Ochydny Trojan.Zbot.H i okna IE
Witam,
2 dni temu zauwazylem ze podczas serfowania stron i systemu zaczely mi wyskakiwac okienka Internet Explorer. Podejrzane adresy maja i sadze ze to sprawa jakiegos virusa/spyware. Natychmiast zeskanowalem system z Nod32 ale on nic nie wykryl, nastepnie uzylem AVG i on wykryl Trojan.Zbot.h . Za kazdym razem jak wykryje to wybieram "Delete" i jak skanuje ponownie to on wciaz tam jest. Niewiem co mam zrobic by pozbyc sie go. Oprucz Formatowania mam nadzieje ze ktos ma cos na ten problem.
Dodaje log z Hijack this. Na stronie Hijack wykryl pare bledow:
[img]http://img526.imageshack.us/img526/4889/hijackthisqh8.jpg[/img]
Logfile of HijackThis v1.99.1
Scan saved at 23:20:18, on 2008-01-10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Eset\nod32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\NUKER\Pulpit\hijackthis_199\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://goo/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Dziekuje i pozdrawiam
Milosz
Odpowiedzi: 15
ten plik usunolem po combofix.
Dziekuje za pomoc.
Trochę dziwne: tych plików, które miał usuwać Script ComboFixa - nie usuwał ich, bo już ich nie było.
Nadal jednak widzę w logu ten plik o dużych rozmiarach.
Prawdopodobnie nie da się go usunąć poprzez Kosz - trzeba chyba ustawić we właściwościach Kosza, by chwilowo usuwać pliki bez pośrednictwa Kosza.
Nic więcej podejrzanego nie widzę.
.
Dobra wszystko zrobione.... ten duzy plik to niewiem. Skasowalem go. a ten plik w system32 zeskanowalem i dal mi wynik 0/32.....
Log z Combofix:
ComboFix 08-01-15.1 - NUKER 2008-01-15 21:24:23.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1046 [GMT 0:00]
Running from: C:\Documents and Settings\NUKER\Pulpit\ComboFix.exe
Command switches used :: C:\Documents and Settings\NUKER\Pulpit\CFScript.txt
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
FILE
C:\Documents and Settings\NUKER\38.exe
C:\Documents and Settings\NUKER\957123844.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-15 to 2008-01-15 )))))))))))))))))))))))))))))))
.
2008-01-13 13:23 . 2008-01-13 13:24 d-------- C:\Program Files\DivX
2008-01-12 12:17 . 2008-01-12 12:17 250 --a------ C:\WINDOWS\gmer.ini
2008-01-12 12:00 . 2008-01-12 12:05 d-------- C:\VundoFix Backups
2008-01-12 03:06 . 2006-08-21 09:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-01-12 03:06 . 2006-08-21 09:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-01-12 03:06 . 2006-08-21 12:28 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-01-12 02:59 . 2008-01-12 02:59 d-------- C:\Program Files\MSXML 4.0
2008-01-12 02:59 . 2004-08-03 22:44 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-01-11 23:44 . 2007-07-09 13:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-01-11 19:48 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-11 18:06 . 2008-01-11 18:06 d-------- C:\WINDOWS\ERUNT
2008-01-11 00:50 . 2008-01-11 00:50 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Grisoft
2008-01-11 00:46 . 2008-01-15 21:20 d--h----- C:\Documents and Settings\Administrator\Ustawienia lokalne
2008-01-11 00:46 . 2007-08-10 17:24 d-------- C:\Documents and Settings\Administrator\Ulubione
2008-01-11 00:46 . 2007-08-10 16:31 d--h----- C:\Documents and Settings\Administrator\Szablony
2008-01-11 00:46 . 2008-01-11 19:27 d-------- C:\Documents and Settings\Administrator\Pulpit
2008-01-11 00:46 . 2007-08-10 17:24 d-------- C:\Documents and Settings\Administrator\Moje dokumenty
2008-01-11 00:46 . 2007-08-10 17:24 dr------- C:\Documents and Settings\Administrator\Menu Start
2008-01-11 00:46 . 2007-08-10 17:24 dr-h----- C:\Documents and Settings\Administrator\Dane aplikacji
2008-01-10 21:24 . 2008-01-10 21:24 d-------- C:\Documents and Settings\NUKER\Dane aplikacji\Grisoft
2008-01-10 21:23 . 2008-01-10 21:23 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Grisoft
2008-01-10 21:23 . 2007-05-30 12:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-10 19:35 . 2008-01-10 19:35 d-------- C:\Program Files\Lavasoft
2008-01-10 19:35 . 2008-01-10 19:35 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2008-01-10 19:01 . 2008-01-10 19:27 d-------- C:\Documents and Settings\NUKER\Dane aplikacji\Lavasoft
2008-01-10 18:59 . 2008-01-10 19:03 1,291,640,832 --a------ C:\726.tmp
2008-01-10 18:45 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS
2008-01-10 18:44 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\system32\drivers\dejdnnovhnlq.sys
2008-01-10 18:27 . 2008-01-10 18:52 d-------- C:\WINDOWS\system32\ActiveScan
2008-01-10 18:27 . 2008-01-10 18:27 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-01-10 18:27 . 2008-01-10 18:27 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-01-10 03:16 . 2008-01-10 03:16 d-------- C:\Program Files\TuneUp Utilities 2008
2008-01-10 03:16 . 2008-01-10 03:16 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-01-08 19:06 . 2008-01-08 19:06 d-------- C:\Documents and Settings\All Users\Dane aplikacji\LogiShrd
2008-01-08 19:04 . 2008-01-08 19:04 d-------- C:\Program Files\Common Files\Logishrd
2008-01-08 19:04 . 2008-01-08 19:04 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2008-01-08 19:03 . 2007-11-15 10:06 301,656 --a------ C:\WINDOWS\system32\BtCoreIf.dll
2007-12-28 17:23 . 2007-12-28 17:23 7,168 --ahs---- C:\WINDOWS\Thumbs.db
2007-12-28 12:22 . 2007-12-28 12:22 255 --a------ C:\WINDOWS\system32\temp_0000_85-18.aok
2007-12-26 23:45 . 2007-12-26 23:45 d-------- C:\Documents and Settings\NUKER\Incomplete
2007-12-26 23:44 . 2008-01-09 23:20 d-------- C:\Documents and Settings\NUKER\.limewire
2007-12-26 23:43 . 2007-12-26 23:45 d-------- C:\Program Files\LimeWire
2007-12-25 19:20 . 2006-11-01 13:52 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-12-25 19:20 . 2007-02-25 14:36 383,238 --a------ C:\WINDOWS\system32\libmp3lame-0.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-15 21:23 --------- d-----w C:\Program Files\Opera
2008-01-15 21:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-12 19:38 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-01-12 19:36 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-01-10 19:34 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 03:32 --------- d-----w C:\Program Files\Valve
2008-01-10 03:29 --------- d-----w C:\Program Files\Common Files\Motive
2008-01-10 03:29 --------- d-----w C:\Program Files\BT Broadband Talk Softphone
2008-01-09 10:53 --------- d-----w C:\Program Files\Steam
2008-01-09 00:27 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\Xfire
2008-01-08 19:03 --------- d-----w C:\Program Files\Common Files\Logitech
2007-12-31 17:53 --------- d-----w C:\Program Files\Winamp
2007-12-30 12:05 --------- d-----w C:\Program Files\Xfire
2007-12-22 17:21 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2007-12-20 10:41 29,440 ----a-w C:\WINDOWS\system32\uxtuneup.dll
2007-12-16 19:30 --------- d-----w C:\Program Files\BitComet
2007-12-12 20:54 --------- d-----w C:\Program Files\NAPI-PROJEKT
2007-12-10 00:11 --------- d-----w C:\Program Files\ATI Technologies
2007-12-10 00:06 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\ATI
2007-12-09 11:45 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\InstallShield Installation Information
2007-12-09 11:42 --------- d-----w C:\Program Files\DIFX
2007-12-09 11:41 --------- d-----w C:\Program Files\AGEIA Technologies
2007-12-07 20:57 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\AdobeUM
2007-12-06 03:16 --------- d-----w C:\Program Files\Gadu-Gadu
2007-12-02 19:56 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-12-02 19:56 --------- d-----w C:\Program Files\MagicISO
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-11-28 14:28 --------- d-----w C:\Program Files\PQDVD
2007-11-15 10:07 76,304 ----a-w C:\WINDOWS\system32\KemXML.dll
2007-11-15 10:07 170,512 ----a-w C:\WINDOWS\system32\kemutb.dll
2007-11-15 10:07 141,840 ----a-w C:\WINDOWS\system32\KemUtil.dll
2007-11-15 10:07 117,264 ----a-w C:\WINDOWS\system32\KemWnd.dll
2007-11-07 09:29 723,968 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-02 04:57 9,314,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-11-02 04:24 176,128 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-11-02 04:10 364,544 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-11-02 04:09 268,288 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-11-02 04:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-11-02 04:01 143,360 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-11-02 04:01 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-11-02 04:00 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-11-02 04:00 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-11-02 03:59 495,616 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-11-02 03:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-11-02 03:50 3,133,728 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-11-02 03:39 1,602,176 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2007-11-02 03:35 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-11-02 03:26 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-11-02 03:24 376,832 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-11-02 03:22 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-11-02 03:16 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-11-01 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2007-10-29 22:44 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 09:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2005-05-11 21:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((( snapshot_2008-01-12_12.50.31.03 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-11 19:49:17 233,472 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-01-15 21:24:15 233,472 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
- 2008-01-11 19:49:17 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-01-15 21:24:15 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
- 2008-01-11 19:49:17 7,745,536 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
+ 2008-01-15 21:24:15 233,472 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
- 2008-01-11 19:49:18 163,840 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
+ 2008-01-15 21:24:15 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
- 2008-01-11 19:49:18 233,472 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\NTUSER.DAT
+ 2008-01-15 21:24:15 7,745,536 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\NTUSER.DAT
- 2008-01-11 19:49:18 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
+ 2008-01-15 21:24:15 163,840 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 22:44 15360]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 07:39 2119104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 23:11 132496]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-10 19:27 917504]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 03:10 55824 C:\WINDOWS\KHALMNPR.Exe]
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-04-27 07:41 282624]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 22:44 15360]
C:\Documents and Settings\All Users\Menu Start\Programy\AutostartHP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 21:23:26]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-11 22:49:24]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-10-04 15:51:31]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll 2007-11-15 10:10 72208 c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BT Broadband Desktop Help.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BT Broadband Desktop Help.lnk
backup=C:\WINDOWS\pss\BT Broadband Desktop Help.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eyeBeam SIP Client]
C:\Program Files\BT Broadband Talk Softphone\BTSoftphone.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\BTHOME~1\Help\SMARTB~1\BTHelpNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
"AQQ"=C:\PROGRA~1\WapSter\AQQ\AQQ.exe
"Steam"="C:\Program Files\Steam\Steam.exe" -silent
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
"btbb_wcm_McciTrayApp"=C:\Program Files\btbb_wcm\McciTrayApp.exe
"UpdReg"=C:\WINDOWS\UpdReg.EXE
"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
"WINDVDPatch"=CTHELPER.EXE
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-03 22:44]
R3 axvbusx;axvbusx;C:\WINDOWS\system32\DRIVERS\axvbusx.sys [2002-12-27 18:14]
R3 axvscsi;axvscsi;C:\WINDOWS\system32\DRIVERS\axvscsi.sys [2002-12-27 18:14]
S3 DAdderFltr;DeathAdder Mouse;C:\WINDOWS\system32\drivers\dadder.sys [2006-11-14 13:29]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-01-10 03:16]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
"2008-01-11 17:17:46 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-15 21:25:59
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-15 21:26:49
ComboFix-quarantined-files.txt 2008-01-15 21:26:39
ComboFix2.txt 2008-01-15 21:20:50
ComboFix3.txt 2008-01-15 21:15:08
ComboFix4.txt 2008-01-11 20:00:49
.
2008-01-12 03:22:49 --- E O F ---
Wklej do [b]Notatnika[/b]:
[CODE]
File::
C:\Documents and Settings\NUKER\957123844.exe
C:\Documents and Settings\NUKER\38.exe
Registry::
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3624417f-53b6-11dc-84a9-00147f7c21f8}]
[/code]
[b]>>Plik>>Zapisz jako... >>> [color=red]CFScript[/color][/b]
Przeciągnij i upuść plik [color=red][b]CFScript.txt[/b][/color] na plik [b]ComboFix.exe[/b]
– podobnie jak na tym obrazku [b][color=blue]-->[/color][/b][img]http://img.wklej.org/images/88953CFScript-createdbyMiekiemoes.gif[/img]
Ma się rozpocząć usuwanie. (i powstanie log).
[b]Po restarcie[/b] usuń ręcznie folder [b]C: \[color=red]Qoobox[/color][/b].
Daj ten log, który powstanie w trakcie usuwania.
[quote]2008-01-10 18:44 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\system32\drivers\[b]dejdnnovhnlq.sys[/b][/quote]
Sprawdź go na --> [url=http://virusscan.jotti.org/][b][color=blue][u]http://virusscan.jotti.org/[/u][/color][/b][/url]
albo na [url=http://www.virustotal.com/en/indexf.html][b][color=blue][u]http://www.virustotal.com/en/indexf.html[/u][/color][/b][/url].
(korzysta się podobnie jak z JOTTI).
[quote]2008-01-10 18:59 . 2008-01-10 19:03 [b]1,291,640,832[/b] --a------ C:\[b]726.tmp[/b][/quote]
Co to za plik, o tak ooooogromnych rozmiarach?
[quote]2008-01-11 00:43 . 2008-01-11 00:43 542,677 --a------ C:\[b]Autoruns.zip[/b][/quote]
Znasz to?
.
uzylem Vundofix i uzunol Virtumundo. NAstepnie Virtumundobegone nix nie wykryl.
Log z Combo Fix
ComboFix 08-01-11.1 - NUKER 2008-01-12 12:40:31.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.901 [GMT 0:00]
Running from: C:\Documents and Settings\NUKER\Pulpit\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\ssttu.dll
C:\WINDOWS\system32\svnoybjk.dll
C:\WINDOWS\system32\uttss.ini
C:\WINDOWS\system32\uttss.ini2
.
((((((((((((((((((((((((( Files Created from 2007-12-12 to 2008-01-12 )))))))))))))))))))))))))))))))
.
2008-01-12 12:17 . 2008-01-12 12:17 250 --a------ C:\WINDOWS\gmer.ini
2008-01-12 12:00 . 2008-01-12 12:05 d-------- C:\VundoFix Backups
2008-01-12 03:06 . 2006-08-21 09:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-01-12 03:06 . 2006-08-21 09:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-01-12 03:06 . 2006-08-21 12:28 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-01-12 02:59 . 2008-01-12 02:59 d-------- C:\Program Files\MSXML 4.0
2008-01-12 02:59 . 2004-08-03 22:44 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-01-11 23:44 . 2007-07-09 13:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-01-11 19:48 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-11 18:06 . 2008-01-11 18:06 d-------- C:\WINDOWS\ERUNT
2008-01-11 00:50 . 2008-01-11 00:50 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Grisoft
2008-01-11 00:46 . 2008-01-11 20:00 d--h----- C:\Documents and Settings\Administrator\Ustawienia lokalne
2008-01-11 00:46 . 2007-08-10 17:24 d-------- C:\Documents and Settings\Administrator\Ulubione
2008-01-11 00:46 . 2007-08-10 16:31 d--h----- C:\Documents and Settings\Administrator\Szablony
2008-01-11 00:46 . 2008-01-11 19:27 d-------- C:\Documents and Settings\Administrator\Pulpit
2008-01-11 00:46 . 2007-08-10 17:24 d-------- C:\Documents and Settings\Administrator\Moje dokumenty
2008-01-11 00:46 . 2007-08-10 17:24 dr------- C:\Documents and Settings\Administrator\Menu Start
2008-01-11 00:46 . 2007-08-10 17:24 dr-h----- C:\Documents and Settings\Administrator\Dane aplikacji
2008-01-11 00:43 . 2008-01-11 00:43 542,677 --a------ C:\Autoruns.zip
2008-01-10 21:33 . 2008-01-10 21:34 5,499 --a------ C:\Documents and Settings\NUKER\957123844.exe
2008-01-10 21:33 . 2008-01-10 21:33 5,499 --a------ C:\Documents and Settings\NUKER\38.exe
2008-01-10 21:24 . 2008-01-10 21:24 d-------- C:\Documents and Settings\NUKER\Dane aplikacji\Grisoft
2008-01-10 21:23 . 2008-01-10 21:23 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Grisoft
2008-01-10 21:23 . 2007-05-30 12:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-10 19:35 . 2008-01-10 19:35 d-------- C:\Program Files\Lavasoft
2008-01-10 19:35 . 2008-01-10 19:35 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2008-01-10 19:01 . 2008-01-10 19:27 d-------- C:\Documents and Settings\NUKER\Dane aplikacji\Lavasoft
2008-01-10 18:59 . 2008-01-10 19:03 1,291,640,832 --a------ C:\726.tmp
2008-01-10 18:45 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS
2008-01-10 18:44 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\system32\drivers\dejdnnovhnlq.sys
2008-01-10 18:27 . 2008-01-10 18:52 d-------- C:\WINDOWS\system32\ActiveScan
2008-01-10 18:27 . 2008-01-10 18:27 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-01-10 18:27 . 2008-01-10 18:27 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-01-10 03:16 . 2008-01-10 03:16 d-------- C:\Program Files\TuneUp Utilities 2008
2008-01-10 03:16 . 2008-01-10 03:16 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-01-09 23:45 . 2008-01-09 23:45 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-09 23:45 . 2008-01-09 23:45 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-08 19:06 . 2008-01-08 19:06 d-------- C:\Documents and Settings\All Users\Dane aplikacji\LogiShrd
2008-01-08 19:04 . 2008-01-08 19:04 d-------- C:\Program Files\Common Files\Logishrd
2008-01-08 19:04 . 2008-01-08 19:04 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2008-01-08 19:03 . 2007-11-15 10:06 301,656 --a------ C:\WINDOWS\system32\BtCoreIf.dll
2007-12-28 17:23 . 2007-12-28 17:23 7,168 --ahs---- C:\WINDOWS\Thumbs.db
2007-12-28 12:22 . 2007-12-28 12:22 255 --a------ C:\WINDOWS\system32\temp_0000_85-18.aok
2007-12-26 23:45 . 2007-12-26 23:45 d-------- C:\Documents and Settings\NUKER\Incomplete
2007-12-26 23:44 . 2008-01-09 23:20 d-------- C:\Documents and Settings\NUKER\.limewire
2007-12-26 23:43 . 2007-12-26 23:45 d-------- C:\Program Files\LimeWire
2007-12-25 19:20 . 2006-11-01 13:52 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-12-25 19:20 . 2007-02-25 14:36 383,238 --a------ C:\WINDOWS\system32\libmp3lame-0.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-10 19:34 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 03:33 --------- d-----w C:\Program Files\Yahoo!
2008-01-10 03:32 --------- d-----w C:\Program Files\Valve
2008-01-10 03:32 --------- d-----w C:\Program Files\sXe Injected
2008-01-10 03:31 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-10 03:29 --------- d-----w C:\Program Files\Common Files\Motive
2008-01-10 03:29 --------- d-----w C:\Program Files\BT Broadband Talk Softphone
2008-01-10 00:11 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-01-09 10:53 --------- d-----w C:\Program Files\Steam
2008-01-09 00:27 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\Xfire
2008-01-08 19:03 --------- d-----w C:\Program Files\Common Files\Logitech
2007-12-31 17:53 --------- d-----w C:\Program Files\Winamp
2007-12-30 12:05 --------- d-----w C:\Program Files\Xfire
2007-12-22 17:21 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2007-12-16 19:30 --------- d-----w C:\Program Files\BitComet
2007-12-12 20:54 --------- d-----w C:\Program Files\NAPI-PROJEKT
2007-12-10 00:11 --------- d-----w C:\Program Files\ATI Technologies
2007-12-10 00:06 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\ATI
2007-12-09 16:40 --------- d-----w C:\Program Files\WarRock
2007-12-09 16:17 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\InstallShield
2007-12-09 11:45 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\InstallShield Installation Information
2007-12-09 11:42 --------- d-----w C:\Program Files\DIFX
2007-12-09 11:41 --------- d-----w C:\Program Files\AGEIA Technologies
2007-12-07 20:57 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\AdobeUM
2007-12-06 03:16 --------- d-----w C:\Program Files\Gadu-Gadu
2007-12-02 19:56 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-12-02 19:56 --------- d-----w C:\Program Files\MagicISO
2007-11-28 14:34 --------- d-----w C:\Program Files\Ultra PSP Movie Converter
2007-11-28 14:28 --------- d-----w C:\Program Files\PQDVD
2007-11-28 09:26 --------- d-----w C:\Program Files\Opera
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2005-05-11 21:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((( snapshot@2008-01-11_20.00.12.70 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-11-17 17:41:27 351,744 ----a-w C:\WINDOWS\$hf_mig$\KB873339\SP2QFE\hypertrm.dll
+ 2004-10-14 10:35:44 9,216 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spmsg.dll
+ 2004-10-14 10:36:26 171,520 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
+ 2004-10-14 10:36:24 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\spcustom.dll
+ 2004-10-14 10:35:44 662,016 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
+ 2004-10-28 01:30:16 723,968 ----a-w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\lsasrv.dll
+ 2004-10-28 01:15:16 448,128 ----a-w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys
+ 2004-10-28 01:14:56 174,592 ----a-w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\rdbss.sys
+ 2004-10-14 11:35:44 9,216 ----a-w C:\WINDOWS\$hf_mig$\KB885835\spmsg.dll
+ 2004-10-14 11:36:26 171,520 ----a-w C:\WINDOWS\$hf_mig$\KB885835\spuninst.exe
+ 2004-10-14 11:36:24 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB885835\update\spcustom.dll
+ 2004-10-14 11:35:44 662,016 ----a-w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
+ 2004-10-14 11:35:44 9,216 ----a-w C:\WINDOWS\$hf_mig$\KB885836\spmsg.dll
+ 2004-10-14 11:36:26 171,520 ----a-w C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe
+ 2004-10-14 11:36:24 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB885836\update\spcustom.dll
+ 2004-10-14 11:35:44 662,016 ----a-w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
+ 2004-10-13 16:21:24 1,694,208 ----a-w C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
+ 2004-10-14 11:35:44 9,216 ----a-w C:\WINDOWS\$hf_mig$\KB887472\spmsg.dll
+ 2004-10-14 11:36:26 171,520 ----a-w C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe
+ 2004-10-14 11:36:24 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB887472\update\spcustom.dll
+ 2004-10-14 11:35:44 662,016 ----a-w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
+ 2004-12-07 19:33:13 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB888302\SP2QFE\srvsvc.dll
+ 2004-11-30 14:47:26 9,216 ----a-w C:\WINDOWS\$hf_mig$\KB888302\spmsg.dll
+ 2004-11-30 20:22:46 171,520 ----a-w C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe
+ 2004-11-30 20:22:46 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\spcustom.dll
+ 2004-11-30 14:47:26 662,016 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
+ 2005-04-22 05:20:49 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\agentdpv.dll
+ 2005-05-17 00:44:58 18,944 ----a-w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\spru0415.dll
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB890046\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB890046\spuninst.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\updspapi.dll
+ 2005-03-02 18:21:08 62,464 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\authz.dll
+ 2005-03-02 18:14:46 2,137,088 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlmp.exe
+ 2005-03-02 18:14:44 2,058,240 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
+ 2005-03-02 18:14:50 2,016,768 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrpamp.exe
+ 2005-03-02 18:14:56 2,180,864 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
+ 2005-03-02 18:21:08 578,560 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
+ 2005-03-02 18:14:41 1,836,544 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\win32k.sys
+ 2005-03-02 18:21:08 291,840 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\winsrv.dll
+ 2005-02-24 19:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB890859\spmsg.dll
+ 2005-02-24 19:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB890859\spuninst.exe
+ 2005-02-24 19:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\spcustom.dll
+ 2005-02-24 19:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
+ 2005-02-24 19:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\updspapi.dll
+ 2004-11-30 14:47:26 9,216 ----a-w C:\WINDOWS\$hf_mig$\KB891781\spmsg.dll
+ 2004-11-30 20:22:46 171,520 ----a-w C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe
+ 2004-11-30 20:22:46 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\spcustom.dll
+ 2004-11-30 14:47:26 662,016 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
+ 2005-07-08 16:30:47 249,344 ----a-w C:\WINDOWS\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB893756\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB893756\spuninst.exe
+ 2005-07-07 19:27:08 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\updspapi.dll
+ 2005-04-28 19:38:10 1,286,144 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\ole32.dll
+ 2005-04-28 19:38:08 75,264 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecli32.dll
+ 2005-04-28 19:38:08 37,376 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecnv32.dll
+ 2005-04-28 19:38:08 396,288 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB894391\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB894391\spuninst.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\updspapi.dll
+ 2005-05-26 23:26:50 10,752 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe
+ 2005-05-27 02:11:33 41,472 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hhsetup.dll
+ 2005-05-27 02:11:33 155,136 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itircl.dll
+ 2005-05-27 02:11:33 137,216 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itss.dll
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB896358\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB896358\spuninst.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\updspapi.dll
+ 2005-06-11 00:17:13 57,856 ----a-w C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB896423\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB896423\spuninst.exe
+ 2005-06-29 16:54:32 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\updspapi.dll
+ 2005-05-11 02:33:55 77,824 ----a-w C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB896428\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB896428\spuninst.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\updspapi.dll
+ 2005-06-10 04:06:01 139,528 ----a-w C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB899591\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB899591\spuninst.exe
+ 2005-06-29 16:54:32 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\updspapi.dll
+ 2006-02-15 00:30:07 142,464 ----a-w C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB900485\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB900485\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\updspapi.dll
+ 2005-09-01 02:54:26 19,968 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
+ 2005-09-23 03:27:38 8,481,280 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll
+ 2005-09-02 23:55:55 474,112 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shlwapi.dll
+ 2005-09-27 00:47:56 23,040 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\spru0415.dll
+ 2005-09-01 02:54:26 292,352 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\winsrv.dll
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB900725\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB900725\spuninst.exe
+ 2005-09-26 17:36:24 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\updspapi.dll
+ 2005-09-10 01:54:09 2,068,480 ----a-w C:\WINDOWS\$hf_mig$\KB901017\SP2QFE\cdosys.dll
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB901017\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB901017\spuninst.exe
+ 2005-09-09 16:26:26 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\updspapi.dll
+ 2005-06-29 01:55:00 254,976 ----a-w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\icm32.dll
+ 2005-06-29 01:55:00 73,728 ----a-w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\mscms.dll
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB901214\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB901214\spuninst.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\updspapi.dll
+ 2005-07-26 04:36:43 225,792 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrv.dll
+ 2005-07-26 04:36:43 625,152 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrvut.dll
+ 2005-07-26 04:36:43 110,080 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatex.dll
+ 2005-07-26 04:36:44 498,688 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatq.dll
+ 2005-07-26 04:36:44 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\colbact.dll
+ 2005-07-26 04:36:44 195,072 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comadmin.dll
+ 2005-07-26 04:36:44 97,792 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comrepl.dll
+ 2005-07-26 04:36:45 1,267,200 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comsvcs.dll
+ 2005-07-26 04:36:45 540,160 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comuid.dll
+ 2005-07-26 04:36:45 243,200 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll
+ 2005-07-25 23:42:35 8,704 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe
+ 2005-07-26 04:36:46 425,472 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcprx.dll
+ 2005-07-26 04:36:46 945,152 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtctm.dll
+ 2005-07-26 04:36:47 161,280 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcuiu.dll
+ 2005-07-26 04:36:47 66,560 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxclu.dll
+ 2005-07-26 04:36:47 91,136 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxoci.dll
+ 2005-07-26 04:36:48 1,285,632 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ole32.dll
+ 2005-07-26 04:36:48 75,264 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecli32.dll
+ 2005-07-26 04:36:48 37,376 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecnv32.dll
+ 2005-07-26 04:36:49 398,336 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
+ 2005-07-26 04:36:49 101,376 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\txflog.dll
+ 2005-07-26 04:36:50 11,776 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\xolehlp.dll
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB902400\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB902400\spuninst.exe
+ 2005-07-25 19:21:18 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\updspapi.dll
+ 2005-08-22 18:26:27 197,632 ----a-w C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll
+ 2005-02-25 03:36:06 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB905414\spmsg.dll
+ 2005-02-25 03:36:06 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB905414\spuninst.exe
+ 2005-08-19 23:50:31 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\arpidfix.exe
+ 2005-02-25 03:36:06 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\spcustom.dll
+ 2005-02-25 03:36:06 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
+ 2005-02-25 03:36:07 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\updspapi.dll
+ 2005-08-23 03:42:09 123,904 ----a-w C:\WINDOWS\$hf_mig$\KB905749\SP2QFE\umpnpmgr.dll
+ 2005-02-24 20:36:08 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB905749\spmsg.dll
+ 2005-02-24 20:36:08 212,704 ----a-w C:\WINDOWS\$hf_mig$\KB905749\spuninst.exe
+ 2005-08-22 18:01:30 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\arpidfix.exe
+ 2005-02-24 20:36:08 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\spcustom.dll
+ 2005-02-24 20:36:08 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
+ 2005-02-24 20:36:08 387,296 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\updspapi.dll
+ 2005-10-17 21:26:51 80,896 ----a-w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\fontsub.dll
+ 2005-10-17 21:26:51 117,760 ----a-w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\t2embed.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB908519\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB908519\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\updspapi.dll
+ 2006-03-17 04:50:50 8,483,328 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\shell32.dll
+ 2006-03-22 01:51:58 24,064 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\spru0415.dll
+ 2006-03-17 01:05:35 28,672 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\verclsid.exe
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB908531\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB908531\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\updspapi.dll
+ 2006-06-22 10:46:21 180,736 ----a-w C:\WINDOWS\$hf_mig$\KB911280\SP2QFE\rasmans.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB911280\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB911280\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\updspapi.dll
+ 2006-03-23 05:53:42 143,360 ----a-w C:\WINDOWS\$hf_mig$\KB911562\SP2QFE\msadco.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB911562\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB911562\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\updspapi.dll
+ 2006-01-04 04:19:30 68,096 ----a-w C:\WINDOWS\$hf_mig$\KB911927\SP2QFE\webclnt.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB911927\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB911927\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\updspapi.dll
+ 2006-03-01 19:42:43 426,496 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcprx.dll
+ 2006-03-01 19:42:43 956,416 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtctm.dll
+ 2006-03-01 19:42:43 161,280 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcuiu.dll
+ 2006-03-01 19:42:43 66,560 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxclu.dll
+ 2006-03-01 19:42:43 91,136 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxoci.dll
+ 2006-03-01 19:42:43 11,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\xolehlp.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB913580\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB913580\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\updspapi.dll
+ 2006-05-19 14:19:33 111,616 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dhcpcsvc.dll
+ 2006-05-19 14:19:33 147,456 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dnsapi.dll
+ 2006-05-19 14:19:33 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\iphlpapi.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB914388\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB914388\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\updspapi.dll
+ 2006-05-05 10:16:39 454,400 ----a-w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys
+ 2006-05-05 10:22:52 174,592 ----a-w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\rdbss.sys
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB914389\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB914389\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\updspapi.dll
+ 2006-03-17 01:08:10 262,656 ----a-w C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\http.sys
+ 2005-10-12 23:27:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB916595\spmsg.dll
+ 2005-10-12 23:27:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB916595\spuninst.exe
+ 2005-10-12 23:27:17 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\spcustom.dll
+ 2005-10-12 23:27:20 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
+ 2005-10-12 23:27:31 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\updspapi.dll
+ 2006-05-18 05:51:14 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB917344\SP2QFE\jscript.dll
+ 2005-10-12 23:27:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB917344\spmsg.dll
+ 2005-10-12 23:27:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB917344\spuninst.exe
+ 2005-10-12 23:27:17 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\spcustom.dll
+ 2005-10-12 23:27:20 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
+ 2005-10-12 23:27:31 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB917344\update\updspapi.dll
+ 2006-11-27 15:18:58 539,136 ----a-w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\msftedit.dll
+ 2006-11-27 15:18:58 433,664 ----a-w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\riched20.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB918118\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB918118\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\updspapi.dll
+ 2006-06-01 19:46:23 163,840 ----a-w C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgdw400.dll
+ 2006-06-01 19:46:23 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgpl400.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB918439\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB918439\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\updspapi.dll
+ 2006-07-13 11:43:08 202,496 ----a-w C:\WINDOWS\$hf_mig$\KB919007\SP2QFE\rmcast.sys
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB919007\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB919007\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\updspapi.dll
+ 2006-10-12 13:56:14 42,496 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdp2.dll
+ 2006-10-12 13:56:14 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdpv.dll
+ 2006-10-12 11:54:07 256,512 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe
+ 2006-10-16 11:19:23 265,216 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\spru0415.dll
+ 2005-10-12 23:27:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB920213\spmsg.dll
+ 2005-10-12 23:27:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB920213\spuninst.exe
+ 2005-10-12 23:27:17 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\spcustom.dll
+ 2005-10-12 23:27:20 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
+ 2005-10-12 23:27:31 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\updspapi.dll
+ 2006-07-21 08:32:07 72,704 ----a-w C:\WINDOWS\$hf_mig$\KB920670\SP2QFE\hlink.dll
+ 2005-10-12 23:27:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB920670\spmsg.dll
+ 2005-10-12 23:27:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB920670\spuninst.exe
+ 2005-10-12 23:27:17 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\spcustom.dll
+ 2005-10-12 23:27:20 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
+ 2005-10-12 23:27:31 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\updspapi.dll
+ 2006-06-26 17:47:18 147,456 ----a-w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\dnsapi.dll
+ 2006-06-26 17:47:18 7,680 ----a-w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB920683\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB920683\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\updspapi.dll
+ 2006-06-22 05:23:23 69,120 ----a-w C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\ciodm.dll
+ 2006-06-22 05:23:24 1,439,744 ----a-w C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\query.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB920685\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB920685\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\updspapi.dll
+ 2006-06-14 08:50:19 172,416 ----a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\kmixer.sys
+ 2006-06-14 08:50:19 6,272 ----a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys
+ 2006-06-14 09:17:04 82,944 ----a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\wdmaud.sys
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB920872\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB920872\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\updspapi.dll
+ 2007-05-17 11:28:44 549,888 ----a-w C:\WINDOWS\$hf_mig$\KB921503\SP2QFE\oleaut32.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB921503\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB921503\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB921503\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB921503\update\updspapi.dll
+ 2006-08-14 12:00:42 332,928 ----a-w C:\WINDOWS\$hf_mig$\KB923414\SP2QFE\srv.sys
+ 2005-10-12 23:27:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB923414\spmsg.dll
+ 2005-10-12 23:27:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB923414\spuninst.exe
+ 2005-10-12 23:27:17 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\spcustom.dll
+ 2005-10-12 23:27:20 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
+ 2005-10-12 23:27:31 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\updspapi.dll
+ 2006-08-17 12:43:18 728,576 ----a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\lsasrv.dll
+ 2006-08-17 12:43:18 337,408 ----a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\netapi32.dll
+ 2006-08-17 12:43:18 132,096 ----a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\wkssvc.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB924270\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB924270\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\updspapi.dll
+ 2006-09-04 06:15:25 1,497,088 ----a-w C:\WINDOWS\$hf_mig$\KB924496\SP2QFE\shdocvw.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB924496\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB924496\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\updspapi.dll
+ 2007-03-08 15:51:57 282,112 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\gdi32.dll
+ 2007-03-08 15:51:57 40,960 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\mf3216.dll
+ 2007-03-08 15:51:57 579,584 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
+ 2007-03-08 15:49:53 1,844,224 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\win32k.sys
+ 2006-01-19 19:30:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB925902\spmsg.dll
+ 2006-01-19 19:30:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB925902\spuninst.exe
+ 2006-01-19 19:30:18 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\spcustom.dll
+ 2006-01-19 19:30:18 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
+ 2006-01-19 19:30:19 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\updspapi.dll
+ 2006-10-20 01:41:07 714,240 ----a-w C:\WINDOWS\$hf_mig$\KB926255\SP2QFE\sxs.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB926255\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB926255\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\updspapi.dll
+ 2006-10-16 17:15:56 123,392 ----a-w C:\WINDOWS\$hf_mig$\KB926436\SP2QFE\oledlg.dll
+ 2005-10-12 23:27:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB926436\spmsg.dll
+ 2005-10-12 23:27:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB926436\spuninst.exe
+ 2005-10-12 23:27:17 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\spcustom.dll
+ 2005-10-12 23:27:20 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
+ 2005-10-12 23:27:31 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\updspapi.dll
+ 2006-12-19 21:49:20 8,487,424 ----a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shell32.dll
+ 2006-12-19 21:49:20 135,680 ----a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
+ 2006-12-19 16:30:12 265,216 ----a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\spru0415.dll
+ 2006-01-19 19:30:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB928255\spmsg.dll
+ 2006-01-19 19:30:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB928255\spuninst.exe
+ 2006-01-19 19:30:18 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\spcustom.dll
+ 2006-01-19 19:30:18 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
+ 2006-01-19 19:30:19 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\updspapi.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB928843\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB928843\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\updspapi.dll
+ 2007-05-16 15:30:57 86,528 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\directdb.dll
+ 2007-05-16 15:30:57 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\inetcomm.dll
+ 2007-05-16 15:30:58 1,314,816 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\msoe.dll
+ 2007-05-16 15:30:59 510,976 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\wab32.dll
+ 2007-05-16 15:30:59 85,504 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\wabimp.dll
+ 2006-01-19 19:30:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB929123\spmsg.dll
+ 2006-01-19 19:30:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB929123\spuninst.exe
+ 2006-01-19 19:30:18 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\spcustom.dll
+ 2006-01-19 19:30:18 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
+ 2006-01-19 19:30:19 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\updspapi.dll
+ 2007-02-09 11:23:36 574,976 ----a-w C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB930916\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB930916\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\updspapi.dll
+ 2007-02-05 20:21:35 185,856 ----a-w C:\WINDOWS\$hf_mig$\KB931261\SP2QFE\upnphost.dll
+ 2006-01-19 19:30:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB931261\spmsg.dll
+ 2006-01-19 19:30:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB931261\spuninst.exe
+ 2006-01-19 19:30:18 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\spcustom.dll
+ 2006-01-19 19:30:18 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
+ 2006-01-19 19:30:19 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\updspapi.dll
+ 2007-02-28 16:09:20 2,139,136 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlmp.exe
+ 2007-02-28 16:09:26 2,060,672 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
+ 2007-02-28 16:09:16 2,018,816 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrpamp.exe
+ 2007-02-28 16:09:25 2,183,424 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB931784\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB931784\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\updspapi.dll
+ 2007-03-09 14:00:46 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB932168\SP2QFE\agentdpv.dll
+ 2007-03-09 11:51:37 265,216 ----a-w C:\WINDOWS\$hf_mig$\KB932168\SP2QFE\spru0415.dll
+ 2006-01-19 19:30:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB932168\spmsg.dll
+ 2006-01-19 19:30:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB932168\spuninst.exe
+ 2006-01-19 19:30:18 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\spcustom.dll
+ 2006-01-19 19:30:18 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\update.exe
+ 2006-01-19 19:30:19 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\updspapi.dll
+ 2007-04-16 16:11:16 1,014,784 ----a-w C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB935839\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB935839\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\updspapi.dll
+ 2007-04-25 20:33:39 144,896 ----a-w C:\WINDOWS\$hf_mig$\KB935840\SP2QFE\schannel.dll
+ 2006-01-19 19:30:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB935840\spmsg.dll
+ 2006-01-19 19:30:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB935840\spuninst.exe
+ 2006-01-19 19:30:18 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\spcustom.dll
+ 2006-01-19 19:30:18 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
+ 2006-01-19 19:30:19 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\updspapi.dll
+ 2007-06-26 06:07:43 1,104,896 ----a-w C:\WINDOWS\$hf_mig$\KB936021\SP2QFE\msxml3.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB936021\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB936021\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\updspapi.dll
+ 2007-07-06 09:52:38 72,960 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:10:31 138,240 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:10:31 47,104 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:10:31 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 13:10:31 660,992 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:10:31 177,152 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:10:31 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:10:31 48,640 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:10:31 512,000 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-06-26 14:46:27 851,968 ----a-w C:\WINDOWS\$hf_mig$\KB938127\SP2QFE\vgx.dll
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB938127\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB938127\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\updspapi.dll
+ 2007-06-13 13:12:07 1,034,752 ----a-w C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
+ 2005-10-12 23:21:28 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB938828\spmsg.dll
+ 2005-10-12 23:21:30 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB938828\spuninst.exe
+ 2005-10-12 23:21:27 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\spcustom.dll
+ 2005-10-12 23:21:33 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
+ 2005-10-12 23:21:40 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\updspapi.dll
+ 2007-06-19 13:42:00 282,112 ----a-w C:\WINDOWS\$hf_mig$\KB938829\SP2QFE\gdi32.dll
+ 2006-01-19 19:30:18 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB938829\spmsg.dll
+ 2006-01-19 19:30:18 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB938829\spuninst.exe
+ 2006-01-19 19:30:18 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938829\update\spcustom.dll
+ 2006-01-19 19:30:18 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
+ 2006-01-19 19:30:19 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB938829\update\updspapi.dll
+ 2007-08-21 06:26:10 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
+ 2007-10-29 22:41:28 1,291,264 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-30 16:53:32 360,832 ----a-w C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\updspapi.dll
+ 2007-10-11 06:10:53 1,024,000 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\browseui.dll
+ 2007-10-11 06:10:53 151,552 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\cdfview.dll
+ 2007-10-11 06:10:55 1,055,744 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\danim.dll
+ 2007-10-11 06:10:55 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\dxtmsft.dll
+ 2007-10-11 06:10:55 205,824 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\dxtrans.dll
+ 2007-10-11 06:10:55 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\extmgr.dll
+ 2007-10-10 10:48:23 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\iedw.exe
+ 2007-10-11 06:10:55 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\iepeers.dll
+ 2007-10-11 06:10:56 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\inseng.dll
+ 2007-10-11 06:10:56 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\jsproxy.dll
+ 2007-10-30 10:14:15 3,086,848 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\mshtml.dll
+ 2007-10-11 06:10:58 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\mshtmled.dll
+ 2007-10-11 06:10:58 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\msrating.dll
+ 2007-10-11 06:10:59 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\mstime.dll
+ 2007-10-11 06:10:59 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\pngfilt.dll
+ 2007-10-11 06:11:00 1,498,112 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\shdocvw.dll
+ 2007-10-11 06:11:00 474,112 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\shlwapi.dll
+ 2007-10-10 23:36:56 368,640 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\spru0415.dll
+ 2007-10-11 06:11:00 619,008 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\urlmon.dll
+ 2007-10-11 06:11:01 668,672 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\wininet.dll
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB942615\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB942615\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB942615\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB942615\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-11-14 07:19:56 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB942840\SP2QFE\jscript.dll
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB942840\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB942840\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\updspapi.dll
+ 2007-11-07 09:50:55 729,088 ----a-w C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-11-13 08:47:46 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
- 2007-08-11 14:17:08 7,168 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-01-12 03:01:55 8,192 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-08-11 14:17:06 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-01-12 03:01:59 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-08-11 14:17:02 716,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-01-12 03:02:15 720,896 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-08-11 14:17:03 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-01-12 03:02:00 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-08-11 14:17:08 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2008-01-12 03:02:10 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
- 2007-08-11 14:17:08 299,008 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-01-12 03:02:06 303,104 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-08-11 14:17:07 1,290,240 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2008-01-12 03:02:10 1,294,336 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
- 2007-08-11 14:17:07 1,699,840 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-01-12 03:01:57 1,703,936 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-08-11 14:17:07 86,016 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-01-12 03:02:14 90,112 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-08-11 14:17:07 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-01-12 03:02:04 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-08-11 14:17:07 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-01-12 03:02:02 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-08-11 14:17:07 64,000 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2008-01-12 03:02:02 66,560 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
- 2007-08-11 14:17:07 368,640 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-01-12 03:02:09 372,736 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-08-11 14:17:07 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-01-12 03:02:15 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-08-11 14:17:07 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-01-12 03:02:07 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-08-11 14:17:07 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-01-12 03:02:03 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-08-11 14:17:07 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-01-12 03:02:04 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-08-11 14:17:07 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-01-12 03:02:12 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-08-11 14:17:08 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-01-12 03:01:55 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-08-11 14:17:07 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-01-12 03:02:01 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-08-11 14:17:08 569,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-01-12 03:01:58 573,440 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-08-11 14:17:07 1,245,184 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-01-12 03:02:13 1,257,472 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-08-11 14:17:08 2,039,808 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-01-12 03:02:03 2,052,096 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-08-11 14:17:08 1,335,296 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.Xml.dll
+ 2008-01-12 03:02:08 1,339,392 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
- 2007-08-11 14:17:07 1,216,512 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-01-12 03:02:16 1,224,704 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2007-08-10 17:22:26 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-01-12 03:08:39 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2007-08-10 17:22:28 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-01-12 03:08:56 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2007-08-10 17:22:28 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-01-12 03:08:56 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-08-10 17:22:29 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-01-12 03:08:59 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-08-10 17:22:27 2,878,976 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-01-12 03:08:51 2,902,016 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2007-08-10 17:22:25 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-01-12 03:08:27 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-08-10 17:22:25 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-01-12 03:08:27 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2007-08-10 17:22:30 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-01-12 03:09:06 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-08-10 17:22:26 5,025,792 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-01-12 03:08:43 5,156,864 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-08-10 17:22:25 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-01-12 03:08:38 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-08-10 17:22:25 503,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-01-12 03:08:25 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2007-08-10 17:22:25 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-01-12 03:08:32 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2007-08-10 17:22:28 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-01-12 03:08:53 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-08-10 17:22:28 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-01-12 03:08:55 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-08-10 17:22:28 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-01-12 03:08:55 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2007-08-10 17:22:25 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-01-12 03:08:34 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2007-08-10 17:22:25 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-01-12 03:08:34 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-08-10 17:22:25 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-01-12 03:08:36 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-08-10 17:22:25 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-01-12 03:08:36 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-08-10 17:22:25 745,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-01-12 03:08:34 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-08-10 17:22:30 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-01-12 03:09:08 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-08-10 17:22:30 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-01-12 03:09:07 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-08-10 17:22:24 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-01-12 03:08:22 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2007-08-10 17:22:30 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-01-12 03:09:06 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-08-10 17:22:30 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-01-12 03:09:08 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-08-10 17:22:25 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-01-12 03:08:24 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-08-10 17:22:24 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-01-12 03:08:23 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-08-10 17:22:24 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-01-12 03:08:24 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2007-08-10 17:22:29 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-01-12 03:09:03 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-08-10 17:22:26 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-01-12 03:08:39 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-08-10 17:22:30 389,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-01-12 03:09:03 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-08-10 17:22:29 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-01-12 03:09:00 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-08-10 17:22:25 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-01-12 03:08:29 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-08-10 17:22:28 5,050,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-01-12 03:08:53 5,001,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-08-10 17:22:26 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-01-12 03:08:41 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-08-10 17:22:26 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-01-12 03:08:40 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-08-10 17:22:26 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-01-12 03:08:42 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-08-10 17:22:30 700,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-01-12 03:09:04 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-08-10 17:22:29 368,640 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-01-12 03:09:00 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-08-10 17:22:30 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-01-12 03:09:05 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-08-10 17:22:29 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-01-12 03:09:01 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-08-10 17:22:29 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-01-12 03:09:01 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-08-10 17:22:26 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-01-12 03:08:38 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-08-10 17:22:26 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-01-12 03:08:42 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-08-10 17:22:30 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-01-12 03:09:06 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-08-10 17:22:27 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-01-12 03:08:44 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-08-10 17:22:27 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-01-12 03:08:44 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-08-10 17:22:27 5,316,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-01-12 03:08:45 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-08-10 17:22:27 2,035,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-01-12 03:08:45 2,027,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2007-08-10 17:22:30 3,018,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-01-12 03:09:04 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-01-12 03:15:56 26,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\55ddbec391b0adc50e41d2b60741ed46\Accessibility.ni.dll
+ 2008-01-12 03:16:00 888,832 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\ea0985964df40432d58a78db51718174\AspNetMMCExt.ni.dll
+ 2008-01-12 03:16:09 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\[u]0[/u]d0db7ec0d35bbd233b4bd20f18922fd\CustomMarshalers.ni.dll
+ 2008-01-12 03:16:06 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\b2dd8c4d35d95c6ff200c24b1abaa384\dfsvc.ni.exe
+ 2008-01-12 03:16:14 880,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\cc37e21d4465cb8dee4e3b366f86650f\Microsoft.Build.Engine.ni.dll
+ 2008-01-12 03:16:19 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\1144609555b1ead3c1b25f2b2f6b28ab\Microsoft.Build.Framework.ni.dll
+ 2008-01-12 03:16:27 1,687,552 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a8a8951d38a5778ad7deb3f8fd6b81d2\Microsoft.Build.Tasks.ni.dll
+ 2008-01-12 03:16:31 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\eb378df43e66e68e0d241cad7538dc3c\Microsoft.Build.Utilities.ni.dll
+ 2008-01-12 03:16:36 1,720,320 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\20e21f5039b6ded38b414999d40cf0b4\Microsoft.VisualBasic.ni.dll
+ 2008-01-12 03:11:04 11,304,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\bb5da69fadc5d26151186c707a28679a\mscorlib.ni.dll
+ 2008-01-12 03:16:43 1,003,520 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b614d7444b994d9030e284a462811800\System.Configuration.ni.dll
+ 2008-01-12 03:12:03 6,676,480 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\778a1079141b7a285c63db042d353fe1\System.Data.ni.dll
+ 2008-01-12 03:16:48 1,724,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\9ec3e52d370c2a3dab1ee2cd4c4c5001\System.Deployment.ni.dll
+ 2008-01-12 03:12:41 10,702,848 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\b9895e27c1084a9dacbf8bc3a510e4c9\System.Design.ni.dll
+ 2008-01-12 03:16:59 1,216,512 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\3aec9382a7648af7550c23c9846231bd\System.DirectoryServices.ni.dll
+ 2008-01-12 03:17:04 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\3cc098e96887a2b7ae2ff9ec075a7d81\System.DirectoryServices.Protocols.ni.dll
+ 2008-01-12 03:12:57 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\7bc77d425a3378b99f410791e34f9468\System.Drawing.Design.ni.dll
+ 2008-01-12 03:12:50 1,601,536 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\fa94b10161dd5082d6d4005e83a49a59\System.Drawing.ni.dll
+ 2008-01-12 03:17:07 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\6c960f1f5750a54e79d64c2f1619a4b1\System.EnterpriseServices.ni.dll
+ 2008-01-12 03:17:07 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\6c960f1f5750a54e79d64c2f1619a4b1\System.EnterpriseServices.Wrapper.dll
+ 2008-01-12 03:17:13 729,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\5513fcfa4a1ce94563aacf82d0fe1ffb\System.Security.ni.dll
+ 2008-01-12 03:17:16 684,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\49f1ad7f10c66a31d2299b89a9adb4d6\System.Transactions.ni.dll
+ 2008-01-12 03:18:08 2,306,048 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\6b3dc9c0ef479ed688051cc0b3f83a40\System.Web.Mobile.ni.dll
+ 2008-01-12 03:18:13 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\a4e6e09c66a60dbee6b345ad032f8036\System.Web.RegularExpressions.ni.dll
+ 2008-01-12 03:18:23 1,941,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\499b80f559543ea61084efa31f0bd24a\System.Web.Services.ni.dll
+ 2008-01-12 03:17:57 12,185,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\20bb9319c001aa689cff178666d14d2a\System.Web.ni.dll
+ 2008-01-12 03:13:40 13,107,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2d11b8a767a8b423aae080ab56c7a05f\System.Windows.Forms.ni.dll
+ 2008-01-12 03:13:58 5,623,808 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\bbb0e678e3a22282fd93c14d438d7da2\System.Xml.ni.dll
+ 2008-01-12 03:11:33 8,130,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4e97fa93a423343ce69a9756f77f0657\System.ni.dll
+ 2008-01-12 03:04:12 118,784 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_516e2339\CustomMarshalers.dll
+ 2008-01-12 03:02:35 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_9de4ce6f\CustomMarshalers.dll
+ 2008-01-12 03:04:41 8,880,128 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_0fbe7044\mscorlib.dll
+ 2008-01-12 03:03:51 3,379,200 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_829e8ab6\mscorlib.dll
+ 2008-01-12 03:04:34 3,395,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_e3386ea5\System.Design.dll
+ 2008-01-12 03:03:42 1,466,368 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_eaaade39\System.Design.dll
+ 2008-01-12 03:04:14 192,512 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_a87f3f50\System.Drawing.Design.dll
+ 2008-01-12 03:02:40 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c8ef2e39\System.Drawing.Design.dll
+ 2008-01-12 03:03:45 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_1386b0fc\System.Drawing.dll
+ 2008-01-12 03:04:36 2,244,608 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_a2ea9eb9\System.Drawing.dll
+ 2008-01-12 03:02:52 3,014,656 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a5b96112\System.Windows.Forms.dll
+ 2008-01-12 03:04:24 7,880,704 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_cdc18301\System.Windows.Forms.dll
+ 2008-01-12 03:03:04 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_66bc2ac9\System.Xml.dll
+ 2008-01-12 03:04:27 5,505,024 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_e7c15504\System.Xml.dll
+ 2008-01-12 03:04:11 4,763,648 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_2e4312a4\System.dll
+ 2008-01-12 03:02:32 1,953,792 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_5c84424b\System.dll
+ 2006-02-15 00:22:26 142,464 ------w C:\WINDOWS\Driver Cache\i386\aec.sys
+ 2006-03-17 00:33:10 262,784 ------w C:\WINDOWS\Driver Cache\i386\http.sys
+ 2006-06-14 08:47:45 172,416 ------w C:\WINDOWS\Driver Cache\i386\kmixer.sys
+ 2006-05-05 09:41:45 453,120 ------w C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
+ 2007-02-28 16:04:45 2,137,600 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2007-02-28 16:04:56 2,058,880 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2007-02-28 16:04:47 2,017,280 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2007-02-28 16:04:58 2,181,632 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2006-06-14 08:47:46 6,400 ------w C:\WINDOWS\Driver Cache\i386\splitter.sys
+ 2006-06-14 09:00:45 82,944 ------w C:\WINDOWS\Driver Cache\i386\wdmaud.sys
- 2004-08-03 22:44:20 1,033,728 ----a-w C:\WINDOWS\explorer.exe
+ 2007-06-13 13:23:49 1,034,752 ----a-w C:\WINDOWS\explorer.exe
+ 2008-01-12 12:17:03 565,311 ----a-w C:\WINDOWS\gmer.dll
+ 2006-11-28 15:23:32 573,440 ----a-w C:\WINDOWS\gmer.exe
- 2004-08-03 22:44:22 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2008-01-12 02:59:45 32,768 ----a-r C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
- 2003-02-20 17:19:32 253,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2004-07-15 01:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2003-02-20 17:19:34 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2004-07-15 01:49:18 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
- 2003-02-20 17:19:38 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2004-07-15 01:49:26 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
- 2003-02-20 17:19:36 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2004-07-15 01:49:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 17:09:08 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2004-07-15 00:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-21 08:20:44 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2004-07-15 11:23:28 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
- 2003-02-21 08:21:00 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2004-07-15 11:23:44 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
- 2003-02-20 17:06:20 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2004-07-15 00:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-10-08 14:30:14 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
- 2003-02-21 05:24:38 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2004-07-15 14:31:00 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
- 2003-02-21 05:24:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2004-07-15 14:31:04 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
- 2003-02-20 17:09:40 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2004-07-15 00:35:30 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
- 2003-02-21 05:26:36 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2004-07-15 14:28:58 720,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
- 2003-02-21 05:26:38 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2004-07-15 14:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
- 2003-02-21 05:25:04 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2004-07-15 14:28:50 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
- 2003-02-21 05:25:04 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
+ 2004-07-15 14:28:50 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
- 2003-02-20 17:09:12 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2004-07-15 00:32:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
- 2003-02-20 17:09:12 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-15 00:32:46 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
- 2003-02-20 17:06:32 311,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2004-07-15 00:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2003-02-20 17:09:16 98,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2004-07-15 00:33:04 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2003-02-21 05:26:34 2,088,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2004-07-15 14:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 17:09:18 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2004-07-15 00:33:22 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
- 2003-02-20 17:09:18 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2004-07-15 00:33:24 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
- 2003-02-20 17:07:34 2,494,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2004-07-15 00:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2003-02-20 17:08:32 2,482,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2004-07-15 00:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2004-08-10 16:20:00 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
- 2003-02-20 17:09:30 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
+ 2004-07-15 00:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
- 2003-02-21 05:26:46 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 14:28:48 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
- 2003-02-20 17:09:34 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2004-07-15 00:35:04 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
- 2003-02-21 05:26:38 1,290,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
+ 2004-07-15 14:32:00 1,294,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
- 2003-02-21 05:25:42 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
+ 2004-07-15 14:31:14 303,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
- 2003-02-21 05:26:42 1,699,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
+ 2004-07-15 14:29:02 1,703,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
- 2003-02-21 05:26:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
+ 2004-07-15 14:28:54 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
- 2003-02-21 05:26:46 1,216,512 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2004-07-15 14:31:16 1,224,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2003-02-21 05:26:50 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2004-07-15 14:28:58 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
- 2003-02-21 05:26:50 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2004-07-15 14:28:56 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
- 2003-02-20 17:09:36 64,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2004-07-15 00:35:12 66,560 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
- 2003-02-21 05:26:52 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
+ 2004-07-15 14:31:58 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
- 2003-02-21 05:26:54 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2004-07-15 14:31:12 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
- 2003-02-21 05:26:56 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2004-07-15 14:28:58 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
- 2003-02-21 05:26:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
+ 2004-07-15 14:31:54 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
- 2003-02-21 05:26:58 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2004-07-15 14:28:52 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2003-02-21 05:27:00 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2004-07-15 14:28:54 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
- 2003-02-21 05:27:02 1,245,184 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2004-07-15 14:29:00 1,257,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2003-02-21 05:27:06 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2004-07-15 14:28:58 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
- 2003-02-21 05:24:18 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2004-07-15 14:28:52 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
- 2003-02-21 05:27:06 569,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
+ 2004-07-15 14:31:16 573,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
- 2003-02-21 05:27:08 2,039,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2004-07-15 14:32:02 2,052,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
- 2003-02-21 05:27:10 1,335,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-07-15 14:29:00 1,339,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-06-22 13:51:38 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2003-02-21 08:20:38 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 11:23:20 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
- 2003-02-21 03:04:18 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2004-07-15 08:15:14 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
- 2003-02-20 18:10:40 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2004-07-15 02:11:56 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
- 2005-09-23 05:28:58 55,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-04-13 03:21:18 58,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 05:28:32 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-04-13 03:20:52 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2005-09-23 05:28:32 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-04-13 03:20:52 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2005-09-23 05:28:32 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-04-13 03:20:52 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2005-09-23 05:28:32 70,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-04-13 03:20:50 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 05:28:32 26,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-04-13 03:20:52 32,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 05:28:32 29,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-04-13 03:20:52 33,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2005-09-23 05:28:32 29,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-04-13 03:20:52 32,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2005-09-23 05:28:32 503,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-04-13 03:20:52 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 05:28:56 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-04-13 03:21:16 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 05:28:38 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-04-13 03:20:58 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2005-09-23 05:28:56 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-04-13 03:21:16 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 05:28:56 224,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-04-13 03:21:16 228,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2005-09-23 05:28:56 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-04-13 03:21:16 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 05:28:48 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-04-13 03:21:10 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 05:28:48 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-04-13 03:21:10 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 05:28:48 745,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-04-13 03:21:08 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 05:28:32 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-04-13 03:20:52 87,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 05:28:56 800,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-04-13 03:21:18 802,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 05:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-04-13 03:21:16 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2005-09-23 05:28:56 326,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-04-13 03:21:16 326,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 05:28:56 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-04-13 03:21:16 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2005-09-23 05:28:56 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-04-13 03:21:16 102,912 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 05:28:56 226,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-04-13 03:21:18 227,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2005-09-23 05:28:56 66,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-04-13 03:21:18 68,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 05:28:50 5,615,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-04-13 03:21:12 5,634,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 05:28:56 96,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-04-13 03:21:16 99,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2005-09-23 05:28:56 14,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-04-13 03:21:18 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 05:28:50 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-04-13 03:21:12 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 05:28:56 377,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-04-13 03:21:18 382,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2005-09-23 05:28:56 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-04-13 03:21:18 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2005-09-23 05:28:58 389,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-04-13 03:21:18 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 05:28:56 2,878,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-04-13 03:21:16 2,902,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2005-09-23 05:28:56 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-04-13 03:21:18 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2005-09-23 05:28:56 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-04-13 03:21:18 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2005-09-23 05:28:38 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-04-13 03:20:58 888,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2005-09-23 05:28:56 5,050,368 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-04-13 03:21:16 5,001,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 05:28:56 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-04-13 03:21:18 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2005-09-23 05:28:56 3,018,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-04-13 03:21:16 2,940,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 05:28:56 700,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-04-13 03:21:16 577,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2005-09-23 05:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-04-13 03:21:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2005-09-23 05:28:56 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-04-13 03:21:18 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2005-09-23 05:28:56 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-04-13 03:21:18 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 05:28:56 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-04-13 03:21:16 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 05:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-04-13 03:21:16 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 05:28:56 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-04-13 03:21:18 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2005-09-23 05:28:56 5,025,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-04-13 03:21:16 5,156,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 05:28:56 5,316,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-04-13 03:21:16 5,152,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2005-09-23 05:28:56 2,035,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-04-13 03:21:16 2,027,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2005-09-23 05:29:06 1,140,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-04-13 03:21:28 1,166,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2005-09-23 05:28:30 1,306,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-04-13 03:20:50 1,330,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2005-09-23 05:28:32 298,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-04-13 03:20:52 406,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2004-08-03 22:43:54 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2006-10-12 14:05:18 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2004-08-03 22:43:54 58,880 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2007-03-09 13:48:14 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2004-08-03 22:44:18 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2006-10-12 11:09:53 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2004-08-03 22:43:52 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
+ 2006-08-16 11:59:43 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
- 2004-08-03 22:43:54 56,832 ----a-w C:\WINDOWS\system32\authz.dll
+ 2005-03-02 18:18:38 56,832 ----a-w C:\WINDOWS\system32\authz.dll
- 2004-08-03 22:43:54 1,017,344 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2007-10-11 06:14:30 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll
- 2004-08-03 22:43:54 229,888 ----a-w C:\WINDOWS\system32\catsrv.dll
+ 2005-07-26 04:42:32 225,792 ----a-w C:\WINDOWS\system32\catsrv.dll
- 2004-08-03 22:43:54 628,224 ----a-w C:\WINDOWS\system32\catsrvut.dll
+ 2005-07-26 04:42:33 625,152 ----a-w C:\WINDOWS\system32\catsrvut.dll
- 2004-08-03 22:43:54 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2007-10-11 06:14:30 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2004-08-03 22:43:54 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
+ 2005-09-10 01:55:33 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll
- 2004-08-03 22:43:54 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
+ 2006-06-22 05:18:13 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll
- 2004-08-03 22:43:54 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
+ 2005-07-26 04:42:33 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll
- 2004-08-03 22:43:54 501,248 ----a-w C:\WINDOWS\system32\clbcatq.dll
+ 2005-07-26 04:42:33 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll
- 2004-08-03 22:43:56 62,464 ----a-w C:\WINDOWS\system32\colbact.dll
+ 2005-07-26 04:42:33 60,416 ----a-w C:\WINDOWS\system32\colbact.dll
- 2004-08-03 22:43:56 195,584 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
+ 2005-07-26 04:42:33 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll
- 2004-08-03 22:43:56 611,328 ----a-w C:\WINDOWS\system32\comctl32.dll
+ 2006-08-25 15:51:15 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll
- 2001-10-26 19:29:26 82,432 ----a-w C:\WINDOWS\system32\comrepl.dll
+ 2005-07-26 04:42:33 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
- 2004-08-03 22:43:56 1,251,840 ----a-w C:\WINDOWS\system32\comsvcs.dll
+ 2005-07-26 04:42:34 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll
- 2004-08-03 22:43:56 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
+ 2005-07-26 04:42:34 540,160 ----a-w C:\WINDOWS\system32\comuid.dll
- 2004-08-03 22:43:56 1,055,232 ----a-w C:\WINDOWS\system32\danim.dll
+ 2007-10-11 06:14:30 1,055,744 ----a-w C:\WINDOWS\system32\danim.dll
- 2004-08-03 22:43:56 110,592 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2006-05-19 13:26:53 111,104 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll
+ 2006-08-16 11:59:43 100,352 -c----w C:\WINDOWS\system32\dllcache\6to4svc.dll
+ 2006-10-12 14:05:18 42,496 -c----w C:\WINDOWS\system32\dllcache\agentdp2.dll
+ 2007-03-09 13:48:14 57,344 -c--a-w C:\WINDOWS\system32\dllcache\agentdpv.dll
+ 2006-10-12 11:09:53 256,512 -c----w C:\WINDOWS\system32\dllcache\agentsvr.exe
+ 2007-10-11 06:14:30 1,023,488 -c----w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2007-10-11 06:14:30 151,552 -c----w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2006-06-22 05:18:13 69,120 -c----w C:\WINDOWS\system32\dllcache\ciodm.dll
+ 2006-08-25 15:51:15 617,472 -c----w C:\WINDOWS\system32\dllcache\comctl32.dll
- 2001-10-26 19:29:26 82,432 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.dll
+ 2005-07-26 04:42:33 97,792 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.dll
+ 2007-10-11 06:14:30 1,055,744 -c----w C:\WINDOWS\system32\dllcache\danim.dll
+ 2006-05-19 13:26:53 111,104 -c----w C:\WINDOWS\system32\dllcache\dhcpcsvc.dll
+ 2007-05-16 15:18:58 86,528 -c----w C:\WINDOWS\system32\dllcache\directdb.dll
+ 2006-06-26 17:45:40 148,480 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2006-08-24 13:18:20 499,766 -c----w C:\WINDOWS\system32\dllcache\dxmasf.dll
+ 2007-10-11 06:14:30 357,888 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2007-10-11 06:14:30 205,312 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-06-13 13:23:49 1,034,752 -c----w C:\WINDOWS\system32\dllcache\explorer.exe
+ 2007-10-11 06:14:30 55,808 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2001-10-26 19:29:30 79,360 -c--a-w C:\WINDOWS\system32\dllcache\fontsub.dll
+ 2005-10-17 21:21:40 80,896 -c--a-w C:\WINDOWS\system32\dllcache\fontsub.dll
+ 2007-06-19 13:32:56 282,112 -c----w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2001-10-26 19:29:30 77,850 -c--a-w C:\WINDOWS\system32\dllcache\hlink.dll
+ 2006-07-21 08:29:01 72,704 -c--a-w C:\WINDOWS\system32\dllcache\hlink.dll
+ 2007-10-10 11:16:27 18,432 -c----w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-10-11 06:14:30 251,392 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-21 06:18:06 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2007-10-11 06:14:30 96,768 -c----w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2006-05-19 13:26:53 95,744 -c----w C:\WINDOWS\system32\dllcache\iphlpapi.dll
- 2001-10-26 19:29:32 144,896 -c--a-w C:\WINDOWS\system32\dllcache\jgdw400.dll
+ 2006-06-01 18:49:32 163,840 -c--a-w C:\WINDOWS\system32\dllcache\jgdw400.dll
- 2001-10-26 19:29:32 42,496 -c--a-w C:\WINDOWS\system32\dllcache\jgpl400.dll
+ 2006-06-01 18:49:32 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jgpl400.dll
+ 2007-11-14 07:28:56 450,560 -c----w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-10-11 06:14:30 16,384 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-04-16 15:54:44 1,013,248 -c----w C:\WINDOWS\system32\dllcache\kernel32.dll
+ 2006-06-14 08:47:45 172,416 -c----w C:\WINDOWS\system32\dllcache\kmixer.sys
+ 2007-11-07 09:29:33 723,968 -c----w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-03-08 15:38:47 40,960 -c----w C:\WINDOWS\system32\dllcache\mf3216.dll
- 2001-10-26 19:29:34 924,432 -c--a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
+ 2006-11-01 19:19:04 927,504 -c--a-w C:\WINDOWS\system32\dllcache\mfc40u.dll
+ 2006-10-14 08:13:25 981,760 -c----w C:\WINDOWS\system32\dllcache\mfc42u.dll
+ 2007-07-06 10:05:47 72,960 -c----w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 12:51:40 138,240 -c----w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:51:40 47,104 -c----w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:51:40 16,896 -c----w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:51:40 660,992 -c----w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:51:40 177,152 -c----w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:51:40 95,744 -c----w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:51:40 48,640 -c----w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:51:40 512,000 -c----w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2006-05-05 09:41:45 453,120 -c----w C:\WINDOWS\system32\dllcache\mrxsmb.sys
+ 2006-12-26 13:09:22 536,576 -c----w C:\WINDOWS\system32\dllcache\msado15.dll
+ 2006-12-26 13:09:22 180,224 -c----w C:\WINDOWS\system32\dllcache\msadomd.dll
+ 2006-12-26 13:09:22 200,704 -c----w C:\WINDOWS\system32\dllcache\msadox.dll
+ 2006-11-27 14:55:46 539,136 -c----w C:\WINDOWS\system32\dllcache\msftedit.dll
+ 2007-10-30 10:19:06 3,079,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-10-11 06:14:31 449,024 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2005-05-04 12:45:32 2,890,240 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2007-04-18 16:14:32 2,854,400 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2006-12-26 13:09:22 102,400 -c----w C:\WINDOWS\system32\dllcache\msjro.dll
+ 2007-05-16 15:19:02 1,314,816 -c----w C:\WINDOWS\system32\dllcache\msoe.dll
+ 2007-10-11 06:14:31 146,432 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-10-11 06:14:31 532,480 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-06-26 06:10:36 1,104,896 -c----w C:\WINDOWS\system32\dllcache\msxml3.dll
+ 2006-08-17 12:30:06 332,288 -c----w C:\WINDOWS\system32\dllcache\netapi32.dll
+ 2007-02-09 11:10:35 574,464 -c----w C:\WINDOWS\system32\dllcache\ntfs.sys
+ 2007-02-28 16:04:45 2,137,600 -c----w C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
+ 2007-02-28 16:04:56 2,058,880 -c----w C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
+ 2007-02-28 16:04:47 2,017,280 -c----w C:\WINDOWS\system32\dllcache\ntkrpamp.exe
+ 2007-02-28 16:04:58 2,181,632 -c----w C:\WINDOWS\system32\dllcache\ntoskrnl.exe
- 2001-10-26 19:29:40 58,880 -c--a-w C:\WINDOWS\system32\dllcache\nwapi32.dll
+ 2006-10-13 12:41:11 64,000 -c--a-w C:\WINDOWS\system32\dllcache\nwapi32.dll
+ 2006-10-13 12:41:11 143,872 -c----w C:\WINDOWS\system32\dllcache\nwprovau.dll
+ 2006-10-13 10:23:15 163,584 -c----w C:\WINDOWS\system32\dllcache\nwrdr.sys
+ 2006-10-13 12:41:11 65,536 -c----w C:\WINDOWS\system32\dllcache\nwwks.dll
+ 2007-05-17 11:30:17 549,376 -c----w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2001-10-26 19:29:40 69,120 -c--a-w C:\WINDOWS\system32\dllcache\olecli32.dll
+ 2005-07-26 04:42:36 75,264 -c--a-w C:\WINDOWS\system32\dllcache\olecli32.dll
- 2001-10-26 19:29:40 34,304 -c--a-w C:\WINDOWS\system32\dllcache\olecnv32.dll
+ 2005-07-26 04:42:36 37,888 -c--a-w C:\WINDOWS\system32\dllcache\olecnv32.dll
- 2001-10-26 19:29:40 118,272 -c--a-w C:\WINDOWS\system32\dllcache\oledlg.dll
+ 2006-10-16 16:16:22 123,392 -c--a-w C:\WINDOWS\system32\dllcache\oledlg.dll
+ 2007-10-11 06:14:31 39,424 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2007-10-29 22:44:30 1,291,264 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2006-06-22 05:18:14 1,439,744 -c----w C:\WINDOWS\system32\dllcache\query.dll
+ 2006-06-26 17:45:40 8,192 -c----w C:\WINDOWS\system32\dllcache\rasadhlp.dll
+ 2006-06-22 10:54:46 181,248 -c----w C:\WINDOWS\system32\dllcache\rasmans.dll
+ 2006-05-05 09:47:57 174,592 -c----w C:\WINDOWS\system32\dllcache\rdbss.sys
+ 2006-11-27 14:55:46 433,152 -c----w C:\WINDOWS\system32\dllcache\riched20.dll
- 2001-08-17 23:52:24 200,064 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2007-04-25 14:23:30 144,896 -c----w C:\WINDOWS\system32\dllcache\schannel.dll
+ 2007-10-11 06:14:31 1,494,528 -c----w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2007-10-25 16:57:22 8,483,328 -c----w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-10-11 06:14:31 474,112 -c----w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2006-12-19 21:51:04 135,168 -c----w C:\WINDOWS\system32\dllcache\shsvcs.dll
+ 2006-06-14 08:47:46 6,400 -c----w C:\WINDOWS\system32\dllcache\splitter.sys
+ 2006-08-14 10:34:41 332,928 -c----w C:\WINDOWS\system32\dllcache\srv.sys
+ 2006-08-24 13:19:52 246,814 -c----w C:\WINDOWS\system32\dllcache\strmdll.dll
+ 2006-10-20 01:39:31 714,240 -c----w C:\WINDOWS\system32\dllcache\sxs.dll
+ 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2007-02-05 20:19:48 185,856 -c----w C:\WINDOWS\system32\dllcache\upnphost.dll
+ 2007-10-11 06:14:32 616,448 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-03-08 15:38:47 579,072 -c----w C:\WINDOWS\system32\dllcache\user32.dll
+ 2007-06-26 13:57:29 851,968 -c----w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-05-16 15:19:02 510,976 -c----w C:\WINDOWS\system32\dllcache\wab32.dll
+ 2007-05-16 15:19:02 85,504 -c----w C:\WINDOWS\system32\dllcache\wabimp.dll
+ 2006-06-14 09:00:45 82,944 -c----w C:\WINDOWS\system32\dllcache\wdmaud.sys
+ 2006-12-19 18:18:25 334,336 -c----w C:\WINDOWS\system32\dllcache\wiaservc.dll
+ 2007-03-08 15:37:33 1,843,840 -c----w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2007-10-11 06:14:32 662,016 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-03-17 13:45:36 293,376 -c----w C:\WINDOWS\system32\dllcache\winsrv.dll
+ 2006-08-17 12:30:06 132,096 -c----w C:\WINDOWS\system32\dllcache\wkssvc.dll
+ 2007-10-25 09:28:30 222,720 -c----w C:\WINDOWS\system32\dllcache\wmasf.dll
- 2004-08-03 22:43:56 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2006-06-26 17:45:40 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-03 20:39:38 142,464 ----a-w C:\WINDOWS\system32\drivers\aec.sys
+ 2006-02-15 00:22:26 142,464 ----a-w C:\WINDOWS\system32\drivers\aec.sys
- 2004-08-03 21:01:20 124,800 ------w C:\WINDOWS\system32\drivers\fltmgr.sys
+ 2006-08-21 09:14:58 128,896 ------w C:\WINDOWS\system32\drivers\fltmgr.sys
+ 2008-01-12 12:17:03 68,961 ----a-w C:\WINDOWS\system32\drivers\gmer.sys
- 2004-08-03 21:00:14 263,040 ------w C:\WINDOWS\system32\drivers\http.sys
+ 2006-03-17 00:33:10 262,784 ------w C:\WINDOWS\system32\drivers\http.sys
- 2004-08-03 21:04:52 134,912 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
+ 2004-09-29 22:28:37 134,912 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
- 2004-08-03 21:07:50 171,776 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
+ 2006-06-14 08:47:45 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys
- 2004-08-03 20:58:22 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2004-08-03 21:15:18 451,456 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
+ 2006-05-05 09:41:45 453,120 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
- 2004-08-03 21:15:10 574,592 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
+ 2007-02-09 11:10:35 574,464 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
- 2004-08-03 21:02:24 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys
+ 2006-10-13 10:23:15 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys
- 2004-08-03 21:20:08 176,512 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
+ 2006-05-05 09:47:57 174,592 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
- 2004-08-03 22:44:42 139,400 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
+ 2005-06-10 04:11:36 139,528 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
- 2001-08-17 23:52:24 200,064 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys
+ 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
- 2004-08-03 21:07:48 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
+ 2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
- 2004-08-03 21:14:46 336,256 ----a-w C:\WINDOWS\system32\drivers\srv.sys
+ 2006-08-14 10:34:41 332,928 ----a-w C:\WINDOWS\system32\drivers\srv.sys
- 2004-08-03 21:14:42 359,040 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2004-08-03 21:07:46 223,616 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2004-08-03 21:15:06 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
+ 2006-06-14 09:00:45 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
- 2004-08-03 22:43:58 499,229 ----a-w C:\WINDOWS\system32\dxmasf.dll
+ 2006-08-24 13:18:20 499,766 ----a-w C:\WINDOWS\system32\dxmasf.dll
- 2004-08-03 22:43:58 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2007-10-11 06:14:30 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2004-08-03 22:43:58 201,728 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-10-11 06:14:30 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2004-08-03 22:43:58 243,200 ----a-w C:\WINDOWS\system32\es.dll
+ 2005-07-26 04:42:34 243,200 ----a-w C:\WINDOWS\system32\es.dll
- 2004-08-03 22:43:58 1,092,608 ----a-w C:\WINDOWS\system32\esent.dll
+ 2005-10-20 22:30:53 1,092,608 ----a-w C:\WINDOWS\system32\esent.dll
- 2004-08-03 22:43:58 55,808 ------w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-11 06:14:30 55,808 ------w C:\WINDOWS\system32\extmgr.dll
- 2004-08-03 22:43:58 16,896 ------w C:\WINDOWS\system32\fltlib.dll
+ 2006-08-21 12:28:21 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
- 2004-08-03 22:44:20 22,528 ------w C:\WINDOWS\system32\fltmc.exe
+ 2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe
- 2007-11-12 10:37:04 286,112 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-01-12 10:06:03 286,112 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2001-10-26 19:29:30 79,360 ----a-w C:\WINDOWS\system32\fontsub.dll
+ 2005-10-17 21:21:40 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll
- 2004-08-03 22:44:00 278,016 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2007-06-19 13:32:56 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
- 2004-08-03 22:44:00 38,912 ----a-w C:\WINDOWS\system32\hhsetup.dll
+ 2005-05-27 02:08:15 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
- 2001-10-26 19:29:30 77,850 ----a-w C:\WINDOWS\system32\hlink.dll
+ 2006-07-21 08:29:01 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
- 2004-08-03 22:44:00 349,696 ----a-w C:\WINDOWS\system32\hypertrm.dll
+ 2004-11-17 17:43:29 351,744 ----a-w C:\WINDOWS\system32\hypertrm.dll
- 2004-08-03 22:44:00 253,952 ----a-w C:\WINDOWS\system32\icm32.dll
+ 2005-06-29 01:52:57 254,976 ----a-w C:\WINDOWS\system32\icm32.dll
- 2004-08-03 22:44:00 249,344 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-10-11 06:14:30 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-03 22:44:00 678,400 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2007-08-21 06:18:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2004-08-03 22:44:02 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-10-11 06:14:30 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
- 2004-08-03 22:44:02 95,744 ----a-w C:\WINDOWS\system32\iphlpapi.dll
+ 2006-05-19 13:26:53 95,744 ----a-w C:\WINDOWS\system32\iphlpapi.dll
- 2004-08-03 22:44:02 143,872 ----a-w C:\WINDOWS\system32\itircl.dll
+ 2005-05-27 02:08:15 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
- 2004-08-03 22:44:02 134,144 ----a-w C:\WINDOWS\system32\itss.dll
+ 2005-05-27 02:08:15 137,216 ----a-w C:\WINDOWS\system32\itss.dll
- 2001-10-26 19:29:32 144,896 ----a-w C:\WINDOWS\system32\jgdw400.dll
+ 2006-06-01 18:49:32 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll
- 2001-10-26 19:29:32 42,496 ----a-w C:\WINDOWS\system32\jgpl400.dll
+ 2006-06-01 18:49:32 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll
- 2004-08-03 22:44:02 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-11-14 07:28:56 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
- 2004-08-03 22:44:02 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-10-11 06:14:30 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2004-08-03 22:44:02 294,400 ----a-w C:\WINDOWS\system32\kerberos.dll
+ 2005-06-15 17:51:00 295,936 ----a-w C:\WINDOWS\system32\kerberos.dll
- 2004-08-03 22:44:02 1,012,224 ----a-w C:\WINDOWS\system32\kernel32.dll
+ 2007-04-16 15:54:44 1,013,248 ----a-w C:\WINDOWS\system32\kernel32.dll
- 2004-08-03 22:44:02 18,944 ----a-w C:\WINDOWS\system32\linkinfo.dll
+ 2005-09-01 02:28:38 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
- 2004-08-03 22:44:02 723,968 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2007-11-07 09:29:33 723,968 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2004-08-03 22:44:02 39,936 ----a-w C:\WINDOWS\system32\mf3216.dll
+ 2007-03-08 15:38:47 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
- 2001-10-26 19:29:34 924,432 ----a-w C:\WINDOWS\system32\mfc40u.dll
+ 2006-11-01 19:19:04 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
- 2004-08-03 22:44:02 1,024,000 ----a-w C:\WINDOWS\system32\mfc42u.dll
+ 2006-10-14 08:13:25 981,760 ----a-w C:\WINDOWS\system32\mfc42u.dll
- 2004-08-03 22:44:04 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:51:40 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2004-08-03 22:44:04 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:51:40 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-03 22:44:04 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:51:40 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2004-08-03 22:44:04 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:51:40 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2004-08-03 22:44:04 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:51:40 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2004-08-03 22:44:04 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:51:40 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2004-08-03 22:44:04 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:51:40 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-03 22:44:04 512,000 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:51:40 512,000 ----a-w C:\WINDOWS\system32\mqutil.dll
- 2004-08-03 22:44:04 73,728 ----a-w C:\WINDOWS\system32\mscms.dll
+ 2005-06-29 01:52:57 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
- 2005-09-23 05:28:52 270,848 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2007-04-13 03:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2004-08-03 22:44:04 425,472 ----a-w C:\WINDOWS\system32\msdtcprx.dll
+ 2006-03-01 19:44:19 426,496 ----a-w C:\WINDOWS\system32\msdtcprx.dll
- 2004-08-03 22:44:04 949,248 ----a-w C:\WINDOWS\system32\msdtctm.dll
+ 2006-03-01 19:44:19 956,416 ----a-w C:\WINDOWS\system32\msdtctm.dll
- 2004-08-03 22:44:04 161,280 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
+ 2006-03-01 19:44:19 161,280 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
- 2004-08-03 22:44:06 537,088 ----a-w C:\WINDOWS\system32\msftedit.dll
+ 2006-11-27 14:55:46 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
- 2004-08-03 22:44:06 3,003,392 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-30 10:19:06 3,079,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2004-08-03 22:44:06 448,512 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-10-11 06:14:31 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2005-05-04 12:45:32 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
+ 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
- 2004-08-03 22:44:06 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-10-11 06:14:31 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 2006-10-18 20:47:16 414,208 ----a-w C:\WINDOWS\system32\msscp.dll
+ 2006-12-04 16:21:50 414,720 ----a-w C:\WINDOWS\system32\msscp.dll
- 2004-08-03 22:44:06 530,432 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-10-11 06:14:31 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
- 2004-08-03 22:44:06 1,236,480 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2007-06-26 06:10:36 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
- 2002-02-04 00:52:54 1,230,336 ----a-w C:\WINDOWS\system32\msxml4.dll
+ 2007-05-08 15:03:04 1,275,392 ----a-w C:\WINDOWS\system32\msxml4.dll
- 2004-08-03 22:44:06 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
+ 2006-03-01 19:44:19 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
- 2004-08-03 22:44:08 90,112 ----a-w C:\WINDOWS\system32\mtxoci.dll
+ 2006-03-01 19:44:19 91,136 ----a-w C:\WINDOWS\system32\mtxoci.dll
- 2004-08-03 22:44:08 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
+ 2006-08-17 12:30:06 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
- 2004-08-03 22:44:08 198,144 ----a-w C:\WINDOWS\system32\netman.dll
+ 2005-08-22 18:36:16 197,632 ----a-w C:\WINDOWS\system32\netman.dll
- 2004-08-03 22:38:58 2,058,112 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
+ 2007-02-28 16:04:56 2,058,880 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
- 2004-08-03 22:39:10 2,182,272 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
+ 2007-02-28 16:04:58 2,181,632 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
- 2001-10-26 19:29:40 58,880 ----a-w C:\WINDOWS\system32\nwapi32.dll
+ 2006-10-13 12:41:11 64,000 ----a-w C:\WINDOWS\system32\nwapi32.dll
- 2004-08-03 22:44:08 145,920 ----a-w C:\WINDOWS\system32\nwprovau.dll
+ 2006-10-13 12:41:11 143,872 ----a-w C:\WINDOWS\system32\nwprovau.dll
- 2004-08-03 22:44:08 64,000 ----a-w C:\WINDOWS\system32\nwwks.dll
+ 2006-10-13 12:41:11 65,536 ----a-w C:\WINDOWS\system32\nwwks.dll
- 2004-08-03 22:44:08 1,281,024 ----a-w C:\WINDOWS\system32\ole32.dll
+ 2005-07-26 04:42:36 1,284,608 ----a-w C:\WINDOWS\system32\ole32.dll
- 2004-08-03 22:44:08 553,472 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2007-05-17 11:30:17 549,376 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2001-10-26 19:29:40 69,120 ----a-w C:\WINDOWS\system32\olecli32.dll
+ 2005-07-26 04:42:36 75,264 ----a-w C:\WINDOWS\system32\olecli32.dll
- 2001-10-26 19:29:40 34,304 ----a-w C:\WINDOWS\system32\olecnv32.dll
+ 2005-07-26 04:42:36 37,888 ----a-w C:\WINDOWS\system32\olecnv32.dll
- 2001-10-26 19:29:40 118,272 ----a-w C:\WINDOWS\system32\oledlg.dll
+ 2006-10-16 16:16:22 123,392 ----a-w C:\WINDOWS\system32\oledlg.dll
- 2008-01-01 01:53:50 63,130 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-01-12 10:09:01 63,130 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-01-01 01:53:50 80,230 ----a-w C:\WINDOWS\system32\perfc015.dat
+ 2008-01-12 10:09:01 80,230 ----a-w C:\WINDOWS\system32\perfc015.dat
- 2008-01-01 01:53:50 403,528 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-01-12 10:09:01 403,528 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-01-01 01:53:50 460,134 ----a-w C:\WINDOWS\system32\perfh015.dat
+ 2008-01-12 10:09:02 460,134 ----a-w C:\WINDOWS\system32\perfh015.dat
- 2004-08-03 22:44:10 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2007-10-11 06:14:31 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2004-08-03 22:44:10 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2007-10-29 22:44:30 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
- 2004-08-03 22:44:10 1,439,744 ----a-w C:\WINDOWS\system32\query.dll
+ 2006-06-22 05:18:14 1,439,744 ----a-w C:\WINDOWS\system32\query.dll
- 2004-08-03 22:44:10 8,192 ----a-w C:\WINDOWS\system32\rasadhlp.dll
+ 2006-06-26 17:45:40 8,192 ----a-w C:\WINDOWS\system32\rasadhlp.dll
- 2004-08-03 22:44:10 174,080 ----a-w C:\WINDOWS\system32\rasmans.dll
+ 2006-06-22 10:54:46 181,248 ----a-w C:\WINDOWS\system32\rasmans.dll
- 2004-08-03 22:44:10 431,616 ----a-w C:\WINDOWS\system32\riched20.dll
+ 2006-11-27 14:55:46 433,152 ----a-w C:\WINDOWS\system32\riched20.dll
- 2004-08-03 22:44:10 581,120 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2007-07-09 13:11:53 584,192 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2004-08-03 22:44:10 395,776 ----a-w C:\WINDOWS\system32\rpcss.dll
+ 2005-07-26 04:42:36 397,824 ----a-w C:\WINDOWS\system32\rpcss.dll
- 2004-08-03 22:44:10 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
+ 2007-04-25 14:23:30 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
- 2004-08-03 22:44:10 1,483,264 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2007-10-11 06:14:31 1,494,528 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2004-08-03 22:44:10 8,412,672 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-25 16:57:22 8,483,328 ----a-w C:\WINDOWS\system32\shell32.dll
- 2004-08-03 22:44:12 473,600 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2007-10-11 06:14:31 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2004-08-03 22:44:12 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2006-12-19 21:51:04 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll
- 2004-08-03 22:44:28 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
+ 2005-06-10 23:53:32 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe
- 2004-08-03 22:44:12 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
+ 2004-12-07 19:34:12 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
- 2004-08-03 22:44:14 246,302 ----a-w C:\WINDOWS\system32\strmdll.dll
+ 2006-08-24 13:19:52 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
- 2004-08-03 22:44:14 714,240 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2006-10-20 01:39:31 714,240 ----a-w C:\WINDOWS\system32\sxs.dll
- 2004-08-03 22:44:14 210,432 ----a-w C:\WINDOWS\system32\t2embed.dll
+ 2005-10-17 21:21:40 118,272 ----a-w C:\WINDOWS\system32\t2embed.dll
- 2004-08-03 22:44:14 246,272 ----a-w C:\WINDOWS\system32\tapisrv.dll
+ 2005-07-08 16:29:17 249,344 ----a-w C:\WINDOWS\system32\tapisrv.dll
- 2004-08-03 22:44:28 77,312 ----a-w C:\WINDOWS\system32\telnet.exe
+ 2005-05-11 02:31:23 77,824 ----a-w C:\WINDOWS\system32\telnet.exe
- 2004-08-03 22:44:14 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
+ 2005-07-26 04:42:36 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
+ 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2004-08-03 22:44:14 118,784 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
+ 2005-08-23 03:40:06 123,904 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
- 2004-08-03 22:44:14 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll
+ 2007-02-05 20:19:48 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll
- 2004-08-03 22:44:14 602,112 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-11 06:14:32 616,448 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-03 22:44:14 578,560 ----a-w C:\WINDOWS\system32\user32.dll
+ 2007-03-08 15:38:47 579,072 ----a-w C:\WINDOWS\system32\user32.dll
+ 2006-03-17 00:38:01 28,672 ------w C:\WINDOWS\system32\verclsid.exe
- 2004-08-03 22:44:14 67,584 ----a-w C:\WINDOWS\system32\webclnt.dll
+ 2006-01-04 03:36:30 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
- 2004-08-03 22:44:16 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
+ 2006-12-19 18:18:25 334,336 ----a-w C:\WINDOWS\system32\wiaservc.dll
- 2004-08-03 22:37:28 1,836,160 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2007-03-08 15:37:33 1,843,840 ----a-w C:\WINDOWS\system32\win32k.sys
- 2004-08-03 22:44:16 658,944 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-10-11 06:14:32 662,016 ----a-w C:\WINDOWS\system32\wininet.dll
- 2004-08-03 22:44:16 291,328 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2007-03-17 13:45:36 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2004-08-03 22:44:16 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2006-08-17 12:30:06 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
- 2006-10-18 20:47:18 222,208 ----a-w C:\WINDOWS\system32\WMASF.dll
+ 2007-10-25 09:28:30 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
- 2006-10-18 20:47:20 10,834,432 ------w C:\WINDOWS\system32\wmp.dll
+ 2007-06-11 23:51:12 10,834,944 ------w C:\WINDOWS\system32\wmp.dll
- 2004-08-03 22:44:18 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
+ 2006-03-01 19:44:19 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
+ 2007-10-29 16:35:22 122,368 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-05-08 15:06:44 1,275,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
+ 2007-01-19 12:52:03 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2007-01-19 12:52:03 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2007-01-19 12:52:04 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2007-01-19 12:52:04 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2006-08-25 15:51:13 1,054,208 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
- 2007-08-10 17:22:25 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-01-12 03:08:27 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2007-08-10 17:22:25 114,176 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2008-01-12 03:08:27 114,176 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 22:44 15360]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 07:39 2119104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 23:11 132496]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-10 19:27 917504]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 03:10 55824 C:\WINDOWS\KHALMNPR.Exe]
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-04-27 07:41 282624]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 22:44 15360]
C:\Documents and Settings\All Users\Menu Start\Programy\AutostartHP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 21:23:26]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-11 22:49:24]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-10-04 15:51:31]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll 2007-11-15 10:10 72208 c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\ssttu.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BT Broadband Desktop Help.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BT Broadband Desktop Help.lnk
backup=C:\WINDOWS\pss\BT Broadband Desktop Help.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eyeBeam SIP Client]
C:\Program Files\BT Broadband Talk Softphone\BTSoftphone.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\BTHOME~1\Help\SMARTB~1\BTHelpNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
"AQQ"=C:\PROGRA~1\WapSter\AQQ\AQQ.exe
"Steam"="C:\Program Files\Steam\Steam.exe" -silent
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
"btbb_wcm_McciTrayApp"=C:\Program Files\btbb_wcm\McciTrayApp.exe
"UpdReg"=C:\WINDOWS\UpdReg.EXE
"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
"WINDVDPatch"=CTHELPER.EXE
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-03 22:44]
R3 axvbusx;axvbusx;C:\WINDOWS\system32\DRIVERS\axvbusx.sys [2002-12-27 18:14]
R3 axvscsi;axvscsi;C:\WINDOWS\system32\DRIVERS\axvscsi.sys [2002-12-27 18:14]
S3 DAdderFltr;DeathAdder Mouse;C:\WINDOWS\system32\drivers\dadder.sys [2006-11-14 13:29]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-01-10 03:16]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3624417f-53b6-11dc-84a9-00147f7c21f8}]
\Shell\AutoRun\command - H:\AutoPlay.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-01-11 17:17:46 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-12 12:47:56
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-12 12:50:53 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-12 12:50:50
ComboFix2.txt 2008-01-11 20:00:49
.
2008-01-12 03:22:49 --- E O F ---
Nie pisz posta pod postem
Ściągnij VundoFix i Virtumundobegone i uzyj ich
Po robocie nowy log Combofixa.
zamknolem wszystkie porty tak jak wwdc kazal. ale ad-aware wciaz pokazuje tego trojana.
Nowy log hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 23:27:38, on 2008-01-11
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\NUKER\Pulpit\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://goo/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
ComboFix 08-01-11.1 - NUKER 2008-01-11 19:50:08.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1114 [GMT 0:00]
Running from: C:\Documents and Settings\NUKER\Pulpit\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\srutv.ini
C:\WINDOWS\system32\srutv.ini2
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\wsnpoem
C:\WINDOWS\system32\wsnpoem\video.dll.cla
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_CORE
((((((((((((((((((((((((( Files Created from 2007-12-11 to 2008-01-11 )))))))))))))))))))))))))))))))
.
2008-01-11 19:48 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-11 18:06 . 2008-01-11 18:06 d-------- C:\WINDOWS\ERUNT
2008-01-11 00:50 . 2008-01-11 00:50 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Grisoft
2008-01-11 00:46 . 2007-08-10 17:24 d--h----- C:\Documents and Settings\Administrator\Ustawienia lokalne
2008-01-11 00:46 . 2007-08-10 17:24 d-------- C:\Documents and Settings\Administrator\Ulubione
2008-01-11 00:46 . 2007-08-10 16:31 d--h----- C:\Documents and Settings\Administrator\Szablony
2008-01-11 00:46 . 2008-01-11 19:27 d-------- C:\Documents and Settings\Administrator\Pulpit
2008-01-11 00:46 . 2007-08-10 17:24 d-------- C:\Documents and Settings\Administrator\Moje dokumenty
2008-01-11 00:46 . 2007-08-10 17:24 dr------- C:\Documents and Settings\Administrator\Menu Start
2008-01-11 00:46 . 2007-08-10 17:24 dr-h----- C:\Documents and Settings\Administrator\Dane aplikacji
2008-01-11 00:43 . 2008-01-11 00:43 542,677 --a------ C:\Autoruns.zip
2008-01-10 21:33 . 2008-01-10 21:34 5,499 --a------ C:\Documents and Settings\NUKER\957123844.exe
2008-01-10 21:33 . 2008-01-10 21:33 5,499 --a------ C:\Documents and Settings\NUKER\38.exe
2008-01-10 21:24 . 2008-01-10 21:24 d-------- C:\Documents and Settings\NUKER\Dane aplikacji\Grisoft
2008-01-10 21:23 . 2008-01-10 21:23 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Grisoft
2008-01-10 21:23 . 2007-05-30 12:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-10 20:11 . 2008-01-10 20:11 24,288 --a------ C:\WINDOWS\system32\awtrsro.dll
2008-01-10 19:35 . 2008-01-10 19:35 d-------- C:\Program Files\Lavasoft
2008-01-10 19:35 . 2008-01-10 19:35 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2008-01-10 19:01 . 2008-01-10 19:27 d-------- C:\Documents and Settings\NUKER\Dane aplikacji\Lavasoft
2008-01-10 18:59 . 2008-01-10 19:03 1,291,640,832 --a------ C:\726.tmp
2008-01-10 18:45 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS
2008-01-10 18:44 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\system32\drivers\dejdnnovhnlq.sys
2008-01-10 18:27 . 2008-01-10 18:52 d-------- C:\WINDOWS\system32\ActiveScan
2008-01-10 18:27 . 2008-01-10 18:27 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-01-10 18:27 . 2008-01-10 18:27 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-01-10 03:16 . 2008-01-10 03:16 d-------- C:\Program Files\TuneUp Utilities 2008
2008-01-10 03:16 . 2008-01-10 03:16 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-01-09 23:45 . 2008-01-09 23:45 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-09 23:45 . 2008-01-09 23:45 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-08 19:06 . 2008-01-08 19:06 d-------- C:\Documents and Settings\All Users\Dane aplikacji\LogiShrd
2008-01-08 19:04 . 2008-01-08 19:04 d-------- C:\Program Files\Common Files\Logishrd
2008-01-08 19:04 . 2008-01-08 19:04 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2008-01-08 19:03 . 2007-11-15 10:06 301,656 --a------ C:\WINDOWS\system32\BtCoreIf.dll
2007-12-28 17:23 . 2007-12-28 17:23 7,168 --ahs---- C:\WINDOWS\Thumbs.db
2007-12-28 12:22 . 2007-12-28 12:22 255 --a------ C:\WINDOWS\system32\temp_0000_85-18.aok
2007-12-26 23:45 . 2007-12-26 23:45 d-------- C:\Documents and Settings\NUKER\Incomplete
2007-12-26 23:44 . 2008-01-09 23:20 d-------- C:\Documents and Settings\NUKER\.limewire
2007-12-26 23:43 . 2007-12-26 23:45 d-------- C:\Program Files\LimeWire
2007-12-25 19:20 . 2006-11-01 13:52 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-12-25 19:20 . 2007-02-25 14:36 383,238 --a------ C:\WINDOWS\system32\libmp3lame-0.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-10 19:34 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 03:33 --------- d-----w C:\Program Files\Yahoo!
2008-01-10 03:32 --------- d-----w C:\Program Files\Valve
2008-01-10 03:32 --------- d-----w C:\Program Files\sXe Injected
2008-01-10 03:31 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-10 03:29 --------- d-----w C:\Program Files\Common Files\Motive
2008-01-10 03:29 --------- d-----w C:\Program Files\BT Broadband Talk Softphone
2008-01-10 00:11 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-01-10 00:08 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-01-09 10:53 --------- d-----w C:\Program Files\Steam
2008-01-09 00:27 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\Xfire
2008-01-08 19:03 --------- d-----w C:\Program Files\Common Files\Logitech
2007-12-31 17:53 --------- d-----w C:\Program Files\Winamp
2007-12-30 12:05 --------- d-----w C:\Program Files\Xfire
2007-12-22 17:21 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2007-12-20 10:41 29,440 ----a-w C:\WINDOWS\system32\uxtuneup.dll
2007-12-16 19:30 --------- d-----w C:\Program Files\BitComet
2007-12-12 20:54 --------- d-----w C:\Program Files\NAPI-PROJEKT
2007-12-10 00:11 --------- d-----w C:\Program Files\ATI Technologies
2007-12-10 00:06 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\ATI
2007-12-09 16:40 --------- d-----w C:\Program Files\WarRock
2007-12-09 16:17 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\InstallShield
2007-12-09 11:45 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\InstallShield Installation Information
2007-12-09 11:42 --------- d-----w C:\Program Files\DIFX
2007-12-09 11:41 --------- d-----w C:\Program Files\AGEIA Technologies
2007-12-07 20:57 --------- d-----w C:\Documents and Settings\NUKER\Dane aplikacji\AdobeUM
2007-12-06 03:16 --------- d-----w C:\Program Files\Gadu-Gadu
2007-12-02 19:56 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-12-02 19:56 --------- d-----w C:\Program Files\MagicISO
2007-11-28 14:34 --------- d-----w C:\Program Files\Ultra PSP Movie Converter
2007-11-28 14:28 --------- d-----w C:\Program Files\PQDVD
2007-11-28 09:26 --------- d-----w C:\Program Files\Opera
2007-11-15 10:07 76,304 ----a-w C:\WINDOWS\system32\KemXML.dll
2007-11-15 10:07 170,512 ----a-w C:\WINDOWS\system32\kemutb.dll
2007-11-15 10:07 141,840 ----a-w C:\WINDOWS\system32\KemUtil.dll
2007-11-15 10:07 117,264 ----a-w C:\WINDOWS\system32\KemWnd.dll
2007-11-02 04:57 9,314,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-11-02 04:24 176,128 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-11-02 04:10 364,544 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-11-02 04:09 268,288 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-11-02 04:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-11-02 04:01 143,360 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-11-02 04:01 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-11-02 04:00 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-11-02 04:00 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-11-02 03:59 495,616 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-11-02 03:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-11-02 03:50 3,133,728 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-11-02 03:39 1,602,176 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2007-11-02 03:35 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-11-02 03:26 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-11-02 03:24 376,832 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-11-02 03:22 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-11-02 03:16 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-11-01 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2005-05-11 21:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
2008-01-10 20:11 24288 --a------ C:\WINDOWS\system32\awtrsro.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 22:44 15360]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 07:39 2119104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 23:11 132496]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-10 19:27 917504]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 03:10 55824 C:\WINDOWS\KHALMNPR.Exe]
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-04-27 07:41 282624]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 22:44 15360]
C:\Documents and Settings\All Users\Menu Start\Programy\AutostartHP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 21:23:26]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-11 22:49:24]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-10-04 15:51:31]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= C:\WINDOWS\system32\awtrsro.dll [2008-01-10 20:11 24288]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtrsro]
awtrsro.dll 2008-01-10 20:11 24288 C:\WINDOWS\system32\awtrsro.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll 2007-11-15 10:10 72208 c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\vturs.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BT Broadband Desktop Help.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BT Broadband Desktop Help.lnk
backup=C:\WINDOWS\pss\BT Broadband Desktop Help.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eyeBeam SIP Client]
C:\Program Files\BT Broadband Talk Softphone\BTSoftphone.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\BTHOME~1\Help\SMARTB~1\BTHelpNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
"AQQ"=C:\PROGRA~1\WapSter\AQQ\AQQ.exe
"Steam"="C:\Program Files\Steam\Steam.exe" -silent
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
"btbb_wcm_McciTrayApp"=C:\Program Files\btbb_wcm\McciTrayApp.exe
"UpdReg"=C:\WINDOWS\UpdReg.EXE
"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
"WINDVDPatch"=CTHELPER.EXE
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-03 22:44]
R3 axvbusx;axvbusx;C:\WINDOWS\system32\DRIVERS\axvbusx.sys [2002-12-27 18:14]
R3 axvscsi;axvscsi;C:\WINDOWS\system32\DRIVERS\axvscsi.sys [2002-12-27 18:14]
S3 DAdderFltr;DeathAdder Mouse;C:\WINDOWS\system32\drivers\dadder.sys [2006-11-14 13:29]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-01-10 03:16]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3624417f-53b6-11dc-84a9-00147f7c21f8}]
\Shell\AutoRun\command - H:\AutoPlay.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-01-11 17:17:46 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-11 19:57:47
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\awtrsro.dll
PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.2180]
-> C:\WINDOWS\system32\awtrsro.dll
.
Completion time: 2008-01-11 20:00:49 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-11 20:00:44
.
2007-09-29 01:23:07 --- E O F ---
Daj log z Combofix!
Podaj lokalizacje.gdzie go wykrywa?pozamykaj robaczywe porty http://www.3vnet.pl/modules.php?name=News&file=article&sid=480
Ad-aware wykryl cos nowego o nazwie Virtumonde. Poszukalem na google i znalazlem jakis watek na innym forum... tam doczytalem zeby uzyc combofix... tak zrobilem ale wciaz sie pojawia. AVG go niewykrywa a Ad-aware zakazdym razem jak go do kwarantanny wrzuce czy skakuje to wciaz sie pojawia :/.
Powinno być Ok! Coś jeszcze sie dzieje?
Logfile of HijackThis v1.99.1
Scan saved at 19:01:46, on 2008-01-11
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\NUKER\Pulpit\hijackthis_199\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://goo/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
[quote]Jaki wpis usunac?[/quote]
Zaznaczone w poprzednim poscie!!!
Daj nowy log z HJT
Jaki wpis usunac?
to jest log z sdfix.
SDFix: Version 1.125
Run by Administrator on 2008-01-11 at 18:09
Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
core
Path:
system32\drivers\core.sys
core - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\system32\drivers\core.cache.dsk - Deleted
C:\WINDOWS\system32\drivers\core.sys - Deleted
C:\WINDOWS\system32\ntos.exe - Deleted
C:\WINDOWS\system32\wsnpoem\audio.dll - Deleted
C:\WINDOWS\system32\wsnpoem\audio.dll.cla - Deleted
C:\WINDOWS\system32\wsnpoem\video.dll - Deleted
Folder C:\Temp\tn3 - Removed
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-11 18:21:37
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\A\1\5\1c]
"Order"=hex:08,00,00,00,02,00,00,00,b8,01,00,00,01,00,00,00,04,00,00,00,8c,..
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 50
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Gadu-Gadu\\gg.exe"="C:\\Program Files\\Gadu-Gadu\\gg.exe:*:Enabled:Gadu-Gadu - program g˘wny"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Konnekt\\konnekt.exe"="C:\\Program Files\\Konnekt\\konnekt.exe:*:Enabled:Konnekt - Core"
"C:\\Program Files\\NAPI-PROJEKT\\napisy.exe"="C:\\Program Files\\NAPI-PROJEKT\\napisy.exe:*:Enabled:www.napiprojekt.pl"
"D:\\W40k.exe"="D:\\W40k.exe:*:Enabled:W40K"
"D:\\DOW\\W40k.exe"="D:\\DOW\\W40k.exe:*:Enabled:W40K"
"C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire"
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2-new.exe"="C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2-new.exe:*:Enabled:BF2-new"
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"="C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe:*:Enabled:Battlefield 2"
"C:\\Program Files\\Google\\Google SketchUp 6\\SketchUp.exe"="C:\\Program Files\\Google\\Google SketchUp 6\\SketchUp.exe:*:Disabled:SketchUp Application"
"C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"="C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe:*:Enabled:ET"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Valve\\hl.exe"="C:\\Program Files\\Valve\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\WapSter\\AQQ\\AQQ.exe"="C:\\Program Files\\WapSter\\AQQ\\AQQ.exe:*:Enabled:P2P AQQ"
"C:\\PROGRA~1\\WapSter\\AQQ\\AQQ.exe"="C:\\PROGRA~1\\WapSter\\AQQ\\AQQ.exe:*:Enabled:P2P AQQ"
"C:\\Program Files\\Opera\\Opera.exe"="C:\\Program Files\\Opera\\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Program Files\\Steam\\SteamApps\\miloszspisz\\team fortress 2\\hl2.exe"="C:\\Program Files\\Steam\\SteamApps\\miloszspisz\\team fortress 2\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
---------------
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes:
Sun 5 Aug 2001 644 ..SH. --- "C:\Program Files\Pixologic\ZBrush3\zmem02svr.dll"
Thu 10 Jan 2008 0 A..H. --- "C:\Documents and Settings\NUKER\Ustawienia lokalne\Temp\1baf95hpaf950.exe"
Finished!
[quote]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://goo/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es[/quote]
Wpisy usuń w HJT
Pobierz program [b]SDFix[/b]
* Dwuklik na SDFix.exe następnie program wypakuje się na dysk systemowy (standardowo C:\SDFix)
* Zrestartuj komputer i wejdź do trybu awaryjnego (klawisz F8 przed bootem Windowsa)
* Wejdź do folderu z SDFix kliknij dwa razy na plik RunThis.bat
* Wciśnij Y nastąpi proces usuwania.
* Kiedy usuwanie się ukończy wciśnij dowolny klawisz (Any Key). Nastąpi restart komputera.
* Po restarcie SDFix uruchomi się ponownie, żeby dokończyć proces usuwania kiedy pojawi się w oknie programu Finished, wciśnij dowolny klawisz do zakończenia scryptu i załadowania ikon na pulpicie.
* Pokaż Report.txt znajdujący się w folderze SDFix.
Strona 1 / 1