System integrity scan wizard

[sirtomage]

//příspěvek přesunut do vlastního tématu
fredik

Ahoj, mám stejný problém

do compu se mi nedavno vloudil nepřijemenj spyware který mi cc každých 7 - 10 min hází okno s názvem System integrity scan wizard. Jako antivir používám avast a jako spyware mam Spybot. Ani jeden z uvedených programu nic nenašel přesto se mi furt vyhazuje to okno.
Jo a taky mi to hazi okno nejen se System integrity scan wizard ale taky Security system - Protection control panel a este jedno..... tady je log z HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:07:55, on 7.5.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Data aplikací\zknavojg\tansdipc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\WINDOWS\system32\dcdqbwde.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office10\msoffice.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CHelper Class - {0F469452-B579-4F29-94A2-AE86C86067A6} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {2C7FECE8-CC41-4FC5-AD38-B2E107F29C63} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {9EE43CD1-33A1-42ED-95D6-173DC2A19DD7} - (no file)
O2 - BHO: (no name) - {A3AE3445-20A6-4EE1-AFE5-2D8C565B3164} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {D1A71C78-AD39-4D0A-A1AA-1F923524B644} - (no file)
O2 - BHO: (no name) - {E16B2382-0E95-4C9D-A087-46685D9C6ADC} - C:\WINDOWS\System32\rqRHxUlm.dll (file missing)
O2 - BHO: (no name) - {FCBABDA2-801E-4F51-B6E8-0122032FB16B} - C:\WINDOWS\System32\opnkigGy.dll (file missing)
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [iwailbwx] C:\WINDOWS\system32\dcdqbwde.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB3124] command /c del "C:\WINDOWS\system32\aulpmtls.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4752] cmd /c del "C:\WINDOWS\system32\aulpmtls.dll_old"
O4 - HKLM\..\Policies\Explorer\Run: [F4YZPzhYxL] C:\Documents and Settings\All Users\Data aplikací\zknavojg\tansdipc.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Eurotran 2006 - {66566BD7-FF3C-46a8-97AB-A60ECC45BDD2} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O9 - Extra button: (no name) - {6740485C-7614-4d47-B8FC-AF7E5E99A2BD} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O9 - Extra 'Tools' menuitem: Eurotran 2006 - {6740485C-7614-4d47-B8FC-AF7E5E99A2BD} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O9 - Extra button: Lexie 2006 - {9EE61AF4-AC5B-42dd-9EBF-9DC30124C338} - C:\Program Files\Microton 2006\Lexie\lexie.dll
O9 - Extra 'Tools' menuitem: Lexie 2006 - {9EE61AF4-AC5B-42dd-9EBF-9DC30124C338} - C:\Program Files\Microton 2006\Lexie\lexie.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O20 - Winlogon Notify: opnkigGy - opnkigGy.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

--
End of file - 7835 bytes


díky

[Reklama]

[sirtomage]

Přikládám ještě log z ComboFix

ComboFix 08-05-01.3 - skad 2008-05-07 14:57:24.1 - NTFSx86
Running from: C:\Documents and Settings\skad\Plocha\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\skad\Local Settings\Data aplikací\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\skad\Plochablackbird.jpg
C:\Documents and Settings\skad\PlochaEditorFKWP1.5.exe
C:\Documents and Settings\skad\PlochaEditorFKWP2.0.exe
C:\Documents and Settings\skad\Plochafilemanagerclient.exe
C:\Documents and Settings\skad\Plochafkwp1.5.exe
C:\Documents and Settings\skad\Plochafkwp2.0.exe
C:\Documents and Settings\skad\Plochafwebd.exe
C:\Documents and Settings\skad\PlochaFWebdEditor.exe
C:\Documents and Settings\skad\PlochaTrojan.Win32.BlackBird.exe
C:\Documents and Settings\skad\Plochavirii
C:\Program Files\PC-Cleaner
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\gmjfchbr.ini
C:\WINDOWS\system32\hogayxjx.ini
C:\WINDOWS\system32\iyvqdhbm.ini
C:\WINDOWS\system32\mimbgyvc.ini
C:\WINDOWS\system32\mlUxHRqr.ini
C:\WINDOWS\system32\mlUxHRqr.ini2
C:\WINDOWS\system32\noorBJlm.ini
C:\WINDOWS\system32\noorBJlm.ini2
C:\WINDOWS\system32\nphjjtkv.ini
C:\WINDOWS\system32\ntgbnybg.ini
C:\WINDOWS\system32\qmewwode.ini
C:\WINDOWS\system32\rbhcfjmg.dll
C:\WINDOWS\system32\rqXyxyay.ini
C:\WINDOWS\system32\rqXyxyay.ini2
C:\WINDOWS\system32\sltmplua.ini
C:\WINDOWS\system32\wyIlmnnn.ini
C:\WINDOWS\system32\wyIlmnnn.ini2

.
((((((((((((((((((((((((( Files Created from 2008-04-07 to 2008-05-07 )))))))))))))))))))))))))))))))
.

2008-05-07 14:07 . 2008-05-07 14:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-29 08:28 . 2008-04-29 08:28 106,496 --a------ C:\WINDOWS\system32\obcvqben.exe
2008-04-28 14:08 . 2008-04-28 14:08 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-04-21 21:26 . 2008-04-21 21:33 <DIR> d-------- C:\Program Files\Wise Registry Cleaner 3
2008-04-21 13:53 . 2008-04-21 13:53 294 --ahs---- C:\WINDOWS\system32\weebpnoy.ini
2008-04-21 12:25 . 2008-04-28 23:34 437 --a------ C:\WINDOWS\wininit.ini
2008-04-21 11:20 . 2008-04-21 11:21 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-19 06:09 . 2008-04-20 06:10 414 --ahs---- C:\WINDOWS\system32\dtxryscj.ini
2008-04-18 06:10 . 2008-04-18 06:10 294 --ahs---- C:\WINDOWS\system32\citbxngq.ini
2008-04-17 16:49 . 2008-04-16 10:07 290,816 --a------ C:\WINDOWS\pmsoarbf.dll
2008-04-17 16:49 . 2008-04-16 10:07 98,304 --a------ C:\WINDOWS\npqtsrak.exe
2008-04-17 16:48 . 2008-04-17 16:48 98,304 --a------ C:\WINDOWS\system32\dcdqbwde.exe
2008-04-14 13:15 . 2008-04-14 13:24 <DIR> d-------- C:\Westwood
2008-04-08 14:14 . 2008-04-08 14:15 <DIR> d-------- C:\Chcete bět milion ýem LT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-07 07:59 --------- d-----w C:\Program Files\LogMeIn
2008-05-07 04:57 --------- d-----w C:\Program Files\Winamp Remote
2008-04-14 11:22 28,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2006-11-07 15:05 92,064 ----a-w C:\Documents and Settings\skad\mqdmmdm.sys
2006-11-07 15:05 9,232 ----a-w C:\Documents and Settings\skad\mqdmmdfl.sys
2006-11-07 15:05 79,328 ----a-w C:\Documents and Settings\skad\mqdmserd.sys
2006-11-07 15:05 66,656 ----a-w C:\Documents and Settings\skad\mqdmbus.sys
2006-11-07 15:05 6,208 ----a-w C:\Documents and Settings\skad\mqdmcmnt.sys
2006-11-07 15:05 5,936 ----a-w C:\Documents and Settings\skad\mqdmwhnt.sys
2006-11-07 15:05 4,048 ----a-w C:\Documents and Settings\skad\mqdmcr.sys
2006-11-07 15:05 25,600 ----a-w C:\Documents and Settings\skad\usbsermptxp.sys
2006-11-07 15:05 22,768 ----a-w C:\Documents and Settings\skad\usbsermpt.sys
2006-08-15 16:08 10,050,902 ----a-w C:\Program Files\Codecs6030_allin1.exe
2007-08-09 12:08 8,784 ----a-w C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
2007-08-09 12:10 245,408 ----a-w C:\Program Files\mozilla firefox\plugins\unicows.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-10-04 22:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2C7FECE8-CC41-4FC5-AD38-B2E107F29C63}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9EE43CD1-33A1-42ED-95D6-173DC2A19DD7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3AE3445-20A6-4EE1-AFE5-2D8C565B3164}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D1A71C78-AD39-4D0A-A1AA-1F923524B644}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E16B2382-0E95-4C9D-A087-46685D9C6ADC}]
C:\WINDOWS\System32\rqRHxUlm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FCBABDA2-801E-4F51-B6E8-0122032FB16B}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2007-10-04 22:06 1135968]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 22:06 1135968]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 20:05 13312]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-01-07 22:02 495616]
"iwailbwx"="C:\WINDOWS\system32\dcdqbwde.exe" [2008-04-17 16:48 98304]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"frckecly"="C:\WINDOWS\system32\uhelstwz.exe" [2008-05-07 15:01 106496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"="Mixer.exe" [2002-10-15 19:00 1818624 C:\WINDOWS\mixer.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 14:03 63048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 20:05 13312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"F4YZPzhYxL"= C:\Documents and Settings\All Users\Data aplikací\zknavojg\tansdipc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-11-22 15:53 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\opnkigGy]
opnkigGy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.fraunhoferacm"= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

R1 aswSP;avast! Self Protection;C:\WINDOWS\System32\drivers\aswSP.sys [2008-03-29 19:31]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2007-04-17 14:00]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\System32\drivers\LMIRfsDriver.sys [2007-04-05 11:55]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 03:35]

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-07 15:01:17
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\WINDOWS\system32\uhelstwz.exe 106496 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\LogMeIn\x86\ramaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\Microsoft Office\Office10\MSOFFICE.EXE
.
**************************************************************************
.
Completion time: 2008-05-07 15:04:58 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-07 13:04:53

Adresářů: 9, Volných bajtů: 22,642,888,704
Adres ý…: 11, Volněch bajt…: 23,038,951,424

159


díky za případnou pomoc či radu.

[fredik]

Vítej na fóru.

Příště si založ vlastní téma (nedávej svůj problém do více různých témat) i kdyby jsi měl stejný problém jako se v něm řeší.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Před použitím ComboFix udělej následující kroky:
#Krok 1:
vypni rez. ochranu u SpyBota:
- spusť Spybot - Search & Destroy
- nahoře v menu zvol: Režim => Pro pokročilé
- objeví se ti varovné okno kde zvol Ano
- okno programu se ti přepne do pokročilého zobrazení a tam zvol: Nástroje => Rezidentní
- tam zruš zatržení pokud bude u položky: Rezidentní program "TeaTimer" (Ochrana ...)

- zavři program
Restartuj PC.

#Krok 2:

Po té si stáhni ResetTeaTimer.bat (viz. Poznámka) a ulož si ho na disku.
- spusť ho a po vyzvání zmáčkni libovolnou klávesu
- po proběhnutí a výzvě opět zmáčkni libovolnou klávesu a program se zavře.
Poznámka:
- pokud používáš Operu, tak klikni pravým tlačítkem myši na odkaz a zvol možnost Uložit cíl odkazu jako...
- pokud používáš Firefox tak klikni pravým tlačítkem myši na odkaz a zvol možnost Uložit odkaz jako...

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
C:\WINDOWS\system32\obcvqben.exe
C:\WINDOWS\system32\weebpnoy.ini
C:\WINDOWS\system32\dtxryscj.ini
C:\WINDOWS\system32\citbxngq.ini
C:\WINDOWS\pmsoarbf.dll
C:\WINDOWS\npqtsrak.exe
C:\WINDOWS\system32\dcdqbwde.exe
C:\WINDOWS\System32\rqRHxUlm.dll
C:\WINDOWS\system32\uhelstwz.exe
C:\Documents and Settings\All Users\Data aplikací\zknavojg\tansdipc.exe

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2C7FECE8-CC41-4FC5-AD38-B2E107F29C63}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9EE43CD1-33A1-42ED-95D6-173DC2A19DD7}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3AE3445-20A6-4EE1-AFE5-2D8C565B3164}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D1A71C78-AD39-4D0A-A1AA-1F923524B644}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E16B2382-0E95-4C9D-A087-46685D9C6ADC}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FCBABDA2-801E-4F51-B6E8-0122032FB16B}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iwailbwx"=-
"frckecly"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"F4YZPzhYxL"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\opnkigGy]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT.

[sirtomage]

Ahoj,
jsem tu úplný nováček, tak díky za každou radu. Příště si udělám vlastní téma.

tady je ComboFix:je moc dlouhý, takže ho posílám na dvakrát

ComboFix 08-05-09.1 - skad 2008-05-11 12:31:05.3 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.216 [GMT 2:00]
Running from: C:\Documents and Settings\skad\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\skad\Plocha\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\Documents and Settings\All Users\Data aplikací\zknavojg\tansdipc.exe
C:\WINDOWS\npqtsrak.exe
C:\WINDOWS\pmsoarbf.dll
C:\WINDOWS\system32\citbxngq.ini
C:\WINDOWS\system32\dcdqbwde.exe
C:\WINDOWS\system32\dtxryscj.ini
C:\WINDOWS\system32\obcvqben.exe
C:\WINDOWS\System32\rqRHxUlm.dll
C:\WINDOWS\system32\uhelstwz.exe
C:\WINDOWS\system32\weebpnoy.ini
.

((((((((((((((((((((((((( Files Created from 2008-04-11 to 2008-05-11 )))))))))))))))))))))))))))))))
.

2008-05-08 01:06 . 2008-05-08 01:06 197 --a------ C:\WINDOWS\system32\MRT.INI
2008-05-07 16:10 . 2005-10-21 00:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-05-07 15:59 . 2008-05-07 15:59 106,496 --a------ C:\WINDOWS\system32\sfetibuj.exe
2008-05-07 15:47 . 2008-05-07 15:47 <DIR> d-------- C:\WINDOWS\system32\bits
2008-05-07 15:46 . 2008-05-08 01:14 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-05-07 15:46 . 2005-06-28 09:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-05-07 15:30 . 2004-07-02 00:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-05-07 15:30 . 2004-07-02 00:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-05-07 15:30 . 2004-07-02 00:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-05-07 15:30 . 2004-07-02 00:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-05-07 15:30 . 2004-07-02 00:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-05-07 15:30 . 2004-07-02 00:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-05-07 15:30 . 2004-07-02 00:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-05-07 15:30 . 2004-07-02 00:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-05-07 15:30 . 2004-07-02 00:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-05-07 15:24 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-05-07 15:24 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-05-07 15:24 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-05-07 15:24 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-05-07 15:24 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-05-07 15:24 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-05-07 15:24 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-05-07 14:07 . 2008-05-07 14:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-28 14:08 . 2008-04-28 14:08 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-04-21 21:26 . 2008-04-21 21:33 <DIR> d-------- C:\Program Files\Wise Registry Cleaner 3
2008-04-21 15:58 . 2008-04-21 15:58 <DIR> d-------- C:\Documents and Settings\skad\Data aplikací\PC-Cleaner
2008-04-21 12:25 . 2008-04-28 23:34 437 --a------ C:\WINDOWS\wininit.ini
2008-04-21 11:20 . 2008-04-21 11:21 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-21 11:20 . 2008-04-21 12:26 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-04-17 16:48 . 2008-05-08 01:06 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\zknavojg
2008-04-14 13:15 . 2008-04-14 13:24 <DIR> d-------- C:\Westwood

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-11 09:31 --------- d-----w C:\Program Files\LogMeIn
2008-05-09 22:34 --------- d-----w C:\Program Files\Winamp Remote
2008-04-14 11:22 28,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2006-12-09 02:31 17,832 ----a-w C:\Documents and Settings\skad\Data aplikací\GDIPFONTCACHEV1.DAT
2006-11-07 15:05 92,064 ----a-w C:\Documents and Settings\skad\mqdmmdm.sys
2006-11-07 15:05 9,232 ----a-w C:\Documents and Settings\skad\mqdmmdfl.sys
2006-11-07 15:05 79,328 ----a-w C:\Documents and Settings\skad\mqdmserd.sys
2006-11-07 15:05 66,656 ----a-w C:\Documents and Settings\skad\mqdmbus.sys
2006-11-07 15:05 6,208 ----a-w C:\Documents and Settings\skad\mqdmcmnt.sys
2006-11-07 15:05 5,936 ----a-w C:\Documents and Settings\skad\mqdmwhnt.sys
2006-11-07 15:05 4,048 ----a-w C:\Documents and Settings\skad\mqdmcr.sys
2006-11-07 15:05 25,600 ----a-w C:\Documents and Settings\skad\usbsermptxp.sys
2006-11-07 15:05 22,768 ----a-w C:\Documents and Settings\skad\usbsermpt.sys
2006-08-15 16:08 10,050,902 ----a-w C:\Program Files\Codecs6030_allin1.exe
2007-08-09 12:08 8,784 ----a-w C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
2007-08-09 12:10 245,408 ----a-w C:\Program Files\mozilla firefox\plugins\unicows.dll
.

------- Sigcheck -------

2004-08-04 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\ip6fw.sys
.
((((((((((((((((((((((((((((( snapshot@2008-05-07_15.04.42.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-11-17 17:43:29 351,232 ----a-w C:\WINDOWS\$hf_mig$\KB873339\SP2GDR\hypertrm.dll
+ 2004-11-17 17:41:40 351,232 ----a-w C:\WINDOWS\$hf_mig$\KB873339\SP2QFE\hypertrm.dll
+ 2004-10-14 08:34:34 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spmsg.dll
+ 2004-10-14 08:36:18 170,496 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
+ 2004-10-14 08:36:16 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\spcustom.dll
+ 2004-10-14 08:34:36 657,920 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
+ 2004-12-07 19:34:13 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB888302\SP2GDR\srvsvc.dll
+ 2004-12-07 19:33:13 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB888302\SP2QFE\srvsvc.dll
+ 2004-11-30 12:46:22 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB888302\spmsg.dll
+ 2004-11-30 18:22:38 170,496 ----a-w C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe
+ 2004-11-30 18:22:38 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\spcustom.dll
+ 2004-11-30 12:46:22 657,920 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
+ 2005-04-22 05:08:58 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB890046\SP2GDR\agentdpv.dll
+ 2005-05-17 00:42:12 15,360 ----a-w C:\WINDOWS\$hf_mig$\KB890046\SP2GDR\spru0405.dll
+ 2005-04-22 05:20:47 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\agentdpv.dll
+ 2005-05-17 00:44:42 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\spru0405.dll
+ 2005-02-24 18:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB890046\spmsg.dll
+ 2005-02-24 18:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB890046\spuninst.exe
+ 2005-02-24 18:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\spcustom.dll
+ 2005-02-24 18:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
+ 2005-02-24 18:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\updspapi.dll
+ 2005-03-02 18:18:13 56,832 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\authz.dll
+ 2005-03-02 18:08:53 2,137,600 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\ntkrnlmp.exe
+ 2005-03-02 18:08:52 2,059,008 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe
+ 2005-03-02 18:08:57 2,017,280 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\ntkrpamp.exe
+ 2005-03-02 18:09:01 2,181,504 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\ntoskrnl.exe
+ 2005-03-02 18:18:13 577,024 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\user32.dll
+ 2005-03-02 18:08:50 1,836,288 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\win32k.sys
+ 2005-03-02 18:18:13 291,328 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\winsrv.dll
+ 2005-03-02 18:21:07 62,464 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\authz.dll
+ 2005-03-02 18:14:26 2,137,600 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlmp.exe
+ 2005-03-02 18:14:26 2,059,008 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
+ 2005-03-02 18:14:42 2,017,280 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrpamp.exe
+ 2005-03-02 18:14:50 2,181,632 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
+ 2005-03-02 18:21:07 577,024 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
+ 2005-03-02 18:14:22 1,836,288 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\win32k.sys
+ 2005-03-02 18:21:07 291,328 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\winsrv.dll
+ 2005-02-24 17:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB890859\spmsg.dll
+ 2005-02-24 17:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB890859\spuninst.exe
+ 2005-02-24 17:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\spcustom.dll
+ 2005-02-24 17:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
+ 2005-02-24 17:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\updspapi.dll
+ 2004-11-30 12:46:22 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB891781\spmsg.dll
+ 2004-11-30 18:22:38 170,496 ----a-w C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe
+ 2004-11-30 18:22:38 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\spcustom.dll
+ 2004-11-30 12:46:22 657,920 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
+ 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2GDR\hh.exe
+ 2005-05-27 02:08:06 41,472 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2GDR\hhsetup.dll
+ 2005-05-27 02:08:06 155,136 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2GDR\itircl.dll
+ 2005-05-27 02:08:06 137,216 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2GDR\itss.dll
+ 2005-05-26 23:26:50 10,752 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe
+ 2005-05-27 02:11:26 41,472 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hhsetup.dll
+ 2005-05-27 02:11:26 155,136 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itircl.dll
+ 2005-05-27 02:11:26 137,216 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itss.dll
+ 2005-02-24 18:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB896358\spmsg.dll
+ 2005-02-24 18:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB896358\spuninst.exe
+ 2005-02-24 18:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\spcustom.dll
+ 2005-02-24 18:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
+ 2005-02-24 18:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\updspapi.dll
+ 2005-06-10 23:53:32 57,856 ----a-w C:\WINDOWS\$hf_mig$\KB896423\SP2GDR\spoolsv.exe
+ 2005-06-11 00:17:13 57,856 ----a-w C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
+ 2005-02-24 18:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB896423\spmsg.dll
+ 2005-02-24 18:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB896423\spuninst.exe
+ 2005-06-29 14:54:32 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe
+ 2005-02-24 18:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\spcustom.dll
+ 2005-02-24 18:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
+ 2005-02-24 18:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\updspapi.dll
+ 2005-05-11 02:31:16 77,824 ----a-w C:\WINDOWS\$hf_mig$\KB896428\SP2GDR\telnet.exe
+ 2005-05-11 02:33:48 77,824 ----a-w C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe
+ 2005-02-24 18:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB896428\spmsg.dll
+ 2005-02-24 18:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB896428\spuninst.exe
+ 2005-02-24 18:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\spcustom.dll
+ 2005-02-24 18:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
+ 2005-02-24 18:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\updspapi.dll
+ 2005-08-11 15:11:59 65,024 ----a-w C:\WINDOWS\$hf_mig$\KB899589\SP2GDR\nwwks.dll
+ 2005-08-11 15:13:45 65,024 ----a-w C:\WINDOWS\$hf_mig$\KB899589\SP2QFE\nwwks.dll
+ 2005-02-24 18:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB899589\spmsg.dll
+ 2005-02-24 18:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB899589\spuninst.exe
+ 2005-08-17 14:38:14 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB899589\update\arpidfix.exe
+ 2005-02-24 18:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB899589\update\spcustom.dll
+ 2005-02-24 18:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB899589\update\update.exe
+ 2005-02-24 18:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB899589\update\updspapi.dll
+ 2005-09-01 02:28:18 19,968 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2GDR\linkinfo.dll
+ 2005-09-23 03:07:21 8,454,656 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2GDR\shell32.dll
+ 2005-09-02 23:55:06 473,600 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2GDR\shlwapi.dll
+ 2005-09-01 02:28:20 291,840 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2GDR\winsrv.dll
+ 2005-09-01 02:54:26 19,968 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
+ 2005-09-23 03:27:34 8,456,704 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll
+ 2005-09-02 23:55:56 474,112 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shlwapi.dll
+ 2005-09-27 00:47:40 22,016 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\spru0405.dll
+ 2005-09-01 02:54:26 291,840 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\winsrv.dll
+ 2005-02-24 18:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB900725\spmsg.dll
+ 2005-02-24 18:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB900725\spuninst.exe
+ 2005-09-26 15:36:24 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe
+ 2005-02-24 18:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\spcustom.dll
+ 2005-02-24 18:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
+ 2005-02-24 18:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\updspapi.dll
+ 2005-06-29 01:52:57 254,976 ----a-w C:\WINDOWS\$hf_mig$\KB901214\SP2GDR\icm32.dll
+ 2005-06-29 01:52:57 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB901214\SP2GDR\mscms.dll
+ 2005-06-29 01:54:27 254,976 ----a-w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\icm32.dll
+ 2005-06-29 01:54:27 73,728 ----a-w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\mscms.dll
+ 2005-02-24 18:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB901214\spmsg.dll
+ 2005-02-24 18:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB901214\spuninst.exe
+ 2005-02-24 18:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\spcustom.dll
+ 2005-02-24 18:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
+ 2005-02-24 18:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\updspapi.dll
+ 2005-07-26 04:42:49 225,792 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\catsrv.dll
+ 2005-07-26 04:42:49 625,152 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\catsrvut.dll
+ 2005-07-26 04:42:49 110,080 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\clbcatex.dll
+ 2005-07-26 04:42:50 498,688 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\clbcatq.dll
+ 2005-07-26 04:42:50 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\colbact.dll
+ 2005-07-26 04:42:50 195,072 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\comadmin.dll
+ 2005-07-26 04:42:50 97,792 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\comrepl.dll
+ 2005-07-26 04:42:50 1,267,200 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\comsvcs.dll
+ 2005-07-26 04:42:50 540,160 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\comuid.dll
+ 2005-07-26 04:42:50 243,200 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\es.dll
+ 2005-07-25 23:46:57 7,680 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\migregdb.exe
+ 2005-07-26 04:42:50 425,472 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\msdtcprx.dll
+ 2005-07-26 04:42:50 945,152 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\msdtctm.dll
+ 2005-07-26 04:42:50 161,280 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\msdtcuiu.dll
+ 2005-07-26 04:42:50 66,560 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\mtxclu.dll
+ 2005-07-26 04:42:50 91,136 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\mtxoci.dll
+ 2005-07-26 04:42:51 1,284,608 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\ole32.dll
+ 2005-07-26 04:42:51 74,752 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\olecli32.dll
+ 2005-07-26 04:42:51 37,888 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\olecnv32.dll
+ 2005-07-26 04:42:51 397,824 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\rpcss.dll
+ 2005-07-26 04:42:51 101,376 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\txflog.dll
+ 2005-07-26 04:42:51 11,776 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\xolehlp.dll
+ 2005-07-26 04:30:28 225,792 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrv.dll
+ 2005-07-26 04:30:29 625,152 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrvut.dll
+ 2005-07-26 04:30:29 110,080 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatex.dll
+ 2005-07-26 04:30:31 498,688 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatq.dll
+ 2005-07-26 04:30:31 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\colbact.dll
+ 2005-07-26 04:30:33 195,072 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comadmin.dll
+ 2005-07-26 04:30:34 97,792 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comrepl.dll
+ 2005-07-26 04:30:39 1,267,200 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comsvcs.dll
+ 2005-07-26 04:30:42 540,160 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comuid.dll
+ 2005-07-26 04:30:43 243,200 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll
+ 2005-07-25 23:42:35 8,704 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe
+ 2005-07-26 04:30:47 425,472 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcprx.dll
+ 2005-07-26 04:30:51 945,152 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtctm.dll
+ 2005-07-26 04:31:10 161,280 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcuiu.dll
+ 2005-07-26 04:31:10 66,560 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxclu.dll
+ 2005-07-26 04:31:10 91,136 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxoci.dll
+ 2005-07-26 04:31:11 1,285,632 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ole32.dll
+ 2005-07-26 04:31:11 74,752 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecli32.dll
+ 2005-07-26 04:31:11 37,376 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecnv32.dll
+ 2005-07-26 04:31:11 398,336 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
+ 2005-07-26 04:31:11 101,376 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\txflog.dll
+ 2005-07-26 04:31:11 11,776 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\xolehlp.dll
+ 2005-02-24 18:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB902400\spmsg.dll
+ 2005-02-24 18:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB902400\spuninst.exe
+ 2005-07-25 17:21:18 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe
+ 2005-02-24 18:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\spcustom.dll
+ 2005-02-24 18:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
+ 2005-02-24 18:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\updspapi.dll
+ 2005-08-30 03:56:01 1,289,728 ----a-w C:\WINDOWS\$hf_mig$\KB904706\SP2GDR\quartz.dll
+ 2005-08-30 04:17:17 1,290,240 ----a-w C:\WINDOWS\$hf_mig$\KB904706\SP2QFE\quartz.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB904706\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB904706\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB904706\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB904706\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB904706\update\updspapi.dll
+ 2005-08-22 18:36:10 197,632 ----a-w C:\WINDOWS\$hf_mig$\KB905414\SP2GDR\netman.dll
+ 2005-08-22 18:26:26 197,632 ----a-w C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll
+ 2005-02-25 03:34:44 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB905414\spmsg.dll
+ 2005-02-25 03:34:44 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB905414\spuninst.exe
+ 2005-08-19 23:50:31 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\arpidfix.exe
+ 2005-02-25 03:34:44 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\spcustom.dll
+ 2005-02-25 03:34:45 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
+ 2005-02-25 03:34:46 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\updspapi.dll
+ 2005-08-23 03:40:12 124,416 ----a-w C:\WINDOWS\$hf_mig$\KB905749\SP2GDR\umpnpmgr.dll
+ 2005-08-23 03:42:05 124,416 ----a-w C:\WINDOWS\$hf_mig$\KB905749\SP2QFE\umpnpmgr.dll
+ 2005-02-24 18:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB905749\spmsg.dll
+ 2005-02-24 18:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB905749\spuninst.exe
+ 2005-08-22 16:01:30 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\arpidfix.exe
+ 2005-02-24 18:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\spcustom.dll
+ 2005-02-24 18:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
+ 2005-02-24 18:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\updspapi.dll
+ 2005-10-17 21:21:35 80,896 ----a-w C:\WINDOWS\$hf_mig$\KB908519\SP2GDR\fontsub.dll
+ 2005-10-17 21:21:35 118,272 ----a-w C:\WINDOWS\$hf_mig$\KB908519\SP2GDR\t2embed.dll
+ 2005-10-17 21:26:50 80,896 ----a-w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\fontsub.dll
+ 2005-10-17 21:26:50 117,760 ----a-w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\t2embed.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB908519\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB908519\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\updspapi.dll
+ 2006-03-17 04:08:02 8,456,192 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2GDR\shell32.dll
+ 2006-03-17 00:38:01 28,672 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2GDR\verclsid.exe
+ 2006-03-17 04:50:16 8,458,752 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\shell32.dll
+ 2006-03-22 01:51:42 23,552 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\spru0405.dll
+ 2006-03-17 01:05:35 28,672 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\verclsid.exe
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB908531\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB908531\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\updspapi.dll
+ 2006-06-22 10:48:34 181,248 ----a-w C:\WINDOWS\$hf_mig$\KB911280\SP2GDR\rasmans.dll
+ 2006-06-22 10:47:10 180,736 ----a-w C:\WINDOWS\$hf_mig$\KB911280\SP2QFE\rasmans.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB911280\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB911280\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\updspapi.dll
+ 2006-03-23 05:51:26 143,360 ----a-w C:\WINDOWS\$hf_mig$\KB911562\SP2GDR\msadco.dll
+ 2006-03-23 05:53:43 143,360 ----a-w C:\WINDOWS\$hf_mig$\KB911562\SP2QFE\msadco.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB911562\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB911562\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\updspapi.dll
+ 2005-12-29 02:56:05 280,064 ----a-w C:\WINDOWS\$hf_mig$\KB912919\SP2GDR\gdi32.dll
+ 2005-12-29 03:09:15 280,064 ----a-w C:\WINDOWS\$hf_mig$\KB912919\SP2QFE\gdi32.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB912919\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB912919\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB912919\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB912919\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB912919\update\updspapi.dll
+ 2006-03-01 19:44:08 426,496 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2GDR\msdtcprx.dll
+ 2006-03-01 19:44:09 956,416 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2GDR\msdtctm.dll
+ 2006-03-01 19:44:09 161,280 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2GDR\msdtcuiu.dll
+ 2006-03-01 19:44:09 66,560 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2GDR\mtxclu.dll
+ 2006-03-01 19:44:09 91,136 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2GDR\mtxoci.dll
+ 2006-03-01 19:44:09 11,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2GDR\xolehlp.dll
+ 2006-03-01 19:42:43 426,496 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcprx.dll
+ 2006-03-01 19:42:43 956,416 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtctm.dll
+ 2006-03-01 19:42:43 161,280 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcuiu.dll
+ 2006-03-01 19:42:43 66,560 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxclu.dll
+ 2006-03-01 19:42:43 91,136 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxoci.dll
+ 2006-03-01 19:42:43 11,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\xolehlp.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB913580\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\updspapi.dll
+ 2006-05-19 13:42:34 110,592 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2GDR\dhcpcsvc.dll
+ 2006-05-19 13:42:34 148,480 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2GDR\dnsapi.dll
+ 2006-05-19 13:42:34 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2GDR\iphlpapi.dll
+ 2006-05-19 14:25:54 111,104 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dhcpcsvc.dll
+ 2006-05-19 14:25:54 147,456 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dnsapi.dll
+ 2006-05-19 14:25:54 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\iphlpapi.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB914388\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB914388\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\updspapi.dll
+ 2006-05-05 09:41:45 453,120 ----a-w C:\WINDOWS\$hf_mig$\KB914389\SP2GDR\mrxsmb.sys
+ 2006-05-05 09:47:57 174,592 ----a-w C:\WINDOWS\$hf_mig$\KB914389\SP2GDR\rdbss.sys
+ 2006-05-05 10:16:39 454,400 ----a-w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys
+ 2006-05-05 10:22:52 174,592 ----a-w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\rdbss.sys
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB914389\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB914389\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\updspapi.dll
+ 2006-05-18 05:43:42 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB917344\SP2GDR\jscript.dll
+ 2006-05-18 05:46:55 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB917344\SP2QFE\jscript.dll
+ 2005-10-12 23:13:22 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB917344\spmsg.dll
+ 2005-10-12 23:13:22 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB917344\spuninst.exe
+ 2005-10-12 23:13:21 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\spcustom.dll
+ 2005-10-12 23:13:24 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
+ 2005-10-12 23:13:27 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\updspapi.dll
+ 2006-07-05 10:57:10 982,528 ----a-w C:\WINDOWS\$hf_mig$\KB917422\SP2GDR\kernel32.dll
+ 2006-07-05 10:58:36 983,552 ----a-w C:\WINDOWS\$hf_mig$\KB917422\SP2QFE\kernel32.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB917422\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB917422\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB917422\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB917422\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB917422\update\updspapi.dll
+ 2006-04-20 11:51:50 359,808 ----a-w C:\WINDOWS\$hf_mig$\KB917953\SP2GDR\tcpip.sys
+ 2006-04-20 12:18:35 360,576 ----a-w C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB917953\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB917953\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB917953\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB917953\update\updspapi.dll
+ 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\$hf_mig$\KB919007\SP2GDR\rmcast.sys
+ 2006-07-13 11:43:08 202,496 ----a-w C:\WINDOWS\$hf_mig$\KB919007\SP2QFE\rmcast.sys
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB919007\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB919007\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\updspapi.dll
+ 2006-07-21 08:28:17 72,704 ----a-w C:\WINDOWS\$hf_mig$\KB920670\SP2GDR\hlink.dll
+ 2006-07-21 08:30:08 72,704 ----a-w C:\WINDOWS\$hf_mig$\KB920670\SP2QFE\hlink.dll
+ 2005-10-12 23:13:22 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920670\spmsg.dll
+ 2005-10-12 23:13:22 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB920670\spuninst.exe
+ 2005-10-12 23:13:21 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\spcustom.dll
+ 2005-10-12 23:13:24 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
+ 2005-10-12 23:13:27 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\updspapi.dll
+ 2006-06-26 17:45:40 148,480 ----a-w C:\WINDOWS\$hf_mig$\KB920683\SP2GDR\dnsapi.dll
+ 2006-06-26 17:45:40 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB920683\SP2GDR\rasadhlp.dll
+ 2006-06-26 17:47:13 147,456 ----a-w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\dnsapi.dll
+ 2006-06-26 17:47:13 7,680 ----a-w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920683\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB920683\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\updspapi.dll
+ 2006-07-13 13:35:54 8,457,728 ----a-w C:\WINDOWS\$hf_mig$\KB921398\SP2GDR\shell32.dll
+ 2006-07-13 14:04:57 8,461,824 ----a-w C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\shell32.dll
+ 2006-07-13 11:52:44 157,184 ----a-w C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\spru0405.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB921398\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB921398\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB921398\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB921398\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB921398\update\updspapi.dll
+ 2006-08-25 15:51:22 617,472 ----a-w C:\WINDOWS\$hf_mig$\KB923191\SP2QFE\comctl32.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB923191\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB923191\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB923191\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB923191\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB923191\update\updspapi.dll
+ 2006-09-04 06:13:23 1,494,528 ----a-w C:\WINDOWS\$hf_mig$\KB924496\SP2GDR\shdocvw.dll
+ 2006-09-04 06:15:08 1,497,600 ----a-w C:\WINDOWS\$hf_mig$\KB924496\SP2QFE\shdocvw.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB924496\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB924496\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\updspapi.dll
- 2007-09-11 12:21:39 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-05-07 23:25:01 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2007-09-11 12:21:48 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-05-07 23:25:14 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2007-09-11 12:21:49 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-05-07 23:25:15 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-09-11 12:21:50 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-05-07 23:25:17 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-09-11 12:21:45 2,878,976 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-05-07 23:25:10 2,878,976 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2007-09-11 12:21:36 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-05-07 23:24:54 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-09-11 12:21:36 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-05-07 23:24:54 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2007-09-11 12:21:55 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-05-07 23:25:25 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-09-11 12:21:42 5,025,792 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-05-07 23:25:06 5,029,888 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-09-11 12:21:39 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-05-07 23:25:00 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-09-11 12:21:36 503,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-05-07 23:24:53 503,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2007-09-11 12:21:37 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-05-07 23:24:56 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2007-09-11 12:21:47 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-05-07 23:25:12 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-09-11 12:21:47 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-05-07 23:25:13 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-09-11 12:21:48 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-05-07 23:25:13 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2007-09-11 12:21:38 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-05-07 23:24:57 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2007-09-11 12:21:38 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-05-07 23:24:58 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-09-11 12:21:38 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-05-07 23:24:59 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-09-11 12:21:38 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-05-07 23:24:59 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-09-11 12:21:37 745,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-05-07 23:24:56 745,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-09-11 12:21:57 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-05-07 23:25:28 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-09-11 12:21:57 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-05-07 23:25:27 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-09-11 12:21:35 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-05-07 23:24:50 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2007-09-11 12:21:57 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-05-07 23:25:26 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-09-11 12:21:58 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-05-07 23:25:28 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-09-11 12:21:36 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-05-07 23:24:53 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-09-11 12:21:35 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-05-07 23:24:51 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-09-11 12:21:36 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-05-07 23:24:52 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2007-09-11 12:21:53 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-05-07 23:25:20 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-09-11 12:21:39 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-05-07 23:25:02 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-09-11 12:21:53 389,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-05-07 23:25:21 389,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-09-11 12:21:51 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-05-07 23:25:17 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-09-11 12:21:37 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-05-07 23:24:55 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-09-11 12:21:46 5,050,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-05-07 23:25:12 5,050,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-09-11 12:21:40 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-05-07 23:25:03 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-09-11 12:21:40 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-05-07 23:25:03 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-09-11 12:21:41 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-05-07 23:25:04 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-09-11 12:21:54 700,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-05-07 23:25:23 700,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-09-11 12:21:51 368,640 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-05-07 23:25:18 368,640 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-09-11 12:21:55 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-05-07 23:25:24 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-09-11 12:21:52 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-05-07 23:25:19 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-09-11 12:21:52 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-05-07 23:25:19 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-09-11 12:21:39 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-05-07 23:25:01 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-09-11 12:21:41 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-05-07 23:25:05 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-09-11 12:21:56 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-05-07 23:25:25 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-09-11 12:21:43 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-05-07 23:25:07 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-09-11 12:21:44 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-05-07 23:25:07 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-09-11 12:21:44 5,316,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-05-07 23:25:08 5,316,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-09-11 12:21:45 2,035,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-05-07 23:25:10 2,035,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2007-09-11 12:21:54 3,018,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-05-07 23:25:22 3,018,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-05-07 23:21:02 860,160 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\393710fa5b23214eaaa91dc6c231c46d\AspNetMMCExt.ni.dll
+ 2008-05-07 23:21:12 1,724,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d28c199931021142a12e1c842b968744\Microsoft.VisualBasic.ni.dll
+ 2008-05-07 23:18:51 10,723,328 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\92a636454984174280750adacc4b3e0c\System.Design.ni.dll
+ 2008-05-08 00:56:25 2,310,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\7a39b559bcbc5e47b722163556242e7e\System.Web.Mobile.ni.dll
+ 2008-05-08 00:56:30 1,945,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a20154edb942cb45b2c34f08f314d545\System.Web.Services.ni.dll
+ 2008-05-07 23:21:59 11,845,632 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\9588f33a72737247a43ab7c7f5d90833\System.Web.ni.dll
+ 2008-05-07 23:22:28 2,310,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3AE.tmp\System.Web.Mobile.dll
- 2008-05-07 13:00:36 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-09 22:44:55 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2006-05-05 09:31:04 433,152 ------w C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
+ 2005-03-02 18:18:23 1,900,032 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2005-03-02 18:18:27 1,955,712 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2005-03-02 18:18:32 1,928,704 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2005-03-02 18:18:37 2,040,704 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2006-05-19 08:44:15 11,776 ------w C:\WINDOWS\Driver Cache\i386\tunmp.sys
- 2002-09-20 18:05:28 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2005-05-25 22:44:31 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2003-02-28 14:35:26 6,550 ----a-w C:\WINDOWS\jautoexp.dat
+ 2008-05-07 23:11:36 2,678 ----a-w C:\WINDOWS\java\Packages\Data\BFNZP73V.DAT
+ 2008-05-07 23:11:33 2,678 ----a-w C:\WINDOWS\java\Packages\Data\EW25J175.DAT
+ 2008-05-07 23:11:32 2,678 ----a-w C:\WINDOWS\java\Packages\Data\IXJ5RLJR.DAT
+ 2008-05-07 23:11:32 2,678 ----a-w C:\WINDOWS\java\Packages\Data\O6CI4ASG.DAT
+ 2008-05-07 23:11:32 2,678 ----a-w C:\WINDOWS\java\Packages\Data\WDNHFR5R.DAT
+ 2004-07-01 22:10:40 360,448 ----a-w C:\WINDOWS\LastGood\System32\bits\qmgr.dll
+ 2004-08-03 11:58:08 71,448 ----a-w C:\WINDOWS\LastGood\System32\cdm.dll
+ 2002-09-20 18:05:18 49,182 ----a-w C:\WINDOWS\LastGood\System32\clspack.exe
+ 2002-09-20 18:04:40 221,184 ----a-w C:\WINDOWS\LastGood\System32\DllCache\qmgr.dll
+ 2002-09-20 18:04:40 17,408 ----a-w C:\WINDOWS\LastGood\System32\DllCache\qmgrprxy.dll
+ 2001-10-25 14:00:00 87,040 ----a-w C:\WINDOWS\LastGood\System32\DllCache\srvsvc.dll
+ 2002-09-20 18:05:00 310,272 ----a-w C:\WINDOWS\LastGood\System32\DllCache\winhttp.dll
+ 2002-09-20 18:03:44 313,856 ----a-w C:\WINDOWS\LastGood\System32\dx3j.dll
+ 2001-10-25 14:00:00 493,568 ----a-w C:\WINDOWS\LastGood\System32\hypertrm.dll
+ 2002-09-20 18:04:02 186,911 ----a-w C:\WINDOWS\LastGood\System32\javacypt.dll
+ 2002-09-20 18:04:02 63,007 ----a-w C:\WINDOWS\LastGood\System32\javaprxy.dll
+ 2002-09-20 18:04:02 404,509 ----a-w C:\WINDOWS\LastGood\System32\javart.dll
+ 2002-09-20 18:05:30 14,878 ----a-w C:\WINDOWS\LastGood\System32\jdbgmgr.exe
+ 2002-09-20 18:04:02 171,034 ----a-w C:\WINDOWS\LastGood\System32\jit.dll
+ 2002-09-20 18:05:32 172,060 ----a-w C:\WINDOWS\LastGood\System32\jview.exe
+ 2002-09-20 18:04:10 154,140 ----a-w C:\WINDOWS\LastGood\System32\msawt.dll
+ 2002-09-20 18:04:26 945,693 ----a-w C:\WINDOWS\LastGood\System32\msjava.dll
+ 2002-09-20 18:04:26 21,023 ----a-w C:\WINDOWS\LastGood\System32\msjdbc10.dll
+ 2002-09-20 18:04:40 221,184 ----a-w C:\WINDOWS\LastGood\System32\qmgr.dll
+ 2002-09-20 18:04:40 17,408 ----a-w C:\WINDOWS\LastGood\System32\qmgrprxy.dll
+ 2001-10-25 14:00:00 87,040 ----a-w C:\WINDOWS\LastGood\System32\srvsvc.dll
+ 2002-09-20 18:04:58 287,263 ----a-w C:\WINDOWS\LastGood\System32\vmhelper.dll
+ 2002-09-20 18:05:00 310,272 ----a-w C:\WINDOWS\LastGood\System32\winhttp.dll
+ 2002-09-20 18:05:50 171,549 ----a-w C:\WINDOWS\LastGood\System32\wjview.exe
+ 2004-08-03 12:00:18 421,144 ----a-w C:\WINDOWS\LastGood\System32\wuapi.dll
+ 2004-08-03 11:58:24 113,944 ----a-w C:\WINDOWS\LastGood\System32\wuauclt.exe
+ 2004-08-03 12:13:46 1,081,112 ----a-w C:\WINDOWS\LastGood\System32\wuaueng.dll
+ 2004-08-03 11:58:46 119,064 ----a-w C:\WINDOWS\LastGood\System32\wucltui.dll
+ 2004-08-03 12:00:08 39,704 ----a-w C:\WINDOWS\LastGood\System32\wups.dll
+ 2004-08-03 11:59:12 120,288 ----a-w C:\WINDOWS\LastGood\System32\wuweb.dll
- 2005-09-23 05:28:32 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2006-04-14 04:08:30 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2005-09-23 05:28:32 29,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2006-09-12 15:10:46 23,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2005-09-23 05:28:56 5,025,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2006-09-12 15:11:12 5,029,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 05:28:32 298,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2006-09-12 15:10:46 300,032 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2001-10-25 14:00:00 50,688 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2005-04-22 05:22:05 51,712 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2003-02-28 16:26:30 46,352 ----a-w C:\WINDOWS\setdebug.exe
- 2002-09-20 18:03:34 59,392 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2006-05-19 12:40:46 95,232 ----a-w C:\WINDOWS\system32\6to4svc.dll
- 2001-10-25 14:00:00 51,200 ----a-w C:\WINDOWS\system32\authz.dll
+ 2005-03-02 18:22:02 53,760 ----a-w C:\WINDOWS\system32\authz.dll
+ 2004-07-01 22:10:40 360,448 ------w C:\WINDOWS\system32\bits\qmgr.dll
- 2002-09-20 18:03:38 1,022,464 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2006-09-04 06:25:55 1,027,584 ----a-w C:\WINDOWS\system32\BROWSEUI.DLL
- 2001-10-25 14:00:00 215,040 ----a-w C:\WINDOWS\system32\catsrv.dll
+ 2005-07-26 04:38:45 220,672 ----a-w C:\WINDOWS\system32\catsrv.dll
- 2002-09-20 18:03:40 582,656 ----a-w C:\WINDOWS\system32\catsrvut.dll
+ 2005-07-26 04:38:45 581,632 ----a-w C:\WINDOWS\system32\catsrvut.dll
- 2001-10-25 14:00:00 142,848 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2004-12-07 18:15:50 143,872 ----a-w C:\WINDOWS\system32\CDFVIEW.DLL
- 2002-09-20 18:03:40 14,848 ----a-w C:\WINDOWS\system32\cdm.dll
+ 2007-07-30 17:19:20 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
- 2001-10-25 14:00:00 100,864 ----a-w C:\WINDOWS\system32\clbcatex.dll
+ 2005-07-26 04:38:45 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
- 2001-10-25 14:00:00 468,480 ----a-w C:\WINDOWS\system32\clbcatq.dll
+ 2005-07-26 04:38:45 497,152 ----a-w C:\WINDOWS\system32\clbcatq.dll
- 2002-09-20 18:05:18 49,182 ----a-w C:\WINDOWS\system32\clspack.exe
+ 2003-02-28 16:26:26 49,424 ----a-w C:\WINDOWS\system32\clspack.exe
- 2001-10-25 14:00:00 56,832 ----a-w C:\WINDOWS\system32\colbact.dll
+ 2005-07-26 04:38:45 62,464 ----a-w C:\WINDOWS\system32\colbact.dll
- 2002-09-20 18:03:40 186,880 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
+ 2005-07-26 04:38:46 187,392 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
- 2002-09-20 18:03:40 557,056 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2006-08-25 15:54:06 561,664 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2001-10-25 14:00:00 82,432 ----a-w C:\WINDOWS\system32\comrepl.dll
+ 2005-07-26 04:38:46 89,600 ----a-w C:\WINDOWS\system32\comrepl.dll
- 2002-09-20 18:03:40 1,172,992 ----a-w C:\WINDOWS\system32\comsvcs.dll
+ 2005-07-26 04:38:47 1,179,136 ----a-w C:\WINDOWS\system32\comsvcs.dll
- 2001-10-25 14:00:00 495,616 ----a-w C:\WINDOWS\system32\comuid.dll
+ 2005-07-26 04:38:48 499,200 ----a-w C:\WINDOWS\system32\comuid.dll
- 2008-04-28 19:22:39 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-05-07 13:00:41 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-04-28 19:22:39 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-05-07 13:00:41 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-04-28 19:22:39 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-05-07 13:00:41 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2001-10-25 14:00:00 90,112 ----a-w C:\WINDOWS\system32\cscdll.dll
+ 2004-10-28 01:31:18 92,672 ----a-w C:\WINDOWS\system32\cscdll.dll
- 2002-09-20 18:03:40 987,136 ----a-w C:\WINDOWS\system32\danim.dll
+ 2005-10-20 18:10:14 987,136 ----a-w C:\WINDOWS\system32\DANIM.DLL
- 2002-09-20 18:03:42 98,816 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2006-05-19 12:40:46 102,912 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
- 2002-09-20 18:03:34 59,392 -c--a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
+ 2006-05-19 12:40:46 95,232 -c--a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
- 2001-10-25 14:00:00 50,688 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
+ 2005-04-22 05:22:05 51,712 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
- 2001-10-25 14:00:00 51,200 -c--a-w C:\WINDOWS\system32\dllcache\authz.dll
+ 2005-03-02 18:22:02 53,760 -c--a-w C:\WINDOWS\system32\dllcache\authz.dll
- 2002-09-20 18:03:38 1,022,464 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2006-09-04 06:25:55 1,027,584 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2001-10-25 14:00:00 215,040 -c--a-w C:\WINDOWS\system32\dllcache\catsrv.dll
+ 2005-07-26 04:38:45 220,672 -c--a-w C:\WINDOWS\system32\dllcache\catsrv.dll
- 2002-09-20 18:03:40 582,656 -c--a-w C:\WINDOWS\system32\dllcache\catsrvut.dll
+ 2005-07-26 04:38:45 581,632 -c--a-w C:\WINDOWS\system32\dllcache\catsrvut.dll
- 2001-10-25 14:00:00 142,848 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2004-12-07 18:15:50 143,872 -c--a-w C:\WINDOWS\system32\dllcache\CDFVIEW.DLL
- 2002-09-20 18:03:40 14,848 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
+ 2007-07-30 17:19:20 92,504 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
- 2001-10-25 14:00:00 100,864 -c--a-w C:\WINDOWS\system32\dllcache\clbcatex.dll
+ 2005-07-26 04:38:45 110,080 -c--a-w C:\WINDOWS\system32\dllcache\clbcatex.dll
- 2001-10-25 14:00:00 468,480 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
+ 2005-07-26 04:38:45 497,152 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
- 2001-10-25 14:00:00 56,832 -c--a-w C:\WINDOWS\system32\dllcache\colbact.dll
+ 2005-07-26 04:38:45 62,464 -c--a-w C:\WINDOWS\system32\dllcache\colbact.dll
- 2002-09-20 18:03:40 186,880 -c--a-w C:\WINDOWS\system32\dllcache\comadmin.dll
+ 2005-07-26 04:38:46 187,392 -c--a-w C:\WINDOWS\system32\dllcache\comadmin.dll
- 2002-09-20 18:03:40 557,056 -c--a-w C:\WINDOWS\system32\dllcache\comctl32.dll
+ 2006-08-25 15:54:06 561,664 -c--a-w C:\WINDOWS\system32\dllcache\comctl32.dll
- 2001-10-25 14:00:00 82,432 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.dll
+ 2005-07-26 04:38:46 89,600 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.dll
- 2002-09-20 18:03:40 1,172,992 -c--a-w C:\WINDOWS\system32\dllcache\comsvcs.dll
+ 2005-07-26 04:38:47 1,179,136 -c--a-w C:\WINDOWS\system32\dllcache\comsvcs.dll
- 2001-10-25 14:00:00 495,616 -c--a-w C:\WINDOWS\system32\dllcache\comuid.dll
+ 2005-07-26 04:38:48 499,200 -c--a-w C:\WINDOWS\system32\dllcache\comuid.dll
- 2001-10-25 14:00:00 90,112 -c--a-w C:\WINDOWS\system32\dllcache\cscdll.dll
+ 2004-10-28 01:31:18 92,672 -c--a-w C:\WINDOWS\system32\dllcache\cscdll.dll
- 2002-09-20 18:03:40 987,136 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
+ 2005-10-20 18:10:14 987,136 -c--a-w C:\WINDOWS\system32\dllcache\DANIM.DLL
- 2002-09-20 18:03:42 98,816 -c--a-w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
+ 2006-05-19 12:40:46 102,912 -c--a-w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
- 2001-10-25 14:00:00 76,288 -c--a-w C:\WINDOWS\system32\dllcache\directdb.dll
+ 2006-02-27 11:31:38 75,776 -c--a-w C:\WINDOWS\system32\dllcache\DIRECTDB.DLL
- 2002-09-20 18:03:42 139,264 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2006-06-26 17:49:00 140,288 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2002-09-20 18:03:46 337,920 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2006-06-09 12:35:50 351,744 -c--a-w C:\WINDOWS\system32\dllcache\DXTMSFT.DLL
- 2002-09-20 18:03:46 194,560 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll

[sirtomage]

+ 2006-06-09 12:35:30 192,512 -c--a-w C:\WINDOWS\system32\dllcache\DXTRANS.DLL
- 2002-09-20 18:03:50 225,280 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
+ 2005-07-26 04:38:48 227,328 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
- 2001-10-25 14:00:00 1,019,904 -c--a-w C:\WINDOWS\system32\dllcache\esent.dll
+ 2005-10-20 22:34:07 992,768 -c--a-w C:\WINDOWS\system32\dllcache\esent.dll
- 2002-09-20 18:03:50 82,432 -c--a-w C:\WINDOWS\system32\dllcache\fldrclnr.dll
+ 2004-08-20 21:53:51 82,432 -c--a-w C:\WINDOWS\system32\dllcache\fldrclnr.dll
- 2001-10-25 14:00:00 79,360 -c--a-w C:\WINDOWS\system32\dllcache\fontsub.dll
+ 2005-10-17 21:30:54 77,824 -c--a-w C:\WINDOWS\system32\dllcache\fontsub.dll
- 2002-09-20 18:03:54 250,368 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2006-01-02 22:39:17 260,608 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2002-09-20 18:03:54 183,808 -c--a-w C:\WINDOWS\system32\dllcache\gptext.dll
+ 2004-08-25 22:09:54 184,320 -c--a-w C:\WINDOWS\system32\dllcache\gptext.dll
- 2002-09-20 18:05:28 10,752 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe
+ 2005-05-25 22:44:31 10,752 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe
- 2002-09-20 18:03:56 37,888 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll
+ 2005-05-27 02:04:28 38,912 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll
- 2001-10-25 14:00:00 77,850 -c--a-w C:\WINDOWS\system32\dllcache\hlink.dll
+ 2006-07-21 08:32:57 72,704 -c--a-w C:\WINDOWS\system32\dllcache\hlink.dll
- 2002-09-20 18:03:56 236,032 -c--a-w C:\WINDOWS\system32\dllcache\icm32.dll
+ 2005-06-29 01:55:57 237,056 -c--a-w C:\WINDOWS\system32\dllcache\icm32.dll
- 2002-09-20 18:03:56 231,424 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2006-02-24 14:20:22 236,032 -c--a-w C:\WINDOWS\system32\dllcache\IEPEERS.DLL
- 2002-09-20 18:03:58 587,776 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2006-02-27 11:31:54 596,480 -c--a-w C:\WINDOWS\system32\dllcache\INETCOMM.DLL
- 2001-10-25 14:00:00 31,232 -c--a-w C:\WINDOWS\system32\dllcache\inetmib1.dll
+ 2006-05-19 12:40:46 31,232 -c--a-w C:\WINDOWS\system32\dllcache\inetmib1.dll
- 2001-10-25 14:00:00 47,616 -c--a-w C:\WINDOWS\system32\dllcache\inetres.dll
+ 2006-02-27 12:24:56 47,616 -c--a-w C:\WINDOWS\system32\dllcache\INETRES.DLL
- 2002-09-20 18:04:00 70,144 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2004-12-07 18:15:50 69,632 -c--a-w C:\WINDOWS\system32\dllcache\INSENG.DLL
- 2002-09-20 18:04:00 83,968 -c--a-w C:\WINDOWS\system32\dllcache\iphlpapi.dll
+ 2006-05-19 12:40:46 84,480 -c--a-w C:\WINDOWS\system32\dllcache\iphlpapi.dll
- 2002-08-29 02:07:22 57,984 -c--a-w C:\WINDOWS\system32\dllcache\ipsec.sys
+ 2006-05-13 10:13:31 74,368 -c--a-w C:\WINDOWS\system32\dllcache\ipsec.sys
- 2001-10-25 14:00:00 334,336 -c--a-w C:\WINDOWS\system32\dllcache\ipsecsnp.dll
+ 2006-05-14 09:27:36 336,384 -c--a-w C:\WINDOWS\system32\dllcache\ipsecsnp.dll
- 2002-09-20 18:04:00 155,648 -c--a-w C:\WINDOWS\system32\dllcache\ipsecsvc.dll
+ 2006-05-14 09:27:36 159,744 -c--a-w C:\WINDOWS\system32\dllcache\ipsecsvc.dll
- 2001-10-25 14:00:00 364,544 -c--a-w C:\WINDOWS\system32\dllcache\ipsmsnap.dll
+ 2006-05-14 09:27:36 365,056 -c--a-w C:\WINDOWS\system32\dllcache\ipsmsnap.dll
- 2002-09-20 18:05:30 62,976 -c--a-w C:\WINDOWS\system32\dllcache\ipv6.exe
+ 2006-05-19 12:07:19 49,152 -c--a-w C:\WINDOWS\system32\dllcache\ipv6.exe
- 2002-09-20 18:04:00 131,584 -c--a-w C:\WINDOWS\system32\dllcache\ipv6mon.dll
+ 2006-05-19 12:40:46 54,272 -c--a-w C:\WINDOWS\system32\dllcache\ipv6mon.dll
- 2002-09-20 18:04:00 143,872 -c--a-w C:\WINDOWS\system32\dllcache\itircl.dll
+ 2005-05-27 02:04:28 143,872 -c--a-w C:\WINDOWS\system32\dllcache\itircl.dll
- 2002-09-20 18:04:02 122,368 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll
+ 2005-05-27 02:04:28 128,000 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll
- 2003-08-25 16:06:50 182,880 -c--a-w C:\WINDOWS\system32\dllcache\iuengine.dll
+ 2004-08-03 11:59:38 185,624 -c--a-w C:\WINDOWS\system32\dllcache\iuengine.dll
- 2001-10-25 14:00:00 144,896 -c--a-w C:\WINDOWS\system32\dllcache\jgdw400.dll
+ 2006-05-26 20:19:50 163,840 -c--a-w C:\WINDOWS\system32\dllcache\JGDW400.DLL
- 2001-10-25 14:00:00 42,496 -c--a-w C:\WINDOWS\system32\dllcache\jgpl400.dll
+ 2006-04-06 14:15:48 27,648 -c--a-w C:\WINDOWS\system32\dllcache\JGPL400.DLL
- 2001-10-25 14:00:00 593,948 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2006-05-18 06:28:38 458,752 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2001-10-25 14:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2006-04-28 08:58:48 12,288 -c--a-w C:\WINDOWS\system32\dllcache\JSPROXY.DLL
- 2002-09-20 18:04:04 928,768 -c--a-w C:\WINDOWS\system32\dllcache\kernel32.dll
+ 2006-07-05 10:55:14 927,232 -c--a-w C:\WINDOWS\system32\dllcache\kernel32.dll
- 2001-10-25 14:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\linkinfo.dll
+ 2005-09-01 02:32:27 16,384 -c--a-w C:\WINDOWS\system32\dllcache\linkinfo.dll
- 2001-10-25 14:00:00 35,328 -c--a-w C:\WINDOWS\system32\dllcache\mf3216.dll
+ 2004-03-30 01:53:02 36,864 -c--a-w C:\WINDOWS\system32\dllcache\mf3216.dll
- 2001-10-25 14:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
+ 2005-07-22 23:03:37 7,680 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
- 2002-08-29 01:45:22 67,200 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2005-03-23 00:55:20 67,456 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2002-09-20 18:04:06 130,048 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2005-03-23 18:14:41 130,048 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2001-10-25 14:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2005-03-23 18:14:41 44,032 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2002-09-20 18:04:06 14,848 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2005-03-23 18:14:41 14,848 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2002-09-20 18:04:06 613,888 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2005-03-23 18:14:41 608,768 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2002-09-20 18:04:06 164,864 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2005-03-23 18:14:41 165,888 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2002-09-20 18:04:08 89,088 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2005-03-23 18:14:41 88,576 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2001-10-25 14:00:00 44,544 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2005-03-23 18:14:41 44,544 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2002-09-20 18:04:08 487,424 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2005-03-23 18:14:41 485,376 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2006-05-05 09:31:04 433,152 -c----w C:\WINDOWS\system32\dllcache\mrxsmb.sys
- 2002-09-20 18:04:08 131,072 -c--a-w C:\WINDOWS\system32\dllcache\msadco.dll
+ 2006-03-23 06:07:21 135,168 -c--a-w C:\WINDOWS\system32\dllcache\msadco.dll
- 2002-09-20 18:04:10 68,096 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
+ 2005-06-29 01:55:57 68,608 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
- 2002-09-20 18:04:12 359,936 -c--a-w C:\WINDOWS\system32\dllcache\msdtcprx.dll
+ 2006-03-01 19:45:40 368,640 -c--a-w C:\WINDOWS\system32\dllcache\msdtcprx.dll
- 2001-10-25 14:00:00 869,376 -c--a-w C:\WINDOWS\system32\dllcache\msdtctm.dll
+ 2006-03-01 19:45:40 974,336 -c--a-w C:\WINDOWS\system32\dllcache\msdtctm.dll
- 2001-10-25 14:00:00 151,040 -c--a-w C:\WINDOWS\system32\dllcache\msdtcuiu.dll
+ 2006-03-01 19:45:40 150,528 -c--a-w C:\WINDOWS\system32\dllcache\msdtcuiu.dll
- 2002-09-20 18:04:14 2,833,920 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2006-06-30 08:51:32 2,703,872 -c--a-w C:\WINDOWS\system32\dllcache\MSHTML.DLL
- 2001-10-25 14:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\msident.dll
+ 2006-02-27 12:24:56 44,032 -c--a-w C:\WINDOWS\system32\dllcache\MSIDENT.DLL
- 2002-09-20 18:04:26 230,912 -c--a-w C:\WINDOWS\system32\dllcache\msieftp.dll
+ 2005-08-05 17:24:41 231,424 -c--a-w C:\WINDOWS\system32\dllcache\msieftp.dll
- 2002-09-20 18:05:34 57,856 -c--a-w C:\WINDOWS\system32\dllcache\msimn.exe
+ 2006-02-27 12:24:56 56,832 -c--a-w C:\WINDOWS\system32\dllcache\MSIMN.EXE
- 2002-09-20 18:04:30 1,174,016 -c--a-w C:\WINDOWS\system32\dllcache\msoe.dll
+ 2006-02-27 11:32:00 1,176,064 -c--a-w C:\WINDOWS\system32\dllcache\MSOE.DLL
- 2002-09-20 18:04:30 228,864 -c--a-w C:\WINDOWS\system32\dllcache\msoeacct.dll
+ 2006-02-27 12:24:56 229,376 -c--a-w C:\WINDOWS\system32\dllcache\MSOEACCT.DLL
- 2001-10-25 14:00:00 2,481,664 -c--a-w C:\WINDOWS\system32\dllcache\msoeres.dll
+ 2006-02-27 12:24:56 2,489,856 -c--a-w C:\WINDOWS\system32\dllcache\MSOERES.DLL
- 2002-09-20 18:04:30 81,408 -c--a-w C:\WINDOWS\system32\dllcache\msoert2.dll
+ 2006-02-27 11:31:36 91,136 -c--a-w C:\WINDOWS\system32\dllcache\MSOERT2.DLL
- 2002-09-20 18:04:30 132,096 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2005-02-24 13:01:36 132,096 -c--a-w C:\WINDOWS\system32\dllcache\MSRATING.DLL
- 2002-09-20 18:04:32 496,128 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2006-03-03 14:45:54 498,176 -c--a-w C:\WINDOWS\system32\dllcache\MSTIME.DLL
- 2001-10-25 14:00:00 61,440 -c--a-w C:\WINDOWS\system32\dllcache\mtxclu.dll
+ 2006-03-01 19:45:40 64,512 -c--a-w C:\WINDOWS\system32\dllcache\mtxclu.dll
- 2001-10-25 14:00:00 83,968 -c--a-w C:\WINDOWS\system32\dllcache\mtxoci.dll
+ 2006-03-01 19:45:40 83,456 -c--a-w C:\WINDOWS\system32\dllcache\mtxoci.dll
- 2002-09-20 18:04:34 154,112 -c--a-w C:\WINDOWS\system32\dllcache\netman.dll
+ 2005-08-22 18:37:34 154,624 -c--a-w C:\WINDOWS\system32\dllcache\netman.dll
- 2001-10-25 14:00:00 82,944 -c--a-w C:\WINDOWS\system32\dllcache\netsh.exe
+ 2006-05-19 12:05:54 83,456 -c--a-w C:\WINDOWS\system32\dllcache\netsh.exe
- 2002-09-20 18:04:34 364,544 -c--a-w C:\WINDOWS\system32\dllcache\npdsplay.dll
+ 2005-11-29 14:27:06 364,544 -c--a-w C:\WINDOWS\system32\dllcache\npdsplay.dll
- 2002-09-20 18:04:36 57,344 -c--a-w C:\WINDOWS\system32\dllcache\nwwks.dll
+ 2005-08-11 15:23:10 57,856 -c--a-w C:\WINDOWS\system32\dllcache\nwwks.dll
- 2002-09-20 18:04:38 329,728 -c--a-w C:\WINDOWS\system32\dllcache\oakley.dll
+ 2006-05-14 09:27:36 258,560 -c--a-w C:\WINDOWS\system32\dllcache\oakley.dll
- 2001-10-25 14:00:00 92,672 -c--a-w C:\WINDOWS\system32\dllcache\oeimport.dll
+ 2006-02-27 12:24:56 93,184 -c--a-w C:\WINDOWS\system32\dllcache\OEIMPORT.DLL
- 2001-10-25 14:00:00 55,808 -c--a-w C:\WINDOWS\system32\dllcache\oemig50.exe
+ 2006-02-27 12:24:56 55,808 -c--a-w C:\WINDOWS\system32\dllcache\OEMIG50.EXE
- 2001-10-25 14:00:00 32,256 -c--a-w C:\WINDOWS\system32\dllcache\oemiglib.dll
+ 2006-02-27 12:24:56 31,744 -c--a-w C:\WINDOWS\system32\dllcache\OEMIGLIB.DLL
- 2002-09-20 18:04:38 1,169,920 -c--a-w C:\WINDOWS\system32\dllcache\ole32.dll
+ 2005-07-26 04:38:50 1,190,400 -c--a-w C:\WINDOWS\system32\dllcache\ole32.dll
- 2001-10-25 14:00:00 68,608 -c--a-w C:\WINDOWS\system32\dllcache\olecli32.dll
+ 2005-07-26 04:38:50 68,608 -c--a-w C:\WINDOWS\system32\dllcache\olecli32.dll
- 2001-10-25 14:00:00 34,304 -c--a-w C:\WINDOWS\system32\dllcache\olecnv32.dll
+ 2005-07-26 04:38:50 35,328 -c--a-w C:\WINDOWS\system32\dllcache\olecnv32.dll
- 2002-09-20 18:04:38 34,304 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2005-04-27 08:53:06 34,816 -c--a-w C:\WINDOWS\system32\dllcache\PNGFILT.DLL
- 2001-10-25 14:00:00 87,552 -c--a-w C:\WINDOWS\system32\dllcache\polstore.dll
+ 2006-05-14 09:27:36 98,304 -c--a-w C:\WINDOWS\system32\dllcache\polstore.dll
- 2002-09-20 18:04:40 1,145,344 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2005-08-30 04:06:54 1,161,216 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2001-10-25 14:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\rasadhlp.dll
+ 2006-06-26 17:49:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\rasadhlp.dll
- 2002-09-20 18:04:40 158,720 -c--a-w C:\WINDOWS\system32\dllcache\rasmans.dll
+ 2006-06-22 11:00:29 169,984 -c--a-w C:\WINDOWS\system32\dllcache\rasmans.dll
- 2002-08-29 01:58:50 163,328 -c--a-w C:\WINDOWS\system32\dllcache\rdbss.sys
+ 2006-05-05 09:40:31 166,656 -c--a-w C:\WINDOWS\system32\dllcache\rdbss.sys
- 2001-10-25 14:00:00 200,064 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2006-07-13 08:41:42 199,936 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2002-09-20 18:04:40 530,432 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
+ 2004-03-06 02:20:48 535,552 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
- 2002-09-20 18:04:40 260,608 -c--a-w C:\WINDOWS\system32\dllcache\rpcss.dll
+ 2005-07-26 04:38:50 276,992 -c--a-w C:\WINDOWS\system32\dllcache\rpcss.dll
- 2002-09-20 18:04:44 1,341,440 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2006-09-04 06:25:55 1,351,680 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2002-09-20 18:04:44 8,340,480 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2006-07-13 13:52:43 8,357,376 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
- 2002-09-20 18:04:44 401,920 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2005-08-31 17:32:28 409,088 -c--a-w C:\WINDOWS\system32\dllcache\SHLWAPI.DLL
- 2001-10-25 14:00:00 51,200 -c--a-w C:\WINDOWS\system32\dllcache\spoolsv.exe
+ 2005-06-10 23:55:46 53,248 -c--a-w C:\WINDOWS\system32\dllcache\spoolsv.exe
- 2002-09-20 18:04:54 227,328 -c--a-w C:\WINDOWS\system32\dllcache\srrstr.dll
+ 2005-10-27 19:07:59 227,840 -c--a-w C:\WINDOWS\system32\dllcache\srrstr.dll
- 2001-10-25 14:00:00 87,040 -c--a-w C:\WINDOWS\system32\dllcache\srvsvc.dll
+ 2004-12-07 19:35:17 79,872 -c--a-w C:\WINDOWS\system32\dllcache\srvsvc.dll
- 2002-09-20 18:04:54 675,328 -c--a-w C:\WINDOWS\system32\dllcache\sxs.dll
+ 2004-08-20 21:53:51 701,440 -c--a-w C:\WINDOWS\system32\dllcache\sxs.dll
- 2001-10-25 14:00:00 198,656 -c--a-w C:\WINDOWS\system32\dllcache\t2embed.dll
+ 2005-10-17 21:30:54 111,616 -c--a-w C:\WINDOWS\system32\dllcache\t2embed.dll
- 2002-08-29 01:58:12 332,928 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2006-04-20 11:38:44 340,480 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2002-08-29 01:37:54 196,288 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2006-05-19 08:46:02 203,008 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2002-09-20 18:05:46 73,216 -c--a-w C:\WINDOWS\system32\dllcache\telnet.exe
+ 2005-05-11 02:43:53 74,240 -c--a-w C:\WINDOWS\system32\dllcache\telnet.exe
+ 2006-05-19 08:44:15 11,776 -c----w C:\WINDOWS\system32\dllcache\tunmp.sys
- 2001-10-25 14:00:00 90,624 -c--a-w C:\WINDOWS\system32\dllcache\txflog.dll
+ 2005-07-26 04:38:50 97,280 -c--a-w C:\WINDOWS\system32\dllcache\txflog.dll
- 2002-09-20 18:04:58 108,032 -c--a-w C:\WINDOWS\system32\dllcache\umpnpmgr.dll
+ 2005-08-23 03:53:34 112,128 -c--a-w C:\WINDOWS\system32\dllcache\umpnpmgr.dll
- 2002-09-20 18:04:58 456,192 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2006-08-31 05:55:42 462,336 -c--a-w C:\WINDOWS\system32\dllcache\URLMON.DLL
- 2002-09-20 18:04:58 560,128 -c--a-w C:\WINDOWS\system32\dllcache\user32.dll
+ 2005-03-02 18:22:02 561,152 -c--a-w C:\WINDOWS\system32\dllcache\user32.dll
- 2002-09-20 18:04:58 802,304 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2006-09-18 12:20:10 851,456 -c--a-w C:\WINDOWS\system32\dllcache\VGX.DLL
- 2001-10-25 14:00:00 43,008 -c--a-w C:\WINDOWS\system32\dllcache\wab.exe
+ 2006-02-27 12:24:56 42,496 -c--a-w C:\WINDOWS\system32\dllcache\WAB.EXE
- 2002-09-20 18:04:58 459,776 -c--a-w C:\WINDOWS\system32\dllcache\wab32.dll
+ 2006-03-16 14:38:44 465,408 -c--a-w C:\WINDOWS\system32\dllcache\WAB32.DLL
- 2001-10-25 14:00:00 30,720 -c--a-w C:\WINDOWS\system32\dllcache\wabfind.dll
+ 2006-02-27 12:24:56 30,208 -c--a-w C:\WINDOWS\system32\dllcache\WABFIND.DLL
- 2001-10-25 14:00:00 76,800 -c--a-w C:\WINDOWS\system32\dllcache\wabimp.dll
+ 2006-02-27 12:24:58 77,824 -c--a-w C:\WINDOWS\system32\dllcache\WABIMP.DLL
- 2001-10-25 14:00:00 27,648 -c--a-w C:\WINDOWS\system32\dllcache\wabmig.exe
+ 2006-02-27 11:31:42 27,648 -c--a-w C:\WINDOWS\system32\dllcache\WABMIG.EXE
- 2002-09-20 17:41:20 1,813,760 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2005-03-02 18:18:21 1,797,248 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2002-09-20 18:05:00 99,328 -c--a-w C:\WINDOWS\system32\dllcache\win32spl.dll
+ 2005-06-11 02:43:06 102,400 -c--a-w C:\WINDOWS\system32\dllcache\win32spl.dll
- 2002-09-20 18:05:00 600,064 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2006-06-23 11:27:34 578,048 -c--a-w C:\WINDOWS\system32\dllcache\WININET.DLL
- 2001-10-25 14:00:00 25,600 -c--a-w C:\WINDOWS\system32\dllcache\winipsec.dll
+ 2006-05-14 09:27:36 29,184 -c--a-w C:\WINDOWS\system32\dllcache\winipsec.dll
- 2002-09-20 18:05:00 276,480 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
+ 2005-09-01 02:32:27 278,016 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
- 2001-10-25 14:00:00 75,264 -c--a-w C:\WINDOWS\system32\dllcache\ws2_32.dll
+ 2006-05-19 12:40:46 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ws2_32.dll
- 2002-09-20 18:05:12 13,312 -c--a-w C:\WINDOWS\system32\dllcache\wship6.dll
+ 2006-05-19 12:40:46 13,312 -c--a-w C:\WINDOWS\system32\dllcache\wship6.dll
- 2002-09-20 18:05:52 140,288 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
+ 2007-07-30 17:19:16 53,080 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
- 2002-09-20 18:05:12 189,440 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
+ 2007-07-30 17:19:42 1,712,984 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
- 2001-10-25 14:00:00 9,728 -c--a-w C:\WINDOWS\system32\dllcache\xolehlp.dll
+ 2006-03-01 19:45:40 11,776 -c--a-w C:\WINDOWS\system32\dllcache\xolehlp.dll
- 2002-09-20 18:03:42 139,264 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2006-06-26 17:49:00 140,288 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2002-08-29 02:07:22 57,984 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
+ 2006-05-13 10:13:31 74,368 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
- 2002-08-29 01:45:22 67,200 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2005-03-23 00:55:20 67,456 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2002-08-29 01:59:54 407,552 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
+ 2006-05-05 09:31:04 433,152 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
- 2002-08-29 01:58:50 163,328 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
+ 2006-05-05 09:40:31 166,656 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
- 2001-10-25 14:00:00 200,064 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
+ 2006-07-13 08:41:42 199,936 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
- 2002-08-29 01:58:12 332,928 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2006-04-20 11:38:44 340,480 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2002-08-29 01:37:54 196,288 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2006-05-19 08:46:02 203,008 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2002-09-20 18:17:54 9,856 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
+ 2006-05-19 08:44:15 11,776 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
- 2002-09-20 18:03:44 313,856 ----a-w C:\WINDOWS\system32\dx3j.dll
+ 2003-02-28 14:34:42 313,856 ----a-w C:\WINDOWS\system32\dx3j.dll
- 2002-09-20 18:03:46 337,920 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2006-06-09 12:35:50 351,744 ----a-w C:\WINDOWS\system32\DXTMSFT.DLL
- 2002-09-20 18:03:46 194,560 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2006-06-09 12:35:30 192,512 ----a-w C:\WINDOWS\system32\DXTRANS.DLL
- 2002-09-20 18:03:50 225,280 ----a-w C:\WINDOWS\system32\es.dll
+ 2005-07-26 04:38:48 227,328 ----a-w C:\WINDOWS\system32\es.dll
- 2002-09-20 18:03:50 82,432 ----a-w C:\WINDOWS\system32\fldrclnr.dll
+ 2004-08-20 21:53:51 82,432 ----a-w C:\WINDOWS\system32\fldrclnr.dll
- 2006-09-28 11:26:30 116,560 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-05-07 23:30:04 116,560 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2001-10-25 14:00:00 79,360 ----a-w C:\WINDOWS\system32\fontsub.dll
+ 2005-10-17 21:30:54 77,824 ----a-w C:\WINDOWS\system32\fontsub.dll
- 2002-09-20 18:03:54 250,368 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2006-01-02 22:39:17 260,608 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2002-09-20 18:03:54 183,808 ----a-w C:\WINDOWS\system32\gptext.dll
+ 2004-08-25 22:09:54 184,320 ----a-w C:\WINDOWS\system32\gptext.dll
- 2002-09-20 18:03:56 37,888 ----a-w C:\WINDOWS\system32\hhsetup.dll
+ 2005-05-27 02:04:28 38,912 ----a-w C:\WINDOWS\system32\hhsetup.dll
- 2001-10-25 14:00:00 77,850 ----a-w C:\WINDOWS\system32\hlink.dll
+ 2006-07-21 08:32:57 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
- 2001-10-25 14:00:00 493,568 ----a-w C:\WINDOWS\system32\hypertrm.dll
+ 2004-11-17 17:58:32 497,152 ----a-w C:\WINDOWS\system32\hypertrm.dll
- 2002-09-20 18:03:56 236,032 ----a-w C:\WINDOWS\system32\icm32.dll
+ 2005-06-29 01:55:57 237,056 ----a-w C:\WINDOWS\system32\icm32.dll
- 2002-09-20 18:03:56 231,424 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2006-02-24 14:20:22 236,032 ----a-w C:\WINDOWS\system32\IEPEERS.DLL
- 2002-09-20 18:03:58 587,776 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2006-02-27 11:31:54 596,480 ----a-w C:\WINDOWS\system32\INETCOMM.DLL
- 2001-10-25 14:00:00 31,232 ----a-w C:\WINDOWS\system32\inetmib1.dll
+ 2006-05-19 12:40:46 31,232 ----a-w C:\WINDOWS\system32\inetmib1.dll
- 2001-10-25 14:00:00 47,616 ----a-w C:\WINDOWS\system32\inetres.dll
+ 2006-02-27 12:24:56 47,616 ----a-w C:\WINDOWS\system32\INETRES.DLL
- 2002-09-20 18:04:00 70,144 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2004-12-07 18:15:50 69,632 ----a-w C:\WINDOWS\system32\INSENG.DLL
- 2002-09-20 18:04:00 83,968 ----a-w C:\WINDOWS\system32\iphlpapi.dll
+ 2006-05-19 12:40:46 84,480 ----a-w C:\WINDOWS\system32\iphlpapi.dll
- 2001-10-25 14:00:00 334,336 ----a-w C:\WINDOWS\system32\ipsecsnp.dll
+ 2006-05-14 09:27:36 336,384 ----a-w C:\WINDOWS\system32\ipsecsnp.dll
- 2002-09-20 18:04:00 155,648 ----a-w C:\WINDOWS\system32\ipsecsvc.dll
+ 2006-05-14 09:27:36 159,744 ----a-w C:\WINDOWS\system32\ipsecsvc.dll
- 2001-10-25 14:00:00 364,544 ----a-w C:\WINDOWS\system32\ipsmsnap.dll
+ 2006-05-14 09:27:36 365,056 ----a-w C:\WINDOWS\system32\ipsmsnap.dll
- 2002-09-20 18:05:30 62,976 ----a-w C:\WINDOWS\system32\ipv6.exe
+ 2006-05-19 12:07:19 49,152 ----a-w C:\WINDOWS\system32\ipv6.exe
- 2002-09-20 18:04:00 131,584 ----a-w C:\WINDOWS\system32\ipv6mon.dll
+ 2006-05-19 12:40:46 54,272 ----a-w C:\WINDOWS\system32\ipv6mon.dll
- 2002-09-20 18:04:00 143,872 ----a-w C:\WINDOWS\system32\itircl.dll
+ 2005-05-27 02:04:28 143,872 ----a-w C:\WINDOWS\system32\itircl.dll
- 2002-09-20 18:04:02 122,368 ----a-w C:\WINDOWS\system32\itss.dll
+ 2005-05-27 02:04:28 128,000 ----a-w C:\WINDOWS\system32\itss.dll
- 2003-08-25 16:06:50 182,880 ----a-w C:\WINDOWS\system32\iuengine.dll
+ 2004-08-03 11:59:38 185,624 ----a-w C:\WINDOWS\system32\iuengine.dll
- 2002-09-20 18:04:02 186,911 ----a-w C:\WINDOWS\system32\javacypt.dll
+ 2003-02-28 16:26:16 187,152 ----a-w C:\WINDOWS\system32\javacypt.dll
+ 2003-02-28 16:26:18 139,536 ----a-w C:\WINDOWS\system32\javaee.dll
- 2002-09-20 18:04:02 63,007 ----a-w C:\WINDOWS\system32\javaprxy.dll
+ 2003-02-28 16:26:18 63,248 ----a-w C:\WINDOWS\system32\javaprxy.dll
- 2002-09-20 18:04:02 404,509 ----a-w C:\WINDOWS\system32\javart.dll
+ 2003-02-28 16:26:18 404,752 ----a-w C:\WINDOWS\system32\javart.dll
- 2002-09-20 18:05:30 14,878 ----a-w C:\WINDOWS\system32\jdbgmgr.exe
+ 2003-02-28 16:26:30 15,120 ----a-w C:\WINDOWS\system32\jdbgmgr.exe
- 2001-10-25 14:00:00 144,896 ----a-w C:\WINDOWS\system32\jgdw400.dll
+ 2006-05-26 20:19:50 163,840 ----a-w C:\WINDOWS\system32\JGDW400.DLL
- 2001-10-25 14:00:00 42,496 ----a-w C:\WINDOWS\system32\jgpl400.dll
+ 2006-04-06 14:15:48 27,648 ----a-w C:\WINDOWS\system32\JGPL400.DLL
- 2002-09-20 18:04:02 171,034 ----a-w C:\WINDOWS\system32\jit.dll
+ 2003-02-28 16:26:20 171,280 ----a-w C:\WINDOWS\system32\jit.dll
- 2001-10-25 14:00:00 593,948 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2006-05-18 06:28:38 458,752 ----a-w C:\WINDOWS\system32\jscript.dll
- 2001-10-25 14:00:00 12,288 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2006-04-28 08:58:48 12,288 ----a-w C:\WINDOWS\system32\JSPROXY.DLL
- 2002-09-20 18:05:32 172,060 ----a-w C:\WINDOWS\system32\jview.exe
+ 2003-02-28 16:26:30 172,304 ----a-w C:\WINDOWS\system32\jview.exe
- 2002-09-20 18:04:04 928,768 ----a-w C:\WINDOWS\system32\kernel32.dll
+ 2006-07-05 10:55:14 927,232 ----a-w C:\WINDOWS\system32\kernel32.dll
- 2001-10-25 14:00:00 15,360 ----a-w C:\WINDOWS\system32\linkinfo.dll
+ 2005-09-01 02:32:27 16,384 ----a-w C:\WINDOWS\system32\linkinfo.dll
- 2001-10-25 14:00:00 35,328 ----a-w C:\WINDOWS\system32\mf3216.dll
+ 2004-03-30 01:53:02 36,864 ----a-w C:\WINDOWS\system32\mf3216.dll
- 2002-09-20 18:04:06 130,048 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2005-03-23 18:14:41 130,048 ----a-w C:\WINDOWS\system32\mqad.dll
- 2001-10-25 14:00:00 44,032 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2005-03-23 18:14:41 44,032 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2002-09-20 18:04:06 14,848 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2005-03-23 18:14:41 14,848 ----a-w C:\WINDOWS\system32\mqise.dll
- 2002-09-20 18:04:06 613,888 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2005-03-23 18:14:41 608,768 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2002-09-20 18:04:06 164,864 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2005-03-23 18:14:41 165,888 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2002-09-20 18:04:08 89,088 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2005-03-23 18:14:41 88,576 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2001-10-25 14:00:00 44,544 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2005-03-23 18:14:41 44,544 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2002-09-20 18:04:08 487,424 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2005-03-23 18:14:41 485,376 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2008-04-05 20:56:22 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe
- 2002-09-20 18:04:10 154,140 ----a-w C:\WINDOWS\system32\msawt.dll
+ 2003-02-28 16:26:20 154,384 ----a-w C:\WINDOWS\system32\msawt.dll
- 2002-09-20 18:04:10 68,096 ----a-w C:\WINDOWS\system32\mscms.dll
+ 2005-06-29 01:55:57 68,608 ----a-w C:\WINDOWS\system32\mscms.dll
- 2002-09-20 18:04:12 359,936 ----a-w C:\WINDOWS\system32\msdtcprx.dll
+ 2006-03-01 19:45:40 368,640 ----a-w C:\WINDOWS\system32\msdtcprx.dll
- 2001-10-25 14:00:00 869,376 ----a-w C:\WINDOWS\system32\msdtctm.dll
+ 2006-03-01 19:45:40 974,336 ----a-w C:\WINDOWS\system32\msdtctm.dll
- 2001-10-25 14:00:00 151,040 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
+ 2006-03-01 19:45:40 150,528 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
- 2002-09-20 18:04:14 2,833,920 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2006-06-30 08:51:32 2,703,872 ----a-w C:\WINDOWS\system32\MSHTML.DLL
- 2001-10-25 14:00:00 44,032 ----a-w C:\WINDOWS\system32\msident.dll
+ 2006-02-27 12:24:56 44,032 ----a-w C:\WINDOWS\system32\MSIDENT.DLL
- 2002-09-20 18:04:26 230,912 ----a-w C:\WINDOWS\system32\msieftp.dll
+ 2005-08-05 17:24:41 231,424 ----a-w C:\WINDOWS\system32\msieftp.dll
- 2002-09-20 18:04:26 945,693 ----a-w C:\WINDOWS\system32\msjava.dll
+ 2003-02-28 16:26:26 947,472 ----a-w C:\WINDOWS\system32\msjava.dll
- 2002-09-20 18:04:26 21,023 ----a-w C:\WINDOWS\system32\msjdbc10.dll
+ 2003-02-28 16:26:26 21,264 ----a-w C:\WINDOWS\system32\msjdbc10.dll
- 2002-09-20 18:04:30 228,864 ----a-w C:\WINDOWS\system32\msoeacct.dll
+ 2006-02-27 12:24:56 229,376 ----a-w C:\WINDOWS\system32\MSOEACCT.DLL
- 2002-09-20 18:04:30 81,408 ----a-w C:\WINDOWS\system32\msoert2.dll
+ 2006-02-27 11:31:36 91,136 ----a-w C:\WINDOWS\system32\MSOERT2.DLL
- 2002-09-20 18:04:30 132,096 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2005-02-24 13:01:36 132,096 ----a-w C:\WINDOWS\system32\MSRATING.DLL
- 2002-09-20 18:04:32 496,128 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2006-03-03 14:45:54 498,176 ----a-w C:\WINDOWS\system32\MSTIME.DLL
- 2001-10-25 14:00:00 61,440 ----a-w C:\WINDOWS\system32\mtxclu.dll
+ 2006-03-01 19:45:40 64,512 ----a-w C:\WINDOWS\system32\mtxclu.dll
- 2001-10-25 14:00:00 83,968 ----a-w C:\WINDOWS\system32\mtxoci.dll
+ 2006-03-01 19:45:40 83,456 ----a-w C:\WINDOWS\system32\mtxoci.dll
- 2002-09-20 18:04:34 154,112 ----a-w C:\WINDOWS\system32\netman.dll
+ 2005-08-22 18:37:34 154,624 ----a-w C:\WINDOWS\system32\netman.dll
- 2001-10-25 14:00:00 82,944 ----a-w C:\WINDOWS\system32\netsh.exe
+ 2006-05-19 12:05:54 83,456 ----a-w C:\WINDOWS\system32\netsh.exe
- 2002-09-20 18:17:54 1,947,776 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
+ 2005-03-02 18:18:27 1,955,712 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
- 2002-09-20 17:12:28 2,042,112 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
+ 2005-03-02 18:18:37 2,040,704 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
- 2002-09-20 18:04:36 57,344 ----a-w C:\WINDOWS\system32\nwwks.dll
+ 2005-08-11 15:23:10 57,856 ----a-w C:\WINDOWS\system32\nwwks.dll
- 2002-09-20 18:04:38 329,728 ----a-w C:\WINDOWS\system32\oakley.dll
+ 2006-05-14 09:27:36 258,560 ----a-w C:\WINDOWS\system32\oakley.dll
- 2002-09-20 18:04:38 1,169,920 ----a-w C:\WINDOWS\system32\ole32.dll
+ 2005-07-26 04:38:50 1,190,400 ----a-w C:\WINDOWS\system32\ole32.dll
- 2001-10-25 14:00:00 68,608 ----a-w C:\WINDOWS\system32\olecli32.dll
+ 2005-07-26 04:38:50 68,608 ----a-w C:\WINDOWS\system32\olecli32.dll
- 2001-10-25 14:00:00 34,304 ----a-w C:\WINDOWS\system32\olecnv32.dll
+ 2005-07-26 04:38:50 35,328 ----a-w C:\WINDOWS\system32\olecnv32.dll
- 2008-04-28 12:25:06 73,236 ----a-w C:\WINDOWS\system32\perfc005.dat
+ 2008-05-07 23:26:15 73,236 ----a-w C:\WINDOWS\system32\perfc005.dat
- 2008-04-28 12:25:06 62,344 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-05-07 23:26:15 62,344 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-04-28 12:25:06 398,472 ----a-w C:\WINDOWS\system32\perfh005.dat
+ 2008-05-07 23:26:15 398,472 ----a-w C:\WINDOWS\system32\perfh005.dat
- 2008-04-28 12:25:06 401,064 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-05-07 23:26:15 401,064 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2002-09-20 18:04:38 34,304 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2005-04-27 08:53:06 34,816 ----a-w C:\WINDOWS\system32\PNGFILT.DLL
- 2001-10-25 14:00:00 87,552 ----a-w C:\WINDOWS\system32\polstore.dll
+ 2006-05-14 09:27:36 98,304 ----a-w C:\WINDOWS\system32\polstore.dll
- 2002-09-20 18:04:40 221,184 ----a-w C:\WINDOWS\system32\qmgr.dll
+ 2004-07-01 22:10:40 360,448 ----a-w C:\WINDOWS\system32\qmgr.dll
- 2002-09-20 18:04:40 1,145,344 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2005-08-30 04:06:54 1,161,216 ----a-w C:\WINDOWS\system32\quartz.dll
- 2001-10-25 14:00:00 6,144 ----a-w C:\WINDOWS\system32\rasadhlp.dll
+ 2006-06-26 17:49:00 6,144 ----a-w C:\WINDOWS\system32\rasadhlp.dll
- 2002-09-20 18:04:40 158,720 ----a-w C:\WINDOWS\system32\rasmans.dll
+ 2006-06-22 11:00:29 169,984 ----a-w C:\WINDOWS\system32\rasmans.dll
- 2002-09-20 18:04:40 530,432 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2004-03-06 02:20:48 535,552 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2002-09-20 18:04:40 260,608 ----a-w C:\WINDOWS\system32\rpcss.dll
+ 2005-07-26 04:38:50 276,992 ----a-w C:\WINDOWS\system32\rpcss.dll
- 2002-09-20 18:04:44 1,341,440 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2006-09-04 06:25:55 1,351,680 ----a-w C:\WINDOWS\system32\SHDOCVW.DLL
- 2002-09-20 18:04:44 8,340,480 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2006-07-13 13:52:43 8,357,376 ----a-w C:\WINDOWS\system32\shell32.dll
- 2002-09-20 18:04:44 401,920 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2005-09-01 02:32:27 409,088 ----a-w C:\WINDOWS\system32\SHLWAPI.DLL
+ 2007-07-30 17:18:40 33,624 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll
- 2005-05-04 12:45:26 14,560 ----a-w C:\WINDOWS\system32\spmsg.dll
+ 2005-10-12 23:10:19 15,072 ------w C:\WINDOWS\system32\spmsg.dll
- 2001-10-25 14:00:00 51,200 ----a-w C:\WINDOWS\system32\spoolsv.exe
+ 2005-06-10 23:55:46 53,248 ----a-w C:\WINDOWS\system32\spoolsv.exe
- 2002-09-20 18:04:54 227,328 ----a-w C:\WINDOWS\system32\srrstr.dll
+ 2005-10-27 19:07:59 227,840 ----a-w C:\WINDOWS\system32\srrstr.dll
- 2001-10-25 14:00:00 87,040 ----a-w C:\WINDOWS\system32\srvsvc.dll
+ 2004-12-07 19:35:17 79,872 ----a-w C:\WINDOWS\system32\srvsvc.dll
- 2002-09-20 18:04:54 675,328 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2004-08-20 21:53:51 701,440 ----a-w C:\WINDOWS\system32\sxs.dll
- 2001-10-25 14:00:00 198,656 ----a-w C:\WINDOWS\system32\t2embed.dll
+ 2005-10-17 21:30:54 111,616 ----a-w C:\WINDOWS\system32\t2embed.dll
- 2002-09-20 18:05:46 73,216 ----a-w C:\WINDOWS\system32\telnet.exe
+ 2005-05-11 02:43:53 74,240 ----a-w C:\WINDOWS\system32\telnet.exe
- 2001-10-25 14:00:00 90,624 ----a-w C:\WINDOWS\system32\txflog.dll
+ 2005-07-26 04:38:50 97,280 ----a-w C:\WINDOWS\system32\txflog.dll
- 2002-09-20 18:04:58 108,032 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
+ 2005-08-23 03:53:34 112,128 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
- 2002-09-20 18:04:58 456,192 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2006-08-31 05:55:42 462,336 ----a-w C:\WINDOWS\system32\URLMON.DLL
- 2002-09-20 18:04:58 560,128 ----a-w C:\WINDOWS\system32\user32.dll
+ 2005-03-02 18:22:02 561,152 ----a-w C:\WINDOWS\system32\user32.dll
+ 2006-03-17 00:49:30 25,600 ------w C:\WINDOWS\system32\verclsid.exe
- 2002-09-20 18:04:58 287,263 ----a-w C:\WINDOWS\system32\vmhelper.dll
+ 2003-02-28 16:26:26 286,992 ----a-w C:\WINDOWS\system32\vmhelper.dll
- 2002-09-20 17:41:20 1,813,760 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2005-03-02 18:18:21 1,797,248 ----a-w C:\WINDOWS\system32\win32k.sys
- 2002-09-20 18:05:00 99,328 ----a-w C:\WINDOWS\system32\win32spl.dll
+ 2005-06-11 02:43:06 102,400 ----a-w C:\WINDOWS\system32\win32spl.dll
- 2002-09-20 18:05:00 600,064 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2006-06-23 11:27:34 578,048 ----a-w C:\WINDOWS\system32\WININET.DLL
- 2001-10-25 14:00:00 25,600 ----a-w C:\WINDOWS\system32\winipsec.dll
+ 2006-05-14 09:27:36 29,184 ----a-w C:\WINDOWS\system32\winipsec.dll
- 2002-09-20 18:05:00 276,480 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2005-09-01 02:32:27 278,016 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2002-09-20 18:05:50 171,549 ----a-w C:\WINDOWS\system32\wjview.exe
+ 2003-02-28 16:26:32 171,792 ----a-w C:\WINDOWS\system32\wjview.exe
- 2001-10-25 14:00:00 75,264 ----a-w C:\WINDOWS\system32\ws2_32.dll
+ 2006-05-19 12:40:46 70,656 ----a-w C:\WINDOWS\system32\ws2_32.dll
- 2002-09-20 18:05:12 13,312 ----a-w C:\WINDOWS\system32\wship6.dll
+ 2006-05-19 12:40:46 13,312 ----a-w C:\WINDOWS\system32\wship6.dll
- 2002-09-20 18:05:52 140,288 ----a-w C:\WINDOWS\system32\wuauclt.exe
+ 2007-07-30 17:19:16 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
- 2002-09-20 18:05:12 189,440 ----a-w C:\WINDOWS\system32\wuaueng.dll
+ 2007-07-30 17:19:42 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
+ 2007-07-30 17:19:12 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
- 2001-10-25 14:00:00 9,728 ----a-w C:\WINDOWS\system32\xolehlp.dll
+ 2006-03-01 19:45:40 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
+ 2006-05-19 08:51:18 171,008 ----a-w C:\WINDOWS\system32\xpob2res.dll
+ 2006-08-25 09:14:35 599,040 ----a-w C:\WINDOWS\system32\xpsp2res.dll
+ 2005-05-17 00:43:41 7,680 ------w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-05-09 22:45:08 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_474.dat
+ 2005-08-31 17:32:26 925,184 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\comctl32.dll
+ 2006-03-17 05:06:34 925,184 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1816_x-ww_7d33ba0e\comctl32.dll
+ 2006-07-13 13:52:36 925,184 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1873_x-ww_7d39bb85\comctl32.dll
+ 2006-08-25 15:54:04 925,184 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1891_x-ww_7d3bbc01\comctl32.dll
- 2007-09-11 12:21:36 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-05-07 23:24:54 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2007-09-11 12:21:36 114,176 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2008-05-07 23:24:54 114,176 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-10-04 22:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2007-10-04 22:06 1135968]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 22:06 1135968]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 20:05 13312]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-01-07 22:02 495616]
"ihmsneop"="C:\WINDOWS\system32\sfetibuj.exe" [2008-05-07 15:59 106496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"="Mixer.exe" [2002-10-15 19:00 1818624 C:\WINDOWS\mixer.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 14:03 63048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 20:05 13312]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-11-22 15:53 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.fraunhoferacm"= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

R1 aswSP;avast! Self Protection;C:\WINDOWS\System32\drivers\aswSP.sys [2008-03-29 19:31]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2007-04-17 14:00]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\System32\drivers\LMIRfsDriver.sys [2007-04-05 11:55]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 03:35]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-11 12:32:30
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-05-11 12:33:56
ComboFix-quarantined-files.txt 2008-05-11 10:33:51
ComboFix2.txt 2008-05-09 22:44:18
ComboFix3.txt 2008-05-07 13:04:59

Adresářů: 9, Volných bajtů: 20,301,619,200
Adresářů: 10, Volných bajtů: 20,292,825,088

1197 --- E O F --- 2008-05-07 23:28:13

[sirtomage]

A tady je HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:53:03, on 11.5.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\WINDOWS\system32\sfetibuj.exe
C:\Program Files\Microsoft Office\Office10\msoffice.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CHelper Class - {0F469452-B579-4F29-94A2-AE86C86067A6} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ihmsneop] C:\WINDOWS\system32\sfetibuj.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Eurotran 2006 - {66566BD7-FF3C-46a8-97AB-A60ECC45BDD2} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O9 - Extra button: (no name) - {6740485C-7614-4d47-B8FC-AF7E5E99A2BD} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O9 - Extra 'Tools' menuitem: Eurotran 2006 - {6740485C-7614-4d47-B8FC-AF7E5E99A2BD} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O9 - Extra button: Lexie 2006 - {9EE61AF4-AC5B-42dd-9EBF-9DC30124C338} - C:\Program Files\Microton 2006\Lexie\lexie.dll
O9 - Extra 'Tools' menuitem: Lexie 2006 - {9EE61AF4-AC5B-42dd-9EBF-9DC30124C338} - C:\Program Files\Microton 2006\Lexie\lexie.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

--
End of file - 7015 bytes

[fredik]

Spusť znovu HijackThis a zaškrtni v něm okénka před řádky:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
po zaškrtnutí klikni na tlačítko Fix Checked
Pak HJT zavři.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Vytvoř si nový CFScript a použij ho stejným způsobem jako ten předchozí, ale s tím rozdílem, že tentokrát vlož do něho toto:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
C:\WINDOWS\system32\sfetibuj.exe

Folder::
C:\Documents and Settings\All Users\Data aplikací\zknavojg

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ihmsneop"=-

Vlož sem pak znovu log z ComboFix po jeho proběhnutí.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Doporučil bych ti aktualizovat Javu:
- Stáhni si poslední verzi Java Runtime Environment (JRE) 6 Update 6
- Posuň se dolů kde je napsáno Java Runtime Environment (JRE) 6 Update 6 a klikni na tlačítko Download
- Načte se ti nová stránka
- Pod nadpisem Select Platform and Language for your download:
* u položky Platform: vyber OS který používáš
* zatrhni možnost kde je napsáno: I agree to the Java SE Runtime Environment 6 License Agreement
* klikni na tlačítko Continue >>
- Načte se ti nová stránka
- Klikni na odkaz pro stažení pod položkou: Windows Offline Installation

a ulož si ho na disk

- Ukonči běžící programy které máš spuštěné, hlavě webový prohlížeč
- Jdi přes Start -> Ovládací panely -> Přidat nebo odebrat programy a odinstaluj všechny staré verze Javy
- Podívej se po položkách s názvem Java Runtime Environment (JRE or J2SE)
* příklady starých verzí v Přidat nebo odebrat programy:

J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 8
Java 2 Runtime Environment, SE v1.4.2

- Odinstaluj je přes tlačítko Změnit nebo odebrat nebo Odebrat
- Odinstaluj postupně po sobě případné všechny staré verze Javy
- Po skončení odinstalovaní restartuj Pc.
- Pak už jen spusť instalaci poslední verze ze souboru jre-6u6-windows-i586-p.exe, který sis stáhl na začátku.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

V následujícím příspěvku sem vlož tyto logy/výsledky:
- log z ComboFix
- nový log z HJT

[sirtomage]

- log z ComboFix

ComboFix 08-05-09.1 - skad 2008-05-11 22:45:00.4 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.204 [GMT 2:00]
Running from: C:\Documents and Settings\skad\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\skad\Plocha\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\system32\sfetibuj.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Data aplikací\zknavojg
C:\WINDOWS\system32\sfetibuj.exe

.
((((((((((((((((((((((((( Files Created from 2008-04-11 to 2008-05-11 )))))))))))))))))))))))))))))))
.

2008-05-08 01:06 . 2008-05-08 01:06 197 --a------ C:\WINDOWS\system32\MRT.INI
2008-05-07 16:10 . 2005-10-21 00:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-05-07 15:47 . 2008-05-07 15:47 <DIR> d-------- C:\WINDOWS\system32\bits
2008-05-07 15:46 . 2008-05-08 01:14 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-05-07 15:46 . 2005-06-28 09:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-05-07 15:30 . 2004-07-02 00:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-05-07 15:30 . 2004-07-02 00:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-05-07 15:30 . 2004-07-02 00:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-05-07 15:30 . 2004-07-02 00:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-05-07 15:30 . 2004-07-02 00:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-05-07 15:30 . 2004-07-02 00:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-05-07 15:30 . 2004-07-02 00:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-05-07 15:30 . 2004-07-02 00:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-05-07 15:30 . 2004-07-02 00:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-05-07 15:24 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-05-07 15:24 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-05-07 15:24 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-05-07 15:24 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-05-07 15:24 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-05-07 15:24 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-05-07 15:24 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-05-07 14:07 . 2008-05-07 14:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-28 14:08 . 2008-04-28 14:08 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-04-21 21:26 . 2008-04-21 21:33 <DIR> d-------- C:\Program Files\Wise Registry Cleaner 3
2008-04-21 15:58 . 2008-04-21 15:58 <DIR> d-------- C:\Documents and Settings\skad\Data aplikací\PC-Cleaner
2008-04-21 12:25 . 2008-04-28 23:34 437 --a------ C:\WINDOWS\wininit.ini
2008-04-21 11:20 . 2008-04-21 11:21 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-21 11:20 . 2008-04-21 12:26 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-04-14 13:15 . 2008-04-14 13:24 <DIR> d-------- C:\Westwood

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-11 12:58 --------- d-----w C:\Program Files\WIP Miranda IM 1.4
2008-05-11 09:31 --------- d-----w C:\Program Files\LogMeIn
2008-05-09 22:34 --------- d-----w C:\Program Files\Winamp Remote
2008-04-14 11:22 28,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2006-12-09 02:31 17,832 ----a-w C:\Documents and Settings\skad\Data aplikací\GDIPFONTCACHEV1.DAT
2006-11-07 15:05 92,064 ----a-w C:\Documents and Settings\skad\mqdmmdm.sys
2006-11-07 15:05 9,232 ----a-w C:\Documents and Settings\skad\mqdmmdfl.sys
2006-11-07 15:05 79,328 ----a-w C:\Documents and Settings\skad\mqdmserd.sys
2006-11-07 15:05 66,656 ----a-w C:\Documents and Settings\skad\mqdmbus.sys
2006-11-07 15:05 6,208 ----a-w C:\Documents and Settings\skad\mqdmcmnt.sys
2006-11-07 15:05 5,936 ----a-w C:\Documents and Settings\skad\mqdmwhnt.sys
2006-11-07 15:05 4,048 ----a-w C:\Documents and Settings\skad\mqdmcr.sys
2006-11-07 15:05 25,600 ----a-w C:\Documents and Settings\skad\usbsermptxp.sys
2006-11-07 15:05 22,768 ----a-w C:\Documents and Settings\skad\usbsermpt.sys
2006-08-15 16:08 10,050,902 ----a-w C:\Program Files\Codecs6030_allin1.exe
2007-08-09 12:08 8,784 ----a-w C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
2007-08-09 12:10 245,408 ----a-w C:\Program Files\mozilla firefox\plugins\unicows.dll
.

------- Sigcheck -------

2004-08-04 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\ip6fw.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-10-04 22:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2007-10-04 22:06 1135968]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 22:06 1135968]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 20:05 13312]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-01-07 22:02 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"="Mixer.exe" [2002-10-15 19:00 1818624 C:\WINDOWS\mixer.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 14:03 63048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 20:05 13312]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-11-22 15:53 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.fraunhoferacm"= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

R1 aswSP;avast! Self Protection;C:\WINDOWS\System32\drivers\aswSP.sys [2008-03-29 19:31]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2007-04-17 14:00]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\System32\drivers\LMIRfsDriver.sys [2007-04-05 11:55]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 03:35]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-11 22:46:13
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-05-11 22:47:29
ComboFix-quarantined-files.txt 2008-05-11 20:47:24
ComboFix2.txt 2008-05-11 10:33:56
ComboFix3.txt 2008-05-09 22:44:18
ComboFix4.txt 2008-05-07 13:04:59

Adresářů: 9, Volných bajtů: 20,246,573,056
Adresářů: 10, Volných bajtů: 20,236,722,176

132 --- E O F --- 2008-05-07 23:28:13

[sirtomage]

- nový log z HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:50:32, on 11.5.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Microsoft Office\Office10\msoffice.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CHelper Class - {0F469452-B579-4F29-94A2-AE86C86067A6} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Eurotran 2006 - {66566BD7-FF3C-46a8-97AB-A60ECC45BDD2} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O9 - Extra button: (no name) - {6740485C-7614-4d47-B8FC-AF7E5E99A2BD} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O9 - Extra 'Tools' menuitem: Eurotran 2006 - {6740485C-7614-4d47-B8FC-AF7E5E99A2BD} - C:\Program Files\Microton 2006\Eurotran\etran_i.dll
O9 - Extra button: Lexie 2006 - {9EE61AF4-AC5B-42dd-9EBF-9DC30124C338} - C:\Program Files\Microton 2006\Lexie\lexie.dll
O9 - Extra 'Tools' menuitem: Lexie 2006 - {9EE61AF4-AC5B-42dd-9EBF-9DC30124C338} - C:\Program Files\Microton 2006\Lexie\lexie.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

--
End of file - 6615 bytes

[sirtomage]

ahoj,
tak to vypadá dobře, večer jsem udělal vše dle rad a zatim to nevyskočilo. Díky moc za pomoc. Jak se mohu odvděčit? .

[fredik]

Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře ComboFix /u a dej Ok.
- mezi comobofix a /u musí být mezera

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře %appdata% a dej Ok.
- otevře se ti nové okno a tam pak smaž adresář/složku: PC-Cleaner

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

1) Také pro lepší zabezpečení by bylo dobré si doinstalovat minimálně SP2 (Service Pack 2 for WinXp)

2) K lepšímu zabezpečení bych ti doporučil doinstalovat firewall, můžeš si vybrat některý zde uvedený nebo některý jiný z odkazu: Přehled osobních firewallů
Firewally zdarma:
Comodo - kvalitní, pokročilý, s mnoha funkcemi, originálně v angličtině
Kerio - přehledný, větší možnosti nastavení, náročnější na systémové prostředky, v češtině
ZoneAlarm - jednoduchý, kompatibilní, nenáročný na systémové prostředky, málo možností nastavení, v angličtině + návod

3) Vzhledem k tomu že používáš IE tak bych ti doporučil jako prevenci tento program: SpywareBlaster
- návod je sice sepsaný na předchozí verzi, ale kromě změny GUI je vše podstatné stejné.

4) Také aktualizovat Javu, jak bylo napsáno.

5) Stáhni si a spusť T-cleaner a postupuj podle instrukcí. Případně můžeš také pročistit Pc od dočasných souborů např. pomocí: CCleaner

6) Můžeš si zapnout zpět u Spybota - rez. ochranu (TeaTimer)

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Pokud by jsi chtěl můžeš nějakou formou podpořit fórum. Víc informací k tomu najdeš zde: Podpora fóra

Kdyby byl nějaký problém tak dej vědět.

[sirtomage]

Ahoj,
tak je to už nějaký ten den a zatim se to znova neukázalo. Díky moc za rady, někdy se ozvu kvuli svému počítači - tohle byl jenom firemní. Díky moc.