kontrola logu z HJT

[LuckaR]

Dobrý den, posílám log a prosím o kontrolu. Systém je v poslední době nestabilní, z ničeho nic se objeví modrá stránka s nějaký varováním - to ale nestíhám přečíst - následuje restart počítače. Těsně před tím, než problémy začaly, detekovalo AVG několik trojanů, ale zdálo se, že si s nimi poradilo... Díky moc za pomoc, zde je log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:11:32, on 22.6.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Ufon\UfonCW.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\LUCKA\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{C62ABCFF-14A6-4C8E-8B49-28FD28CDAA66}: NameServer = 78.136.128.4 78.136.128.12
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe

--
End of file - 5276 bytes

[Reklama]

[zlobyl]

Ahoj, vítám tě tu na PC-Help.

V HJT fixni:

Kód: Vybrat vše

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

Jinak jdi do Ovládacích panelů-Systému-Upřesnění-Spuštění a zotavení systému a tam odškrtni pole Automaticky restartovat.
Při další modré obrazovce si opiš její obsah a napiš ho sem.

[LuckaR]

Díky za radu, fixla jsem, cos napsal, teď jdu na to zotavení. Třeba už toto pomůže, když ne, ozvu se. Tu modrou stránku snad jedině že bych fotila, přečíst to fakt nejde, je to fofr

[LuckaR]

Jo, už jsem to pochopila - ODŠKRTNOUT automatický restart - takže ta stránka tam nejspíš chvíli vydrží... jasně

[LuckaR]

Tak zlobyle, posílám přepis toho chybového hlášení:

A problem has been detected and windows has been shut down to prevent damage to your computer.

BOGUS_DRIVER

IF this is the first time you've seen this stop error screen, restart your computer. If this screen appears again, follow these steps:
check to make sure that any new hardware or software is properly installed.
If this is a new installation ask your hardware or software manufacturer for any Windows updates you might need.

If problems continue, disable or remove any newly installed hardware or software. Disable BIOS, memory options such as caching or shadowing. If you need to use SAFE MODE to remove or disable components, restart your computer, press F8 to select Advanced Startup Options, and then select SAFE MODE.



Technical information:

***STOP: 0x00000099 (0x00000000,0xF9DD22FD,0x00000008,0xC00000000)

*** NPFS.sys - addressF9DD22FD base at F9DD2000,datestamp 36B011A4



Za poslední měsíc jsem žádnej novej software neinstalovala, ani hardware. Problém se poprvé objevil těsně potom, co AVG zahlásilo nějakého toho trojana... Průvodní jev byl ten, že mi najednou zmizelo nastavení obrázku (pozadí) na ploše.

Jinak ten zákaz automatického restartu vlastně nepomohl (vyfotila jsem to), on asi nenastává celý restart, jenom taková ta jeho finální část se stránkou Windows XP - no a ta se dokola točí s tou modrou obrazovkou. Když dám F8, vrátí se vše do původního stavu...

Nevim, možná se tu zabývám nesmyslem, ale podle mě by toto systém dělat neměl...

Dík za každou radu. L.

[zlobyl]

Použij ComboFix: (vypni si však před jeho použitím všechny rezidentní štíty)

Stáhni ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[LuckaR]

Tak log z combofix.exe je níže. Nevím, co přesně obnáší vypnout všechny rezidetntní štíty. Vynula jsem ten u AVG a taky jsem snížila protection u Comoda na nulu. Jestli to nestačí, napiš co ještě a sjedu to scanování combofixem ještě jednou. Zatím děkuji, L.

ComboFix 08-06-20.4 - LUCKA 2008-06-24 19:56:21.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.74 [GMT 2:00]
Running from: C:\Documents and Settings\LUCKA\Plocha\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-05-24 to 2008-06-24 )))))))))))))))))))))))))))))))
.

2008-06-21 11:11 . 2008-06-21 11:11 109,056 --a------ C:\WINDOWS\system32\lphcjgqj0ecfa.exe
2008-06-21 11:11 . 2008-06-21 11:17 60,928 --a------ C:\WINDOWS\system32\blphcjgqj0ecfa.scr
2008-06-16 15:16 . 2008-06-22 18:24 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-16 15:16 . 2008-06-16 15:16 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-26 21:32 . 2008-06-23 11:39 <DIR> d--h----- C:\$AVG8.VAULT$
2008-05-26 20:28 . 2008-05-26 20:28 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-26 20:28 . 2008-05-26 20:28 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-26 20:28 . 2008-05-26 20:28 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-05-26 20:27 . 2008-06-24 12:38 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-26 20:27 . 2008-05-26 20:27 <DIR> d-------- C:\Program Files\AVG
2008-05-26 20:27 . 2008-05-26 21:37 <DIR> d-------- C:\Documents and Settings\LUCKA\Data aplikací\AVGTOOLBAR
2008-05-26 20:27 . 2008-05-26 20:27 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\avg8

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2036-02-07 01:58 1,227,482 ----a-r C:\WINDOWS\system32\3_VETERANI.scr
2008-06-24 15:44 --------- d-----w C:\Documents and Settings\LUCKA\Data aplikací\XnView
2008-06-22 14:53 --------- d-----w C:\Documents and Settings\LUCKA\Data aplikací\AdobeUM
2008-06-22 14:07 --------- d-----w C:\Documents and Settings\LUCKA\Data aplikací\skypePM
2008-06-21 12:28 6,520 ----a-w C:\WINDOWS\F32I.BIN
2008-06-20 14:12 --------- d-----w C:\Program Files\Millennium6
2008-06-19 05:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-13 09:48 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2008-06-11 09:45 --------- d-----w C:\Documents and Settings\LUCKA\Data aplikací\uTorrent
2008-05-21 10:12 --------- d-----w C:\Program Files\Ufon
2008-05-21 07:39 --------- d-----w C:\Documents and Settings\LUCKA\Data aplikací\Comodo
2008-05-21 07:39 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\comodo
2008-05-21 07:36 --------- d-----w C:\Program Files\COMODO
2008-05-18 14:17 --------- d-----w C:\Program Files\7-Zip
2008-05-15 15:52 20 ---h--w C:\Documents and Settings\All Users\Data aplikací\PKP_DLec.DAT
2008-05-15 15:52 20 ---h--w C:\Documents and Settings\All Users\Data aplikací\PKP_DLds.DAT
2008-05-14 13:15 --------- d-----w C:\Program Files\Noční obloha
2008-05-14 13:11 --------- d-----w C:\Program Files\Microsoft Bootvis
2008-05-14 12:19 --------- d-----w C:\Program Files\RegCleaner
2008-05-13 08:09 --------- d-----w C:\Program Files\Yahoo!
2008-05-13 07:44 --------- d-----w C:\Program Files\CCleaner
2008-05-13 07:27 --------- d-----w C:\Program Files\SysFixMaster
2008-05-12 08:53 --------- d-----w C:\Program Files\TrojanHunter 5.0
2008-01-03 17:17 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus C45 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 04:00 99840]
"ezShieldProtector for Px"="C:\WINDOWS\system32\ezSP_Px.exe" [2002-08-20 10:29 40960]
"VTTimer"="VTTimer.exe" [2004-01-15 20:33 49152 C:\WINDOWS\system32\VTTimer.exe]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-05-21 09:36 1115728]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-26 20:27 1177368]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 15:23 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:49 15360]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2007-12-11 15:25:39 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-26 20:28]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-26 20:27]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-26 20:27]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-26 20:28]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-24 19:58:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-24 20:01:30
ComboFix-quarantined-files.txt 2008-06-24 18:01:13

Adresářů: 16, Volných bajtů: 3,303,350,272
Adresářů: 19, Volných bajtů: 3,318,534,144

100

[zlobyl]

Použij v ComboFixu script:

Zkopíruj si následující text do poznámkového bloku (Start-Spustit-Notepad) a ulož ho na Plochu jako CFScript.txt.
(nepoužívej funkci Vybrat vše!)

Kód: Vybrat vše

File::
C:\WINDOWS\system32\lphcjgqj0ecfa.exe
C:\WINDOWS\system32\blphcjgqj0ecfa.scr
C:\WINDOWS\QTFont.qfn
C:\WINDOWS\QTFont.for

Pak tento soubor přetáhni na ikonu ComboFixu a pusť.(předpokládám, že máš ComboFix také na ploše)



Pak sem dej log, který ti z něj vyleze.


Pak jdi ještě na stránky virustotal nebo jottiscan a nech tam otestovat soubor:

Kód: Vybrat vše

C:\WINDOWS\system32\3_VETERANI.scr

(soubor nehledej, ale rovnou do pole pro cestu (to velké pole vedle tlačítka Procházet) vlož výše uvedenou cestu)

A ještě jeden dotaz-máš schválně vypnuté upozorňování Centra zabezpečení při nenainstalovaném antiviru nebo vypnutých aktualizacích?

[LuckaR]

3_VETERANI.scr jsou v pohodě, nejspíš nějaký relikt z dvd Tři veteráni.
To "centrum zabezpečení.." rozhodně není záměr, ale možná jsem to vypnula já, když jsem se snažila vyřadit ty všechny rezidentní štíty... Zkusim to zase zapnout.

Nový log z Combofixu zkusím nacpat níže, snad se vejde. Podotýkám, že inkriminovaná modrá obrazovka se teď docela dlouho neobjevila. Problém tedy možná není úplně fatální - o to víc děkuji za pomoc. Aspoň se něco naučim

ComboFix 08-06-20.4 - LUCKA 2008-06-26 13:03:36.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.68 [GMT 2:00]
Running from: C:\Documents and Settings\LUCKA\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\LUCKA\Plocha\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\QTFont.for
C:\WINDOWS\QTFont.qfn
C:\WINDOWS\system32\blphcjgqj0ecfa.scr
C:\WINDOWS\system32\lphcjgqj0ecfa.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\QTFont.for
C:\WINDOWS\QTFont.qfn
C:\WINDOWS\system32\blphcjgqj0ecfa.scr
C:\WINDOWS\system32\lphcjgqj0ecfa.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-26 to 2008-06-26 )))))))))))))))))))))))))))))))
.

2008-06-26 12:57 . 2008-06-26 12:57 <DIR> d-------- C:\WINDOWS\LastGood
2008-06-26 08:00 . 2008-06-14 20:00 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-26 08:00 . 2008-06-14 20:00 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-24 23:39 . 2008-06-26 11:34 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-24 23:39 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-24 23:39 . 2008-06-26 11:34 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-05-26 21:32 . 2008-06-23 11:39 <DIR> d--h----- C:\$AVG8.VAULT$
2008-05-26 20:28 . 2008-05-26 20:28 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-26 20:28 . 2008-05-26 20:28 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-26 20:28 . 2008-05-26 20:28 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-05-26 20:27 . 2008-06-26 08:58 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-26 20:27 . 2008-05-26 20:27 <DIR> d-------- C:\Program Files\AVG
2008-05-26 20:27 . 2008-05-26 21:37 <DIR> d-------- C:\Documents and Settings\LUCKA\Data aplikací\AVGTOOLBAR
2008-05-26 20:27 . 2008-05-26 20:27 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\avg8

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2036-02-07 01:58 1,227,482 ----a-r C:\WINDOWS\system32\3_VETERANI.scr
2008-06-26 06:57 --------- d-----w C:\Documents and Settings\LUCKA\Data aplikací\AdobeUM
2008-06-25 14:09 --------- d-----w C:\Documents and Settings\LUCKA\Data aplikací\XnView
2008-06-24 18:06 --------- d-----w C:\Program Files\ICQToolbar
2008-06-22 14:07 --------- d-----w C:\Documents and Settings\LUCKA\Data aplikací\skypePM
2008-06-21 12:28 6,520 ----a-w C:\WINDOWS\F32I.BIN
2008-06-20 14:12 --------- d-----w C:\Program Files\Millennium6
2008-06-19 05:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-13 09:48 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2008-06-11 09:45 --------- d-----w C:\Documents and Settings\LUCKA\Data aplikací\uTorrent
2008-05-21 10:12 --------- d-----w C:\Program Files\Ufon
2008-05-21 07:39 --------- d-----w C:\Documents and Settings\LUCKA\Data aplikací\Comodo
2008-05-21 07:39 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\comodo
2008-05-21 07:36 --------- d-----w C:\Program Files\COMODO
2008-05-18 14:17 --------- d-----w C:\Program Files\7-Zip
2008-05-15 15:52 20 ---h--w C:\Documents and Settings\All Users\Data aplikací\PKP_DLec.DAT
2008-05-15 15:52 20 ---h--w C:\Documents and Settings\All Users\Data aplikací\PKP_DLds.DAT
2008-05-14 13:15 --------- d-----w C:\Program Files\Noční obloha
2008-05-14 13:11 --------- d-----w C:\Program Files\Microsoft Bootvis
2008-05-14 12:19 --------- d-----w C:\Program Files\RegCleaner
2008-05-13 08:09 --------- d-----w C:\Program Files\Yahoo!
2008-05-13 07:44 --------- d-----w C:\Program Files\CCleaner
2008-05-13 07:27 --------- d-----w C:\Program Files\SysFixMaster
2008-05-12 08:53 --------- d-----w C:\Program Files\TrojanHunter 5.0
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:16 1,290,240 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-21 07:03 660,480 ----a-w C:\WINDOWS\system32\wininet.dll
2008-01-03 17:17 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
.

((((((((((((((((((((((((((((( snapshot@2008-06-24_20.00.54,98 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-11-30 12:46:22 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB891781\spmsg.dll
+ 2004-11-30 18:22:38 170,496 ----a-w C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe
+ 2004-11-30 18:22:38 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\spcustom.dll
+ 2004-11-30 12:46:22 657,920 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
+ 2005-05-26 23:26:50 10,752 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe
+ 2005-05-27 02:11:26 41,472 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hhsetup.dll
+ 2005-05-27 02:11:26 155,136 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itircl.dll
+ 2005-05-27 02:11:26 137,216 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itss.dll
+ 2005-02-24 18:34:46 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB896358\spmsg.dll
+ 2005-02-24 18:34:46 211,680 ----a-w C:\WINDOWS\$hf_mig$\KB896358\spuninst.exe
+ 2005-02-24 18:34:46 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\spcustom.dll
+ 2005-02-24 18:34:46 722,144 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
+ 2005-02-24 18:34:48 380,128 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\updspapi.dll
+ 2006-06-22 10:47:10 180,736 ----a-w C:\WINDOWS\$hf_mig$\KB911280\SP2QFE\rasmans.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB911280\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB911280\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\updspapi.dll
+ 2006-01-04 04:19:30 68,096 ----a-w C:\WINDOWS\$hf_mig$\KB911927\SP2QFE\webclnt.dll
+ 2005-10-12 23:10:19 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB911927\spmsg.dll
+ 2005-10-12 23:10:19 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB911927\spuninst.exe
+ 2005-10-12 23:10:19 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\spcustom.dll
+ 2005-10-12 23:10:22 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
+ 2005-10-12 23:10:28 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\updspapi.dll
+ 2007-02-05 20:21:18 185,344 ----a-w C:\WINDOWS\$hf_mig$\KB931261\SP2QFE\upnphost.dll
+ 2006-01-19 19:29:10 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB931261\spmsg.dll
+ 2006-01-19 19:29:10 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB931261\spuninst.exe
+ 2006-01-19 19:29:10 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\spcustom.dll
+ 2006-01-19 19:29:10 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
+ 2006-01-19 19:29:11 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\updspapi.dll
+ 2007-12-18 14:33:28 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\jscript.dll
+ 2007-12-18 14:33:28 417,792 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\vbscript.dll
+ 2007-03-06 01:07:37 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spmsg.dll
+ 2007-03-06 01:07:42 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spuninst.exe
+ 2007-03-06 01:07:36 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\spcustom.dll
+ 2007-03-06 01:07:59 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\update.exe
+ 2007-03-06 01:08:50 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2007-11-01 05:14:51 162,592 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:14:52 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:07:37 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:07:42 215,776 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:07:36 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:07:59 720,096 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:08:50 379,616 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
- 2008-06-24 13:11:16 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-26 10:51:26 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2006-02-15 00:22:26 142,464 ------w C:\WINDOWS\Driver Cache\i386\aec.sys
+ 2008-06-14 18:00:16 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2006-03-17 00:33:10 262,784 ------w C:\WINDOWS\Driver Cache\i386\http.sys
+ 2006-06-14 08:47:45 172,416 ------w C:\WINDOWS\Driver Cache\i386\kmixer.sys
+ 2006-05-05 09:41:45 453,120 ------w C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
+ 2007-02-28 16:04:51 2,138,112 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2007-02-28 16:05:02 2,059,776 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2007-02-28 16:04:49 2,017,792 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2007-02-28 16:05:00 2,182,528 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2006-06-14 08:47:46 6,400 ------w C:\WINDOWS\Driver Cache\i386\splitter.sys
+ 2006-06-14 09:00:45 82,944 ------w C:\WINDOWS\Driver Cache\i386\wdmaud.sys
- 2004-08-17 13:49:24 1,032,704 ----a-w C:\WINDOWS\explorer.exe
+ 2007-06-13 13:23:39 1,033,728 ----a-w C:\WINDOWS\explorer.exe
- 2004-08-17 13:49:24 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
- 2004-08-17 13:49:02 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2006-10-12 14:05:16 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2004-08-17 13:49:02 58,880 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2007-03-09 13:48:16 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2004-08-17 13:49:22 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2006-10-12 11:09:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2008-06-26 09:34:42 15,552 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{30D5FE0C-E540-4EA0-9364-E5952821D517}.bin
- 2004-08-17 13:49:02 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2006-08-16 11:59:36 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
- 2004-08-17 13:49:04 56,832 ----a-w C:\WINDOWS\system32\authz.dll
+ 2005-03-02 18:18:13 56,832 ----a-w C:\WINDOWS\system32\authz.dll
- 2004-08-17 13:49:04 1,016,832 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-04-21 07:03:46 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll
- 2004-08-17 13:49:04 229,888 ----a-w C:\WINDOWS\system32\catsrv.dll
+ 2005-07-26 04:42:49 225,792 ----a-w C:\WINDOWS\system32\catsrv.dll
- 2004-08-17 13:49:04 628,224 ----a-w C:\WINDOWS\system32\catsrvut.dll
+ 2005-07-26 04:42:49 625,152 ----a-w C:\WINDOWS\system32\catsrvut.dll
- 2004-08-17 13:49:04 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-04-21 07:03:47 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2004-08-17 13:49:04 66,560 ----a-w C:\WINDOWS\system32\cdm.dll
+ 2007-07-30 17:19:20 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
- 2004-08-17 13:49:04 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
+ 2005-09-10 01:55:30 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
- 2004-08-17 13:49:04 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
+ 2006-06-22 05:18:49 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
- 2004-08-17 13:49:04 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
+ 2005-07-26 04:42:49 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
- 2004-08-17 13:49:04 501,248 ----a-w C:\WINDOWS\system32\clbcatq.dll
+ 2005-07-26 04:42:50 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
- 2004-08-17 13:49:04 62,464 ----a-w C:\WINDOWS\system32\colbact.dll
+ 2005-07-26 04:42:50 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
- 2004-08-17 13:49:04 195,584 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
+ 2005-07-26 04:42:50 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
- 2004-08-17 13:49:04 611,328 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2006-08-25 15:51:22 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2001-10-25 14:00:00 82,432 ----a-w C:\WINDOWS\system32\comrepl.dll
+ 2005-07-26 04:42:50 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
- 2004-08-17 13:49:04 1,251,840 ----a-w C:\WINDOWS\system32\comsvcs.dll
+ 2005-07-26 04:42:50 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
- 2004-08-17 13:48:08 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
+ 2005-07-26 04:42:50 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
- 2004-08-17 13:49:06 1,054,720 ----a-w C:\WINDOWS\system32\danim.dll
+ 2008-04-21 07:03:48 1,055,232 ----a-w C:\WINDOWS\system32\danim.dll
- 2004-08-17 13:49:06 110,080 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2006-05-19 13:42:34 110,592 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
- 2004-08-17 13:49:02 100,352 -c--a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
+ 2006-08-16 11:59:36 100,352 -c--a-w C:\WINDOWS\system32\dllcache\6to4svc.dll
- 2004-08-03 20:39:38 142,464 -c--a-w C:\WINDOWS\system32\dllcache\aec.sys
+ 2006-02-15 00:22:26 142,464 -c--a-w C:\WINDOWS\system32\dllcache\aec.sys
- 2004-08-17 13:49:02 41,984 -c--a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
+ 2006-10-12 14:05:16 42,496 -c--a-w C:\WINDOWS\system32\dllcache\agentdp2.dll
- 2004-08-17 13:49:02 58,880 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
+ 2007-03-09 13:48:16 57,344 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
- 2004-08-17 13:49:22 256,512 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
+ 2006-10-12 11:09:53 256,512 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
- 2004-08-17 13:49:04 56,832 -c--a-w C:\WINDOWS\system32\dllcache\authz.dll
+ 2005-03-02 18:18:13 56,832 -c--a-w C:\WINDOWS\system32\dllcache\authz.dll
- 2004-08-17 13:49:04 1,016,832 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2008-04-21 07:03:46 1,023,488 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2004-08-17 13:49:04 229,888 -c--a-w C:\WINDOWS\system32\dllcache\catsrv.dll
+ 2005-07-26 04:42:49 225,792 -c--a-w C:\WINDOWS\system32\dllcache\catsrv.dll
- 2004-08-17 13:49:04 628,224 -c--a-w C:\WINDOWS\system32\dllcache\catsrvut.dll
+ 2005-07-26 04:42:49 625,152 -c--a-w C:\WINDOWS\system32\dllcache\catsrvut.dll
- 2004-08-17 13:49:04 151,040 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2008-04-21 07:03:47 151,552 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2004-08-17 13:49:04 66,560 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
+ 2007-07-30 17:19:20 92,504 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
- 2004-08-17 13:49:04 2,067,968 -c--a-w C:\WINDOWS\system32\dllcache\cdosys.dll
+ 2005-09-10 01:55:30 2,067,968 -c--a-w C:\WINDOWS\system32\dllcache\cdosys.dll
- 2004-08-17 13:49:04 69,120 -c--a-w C:\WINDOWS\system32\dllcache\ciodm.dll
+ 2006-06-22 05:18:49 69,120 -c--a-w C:\WINDOWS\system32\dllcache\ciodm.dll
- 2004-08-17 13:49:04 110,080 -c--a-w C:\WINDOWS\system32\dllcache\clbcatex.dll
+ 2005-07-26 04:42:49 110,080 -c--a-w C:\WINDOWS\system32\dllcache\clbcatex.dll
- 2004-08-17 13:49:04 501,248 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
+ 2005-07-26 04:42:50 498,688 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
- 2004-08-17 13:49:04 62,464 -c--a-w C:\WINDOWS\system32\dllcache\colbact.dll
+ 2005-07-26 04:42:50 60,416 -c--a-w C:\WINDOWS\system32\dllcache\colbact.dll
- 2004-08-17 13:49:04 195,584 -c--a-w C:\WINDOWS\system32\dllcache\comadmin.dll
+ 2005-07-26 04:42:50 195,072 -c--a-w C:\WINDOWS\system32\dllcache\comadmin.dll
- 2004-08-17 13:49:04 611,328 -c--a-w C:\WINDOWS\system32\dllcache\comctl32.dll
+ 2006-08-25 15:51:22 617,472 -c--a-w C:\WINDOWS\system32\dllcache\comctl32.dll
- 2001-10-25 14:00:00 82,432 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.dll
+ 2005-07-26 04:42:50 97,792 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.dll
- 2004-08-17 13:49:04 1,251,840 -c--a-w C:\WINDOWS\system32\dllcache\comsvcs.dll
+ 2005-07-26 04:42:50 1,267,200 -c--a-w C:\WINDOWS\system32\dllcache\comsvcs.dll
- 2004-08-17 13:48:08 540,160 -c--a-w C:\WINDOWS\system32\dllcache\comuid.dll
+ 2005-07-26 04:42:50 540,160 -c--a-w C:\WINDOWS\system32\dllcache\comuid.dll
- 2004-08-17 13:49:06 1,054,720 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
+ 2008-04-21 07:03:48 1,055,232 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
- 2004-08-17 13:49:06 561,179 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
- 2004-08-17 13:49:06 110,080 -c--a-w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
+ 2006-05-19 13:42:34 110,592 -c--a-w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
- 2004-08-17 13:49:06 81,408 -c--a-w C:\WINDOWS\system32\dllcache\directdb.dll
+ 2007-05-16 15:18:40 86,528 -c--a-w C:\WINDOWS\system32\dllcache\directdb.dll
- 2004-08-17 13:49:06 148,480 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:38:19 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2004-08-17 13:49:06 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2008-02-20 05:38:19 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
- 2004-08-17 13:49:06 498,717 -c--a-w C:\WINDOWS\system32\dllcache\dxmasf.dll
+ 2006-08-24 11:17:00 499,254 -c--a-w C:\WINDOWS\system32\dllcache\dxmasf.dll
- 2004-08-17 13:49:06 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-21 07:03:48 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2004-08-17 13:49:06 201,728 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-21 07:03:48 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2004-08-17 13:49:08 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
+ 2005-07-26 04:42:50 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
- 2004-08-17 13:49:08 1,083,904 -c--a-w C:\WINDOWS\system32\dllcache\esent.dll
+ 2005-10-20 22:30:49 1,083,904 -c--a-w C:\WINDOWS\system32\dllcache\esent.dll
- 2004-08-17 13:49:24 1,032,704 -c--a-w C:\WINDOWS\system32\dllcache\explorer.exe
+ 2007-06-13 13:23:39 1,033,728 -c--a-w C:\WINDOWS\system32\dllcache\explorer.exe
- 2004-08-17 13:49:08 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-21 07:03:48 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2004-08-17 13:49:08 16,896 -c--a-w C:\WINDOWS\system32\dllcache\fltlib.dll
+ 2006-08-21 12:27:48 16,896 -c--a-w C:\WINDOWS\system32\dllcache\fltlib.dll
- 2004-08-17 13:49:24 22,528 -c--a-w C:\WINDOWS\system32\dllcache\fltmc.exe
+ 2006-08-21 09:14:58 23,040 -c--a-w C:\WINDOWS\system32\dllcache\fltmc.exe
- 2004-08-03 21:01:20 124,800 -c--a-w C:\WINDOWS\system32\dllcache\fltmgr.sys
+ 2006-08-21 09:14:58 128,896 -c--a-w C:\WINDOWS\system32\dllcache\fltmgr.sys
- 2001-10-25 14:00:00 79,360 -c--a-w C:\WINDOWS\system32\dllcache\fontsub.dll
+ 2005-10-17 21:21:35 80,896 -c--a-w C:\WINDOWS\system32\dllcache\fontsub.dll
- 2004-08-17 13:49:08 278,016 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:51:37 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2004-08-17 13:49:24 10,752 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe
+ 2005-05-26 23:22:01 10,752 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe
- 2004-08-17 13:49:08 38,912 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll
+ 2005-05-27 02:08:06 41,472 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll
- 2001-10-25 14:00:00 77,850 -c--a-w C:\WINDOWS\system32\dllcache\hlink.dll
+ 2006-07-21 08:28:17 72,704 -c--a-w C:\WINDOWS\system32\dllcache\hlink.dll
- 2004-08-17 13:49:10 253,952 -c--a-w C:\WINDOWS\system32\dllcache\icm32.dll
+ 2005-06-29 01:52:57 254,976 -c--a-w C:\WINDOWS\system32\dllcache\icm32.dll
- 2004-08-17 13:49:24 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2008-04-17 10:52:54 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2004-08-17 13:49:10 249,344 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-04-21 07:03:49 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2004-08-17 13:49:10 678,400 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2007-08-21 06:18:05 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2004-08-17 13:49:10 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2008-04-21 07:03:49 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2004-08-17 13:49:10 95,744 -c--a-w C:\WINDOWS\system32\dllcache\iphlpapi.dll
+ 2006-05-19 13:42:34 95,744 -c--a-w C:\WINDOWS\system32\dllcache\iphlpapi.dll
- 2004-08-03 21:04:52 134,912 -c--a-w C:\WINDOWS\system32\dllcache\ipnat.sys
+ 2004-09-29 22:28:37 134,912 -c--a-w C:\WINDOWS\system32\dllcache\ipnat.sys
- 2004-08-17 13:49:10 143,872 -c--a-w C:\WINDOWS\system32\dllcache\itircl.dll
+ 2005-05-27 02:08:06 155,136 -c--a-w C:\WINDOWS\system32\dllcache\itircl.dll
- 2004-08-17 13:49:10 134,144 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll
+ 2005-05-27 02:08:06 137,216 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll
+ 2006-06-01 18:49:39 163,840 -c----w C:\WINDOWS\system32\dllcache\jgdw400.dll
+ 2006-06-01 18:49:39 27,648 -c----w C:\WINDOWS\system32\dllcache\jgpl400.dll
- 2004-08-17 13:49:10 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-12-18 14:43:06 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2004-08-17 13:49:10 15,872 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-21 07:03:49 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-17 13:49:10 294,400 -c--a-w C:\WINDOWS\system32\dllcache\kerberos.dll
+ 2005-06-15 17:50:59 295,936 -c--a-w C:\WINDOWS\system32\dllcache\kerberos.dll
- 2004-08-17 13:49:10 982,016 -c--a-w C:\WINDOWS\system32\dllcache\kernel32.dll
+ 2007-04-16 15:54:40 983,040 -c--a-w C:\WINDOWS\system32\dllcache\kernel32.dll
- 2004-08-03 21:07:50 171,776 -c--a-w C:\WINDOWS\system32\dllcache\kmixer.sys
+ 2006-06-14 08:47:45 172,416 -c--a-w C:\WINDOWS\system32\dllcache\kmixer.sys
- 2004-08-17 13:49:10 18,944 -c--a-w C:\WINDOWS\system32\dllcache\linkinfo.dll
+ 2005-09-01 02:28:18 19,968 -c--a-w C:\WINDOWS\system32\dllcache\linkinfo.dll
- 2004-08-17 13:49:12 720,896 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:29:19 720,896 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
- 2004-08-17 13:49:12 39,936 -c--a-w C:\WINDOWS\system32\dllcache\mf3216.dll
+ 2007-03-08 15:38:40 40,960 -c--a-w C:\WINDOWS\system32\dllcache\mf3216.dll
- 2001-10-25 14:00:00 924,432 -c--a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
+ 2006-11-01 19:19:08 927,504 -c--a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
- 2004-08-17 13:49:12 1,024,000 -c--a-w C:\WINDOWS\system32\dllcache\mfc42u.dll
+ 2006-10-14 08:13:25 981,760 -c--a-w C:\WINDOWS\system32\dllcache\mfc42u.dll
- 2004-08-17 13:49:24 7,680 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
+ 2005-07-25 23:46:57 7,680 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
- 2004-08-03 20:58:22 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:47 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2004-08-17 13:49:12 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:51:38 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-17 13:49:12 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:51:38 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-17 13:49:12 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:51:38 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2004-08-17 13:49:12 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:51:38 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-17 13:49:12 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:51:38 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2004-08-17 13:49:12 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:51:38 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-17 13:49:12 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:51:38 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-17 13:49:12 489,472 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-07-06 12:51:38 489,472 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
- 2004-08-03 21:00:58 181,248 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2006-05-05 09:41:45 453,120 -c----w C:\WINDOWS\system32\dllcache\mrxsmb.sys
- 2004-08-17 13:49:12 143,360 -c--a-w C:\WINDOWS\system32\dllcache\msadco.dll
+ 2006-03-23 05:51:26 143,360 -c--a-w C:\WINDOWS\system32\dllcache\msadco.dll
- 2004-08-17 13:49:12 536,576 -c--a-w C:\WINDOWS\system32\dllcache\msado15.dll
+ 2006-12-26 13:09:22 536,576 -c--a-w C:\WINDOWS\system32\dllcache\msado15.dll
- 2004-08-17 13:49:12 180,224 -c--a-w C:\WINDOWS\system32\dllcache\msadomd.dll
+ 2006-12-26 13:09:22 180,224 -c--a-w C:\WINDOWS\system32\dllcache\msadomd.dll
- 2004-08-17 13:49:12 200,704 -c--a-w C:\WINDOWS\system32\dllcache\msadox.dll
+ 2006-12-26 13:09:22 200,704 -c--a-w C:\WINDOWS\system32\dllcache\msadox.dll
- 2004-08-17 13:49:12 73,728 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
+ 2005-06-29 01:52:57 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
- 2004-08-17 13:49:12 425,472 -c--a-w C:\WINDOWS\system32\dllcache\msdtcprx.dll
+ 2006-03-01 19:44:08 426,496 -c--a-w C:\WINDOWS\system32\dllcache\msdtcprx.dll
- 2004-08-17 13:49:12 949,248 -c--a-w C:\WINDOWS\system32\dllcache\msdtctm.dll
+ 2006-03-01 19:44:09 956,416 -c--a-w C:\WINDOWS\system32\dllcache\msdtctm.dll
- 2004-08-17 13:49:12 161,280 -c--a-w C:\WINDOWS\system32\dllcache\msdtcuiu.dll
+ 2006-03-01 19:44:09 161,280 -c--a-w C:\WINDOWS\system32\dllcache\msdtcuiu.dll
- 2004-08-17 13:49:12 319,517 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2004-08-17 13:49:12 512,029 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
- 2004-08-17 13:49:12 537,088 -c--a-w C:\WINDOWS\system32\dllcache\msftedit.dll
+ 2006-11-27 14:55:39 539,136 -c--a-w C:\WINDOWS\system32\dllcache\msftedit.dll
- 2004-08-17 13:49:12 3,003,392 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-21 07:03:53 3,080,704 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2004-08-17 13:49:12 448,512 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-21 07:03:53 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-17 13:49:14 2,804,224 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2005-05-04 12:45:32 2,890,240 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
- 2004-08-17 13:49:26 77,312 -c--a-w C:\WINDOWS\system32\dllcache\msiexec.exe
+ 2005-05-04 12:45:36 78,848 -c--a-w C:\WINDOWS\system32\dllcache\msiexec.exe
- 2004-08-17 13:49:14 331,264 -c--a-w C:\WINDOWS\system32\dllcache\msihnd.dll
+ 2005-05-04 12:45:36 271,360 -c--a-w C:\WINDOWS\system32\dllcache\msihnd.dll
- 2004-08-17 13:48:30 884,736 -c--a-w C:\WINDOWS\system32\dllcache\msimsg.dll
+ 2005-05-04 12:45:36 884,736 -c--a-w C:\WINDOWS\system32\dllcache\msimsg.dll
- 2004-08-17 13:49:14 44,032 -c--a-w C:\WINDOWS\system32\dllcache\msisip.dll
+ 2005-05-04 12:45:36 15,360 -c--a-w C:\WINDOWS\system32\dllcache\msisip.dll
- 2004-08-17 13:49:14 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
- 2004-07-17 09:34:48 358,976 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
- 2004-08-17 13:49:14 155,679 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:50:01 162,592 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
- 2004-08-17 13:49:14 102,400 -c--a-w C:\WINDOWS\system32\dllcache\msjro.dll
+ 2006-12-26 13:09:22 102,400 -c--a-w C:\WINDOWS\system32\dllcache\msjro.dll
- 2004-08-17 13:49:14 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
- 2004-08-17 13:49:14 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
- 2004-08-17 13:49:14 213,023 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
- 2004-08-17 13:49:14 1,311,232 -c--a-w C:\WINDOWS\system32\dllcache\msoe.dll
+ 2007-05-16 15:18:41 1,314,816 -c--a-w C:\WINDOWS\system32\dllcache\msoe.dll
- 2004-08-17 13:49:14 348,189 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2004-08-17 13:49:14 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-21 07:03:54 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2004-08-17 13:49:14 421,919 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2004-08-17 13:49:14 315,423 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2004-08-17 13:49:14 552,989 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
- 2004-08-17 13:49:14 258,077 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2004-08-17 13:49:14 530,432 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-21 07:03:54 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-17 13:49:14 831,519 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2004-08-17 13:49:14 614,429 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:01 621,344 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
- 2004-08-17 13:49:14 348,189 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
- 2004-08-17 13:49:14 1,236,480 -c--a-w C:\WINDOWS\system32\dllcache\msxml3.dll
+ 2007-06-26 06:10:33 1,104,896 -c--a-w C:\WINDOWS\system32\dllcache\msxml3.dll
- 2004-08-17 13:49:14 66,560 -c--a-w C:\WINDOWS\system32\dllcache\mtxclu.dll
+ 2006-03-01 19:44:09 66,560 -c--a-w C:\WINDOWS\system32\dllcache\mtxclu.dll
- 2004-08-17 13:49:14 90,112 -c--a-w C:\WINDOWS\system32\dllcache\mtxoci.dll
+ 2006-03-01 19:44:09 91,136 -c--a-w C:\WINDOWS\system32\dllcache\mtxoci.dll
- 2004-08-17 13:49:14 332,288 -c--a-w C:\WINDOWS\system32\dllcache\netapi32.dll
+ 2006-08-17 12:29:57 332,288 -c--a-w C:\WINDOWS\system32\dllcache\netapi32.dll
- 2004-08-17 13:49:14 198,144 -c--a-w C:\WINDOWS\system32\dllcache\netman.dll
+ 2005-08-22 18:36:10 197,632 -c--a-w C:\WINDOWS\system32\dllcache\netman.dll
- 2004-08-17 13:49:16 364,544 -c--a-w C:\WINDOWS\system32\dllcache\npdsplay.dll
+ 2005-11-29 14:27:06 364,544 -c--a-w C:\WINDOWS\system32\dllcache\npdsplay.dll
- 2004-08-03 21:15:10 574,592 -c--a-w C:\WINDOWS\system32\dllcache\ntfs.sys
+ 2007-02-09 11:10:35 574,464 -c--a-w C:\WINDOWS\system32\dllcache\ntfs.sys
+ 2007-02-28 16:04:51 2,138,112 -c----w C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
+ 2007-02-28 16:05:02 2,059,776 -c----w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
+ 2007-02-28 16:04:49 2,017,792 -c----w C:\WINDOWS\system32\dllcache\ntkrpamp.exe
+ 2007-02-28 16:05:00 2,182,528 -c----w C:\WINDOWS\system32\dllcache\ntoskrnl.exe
- 2001-10-25 14:00:00 58,880 -c--a-w C:\WINDOWS\system32\dllcache\nwapi32.dll
+ 2006-10-13 12:41:01 64,000 -c--a-w C:\WINDOWS\system32\dllcache\nwapi32.dll
- 2004-08-17 13:49:16 143,872 -c--a-w C:\WINDOWS\system32\dllcache\nwprovau.dll
+ 2006-10-13 12:41:01 141,824 -c--a-w C:\WINDOWS\system32\dllcache\nwprovau.dll
- 2004-08-03 21:02:24 163,584 -c--a-w C:\WINDOWS\system32\dllcache\nwrdr.sys
+ 2006-10-13 10:23:15 163,584 -c--a-w C:\WINDOWS\system32\dllcache\nwrdr.sys
- 2004-08-17 13:49:16 64,000 -c--a-w C:\WINDOWS\system32\dllcache\nwwks.dll
+ 2006-10-13 12:41:01 65,536 -c--a-w C:\WINDOWS\system32\dllcache\nwwks.dll
- 2004-08-17 13:49:16 1,281,024 -c--a-w C:\WINDOWS\system32\dllcache\ole32.dll
+ 2005-07-26 04:42:51 1,284,608 -c--a-w C:\WINDOWS\system32\dllcache\ole32.dll
- 2004-08-17 13:49:16 553,472 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-12-04 18:41:56 550,912 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2001-10-25 14:00:00 68,608 -c--a-w C:\WINDOWS\system32\dllcache\olecli32.dll
+ 2005-07-26 04:42:51 74,752 -c--a-w C:\WINDOWS\system32\dllcache\olecli32.dll
- 2001-10-25 14:00:00 34,304 -c--a-w C:\WINDOWS\system32\dllcache\olecnv32.dll
+ 2005-07-26 04:42:51 37,888 -c--a-w C:\WINDOWS\system32\dllcache\olecnv32.dll
- 2001-10-25 14:00:00 117,760 -c--a-w C:\WINDOWS\system32\dllcache\oledlg.dll
+ 2006-10-16 16:16:07 122,880 -c--a-w C:\WINDOWS\system32\dllcache\oledlg.dll
- 2004-08-17 13:49:16 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-21 07:03:54 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2004-08-17 13:49:16 1,290,240 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:16:21 1,290,240 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2004-08-17 13:49:16 1,437,696 -c--a-w C:\WINDOWS\system32\dllcache\query.dll
+ 2006-06-22 05:18:50 1,437,696 -c--a-w C:\WINDOWS\system32\dllcache\query.dll
- 2004-08-17 13:49:16 8,192 -c--a-w C:\WINDOWS\system32\dllcache\rasadhlp.dll
+ 2006-06-26 17:45:40 8,192 -c--a-w C:\WINDOWS\system32\dllcache\rasadhlp.dll
- 2004-08-17 13:49:16 174,080 -c--a-w C:\WINDOWS\system32\dllcache\rasmans.dll
+ 2006-06-22 10:48:34 181,248 -c--a-w C:\WINDOWS\system32\dllcache\rasmans.dll
- 2004-08-03 21:20:08 176,512 -c--a-w C:\WINDOWS\system32\dllcache\rdbss.sys
+ 2006-05-05 09:47:57 174,592 -c--a-w C:\WINDOWS\system32\dllcache\rdbss.sys
- 2004-08-17 13:49:38 139,400 -c--a-w C:\WINDOWS\system32\dllcache\rdpwd.sys
+ 2005-06-10 04:11:28 139,528 -c--a-w C:\WINDOWS\system32\dllcache\rdpwd.sys
- 2004-08-17 13:49:18 431,616 -c--a-w C:\WINDOWS\system32\dllcache\riched20.dll
+ 2006-11-27 14:55:39 433,152 -c--a-w C:\WINDOWS\system32\dllcache\riched20.dll
- 2001-10-25 14:00:00 200,064 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2004-08-17 13:49:18 581,120 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
+ 2007-07-09 13:11:51 584,192 -c--a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
- 2004-08-17 13:49:18 395,776 -c--a-w C:\WINDOWS\system32\dllcache\rpcss.dll
+ 2005-07-26 04:42:51 397,824 -c--a-w C:\WINDOWS\system32\dllcache\rpcss.dll
- 2004-08-17 13:49:18 1,483,776 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-04-21 07:03:56 1,495,040 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2004-08-17 13:49:18 8,388,096 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-10-25 16:57:21 8,458,752 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
- 2004-08-17 13:49:18 473,600 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-04-21 07:03:57 474,112 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2004-08-17 13:49:18 134,656 -c--a-w C:\WINDOWS\system32\dllcache\shsvcs.dll
+ 2006-12-19 21:50:59 134,656 -c--a-w C:\WINDOWS\system32\dllcache\shsvcs.dll
- 2004-08-17 13:49:18 144,896 -c--a-w C:\WINDOWS\system32\dllcache\schannel.dll
+ 2007-04-25 14:22:50 144,896 -c--a-w C:\WINDOWS\system32\dllcache\schannel.dll
- 2004-08-03 21:07:48 6,400 -c--a-w C:\WINDOWS\system32\dllcache\splitter.sys
+ 2006-06-14 08:47:46 6,400 -c--a-w C:\WINDOWS\system32\dllcache\splitter.sys
- 2004-08-17 13:49:28 57,856 -c--a-w C:\WINDOWS\system32\dllcache\spoolsv.exe
+ 2005-06-10 23:53:32 57,856 -c--a-w C:\WINDOWS\system32\dllcache\spoolsv.exe
- 2004-08-03 21:14:46 336,256 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
+ 2006-08-14 10:34:41 332,928 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
- 2004-08-17 13:49:20 96,768 -c--a-w C:\WINDOWS\system32\dllcache\srvsvc.dll
+ 2004-12-07 19:34:13 96,768 -c--a-w C:\WINDOWS\system32\dllcache\srvsvc.dll
- 2004-08-17 13:49:20 246,302 -c--a-w C:\WINDOWS\system32\dllcache\strmdll.dll
+ 2006-08-24 11:19:40 246,814 -c--a-w C:\WINDOWS\system32\dllcache\strmdll.dll
- 2004-08-17 13:49:20 713,728 -c--a-w C:\WINDOWS\system32\dllcache\sxs.dll
+ 2006-10-20 01:39:21 713,728 -c--a-w C:\WINDOWS\system32\dllcache\sxs.dll
- 2004-08-17 13:49:20 210,432 -c--a-w C:\WINDOWS\system32\dllcache\t2embed.dll
+ 2005-10-17 21:21:35 118,272 -c--a-w C:\WINDOWS\system32\dllcache\t2embed.dll
- 2004-08-17 13:49:20 246,272 -c--a-w C:\WINDOWS\system32\dllcache\tapisrv.dll
+ 2005-07-08 16:29:17 249,344 -c--a-w C:\WINDOWS\system32\dllcache\tapisrv.dll
- 2004-08-03 21:14:42 359,040 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2004-08-03 21:07:46 223,616 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2004-08-17 13:49:28 77,312 -c--a-w C:\WINDOWS\system32\dllcache\telnet.exe
+ 2005-05-11 02:31:16 77,824 -c--a-w C:\WINDOWS\system32\dllcache\telnet.exe
- 2004-08-17 13:49:20 101,376 -c--a-w C:\WINDOWS\system32\dllcache\txflog.dll
+ 2005-07-26 04:42:51 101,376 -c--a-w C:\WINDOWS\system32\dllcache\txflog.dll
- 2004-08-17 13:49:20 119,296 -c--a-w C:\WINDOWS\system32\dllcache\umpnpmgr.dll
+ 2005-08-23 03:40:12 124,416 -c--a-w C:\WINDOWS\system32\dllcache\umpnpmgr.dll
- 2004-08-17 13:49:20 185,344 -c--a-w C:\WINDOWS\system32\dllcache\upnphost.dll
+ 2007-02-05 20:19:16 185,344 -c--a-w C:\WINDOWS\system32\dllcache\upnphost.dll
- 2004-08-17 13:49:20 601,600 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-21 07:03:57 616,448 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2004-08-17 13:49:20 577,024 -c--a-w C:\WINDOWS\system32\dllcache\user32.dll
+ 2007-03-08 15:38:40 577,536 -c--a-w C:\WINDOWS\system32\dllcache\user32.dll
- 2004-08-17 13:49:20 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-12-18 14:43:06 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2004-08-17 13:49:20 848,384 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-06-26 13:57:27 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
- 2004-08-17 13:49:20 504,832 -c--a-w C:\WINDOWS\system32\dllcache\wab32.dll
+ 2007-05-16 15:18:43 510,976 -c--a-w C:\WINDOWS\system32\dllcache\wab32.dll
- 2004-08-17 13:49:20 84,992 -c--a-w C:\WINDOWS\system32\dllcache\wabimp.dll
+ 2007-05-16 15:18:43 85,504 -c--a-w C:\WINDOWS\system32\dllcache\wabimp.dll
- 2004-08-03 21:15:06 82,944 -c--a-w C:\WINDOWS\system32\dllcache\wdmaud.sys
+ 2006-06-14 09:00:45 82,944 -c--a-w C:\WINDOWS\system32\dllcache\wdmaud.sys
- 2004-08-17 13:49:20 67,584 -c--a-w C:\WINDOWS\system32\dllcache\webclnt.dll
+ 2006-01-04 03:36:29 68,096 -c--a-w C:\WINDOWS\system32\dllcache\webclnt.dll
+ 2007-04-10 12:04:12 236,928 -c----w C:\WINDOWS\system32\dllcache\WgaLogon.dll
+ 2007-04-10 12:01:46 337,280 -c----w C:\WINDOWS\system32\dllcache\WgaTray.exe
- 2004-08-17 13:49:20 333,824 -c--a-w C:\WINDOWS\system32\dllcache\wiaservc.dll
+ 2006-12-19 18:18:18 334,336 -c--a-w C:\WINDOWS\system32\dllcache\wiaservc.dll
- 2004-08-17 13:44:44 1,835,904 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-20 08:09:45 1,845,248 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2004-08-17 13:49:22 657,408 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-21 07:03:58 660,480 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2004-08-17 13:49:22 290,816 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
+ 2007-03-17 13:45:10 292,864 -c--a-w C:\WINDOWS\system32\dllcache\winsrv.dll
- 2004-08-17 13:49:22 132,096 -c--a-w C:\WINDOWS\system32\dllcache\wkssvc.dll
+ 2006-08-17 12:29:57 132,096 -c--a-w C:\WINDOWS\system32\dllcache\wkssvc.dll
- 2004-08-17 13:49:22 230,400 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2007-10-25 08:00:50 230,912 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
- 2004-08-17 13:49:22 4,874,240 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll
+ 2007-04-30 00:22:16 4,734,976 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll
- 2004-08-17 13:49:34 2,105,344 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
+ 2007-10-25 08:01:10 2,109,440 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
- 2004-08-17 13:49:22 431,104 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll
+ 2007-07-30 17:19:36 549,720 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll
- 2004-08-17 13:49:30 111,104 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
+ 2007-07-30 17:19:16 53,080 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
- 2004-08-17 13:49:22 1,134,592 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
+ 2007-07-30 17:19:42 1,712,984 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
- 2004-08-17 13:49:22 112,640 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll
+ 2007-07-30 17:19:32 325,976 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll
- 2004-08-17 13:49:22 36,864 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
+ 2007-07-30 17:18:40 33,624 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
- 2004-08-17 13:49:22 120,320 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll
+ 2007-07-30 17:19:28 203,096 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll
- 2004-08-17 13:49:22 11,776 -c--a-w C:\WINDOWS\system32\dllcache\xolehlp.dll
+ 2006-03-01 19:44:09 11,776 -c--a-w C:\WINDOWS\system32\dllcache\xolehlp.dll
- 2004-08-17 13:49:06 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-02-20 05:38:19 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-17 13:49:06 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-02-20 05:38:19 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
- 2004-08-03 20:39:38 142,464 ----a-w C:\WINDOWS\system32\drivers\aec.sys
+ 2006-02-15 00:22:26 142,464 ----a-w C:\WINDOWS\system32\drivers\aec.sys
- 2004-08-03 21:01:20 124,800 ----a-w C:\WINDOWS\system32\drivers\fltMgr.sys
+ 2006-08-21 09:14:58 128,896 ----a-w C:\WINDOWS\system32\drivers\fltmgr.sys
- 2004-08-03 21:00:14 263,040 ----a-w C:\WINDOWS\system32\drivers\http.sys
+ 2006-03-17 00:33:10 262,784 ----a-w C:\WINDOWS\system32\drivers\http.sys
- 2004-08-03 21:04:52 134,912 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
+ 2004-09-29 22:28:37 134,912 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
- 2004-08-03 21:07:50 171,776 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
+ 2006-06-14 08:47:45 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
- 2004-08-03 20:58:22 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2004-08-03 21:00:58 181,248 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
- 2004-08-03 21:15:18 451,456 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
+ 2006-05-05 09:41:45 453,120 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
- 2004-08-03 21:15:10 574,592 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
+ 2007-02-09 11:10:35 574,464 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
- 2004-08-03 21:02:24 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys
+ 2006-10-13 10:23:15 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys
- 2004-08-03 21:20:08 176,512 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
+ 2006-05-05 09:47:57 174,592 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
- 2004-08-17 13:49:38 139,400 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
+ 2005-06-10 04:11:28 139,528 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
- 2004-07-17 09:36:38 27,440 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
+ 2007-11-13 10:25:52 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
- 2004-08-03 21:07:48 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
+ 2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
- 2004-08-03 21:14:46 336,256 ----a-w C:\WINDOWS\system32\drivers\srv.sys
+ 2006-08-14 10:34:41 332,928 ----a-w C:\WINDOWS\system32\drivers\srv.sys
- 2004-08-03 21:14:42 359,040 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2004-08-03 21:07:46 223,616 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2004-08-03 21:15:06 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
+ 2006-06-14 09:00:45 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
- 2004-08-17 13:49:06 498,717 ----a-w C:\WINDOWS\system32\dxmasf.dll
+ 2006-08-24 11:17:00 499,254 ----a-w C:\WINDOWS\system32\dxmasf.dll
- 2004-08-17 13:49:06 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-21 07:03:48 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2004-08-17 13:49:06 201,728 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-21 07:03:48 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2004-08-17 13:49:08 243,200 ----a-w C:\WINDOWS\system32\es.dll
+ 2005-07-26 04:42:50 243,200 ----a-w C:\WINDOWS\system32\es.dll
- 2004-08-17 13:49:08 1,083,904 ----a-w C:\WINDOWS\system32\esent.dll
+ 2005-10-20 22:30:49 1,083,904 ----a-w C:\WINDOWS\system32\esent.dll
- 2004-08-17 13:49:08 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-21 07:03:48 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2004-08-17 13:49:08 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
+ 2006-08-21 12:27:48 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
- 2004-08-17 13:49:24 22,528 ----a-w C:\WINDOWS\system32\fltMc.exe
+ 2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe
- 2008-02-09 15:59:23 134,072 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-06-26 10:51:19 134,072 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2001-10-25 14:00:00 79,360 ----a-w C:\WINDOWS\system32\fontsub.dll
+ 2005-10-17 21:21:35 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll
- 2004-08-17 13:49:08 278,016 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-02-20 06:51:37 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2004-08-17 13:49:08 38,912 ----a-w C:\WINDOWS\system32\hhsetup.dll
+ 2005-05-27 02:08:06 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
- 2001-10-25 14:00:00 77,850 ----a-w C:\WINDOWS\system32\hlink.dll
+ 2006-07-21 08:28:17 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
- 2004-08-17 13:49:08 349,184 ----a-w C:\WINDOWS\system32\hypertrm.dll
+ 2004-11-17 17:43:29 351,232 ----a-w C:\WINDOWS\system32\hypertrm.dll
- 2004-08-17 13:49:10 253,952 ----a-w C:\WINDOWS\system32\icm32.dll
+ 2005-06-29 01:52:57 254,976 ----a-w C:\WINDOWS\system32\icm32.dll
- 2004-08-17 13:49:10 249,344 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2008-04-21 07:03:49 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-17 13:49:10 678,400 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2007-08-21 06:18:05 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2004-08-17 13:49:10 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2008-04-21 07:03:49 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
- 2004-08-17 13:49:10 95,744 ----a-w C:\WINDOWS\system32\iphlpapi.dll
+ 2006-05-19 13:42:34 95,744 ----a-w C:\WINDOWS\system32\iphlpapi.dll
- 2004-08-17 13:49:10 143,872 ----a-w C:\WINDOWS\system32\itircl.dll
+ 2005-05-27 02:08:06 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
- 2004-08-17 13:49:10 134,144 ----a-w C:\WINDOWS\system32\itss.dll
+ 2005-05-27 02:08:06 137,216 ----a-w C:\WINDOWS\system32\itss.dll
- 2001-10-25 14:00:00 144,896 ----a-w C:\WINDOWS\system32\jgdw400.dll
+ 2006-06-01 18:49:39 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll
- 2001-10-25 14:00:00 42,496 ----a-w C:\WINDOWS\system32\jgpl400.dll
+ 2006-06-01 18:49:39 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll
- 2004-08-17 13:49:10 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-12-18 14:43:06 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
- 2004-08-17 13:49:10 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-21 07:03:49 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2004-08-17 13:49:10 294,400 ----a-w C:\WINDOWS\system32\kerberos.dll
+ 2005-06-15 17:50:59 295,936 ----a-w C:\WINDOWS\system32\kerberos.dll
- 2004-08-17 13:49:10 982,016 ----a-w C:\WINDOWS\system32\kernel32.dll
+ 2007-04-16 15:54:40 983,040 ----a-w C:\WINDOWS\system32\kernel32.dll
+ 2007-04-10 12:02:50 1,476,992 ------w C:\WINDOWS\system32\LegitCheckControl.dll
- 2004-08-17 13:49:10 18,944 ----a-w C:\WINDOWS\system32\linkinfo.dll
+ 2005-09-01 02:28:18 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
- 2004-08-17 13:49:12 720,896 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2007-11-07 09:29:19 720,896 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2004-08-17 13:49:12 39,936 ----a-w C:\WINDOWS\system32\mf3216.dll
+ 2007-03-08 15:38:40 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
- 2001-10-25 14:00:00 924,432 ----a-w C:\WINDOWS\system32\mfc40u.dll
+ 2006-11-01 19:19:08 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll


pokračování v dalším příspěvku

[LuckaR]

- 2004-08-17 13:49:12 1,024,000 ----a-w C:\WINDOWS\system32\mfc42u.dll
+ 2006-10-14 08:13:25 981,760 ----a-w C:\WINDOWS\system32\mfc42u.dll
- 2004-08-17 13:49:12 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:51:38 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2004-08-17 13:49:12 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:51:38 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-17 13:49:12 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:51:38 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2004-08-17 13:49:12 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:51:38 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2004-08-17 13:49:12 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:51:38 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2004-08-17 13:49:12 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:51:38 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2004-08-17 13:49:12 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:51:38 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-17 13:49:12 489,472 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:51:38 489,472 ----a-w C:\WINDOWS\system32\mqutil.dll
- 2004-08-17 13:49:12 73,728 ----a-w C:\WINDOWS\system32\mscms.dll
+ 2005-06-29 01:52:57 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
- 2004-08-17 13:49:12 425,472 ----a-w C:\WINDOWS\system32\msdtcprx.dll
+ 2006-03-01 19:44:08 426,496 ----a-w C:\WINDOWS\system32\msdtcprx.dll
- 2004-08-17 13:49:12 949,248 ----a-w C:\WINDOWS\system32\msdtctm.dll
+ 2006-03-01 19:44:09 956,416 ----a-w C:\WINDOWS\system32\msdtctm.dll
- 2004-08-17 13:49:12 161,280 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
+ 2006-03-01 19:44:09 161,280 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
- 2004-08-17 13:49:12 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2004-08-17 13:49:12 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-17 13:49:12 537,088 ----a-w C:\WINDOWS\system32\msftedit.dll
+ 2006-11-27 14:55:39 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
- 2004-08-17 13:49:12 3,003,392 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-21 07:03:53 3,080,704 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2004-08-17 13:49:12 448,512 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-21 07:03:53 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-17 13:49:14 2,804,224 ----a-w C:\WINDOWS\system32\msi.dll
+ 2005-05-04 12:45:32 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
- 2004-08-17 13:49:26 77,312 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2005-05-04 12:45:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2004-08-17 13:49:14 331,264 ----a-w C:\WINDOWS\system32\msihnd.dll
+ 2005-05-04 12:45:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2004-08-17 13:48:30 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
+ 2005-05-04 12:45:36 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2004-08-17 13:49:14 44,032 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2005-05-04 12:45:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
- 2004-08-17 13:49:14 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-07-17 09:34:48 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-17 13:49:14 155,679 ----a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-03-25 04:50:01 162,592 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2004-08-17 13:49:14 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-08-17 13:49:14 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2004-08-17 13:49:14 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-08-17 13:49:14 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2004-08-17 13:49:14 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-21 07:03:54 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 2004-08-17 13:49:14 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-17 13:49:14 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-17 13:49:14 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2004-08-17 13:49:14 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2004-08-17 13:49:14 530,432 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-21 07:03:54 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
- 2004-08-17 13:49:14 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-08-17 13:49:14 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:50:01 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-08-17 13:49:14 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
- 2004-08-17 13:49:14 1,236,480 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2007-06-26 06:10:33 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
- 2004-08-17 13:49:14 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
+ 2006-03-01 19:44:09 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
- 2004-08-17 13:49:14 90,112 ----a-w C:\WINDOWS\system32\mtxoci.dll
+ 2006-03-01 19:44:09 91,136 ----a-w C:\WINDOWS\system32\mtxoci.dll
- 2004-08-17 13:49:14 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
+ 2006-08-17 12:29:57 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
- 2004-08-17 13:49:14 198,144 ----a-w C:\WINDOWS\system32\netman.dll
+ 2005-08-22 18:36:10 197,632 ----a-w C:\WINDOWS\system32\netman.dll
- 2004-08-17 13:57:28 2,059,008 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
+ 2007-02-28 16:05:02 2,059,776 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
- 2004-08-17 13:45:38 2,183,168 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
+ 2007-02-28 16:05:00 2,182,528 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
- 2001-10-25 14:00:00 58,880 ----a-w C:\WINDOWS\system32\nwapi32.dll
+ 2006-10-13 12:41:01 64,000 ----a-w C:\WINDOWS\system32\nwapi32.dll
- 2004-08-17 13:49:16 143,872 ----a-w C:\WINDOWS\system32\nwprovau.dll
+ 2006-10-13 12:41:01 141,824 ----a-w C:\WINDOWS\system32\nwprovau.dll
- 2004-08-17 13:49:16 64,000 ----a-w C:\WINDOWS\system32\nwwks.dll
+ 2006-10-13 12:41:01 65,536 ----a-w C:\WINDOWS\system32\nwwks.dll
- 2004-08-17 13:49:16 1,281,024 ----a-w C:\WINDOWS\system32\ole32.dll
+ 2005-07-26 04:42:51 1,284,608 ----a-w C:\WINDOWS\system32\ole32.dll
- 2004-08-17 13:49:16 553,472 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2007-12-04 18:41:56 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2001-10-25 14:00:00 68,608 ----a-w C:\WINDOWS\system32\olecli32.dll
+ 2005-07-26 04:42:51 74,752 ----a-w C:\WINDOWS\system32\olecli32.dll
- 2001-10-25 14:00:00 34,304 ----a-w C:\WINDOWS\system32\olecnv32.dll
+ 2005-07-26 04:42:51 37,888 ----a-w C:\WINDOWS\system32\olecnv32.dll
- 2001-10-25 14:00:00 117,760 ----a-w C:\WINDOWS\system32\oledlg.dll
+ 2006-10-16 16:16:07 122,880 ----a-w C:\WINDOWS\system32\oledlg.dll
- 2008-03-30 08:34:15 46,016 ----a-w C:\WINDOWS\system32\perfc005.dat
+ 2008-06-26 10:54:11 46,016 ----a-w C:\WINDOWS\system32\perfc005.dat
- 2008-03-30 08:34:15 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-06-26 10:54:11 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-03-30 08:34:15 309,716 ----a-w C:\WINDOWS\system32\perfh005.dat
+ 2008-06-26 10:54:11 309,716 ----a-w C:\WINDOWS\system32\perfh005.dat
- 2008-03-30 08:34:15 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-06-26 10:54:11 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2004-08-17 13:49:16 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-21 07:03:54 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2004-08-17 13:49:16 1,437,696 ----a-w C:\WINDOWS\system32\query.dll
+ 2006-06-22 05:18:50 1,437,696 ----a-w C:\WINDOWS\system32\query.dll
- 2004-08-17 13:49:16 8,192 ----a-w C:\WINDOWS\system32\rasadhlp.dll
+ 2006-06-26 17:45:40 8,192 ----a-w C:\WINDOWS\system32\rasadhlp.dll
- 2004-08-17 13:49:16 174,080 ----a-w C:\WINDOWS\system32\rasmans.dll
+ 2006-06-22 10:48:34 181,248 ----a-w C:\WINDOWS\system32\rasmans.dll
- 2004-08-17 13:49:18 431,616 ----a-w C:\WINDOWS\system32\riched20.dll
+ 2006-11-27 14:55:39 433,152 ----a-w C:\WINDOWS\system32\riched20.dll
- 2004-08-17 13:49:18 581,120 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2007-07-09 13:11:51 584,192 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2004-08-17 13:49:18 395,776 ----a-w C:\WINDOWS\system32\rpcss.dll
+ 2005-07-26 04:42:51 397,824 ----a-w C:\WINDOWS\system32\rpcss.dll
- 2004-08-17 13:49:18 1,483,776 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-04-21 07:03:56 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2004-08-17 13:49:18 8,388,096 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-25 16:57:21 8,458,752 ----a-w C:\WINDOWS\system32\shell32.dll
- 2004-08-17 13:49:18 473,600 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-04-21 07:03:57 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2004-08-17 13:49:18 134,656 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2006-12-19 21:50:59 134,656 ----a-w C:\WINDOWS\system32\shsvcs.dll
- 2004-08-17 13:49:18 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
+ 2007-04-25 14:22:50 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
+ 2007-07-30 17:18:40 33,624 ----a-w C:\WINDOWS\system32

\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll
+ 2007-11-30 11:18:25 18,296 ------w C:\WINDOWS\system32\spmsg.dll
- 2004-08-17 13:49:28 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
+ 2005-06-10 23:53:32 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
- 2004-08-17 13:49:20 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
+ 2004-12-07 19:34:13 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
- 2004-08-17 13:49:20 246,302 ----a-w C:\WINDOWS\system32\strmdll.dll
+ 2006-08-24 11:19:40 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
- 2004-08-17 13:49:20 713,728 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2006-10-20 01:39:21 713,728 ----a-w C:\WINDOWS\system32\sxs.dll
- 2004-08-17 13:49:20 210,432 ----a-w C:\WINDOWS\system32\t2embed.dll
+ 2005-10-17 21:21:35 118,272 ----a-w C:\WINDOWS\system32\t2embed.dll
- 2004-08-17 13:49:20 246,272 ----a-w C:\WINDOWS\system32\tapisrv.dll
+ 2005-07-08 16:29:17 249,344 ----a-w C:\WINDOWS\system32\tapisrv.dll
- 2004-08-17 13:49:28 77,312 ----a-w C:\WINDOWS\system32\telnet.exe
+ 2005-05-11 02:31:16 77,824 ----a-w C:\WINDOWS\system32\telnet.exe
- 2004-08-17 13:49:20 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
+ 2005-07-26 04:42:51 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
+ 2008-03-27 09:24:20 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2004-08-17 13:49:20 119,296 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
+ 2005-08-23 03:40:12 124,416 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
- 2004-08-17 13:49:20 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
+ 2007-02-05 20:19:16 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
- 2004-08-17 13:49:20 601,600 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-21 07:03:57 616,448 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-17 13:49:20 577,024 ----a-w C:\WINDOWS\system32\user32.dll
+ 2007-03-08 15:38:40 577,536 ----a-w C:\WINDOWS\system32\user32.dll
- 2004-08-17 13:49:20 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-12-18 14:43:06 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2006-03-17 00:38:01 28,672 ------w C:\WINDOWS\system32\verclsid.exe
- 2004-08-17 13:49:20 67,584 ----a-w C:\WINDOWS\system32\webclnt.dll
+ 2006-01-04 03:36:29 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
+ 2007-04-10 12:04:12 236,928 ------w C:\WINDOWS\system32\WgaLogon.dll
+ 2007-04-10 12:01:46 337,280 ------w C:\WINDOWS\system32\WgaTray.exe
- 2004-08-17 13:49:20 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
+ 2006-12-19 18:18:18 334,336 ----a-w C:\WINDOWS\system32\wiaservc.dll
- 2004-08-17 13:44:44 1,835,904 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2008-03-20 08:09:45 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
- 2004-08-17 13:49:22 290,816 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2007-03-17 13:45:10 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2004-08-17 13:49:22 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2006-08-17 12:29:57 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
- 2004-08-17 13:49:22 230,400 ----a-w C:\WINDOWS\system32\wmasf.dll
+ 2007-10-25 08:00:50 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
- 2004-08-17 13:49:22 4,874,240 ----a-w C:\WINDOWS\system32\wmp.dll
+ 2007-04-30 00:22:16 4,734,976 ----a-w C:\WINDOWS\system32\wmp.dll
- 2004-08-17 13:49:34 2,105,344 ----a-w C:\WINDOWS\system32\wmvcore.dll
+ 2007-10-25 08:01:10 2,109,440 ----a-w C:\WINDOWS\system32\wmvcore.dll
- 2004-08-17 13:49:22 431,104 ----a-w C:\WINDOWS\system32\wuapi.dll
+ 2007-07-30 17:19:36 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
- 2004-08-17 13:49:30 111,104 ----a-w C:\WINDOWS\system32\wuauclt.exe
+ 2007-07-30 17:19:16 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
- 2004-08-17 13:49:22 1,134,592 ----a-w C:\WINDOWS\system32\wuaueng.dll
+ 2007-07-30 17:19:42 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
- 2004-08-17 13:49:22 112,640 ----a-w C:\WINDOWS\system32\wucltui.dll
+ 2007-07-30 17:19:32 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
- 2004-08-17 13:49:22 36,864 ----a-w C:\WINDOWS\system32\wups.dll
+ 2007-07-30 17:18:40 33,624 ----a-w C:\WINDOWS\system32\wups.dll
+ 2007-07-30 17:19:12 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
- 2004-08-17 13:49:22 120,320 ----a-w C:\WINDOWS\system32\wuweb.dll
+ 2007-07-30 17:19:28 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
- 2004-08-17 13:49:22 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
+ 2006-03-01 19:44:09 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
+ 2008-04-17 11:03:37 358,912 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-01-19 12:52:00 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2007-01-19 12:52:00 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2007-01-19 12:52:00 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2007-01-19 12:52:00 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2006-08-25 15:51:20 1,054,208 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus C45 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE" [2004-01-14 04:00 99840]
"ezShieldProtector for Px"="C:\WINDOWS\system32\ezSP_Px.exe" [2002-08-20 10:29 40960]
"VTTimer"="VTTimer.exe" [2004-01-15 20:33 49152 C:\WINDOWS\system32\VTTimer.exe]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-05-21 09:36 1115728]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-26 20:27 1177368]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 15:23 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:49 15360]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2007-12-11 15:25:39 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-26 20:28]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-26 20:27]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-26 20:27]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-26 20:28]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-26 13:06:05
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-26 13:08:45
ComboFix-quarantined-files.txt 2008-06-26 11:08:10
ComboFix2.txt 2008-06-24 18:01:31

Adresářů: 16, Volných bajtů: 2,202,087,424
Adresářů: 19, Volných bajtů: 2,196,516,864

921 --- E O F --- 2008-06-26 11:00:32

[cicero]

zkus bod obnovení na datum kdy ti to ještě fungovalo

[zlobyl]

zkus bod obnovení na datum kdy ti to ještě fungovalo

Tak takhle by tam znovu vrátila všechny šmejdy, které jsem odstranil!

____________________________________________________________________________________________
Pro LuckuR:

Takže ještě jeden script-(pro odstranění jedné zbytečnosti po spuštění a zapnutí upozorňování centra zabezpečení.)

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000

Už sem ani nemusíš dávat log.

Pak jdi na Start-Spustit a zadej ComboFix[mezera]/u
ComboFix se odinstaluje.

Tak doufám, že se modrá obrazovka už neobjeví.Podle mě už máš PC čistý.