10-22 10:21:38 1,526,272 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpz6r5k4.DLL
+ 2006-12-27 15:29:26 6,656 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzbdi.dll
+ 2007-10-22 10:21:42 152,064 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzbr5k4.dll
+ 2007-10-22 10:21:10 250,880 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzc35k4.DLL
+ 2007-10-22 10:21:16 455,680 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzev5k4.DLL
+ 2007-10-22 10:21:28 1,568,256 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzls5k4.DLL
+ 2007-10-22 10:21:18 200,704 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzpe5k4.DLL
+ 2007-10-22 10:21:38 139,264 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzpi5k4.DLL
+ 2007-10-22 10:21:42 117,248 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzpnp.DLL
+ 2007-10-22 10:07:44 1,012,224 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzss5k4.DLL
+ 2007-10-22 09:59:02 5,734,912 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzst5k4.DLL
+ 2007-10-22 10:21:20 3,380,224 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzui5k4.DLL
+ 2007-10-22 09:58:42 3,461,632 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\hpzur5k4.dll
+ 2007-03-09 08:04:04 207,872 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\pclxl.DLL
+ 2007-03-09 08:03:52 372,736 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\UNIDRV.DLL
+ 2007-03-09 07:51:20 740,864 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\UNIDRVUI.DLL
+ 2007-03-09 07:51:24 761,344 ----a-w c:\windows\system32\spool\drivers\w32x86\hewlett_packardhp_cod9f0\UNIRES.DLL
+ 2006-03-20 08:00:00 155,648 ----a-r c:\windows\system32\spool\drivers\w32x86\HP2600IR.dll
+ 2006-03-20 08:00:00 28,672 ----a-r c:\windows\system32\spool\drivers\w32x86\IMF32.DLL
+ 2006-03-20 08:00:00 36,864 ----a-r c:\windows\system32\spool\drivers\w32x86\imfnt5.dll
+ 2006-03-20 08:00:00 49,152 ----a-r c:\windows\system32\spool\drivers\w32x86\IMFPRINT.DLL
+ 2006-03-20 08:00:00 26,624 ----a-r c:\windows\system32\spool\drivers\w32x86\QDPRINT.DLL
+ 2006-03-20 08:00:00 77,824 ----a-r c:\windows\system32\spool\drivers\w32x86\Sd32.dll
+ 2006-03-20 08:00:00 61,440 ----a-r c:\windows\system32\spool\drivers\w32x86\SDDM32.DLL
+ 2006-03-20 08:00:00 122,880 ----a-r c:\windows\system32\spool\drivers\w32x86\SDDMUI.DLL
+ 2006-03-20 08:00:00 249,856 ----a-r c:\windows\system32\spool\drivers\w32x86\SDhp2600.DLL
+ 2006-03-20 08:00:00 36,864 ----a-r c:\windows\system32\spool\drivers\w32x86\SDIMF32.DLL
+ 2006-03-20 08:00:00 28,672 ----a-r c:\windows\system32\spool\drivers\w32x86\SDNT5UI.dll
+ 2006-03-20 08:00:00 5,632 ----a-r c:\windows\system32\spool\drivers\w32x86\SDNTUM4.DLL
+ 2006-03-20 08:00:00 221,184 ----a-r c:\windows\system32\spool\drivers\w32x86\Sr32.dll
+ 2006-03-20 08:00:00 634,880 ----a-r c:\windows\system32\spool\drivers\w32x86\SUhp2600.dll
+ 2006-03-20 08:00:00 241,664 ----a-r c:\windows\system32\spool\drivers\w32x86\SUxml.dll
+ 2006-03-20 08:00:00 114,688 ----a-r c:\windows\system32\spool\drivers\w32x86\vshp2600.dll
+ 2006-03-20 08:00:00 1,568,768 ----a-r c:\windows\system32\spool\drivers\w32x86\xerces-c.dll
+ 2006-03-20 08:00:00 40,960 ----a-r c:\windows\system32\spool\drivers\w32x86\ZGDI32.DLL
+ 2006-03-20 08:00:00 45,105 ----a-r c:\windows\system32\spool\drivers\w32x86\ZJBIG.dll
+ 2006-03-20 08:00:00 86,016 ----a-r c:\windows\system32\spool\drivers\w32x86\zlhp2600.dll
+ 2006-03-20 08:00:00 28,672 ----a-r c:\windows\system32\spool\drivers\w32x86\zlm.dll
+ 2006-03-20 08:00:00 319,488 ----a-r c:\windows\system32\spool\drivers\w32x86\zshp2600.exe
+ 2006-03-20 08:00:00 86,016 ----a-r c:\windows\system32\spool\drivers\w32x86\ZSPOOL.DLL
+ 2006-03-20 08:00:00 40,960 ----a-r c:\windows\system32\spool\drivers\w32x86\ZSPOOL32.EXE
+ 2006-03-20 08:00:00 24,576 ----a-r c:\windows\system32\spool\drivers\w32x86\ZTAG32.DLL
+ 2006-03-20 08:00:00 147,456 ----a-r c:\windows\system32\spool\drivers\w32x86\ZUNINST.EXE
+ 2007-10-22 10:21:14 241,664 ----a-w c:\windows\system32\spool\prtprocs\w32x86\hpzpp5k4.DLL
+ 2006-03-20 08:00:00 49,152 ----a-r c:\windows\system32\spool\prtprocs\w32x86\IMFPRINT.DLL
- 2006-09-16 02:02:34 23,856 ----a-w c:\windows\system32\spupdsvc.exe
+ 2007-08-10 18:43:50 26,488 ----a-w c:\windows\system32\spupdsvc.exe
- 2007-11-13 11:31:11 60,416 ----a-w c:\windows\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ----a-w c:\windows\system32\tzchange.exe
- 2008-03-01 13:02:09 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-08-26 08:27:01 105,984 ----a-w c:\windows\system32\url.dll
- 2008-03-01 13:02:09 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-26 08:27:02 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2006-03-20 08:00:00 114,688 ----a-r c:\windows\system32\vshp2600.dll
- 2008-03-01 13:02:09 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-08-26 08:27:02 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2008-03-20 08:09:45 1,845,248 ----a-w c:\windows\system32\win32k.sys
+ 2008-09-15 15:40:58 1,846,016 ----a-w c:\windows\system32\win32k.sys
+ 2002-11-06 01:45:32 327,680 ----a-w c:\windows\system32\windows media\server\wmsservertypelib.dll
- 2008-03-01 13:02:09 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-26 08:27:02 826,368 ----a-w c:\windows\system32\wininet.dll
- 2006-10-18 20:47:20 295,936 ----a-w c:\windows\system32\wmpeffects.dll
+ 2008-06-24 16:12:58 295,936 ----a-w c:\windows\system32\wmpeffects.dll
+ 2002-11-06 01:10:14 167,936 ----a-w c:\windows\system32\wmserror.dll
- 2007-07-30 17:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll
+ 2008-07-18 20:09:44 563,912 ----a-w c:\windows\system32\wuapi.dll
- 2007-07-30 17:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-07-18 20:10:42 53,448 ----a-w c:\windows\system32\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-07-18 20:09:42 1,811,656 ----a-w c:\windows\system32\wuaueng.dll
- 2007-07-30 17:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll
+ 2008-07-18 20:09:46 325,832 ----a-w c:\windows\system32\wucltui.dll
- 2007-07-30 17:18:40 33,624 ----a-w c:\windows\system32\wups.dll
+ 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\wups.dll
- 2007-07-30 17:19:12 43,352 ----a-w c:\windows\system32\wups2.dll
+ 2008-07-18 20:10:40 45,768 ----a-w c:\windows\system32\wups2.dll
- 2007-07-30 17:19:46 203,096 ----a-w c:\windows\system32\wuweb.dll
+ 2008-07-18 20:09:44 205,000 ----a-w c:\windows\system32\wuweb.dll
+ 2006-03-20 08:00:00 11,206,656 ----a-r c:\windows\system32\zhhp_res.dll
+ 2006-03-20 08:00:00 241,664 ----a-r c:\windows\system32\zhhp2600.exe
+ 2006-03-20 08:00:00 86,016 ----a-r c:\windows\system32\zlhp2600.dll
+ 2006-03-20 08:00:00 28,672 ----a-r c:\windows\system32\zlm.dll
+ 2006-03-20 08:00:00 319,488 ----a-r c:\windows\system32\zshp2600.exe
+ 2006-03-20 08:00:00 86,016 ----a-r c:\windows\system32\ZSPOOL.DLL
+ 2006-03-20 08:00:00 24,576 ----a-r c:\windows\system32\ZTAG32.DLL
- 2007-03-06 16:55:14 166,688 ----a-w c:\windows\twain_32\QuickCam\lvWIAext.dll
+ 2007-10-12 02:01:28 236,056 ----a-w c:\windows\twain_32\QuickCam\lvWIAext.dll
- 2000-08-31 06:00:00 49,152 ----a-w c:\windows\VFind.exe
+ 2000-08-31 07:00:00 49,152 ----a-w c:\windows\VFIND.exe
+ 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
- 2007-01-19 12:52:00 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 03:06:51 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-01-19 12:52:00 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 03:06:54 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-01-19 12:52:00 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 03:06:58 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2007-01-19 12:52:00 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 03:07:00 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2007-03-11 19:30:26 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_6e85597b\ATL80.dll
+ 2006-06-05 12:14:28 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
+ 2006-06-05 12:14:28 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
+ 2006-06-05 12:14:28 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
+ 2006-03-23 09:14:36 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcm80.dll
+ 2006-03-23 09:14:36 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcp80.dll
+ 2006-03-23 09:14:36 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcr80.dll
+ 2006-06-05 14:47:40 1,093,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfc80.dll
+ 2006-06-05 14:47:48 1,080,320 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfc80u.dll
+ 2006-06-05 14:47:50 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfcm80.dll
+ 2006-06-05 14:47:50 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfcm80u.dll
+ 2006-03-23 10:44:12 1,093,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfc80.dll
+ 2006-03-23 10:44:16 1,079,808 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfc80u.dll
+ 2006-03-23 10:44:20 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfcm80.dll
+ 2006-03-23 10:44:20 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfcm80u.dll
+ 2006-06-05 14:28:32 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80DEU.dll
+ 2006-06-05 14:28:34 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80ENU.dll
+ 2006-06-05 14:28:32 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80ESP.dll
+ 2006-06-05 14:28:32 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80FRA.dll
+ 2006-06-05 14:28:32 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80CHS.dll
+ 2006-06-05 14:28:32 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80CHT.dll
+ 2006-06-05 14:28:32 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80ITA.dll
+ 2006-06-05 14:28:32 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80JPN.dll
+ 2006-06-05 14:28:34 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80KOR.dll
+ 2008-04-14 03:07:05 1,054,208 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-15 17:59:56 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
+ 2008-04-14 03:06:44 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
- 2006-03-02 12:00:00 852,992 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 03:06:47 852,992 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2006-03-02 12:00:00 992,256 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 03:06:51 992,256 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2006-03-02 12:00:00 134,656 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9\rtcres.dll
+ 2008-04-14 02:32:16 134,656 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9\rtcres.dll
- 2000-08-31 06:00:00 68,096 ----a-w c:\windows\zip.exe
+ 2000-08-31 07:00:00 68,096 ----a-w c:\windows\zip.exe
.
-- Snímek resetován k současnému datu --

mattz · Příspěvekod **mattz** » 27 lis 2008 21:44

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-02-01 21898024]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]
"MS Shell Services"="c:\windows\system32\rundll32.exe" [2006-03-02 33280]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"MS Shell Services"="c:\windows\system32\rundll32.exe" [2006-03-02 33280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008]
"PSDrvCheck"="c:\program files\pinnacle\edition 5\program\PSDrvCheck.exe" [2003-03-10 393728]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-17 81920]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2007-05-11 2512392]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-10-12 98304]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-26 185896]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-11 406016]
"ToolBoxFX"="c:\program files\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2007-08-28 53248]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2007-05-08 36864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2008-07-30 177448]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 1447168]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2007-09-17 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-10-13 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.DVSD"= RALCodec.dll
"VIDC.MJPG"= Pvmjpg30.dll
"vidc.CUVC"= cuvccodc.dll
"vidc.CLLC"= cllccodc.dll
"vidc.CDVC"= cdvccodc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mqV83.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\quY15.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\swB37.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ydH50.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Avid\\Avid Liquid 7\\Program\\RM.exe"=
"c:\\Program Files\\Avid\\Avid Liquid 7\\Program\\StudioU.mod"=
"c:\\Program Files\\Pinnacle\\Edition 5\\Program\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Edition 5\\Program\\studiou.mod"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\WinSCP\\WinSCP.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Documents and Settings\\Strih\\Plocha\\sdc221\\StrongDC.exe"=
"c:\\Program Files\\Outlook Express\\msimn.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8080:TCP"= 8080:TCP:Windows Media Format SDK (wmenc.exe)

R1 cdrblock;cdrblock;c:\windows\system32\DRIVERS\cdrblock.sys [2007-12-05 10368]
R1 cdrport;cdrport;c:\windows\system32\DRIVERS\cdrport.sys [2007-12-05 4608]
R1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-06-10 34312]
R1 hlp;FAST HLP Driver;c:\windows\system32\Drivers\Hlp.Sys [2007-10-12 94964]
R2 FreeAgentGoNext Service;Seagate Service;"c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe" [2008-07-30 161064]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\DRIVERS\psched.sys [2008-10-26 69120]
S0 mqV83;mqV83;c:\windows\system32\Drivers\mqV83.sys []
S0 quY15;quY15;c:\windows\system32\Drivers\quY15.sys []
S0 swB37;swB37;c:\windows\system32\Drivers\swB37.sys []
S0 ydH50;ydH50;c:\windows\system32\Drivers\ydH50.sys []
S1 aswSP;avast! Self Protection; []
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys []
S3 HPFXBULK;HPFXBULK;c:\windows\system32\drivers\hpfxbulk.sys [2008-06-11 17432]
S3 Ndisprot;ArcNet NDIS Protocol Driver;\??\c:\windows\system32\drivers\Ndisprot.sys [2008-11-18 27904]
S3 WebSTARNdis;WebSTAR DPX USB Cable Modem Adapter;c:\windows\system32\DRIVERS\WebSTAR.sys [2007-10-12 15417]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{726ff5bc-6ec8-11dd-9067-001a4d4b242a}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{740c38b0-251e-11dd-8fc8-001a4d4b242a}]
\Shell\AutoRun\command - g:\setup\rsrc\Autorun.exe
\Shell\dinstall\command - g:\directx\dxsetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{860d9cb5-9214-11dc-8e65-00407b6f4a0f}]
\Shell\AutoRun\command - F:\Liquid.Setup.EXE
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{7856E7C4-34E3-4436-ABE3-3FACD2FC62FC} - c:\windows\system32\mlJYpOGw.dll
BHO-{ECEA117C-4411-4BA9-8360-16126F3EBAF4} - (no file)
HKCU-Run-OEXPRESS - (no file)
HKLM-Run-HPPQVideo - c:\program files\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CP1510_Series -f PQOptimizerVideo.xml
HKLM-Run-c:\windows\system32\kdxci.exe - c:\windows\system32\kdxci.exe
HKU-Default-Run-Nokia.PCSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
Notify-dimsntfy - (no file)

.
------- Doplňkový sken -------
.
FireFox -: Profile - c:\documents and settings\Strih\Data aplikací\Mozilla\Firefox\Profiles\75bsvf3h.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.toggle.com/index.php?rvs=hompag
FF -: plugin - c:\program files\Real\RhapsodyPlayerEngine\nprhapengine.dll
FF -: plugin - c:\program files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-27 21:02:16
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(752)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\windows\system32\oodag.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\Common Files\Nokia\MPAPI\MPAPI3s.exe
.
**************************************************************************
.
Celkový čas: 2008-11-27 21:04:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2008-11-27 20:04:55
ComboFix2.txt 2008-05-21 11:24:06

Před spuštěním: Volných bajtů: 32 119 689 216
Po spuštění: Volných bajtů: 32,292,466,688

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

1336 --- E O F --- 2008-11-17 11:42:55

Příspěvekod **jaro3** » 28 lis 2008 09:54

Toto otestuj na Virustotal
c:\windows\tskerxag.exe
c:\windows\hppins09.dat
c:\windows\hppmdl09.dat
c:\windows\Nircmd.exe
c:\windows\NIRCMD.exe

Vlož sem pak výsledky , budeme pokračovat.

Prosím o kontrolu logu a pomoc trojan

Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Re: Prosím o kontrolu logu a pomoc trojan

Kdo je online