Gjest Skrevet 25. desember 2008 Del Skrevet 25. desember 2008 Han har fått MSN virus igjen -.- Nå har han kjørt MSNfix og her har du en combofix.txt logg Lenke til kommentar
raWrz Skrevet 25. desember 2008 Del Skrevet 25. desember 2008 Last ned Malwarebytes' Anti-Malware Her eller Her.''' Lagre den på Skrivebordet. Kjør fila og installer programmet. Velg Norsk språkdrakt. [*]Sett en hake ved siden av Oppdater Malwarebytes' Anti-Malware og Kjør Malwarebytes' Anti-Malware, og trykk Ferdig. La programmet oppdatere seg og velg Utfør hurtig systemskann. Du får en meldingsboks når programmet er ferdigkjørt Klikk deretter på Vis resultat-knappen. Hvis det er funnet malware, vil du nå se hva som er funnet. Klikk så på Fjern valgt -knappen for å fjerne malwaren som evt. ble funnet. Notis: Hvis MBAM finner en fil som er vanskelig å fjerne, vil du bli spurt om to spørsmål. Trykk OK på begge, og la MBAM gjøre seg ferdig med desinfeksjonen. Hvis du blir spurt om å restarte maskinen, gjør du det med en gang. Når MBAM er ferdig med å fjerne det den har funnet, vil det bli åpnet en logg i notisblokk. Den poster du senere om den fant noe annet enn cookies Lenke til kommentar
Gjest Skrevet 25. desember 2008 Del Skrevet 25. desember 2008 (endret) Han har kjørt den, men mistet loggen første gang så han kjørte den på nytt og ga meg loggen på nytt (andre gangen han kjører den) Jeg åpnet den, der fant jeg ingen ting... Tror det er borte Men poster en ny logg av combofix straks EDIT: Logg: ComboFix 08-12-24.01 - JoachimK 2008-12-25 2:09:02.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2047.1496 [GMT 1:00] Running from: c:\documents and settings\JoachimK\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\JoachimK\LOCALS~1\Temp\tmp2.tmp c:\windows\system32\fcgywhsw.dll c:\windows\system32\opipimew.ini c:\windows\system32\qcxfkyix.ini c:\windows\system32\rscava.dll c:\windows\system32\rxlwmoee.ini c:\windows\system32\uyidofin.ini . ((((((((((((((((((((((((( Files Created from 2008-11-25 to 2008-12-25 ))))))))))))))))))))))))))))))) . 2008-12-25 01:22 . 2008-12-25 01:22 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-25 01:22 . 2008-12-25 01:22 <DIR> d-------- c:\documents and settings\JoachimK\Application Data\Malwarebytes 2008-12-25 01:22 . 2008-12-25 01:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-25 01:22 . 2008-12-03 19:59 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-25 01:22 . 2008-12-03 19:59 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-24 22:02 . 2004-08-04 08:56 21,504 --a------ c:\windows\system32\hidserv.dll 2008-12-22 23:29 . 2008-12-22 23:56 1,581,056 --a------ c:\windows\system32\opipimew.tmp 2008-12-21 00:08 . 2008-12-21 00:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\McAfee 2008-12-13 20:50 . 2008-12-13 21:23 <DIR> d-------- c:\documents and settings\JoachimK\Application Data\Mine Kampen om Midgard-filer 2008-12-06 21:19 . 2008-12-14 18:35 31 --a------ c:\documents and settings\JoachimK\jagex_runescape_preferences.dat 2008-11-28 22:14 . 2008-11-28 22:14 244 --ah----- C:\sqmnoopt05.sqm 2008-11-28 22:14 . 2008-11-28 22:14 232 --ah----- C:\sqmdata05.sqm . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-25 01:11 --------- d-----w c:\program files\Norman 2008-12-25 01:10 --------- d-----w c:\documents and settings\JoachimK\Application Data\uTorrent 2008-12-24 10:28 --------- d-----w c:\documents and settings\All Users\Application Data\TrackMania 2008-12-24 09:34 --------- d-----w c:\program files\Steam 2008-10-31 16:29 --------- d-----w c:\program files\uTorrent 2008-10-31 16:27 --------- d-----w c:\documents and settings\JoachimK\Application Data\vlc 2008-10-31 16:17 --------- d-----w c:\program files\VideoLAN 2005-09-20 10:05 456,768 ----a-w c:\windows\inf\WG311T\WG311T13.sys 2004-10-19 18:58 35,232 ----a-w c:\windows\inf\WG311T\ME_INST.EXE 2004-10-19 18:58 26,112 ----a-w c:\windows\inf\WG311T\install.exe 1990-01-01 01:01 40,960 --sh--r c:\windows\system32\KcrnadDrv.dll . ((((((((((((((((((((((((((((( snapshot@2008-06-04_23.04.12,23 ))))))))))))))))))))))))))))))))))))))))) . + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll + 2007-11-30 11:20:44 755,576 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll + 2008-05-02 13:30:08 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll + 2008-05-02 14:01:49 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll + 2008-05-02 13:42:10 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll + 2007-11-30 11:20:44 755,576 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll + 2008-04-23 03:35:35 124,928 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll + 2008-04-23 03:35:35 347,136 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll + 2008-04-23 03:35:35 214,528 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll + 2008-04-23 03:35:35 132,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll + 2008-04-23 03:35:35 63,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll + 2008-04-22 08:02:19 70,656 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe + 2008-04-23 03:35:35 153,088 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll + 2008-04-23 03:35:35 230,400 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll + 2008-04-20 05:07:38 161,792 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll + 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat + 2008-04-23 03:35:35 383,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll + 2008-04-23 03:35:35 388,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll + 2008-04-23 03:35:36 6,068,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll + 2008-04-23 03:35:36 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll + 2008-04-23 03:35:36 267,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll + 2008-04-22 08:02:19 13,824 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe + 2008-04-22 08:02:46 625,664 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe + 2008-04-23 03:35:36 27,648 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll + 2008-04-23 03:35:36 459,264 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll + 2008-04-23 03:35:36 52,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll + 2008-04-23 03:35:36 3,593,728 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll + 2008-04-23 03:35:36 478,208 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll + 2008-04-23 03:35:36 193,024 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll + 2008-04-23 03:35:36 671,232 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll + 2008-04-23 03:35:36 102,912 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll + 2008-04-23 03:35:36 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll + 2008-04-23 03:35:36 105,984 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll + 2008-04-23 03:35:36 1,162,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll + 2008-04-23 03:35:36 233,472 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll + 2008-04-23 03:35:36 827,392 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll + 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll + 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe + 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll + 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\update.exe + 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950760\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950760\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll + 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll + 2008-05-08 12:14:51 203,008 ----a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys + 2008-05-08 14:02:52 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys + 2008-05-08 13:58:17 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950762\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950762\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll + 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll + 2008-07-07 20:06:43 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll + 2008-07-07 20:26:58 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll + 2008-07-07 20:23:18 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll + 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe + 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll + 2008-04-11 18:39:39 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll + 2008-04-11 19:04:26 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll + 2008-04-11 22:22:26 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll + 2007-12-03 15:25:31 755,576 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll + 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe + 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe + 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll + 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll + 2008-06-13 09:52:16 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys + 2008-06-13 11:05:51 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys + 2008-06-13 11:27:43 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll + 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe + 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll + 2008-04-14 11:00:16 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys + 2008-04-14 12:30:49 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys + 2008-04-14 12:36:35 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951376\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951376\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll + 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe + 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll + 2008-05-07 04:55:40 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll + 2008-05-07 05:12:40 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll + 2008-05-07 05:04:15 1,288,192 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll + 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll + 2006-08-16 12:08:32 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll + 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys + 2008-06-20 17:36:11 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll + 2008-06-20 17:36:11 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll + 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys + 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys + 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys + 2008-06-20 17:46:57 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll + 2008-06-20 17:46:57 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll + 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys + 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys + 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys + 2008-06-20 17:43:05 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll + 2008-06-20 17:43:05 245,248 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll + 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys + 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll + 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe + 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll + 2008-05-01 15:04:00 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll + 2008-05-01 14:33:02 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll + 2008-05-01 14:38:05 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll + 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe + 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll + 2008-06-24 16:28:00 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll + 2008-06-24 16:43:16 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll + 2008-06-24 16:53:10 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll + 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll + 2008-06-23 16:01:38 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll + 2008-06-23 16:01:38 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll + 2008-06-23 16:01:39 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll + 2008-06-23 16:01:39 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll + 2008-06-23 16:01:39 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll + 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe + 2008-06-23 16:01:39 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll + 2008-06-23 16:01:39 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll + 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll + 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat + 2008-06-23 16:01:40 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll + 2008-06-23 16:01:40 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll + 2008-06-23 16:01:43 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll + 2008-06-23 16:01:43 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll + 2008-06-23 16:01:44 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll + 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe + 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe + 2008-06-23 16:01:46 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll + 2008-06-23 16:01:46 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll + 2008-06-23 16:01:46 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll + 2008-06-23 16:01:49 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll + 2008-06-23 16:01:49 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll + 2008-06-23 16:01:49 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll + 2008-06-23 16:01:50 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll + 2008-06-23 16:01:50 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll + 2008-06-23 16:01:50 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll + 2008-06-23 16:01:50 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll + 2008-06-23 16:01:51 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll + 2008-06-23 16:01:51 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll + 2008-06-23 16:01:51 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll + 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll + 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe + 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll + 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe + 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll + 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe + 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll + 2008-09-15 12:17:07 1,846,912 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys + 2008-09-15 12:12:56 1,846,400 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys + 2008-09-15 12:25:27 1,846,912 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll + 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll + 2008-09-04 16:32:52 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP2QFE\msxml3.dll + 2008-09-04 17:15:04 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3GDR\msxml3.dll + 2008-09-04 17:12:27 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll + 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe + 2008-07-09 12:08:38 382,840 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll + 2008-08-26 09:08:35 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll + 2008-08-26 09:08:36 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll + 2008-08-26 09:08:36 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll + 2008-08-26 09:08:36 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll + 2008-08-26 09:08:36 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll + 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe + 2008-08-26 09:08:36 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll + 2008-08-26 09:08:36 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll + 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll + 2007-07-01 03:31:33 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat + 2008-08-26 09:08:36 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll + 2008-08-26 09:08:37 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll + 2008-10-03 17:26:50 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll + 2008-08-26 09:08:39 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll + 2008-08-26 09:08:39 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll + 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe + 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe + 2008-08-26 09:08:40 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll + 2008-08-26 09:08:40 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll + 2008-08-26 09:08:40 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll + 2008-08-26 09:08:43 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll + 2008-08-26 09:08:43 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll + 2008-08-26 09:08:44 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll + 2008-08-26 09:08:44 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll + 2008-08-26 09:08:44 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll + 2008-08-26 09:08:44 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll + 2008-08-26 09:08:44 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll + 2008-08-26 09:08:45 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll + 2008-08-26 09:08:45 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll + 2008-08-26 09:08:45 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll + 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll + 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe + 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll + 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe + 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll + 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll + 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe + 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll + 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll + 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys + 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys + 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll + 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe + 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll + 2008-08-14 09:55:01 2,142,720 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlmp.exe + 2008-08-14 09:18:44 2,062,976 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe + 2008-08-14 09:18:46 2,020,864 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrpamp.exe + 2008-08-14 09:57:20 2,185,984 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe + 2008-08-14 10:09:26 2,145,280 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe + 2008-08-14 09:33:16 2,066,048 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe + 2008-08-14 09:33:16 2,023,936 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe + 2008-08-14 10:11:02 2,189,184 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe + 2008-08-14 10:39:28 2,145,280 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe + 2008-08-14 13:39:46 2,066,048 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe + 2008-08-14 10:09:44 2,023,936 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe + 2008-08-14 14:11:10 2,189,184 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll + 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe + 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll + 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys + 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys + 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll + 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe + 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll + 2008-10-24 11:25:29 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP2QFE\mrxsmb.sys + 2008-10-24 11:21:09 455,296 ----a-w c:\windows\$hf_mig$\KB957097\SP3GDR\mrxsmb.sys + 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys + 2008-07-08 13:02:01 17,272 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll + 2008-07-08 13:02:02 231,288 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe + 2008-07-08 13:02:01 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll + 2008-07-08 13:02:04 755,576 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe + 2008-07-08 13:02:12 382,840 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll + 2008-10-15 16:53:28 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP2QFE\netapi32.dll + 2008-10-15 16:34:24 337,408 ----a-w c:\windows\$hf_mig$\KB958644\SP3GDR\netapi32.dll + 2008-10-15 16:25:53 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE\netapi32.dll + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll + 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe + 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll + 2005-06-28 17:23:24 213,216 -c----w c:\windows\$NtUninstallKB923689$\spuninst\spuninst.exe + 2005-06-28 17:23:53 371,424 -c----w c:\windows\$NtUninstallKB923689$\spuninst\updspapi.dll + 2005-01-28 11:44:28 2,370,296 -c----w c:\windows\$NtUninstallKB923689$\wmvcore.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB938464$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB938464$\spuninst\updspapi.dll + 2004-08-04 07:56:43 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB946648$\spuninst\updspapi.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950760$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB950760$\spuninst\updspapi.dll + 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB950762$\spuninst\updspapi.dll + 2005-07-26 04:39:45 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe + 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB950974$\spuninst\updspapi.dll + 2007-08-21 06:15:44 683,520 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951066$\spuninst\updspapi.dll + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\updspapi.dll + 2007-11-13 11:31:11 60,416 -c----w c:\windows\$NtUninstallKB951072-v2$\tzchange.exe + 2008-04-14 11:01:02 272,128 -c----w c:\windows\$NtUninstallKB951376-v2$\bthport.sys + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe + 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\updspapi.dll + 2004-08-04 06:10:37 274,304 -c----w c:\windows\$NtUninstallKB951376$\bthport.sys + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376$\spuninst\spuninst.exe + 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376$\spuninst\updspapi.dll + 2007-10-29 22:43:03 1,287,680 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951698$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951698$\spuninst\updspapi.dll + 2004-08-04 06:14:14 138,496 -c----w c:\windows\$NtUninstallKB951748$\afd.sys + 2008-02-20 05:32:43 148,992 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll + 2004-08-04 07:56:44 245,248 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe + 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB951748$\spuninst\updspapi.dll + 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys + 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys + 2004-08-04 07:56:42 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe + 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB952287$\spuninst\updspapi.dll + 2005-06-29 01:46:00 74,240 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB952954$\spuninst\updspapi.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB953839$\spuninst\spuninst.exe + 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB953839$\spuninst\updspapi.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi.dll + 2008-03-19 09:47:00 1,845,248 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys + 2007-06-26 06:08:16 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe + 2008-07-09 12:08:38 382,840 -c----w c:\windows\$NtUninstallKB955069$\spuninst\updspapi.dll + 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe + 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll + 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe + 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll + 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlmp.exe + 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe + 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\$NtUninstallKB956841$\ntkrpamp.exe + 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe + 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi.dll + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe + 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi.dll + 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys + 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys + 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe + 2008-07-08 13:02:12 382,840 -c----w c:\windows\$NtUninstallKB957097$\spuninst\updspapi.dll + 2006-08-17 12:28:27 332,288 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll + 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe + 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB958644$\spuninst\updspapi.dll + 2008-11-07 23:19:46 100,888 ----a-w c:\windows\.jagex_cache_32\loginapplet\cache--1999123318.dat + 2008-12-14 17:25:21 315,392 ----a-w c:\windows\.jagex_cache_32\runescape\jogl.dll + 2008-12-14 17:25:21 20,480 ----a-w c:\windows\.jagex_cache_32\runescape\jogl_awt.dll - 2008-01-17 17:11:57 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2008-07-25 20:27:34 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll - 2008-01-17 17:11:57 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2008-07-25 20:27:34 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll - 2008-01-17 17:11:57 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2008-07-25 20:27:35 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll - 2008-01-17 17:11:54 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-07-25 20:27:30 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-01-17 17:11:55 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-07-25 20:27:31 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-01-17 17:11:55 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-07-25 20:27:31 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-01-17 17:11:55 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-07-25 20:27:32 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-01-17 17:11:55 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-07-25 20:27:32 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-01-17 17:11:55 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-07-25 20:27:32 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-01-17 17:11:56 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-07-25 20:27:32 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-01-17 17:11:56 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-07-25 20:27:33 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-01-17 17:11:56 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-07-25 20:27:33 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-01-17 17:11:57 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-07-25 20:27:35 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-01-17 17:11:57 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2008-07-25 20:27:35 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll - 2008-01-17 17:11:57 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll + 2008-07-25 20:27:35 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll - 2008-01-17 17:11:57 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2008-07-25 20:27:35 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll - 2008-01-17 17:11:57 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2008-07-25 20:27:36 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll - 2008-01-17 17:11:57 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2008-07-25 20:27:34 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2002-07-25 16:13:18 24,576 ----a-w c:\windows\Downloaded Program Files\dwusplay.dll + 2002-07-25 16:13:12 196,608 ----a-w c:\windows\Downloaded Program Files\dwusplay.exe + 2004-08-09 04:02:38 327,680 ----a-w c:\windows\Downloaded Program Files\isusweb.dll + 2008-06-13 13:10:50 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys - 2006-05-05 09:41:45 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys + 2008-10-24 11:10:42 453,632 ------w c:\windows\Driver Cache\i386\mrxsmb.sys - 2007-02-28 09:08:48 2,136,064 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2008-08-14 09:58:27 2,136,064 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe - 2007-02-28 08:38:55 2,057,600 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2008-08-14 09:22:13 2,057,728 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe - 2007-02-28 08:38:57 2,015,744 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe + 2008-08-14 09:22:14 2,015,744 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe - 2007-02-28 09:10:57 2,180,352 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe + 2008-08-14 10:00:45 2,180,352 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe - 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE + 2008-03-01 13:06:20 124,928 -c----w c:\windows\ie7updates\KB950759-IE7\advpack.dll + 2008-03-01 13:06:21 347,136 -c----w c:\windows\ie7updates\KB950759-IE7\dxtmsft.dll + 2008-03-01 13:06:21 214,528 -c----w c:\windows\ie7updates\KB950759-IE7\dxtrans.dll + 2008-03-01 13:06:21 133,120 -c----w c:\windows\ie7updates\KB950759-IE7\extmgr.dll + 2008-03-01 13:06:21 63,488 -c----w c:\windows\ie7updates\KB950759-IE7\icardie.dll + 2008-02-29 08:55:23 70,656 -c----w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe + 2008-03-01 13:06:21 153,088 -c----w c:\windows\ie7updates\KB950759-IE7\ieakeng.dll + 2008-03-01 13:06:21 230,400 -c----w c:\windows\ie7updates\KB950759-IE7\ieaksie.dll + 2008-02-15 05:44:25 161,792 -c----w c:\windows\ie7updates\KB950759-IE7\ieakui.dll + 2008-03-01 13:06:22 383,488 -c----w c:\windows\ie7updates\KB950759-IE7\ieapfltr.dll + 2008-03-01 13:06:22 384,512 -c----w c:\windows\ie7updates\KB950759-IE7\iedkcs32.dll + 2008-03-01 13:06:24 6,066,176 -c----w c:\windows\ie7updates\KB950759-IE7\ieframe.dll + 2008-03-01 13:06:24 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\iernonce.dll + 2008-03-01 13:06:25 267,776 -c----w c:\windows\ie7updates\KB950759-IE7\iertutil.dll + 2008-02-22 10:00:51 13,824 -c----w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe + 2008-02-29 08:55:46 625,664 -c----w c:\windows\ie7updates\KB950759-IE7\iexplore.exe + 2008-03-01 13:06:25 27,648 -c----w c:\windows\ie7updates\KB950759-IE7\jsproxy.dll + 2008-03-01 13:06:26 459,264 -c----w c:\windows\ie7updates\KB950759-IE7\msfeeds.dll + 2008-03-01 13:06:26 52,224 -c----w c:\windows\ie7updates\KB950759-IE7\msfeedsbs.dll + 2008-03-01 16:36:30 3,591,680 -c----w c:\windows\ie7updates\KB950759-IE7\mshtml.dll + 2008-03-01 13:06:28 478,208 -c----w c:\windows\ie7updates\KB950759-IE7\mshtmled.dll + 2008-03-01 13:06:28 193,024 -c----w c:\windows\ie7updates\KB950759-IE7\msrating.dll + 2008-03-01 13:06:29 671,232 -c----w c:\windows\ie7updates\KB950759-IE7\mstime.dll + 2008-03-01 13:06:29 102,912 -c----w c:\windows\ie7updates\KB950759-IE7\occache.dll + 2008-03-01 13:06:29 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\pngfilt.dll + 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe + 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\updspapi.dll + 2008-03-01 13:06:29 105,984 -c----w c:\windows\ie7updates\KB950759-IE7\url.dll + 2008-03-01 13:06:30 1,159,680 -c----w c:\windows\ie7updates\KB950759-IE7\urlmon.dll + 2008-03-01 13:06:30 233,472 -c----w c:\windows\ie7updates\KB950759-IE7\webcheck.dll + 2008-03-01 13:06:31 826,368 -c----w c:\windows\ie7updates\KB950759-IE7\wininet.dll + 2008-04-23 04:16:28 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll + 2008-04-23 04:16:28 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll + 2008-04-23 04:16:28 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll + 2008-04-23 04:16:28 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll + 2008-04-23 04:16:28 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll + 2008-04-22 07:39:58 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe + 2008-04-23 04:16:28 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll + 2008-04-23 04:16:28 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll + 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll + 2008-04-23 04:16:28 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll + 2008-04-23 04:16:28 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll + 2008-04-23 04:16:28 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll + 2008-04-23 04:16:28 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll + 2008-04-23 04:16:28 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll + 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe + 2008-04-22 07:40:18 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe + 2008-04-23 04:16:28 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll + 2008-04-23 04:16:28 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll + 2008-04-23 04:16:28 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll + 2008-04-23 20:16:30 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll + 2008-04-23 04:16:28 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll + 2008-04-23 04:16:28 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll + 2008-04-23 04:16:28 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll + 2008-04-23 04:16:28 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll + 2008-04-23 04:16:28 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll + 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe + 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll + 2008-04-23 04:16:28 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll + 2008-04-23 04:16:29 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll + 2008-04-23 04:16:29 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll + 2008-04-23 04:16:29 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll + 2008-06-23 16:57:27 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll + 2008-06-23 16:57:27 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll + 2008-06-23 16:57:27 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll + 2008-06-23 16:57:27 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll + 2008-06-23 16:57:28 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll + 2008-06-23 09:20:25 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe + 2008-06-23 16:57:29 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll + 2008-06-23 16:57:29 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll + 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll + 2008-06-23 16:57:29 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll + 2008-06-23 16:57:29 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll + 2008-06-23 16:57:33 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll + 2008-06-23 16:57:33 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll + 2008-06-23 16:57:34 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll + 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe + 2008-06-23 09:20:52 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe + 2008-06-23 16:57:35 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll + 2008-06-23 16:57:36 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll + 2008-06-23 16:57:36 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll + 2008-06-24 08:57:40 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll + 2008-06-23 16:57:39 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll + 2008-06-23 16:57:39 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll + 2008-06-23 16:57:40 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll + 2008-06-23 16:57:40 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll + 2008-06-23 16:57:40 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll + 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe + 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll + 2008-06-23 16:57:40 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll + 2008-06-23 16:57:40 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll + 2008-06-23 16:57:41 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll + 2008-06-23 16:57:41 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll + 2008-08-26 07:24:28 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll + 2008-08-26 07:24:28 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll + 2008-08-26 07:24:28 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll + 2008-08-26 07:24:28 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll + 2008-08-26 07:24:28 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll + 2008-08-25 08:37:59 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe + 2008-08-26 07:24:28 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll + 2008-08-26 07:24:28 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll + 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll + 2008-08-26 07:24:28 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll + 2008-08-26 07:24:29 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll + 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll + 2008-08-26 07:24:29 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll + 2008-08-26 07:24:29 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll + 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe + 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe + 2008-08-26 07:24:30 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll + 2008-08-26 07:24:30 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll + 2008-08-26 07:24:30 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll + 2008-08-27 08:24:32 3,593,216 -c----w c:\windows\ie7updates\KB958215-IE7\mshtml.dll + 2008-08-26 07:24:30 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll + 2008-08-26 07:24:30 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll + 2008-08-26 07:24:30 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll + 2008-08-26 07:24:30 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll + 2008-08-26 07:24:30 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll + 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe + 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll + 2008-08-26 07:24:30 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll + 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll + 2008-08-26 07:24:31 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll + 2008-08-26 07:24:31 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll + 2008-10-17 01:08:40 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll + 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe + 2007-03-06 01:23:47 371,424 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll + 2008-11-12 21:50:22 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe + 2008-07-21 20:42:52 32,768 ----a-r c:\windows\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe + 2008-07-27 18:20:09 65,536 ----a-r c:\windows\Installer\{ED87EE42-C14B-4119-8686-C3A630F2A463}\ARPPRODUCTICON.exe + 2008-07-27 18:20:09 65,536 ----a-r c:\windows\Installer\{ED87EE42-C14B-4119-8686-C3A630F2A463}\NewShortcut3_6BF1780B36EA432B9451DD84FF5C9D52.exe + 2008-07-27 18:20:09 65,536 ----a-r c:\windows\Installer\{ED87EE42-C14B-4119-8686-C3A630F2A463}\NewShortcut4_6BF1780B36EA432B9451DD84FF5C9D52.exe + 2008-07-27 18:20:09 65,536 ----a-r c:\windows\Installer\{ED87EE42-C14B-4119-8686-C3A630F2A463}\Z_MENU_SRVCFG_6BF1780B36EA432B9451DD84FF5C9D52.exe - 2000-08-31 06:00:00 28,160 ----a-w c:\windows\Nircmd.exe + 2000-08-31 07:00:00 28,672 ----a-w c:\windows\Nircmd.exe + 2004-08-04 07:56:41 159,232 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\cewmdm.dll + 2004-08-04 07:56:43 52,224 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll + 2004-08-04 07:56:43 201,728 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSP.dll + 2004-08-04 07:57:01 356,352 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSSCP.dll + 2004-08-04 07:56:44 245,760 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSWMDM.dll + 2004-08-04 07:56:46 27,136 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMLOG.dll + 2004-08-04 07:56:46 23,552 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMPS.dll + 2005-01-28 11:44:28 164,864 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\cewmdm.dll + 2005-01-28 11:44:28 25,088 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll + 2005-01-28 11:44:28 173,568 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSP.dll + 2005-01-28 11:44:28 364,784 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSSCP.dll + 2005-01-28 11:44:28 315,904 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSWMDM.dll + 2005-01-28 11:44:28 28,160 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMLOG.dll + 2005-01-28 11:44:28 33,792 ----a-w c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMPS.dll + 2005-01-28 11:44:28 47,104 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe + 2005-01-28 11:44:28 15,872 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfapi.dll + 2005-01-28 11:44:28 38,912 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe + 2005-01-28 11:44:28 38,912 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpd_ci.dll + 2005-01-28 11:44:28 61,952 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdconns.dll + 2005-01-28 11:44:28 114,176 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtp.dll + 2005-01-28 11:44:28 331,776 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpdr.dll + 2005-01-28 11:44:28 66,560 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpus.dll + 2005-01-28 11:44:28 331,264 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdsp.dll + 2005-01-28 11:44:28 10,752 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdtrace.dll + 2005-01-28 11:44:28 18,944 ----a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdusb.sys + 2004-08-04 07:56:46 408,064 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmadmod.dll + 2004-08-04 07:56:46 759,296 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmsdmod.dll + 2004-08-04 07:56:46 484,864 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmspdmod.dll + 2004-08-04 07:56:46 809,984 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmvdmod.dll + 2005-01-28 11:44:28 396,528 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmadmod.dll + 2005-01-28 11:44:28 774,904 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmsdmod.dll + 2005-01-28 11:44:28 413,944 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmspdmod.dll + 2005-01-28 11:44:28 1,218,808 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvadvd.dll + 2005-01-28 11:44:28 895,736 ----a-w c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvdmod.dll + 2004-08-04 07:56:41 286,208 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\blackbox.dll + 2004-08-04 07:57:04 299,520 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmclien.dll + 2004-08-04 07:56:42 87,040 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmstor.dll + 2004-08-04 07:57:02 695,296 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmv2clt.dll + 2004-08-04 07:57:01 259,072 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\msnetobj.dll + 2005-01-28 11:44:28 294,912 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\blackbox.dll + 2005-01-28 11:44:28 258,296 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmclien.dll + 2005-01-28 11:44:28 96,768 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmstor.dll + 2005-01-28 11:44:28 502,272 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmv2clt.dll + 2005-01-28 11:44:28 142,336 ----a-w c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\msnetobj.dll + 2004-08-04 07:56:42 6,656 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\laprxy.dll + 2004-08-04 07:56:50 103,936 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe + 2004-08-04 07:56:44 237,568 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\qasf.dll + 2004-08-04 07:56:46 670,720 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmadmoe.dll + 2007-10-27 16:39:20 230,912 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmasf.dll + 2004-08-04 07:56:46 151,552 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmidx.dll + 2004-08-04 07:56:46 1,050,624 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmnetmgr.dll + 2004-08-04 07:56:46 1,119,744 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmsdmoe2.dll + 2004-08-04 07:56:46 896,512 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmspdmoe.dll + 2007-10-27 16:37:38 2,109,440 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvcore.dll + 2004-08-04 07:56:46 1,001,472 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvdmoe2.dll + 2005-01-28 11:44:28 6,656 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\laprxy.dll + 2005-01-28 11:44:28 96,768 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe + 2005-01-28 11:44:28 221,184 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\qasf.dll + 2005-01-28 11:44:28 716,288 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmadmoe.dll + 2005-01-28 11:44:28 224,768 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmasf.dll + 2005-01-28 11:44:28 335,872 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMdev.dll + 2005-01-28 11:44:28 290,816 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMNet.dll + 2005-01-28 11:44:28 150,016 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmidx.dll + 2005-01-28 11:44:28 1,027,072 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmnetmgr.dll + 2005-01-28 11:44:28 1,119,744 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmsdmoe2.dll + 2005-01-28 11:44:28 940,544 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmspdmoe.dll + 2005-01-28 11:44:28 1,512,448 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMVADVE.DLL + 2005-01-28 11:44:28 2,370,296 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvcore.dll + 2005-01-28 11:44:28 1,003,008 ----a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvdmoe2.dll - 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe + 2000-08-31 07:00:00 161,792 ----a-w c:\windows\swreg.exe - 2008-03-01 13:06:20 124,928 ----a-w c:\windows\system32\advpack.dll + 2008-10-16 20:38:34 124,928 ----a-w c:\windows\system32\advpack.dll - 2004-08-04 07:56:41 286,208 ----a-w c:\windows\system32\blackbox.dll + 2005-01-28 11:44:28 294,912 ----a-w c:\windows\system32\blackbox.dll - 2007-07-30 18:19:20 92,504 ----a-w c:\windows\system32\cdm.dll + 2008-10-16 13:09:44 92,696 ----a-w c:\windows\system32\cdm.dll - 2004-08-04 07:56:41 159,232 ----a-w c:\windows\system32\cewmdm.dll + 2005-01-28 11:44:28 164,864 ----a-w c:\windows\system32\cewmdm.dll - 2008-03-01 13:06:20 124,928 -c----w c:\windows\system32\dllcache\advpack.dll + 2008-10-16 20:38:34 124,928 -c----w c:\windows\system32\dllcache\advpack.dll + 2008-08-14 09:51:43 138,368 -c----w c:\windows\system32\dllcache\afd.sys + 2005-01-28 11:44:28 294,912 -c--a-w c:\windows\system32\dllcache\blackbox.dll + 2008-06-13 13:10:50 272,128 -c----w c:\windows\system32\dllcache\bthport.sys - 2007-07-30 18:19:20 92,504 -c--a-w c:\windows\system32\dllcache\cdm.dll + 2008-10-16 13:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll + 2005-01-28 11:44:28 164,864 -c--a-w c:\windows\system32\dllcache\cewmdm.dll - 2008-02-20 05:32:43 148,992 -c----w c:\windows\system32\dllcache\dnsapi.dll + 2008-06-20 17:41:10 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll + 2005-01-28 11:44:28 258,296 -c--a-w c:\windows\system32\dllcache\drmclien.dll + 2005-01-28 11:44:28 96,768 -c--a-w c:\windows\system32\dllcache\drmstor.dll + 2005-01-28 11:44:28 502,272 -c--a-w c:\windows\system32\dllcache\drmv2clt.dll - 2008-03-01 13:06:21 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll + 2008-10-16 20:38:34 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll - 2008-03-01 13:06:21 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll + 2008-10-16 20:38:34 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll + 2008-07-07 20:32:22 253,952 -c----w c:\windows\system32\dllcache\es.dll - 2008-03-01 13:06:21 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll + 2008-10-16 20:38:35 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll - 2008-02-20 06:51:05 282,624 -c----w c:\windows\system32\dllcache\gdi32.dll + 2008-10-23 13:01:36 283,648 -c----w c:\windows\system32\dllcache\gdi32.dll - 2008-03-01 13:06:21 63,488 -c----w c:\windows\system32\dllcache\icardie.dll + 2008-10-16 20:38:35 63,488 -c----w c:\windows\system32\dllcache\icardie.dll - 2008-02-29 08:55:23 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe + 2008-10-16 13:11:09 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe - 2008-03-01 13:06:21 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll + 2008-10-16 20:38:35 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll - 2008-03-01 13:06:21 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll + 2008-10-16 20:38:35 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll - 2008-02-15 05:44:25 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll + 2008-10-15 07:04:53 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll - 2008-03-01 13:06:22 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll + 2008-10-16 20:38:35 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll - 2008-03-01 13:06:22 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll + 2008-10-16 20:38:35 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll - 2008-03-01 13:06:24 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll + 2008-10-16 20:38:37 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll - 2008-03-01 13:06:24 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll + 2008-10-16 20:38:37 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll - 2008-03-01 13:06:25 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll + 2008-10-16 20:38:37 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll - 2008-02-22 10:00:51 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe + 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe - 2008-02-29 08:55:46 625,664 -c----w c:\windows\system32\dllcache\iexplore.exe + 2008-10-15 07:06:26 633,632 -c----w c:\windows\system32\dllcache\iexplore.exe - 2007-08-21 06:15:44 683,520 -c----w c:\windows\system32\dllcache\inetcomm.dll + 2008-04-11 18:50:43 683,520 -c----w c:\windows\system32\dllcache\inetcomm.dll - 2008-03-01 13:06:25 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll + 2008-10-16 20:38:37 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll + 2005-01-28 11:44:28 6,656 -c--a-w c:\windows\system32\dllcache\laprxy.dll + 2008-06-10 04:52:04 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe - 2006-05-05 09:41:45 453,120 -c----w c:\windows\system32\dllcache\mrxsmb.sys + 2008-10-24 11:10:42 453,632 -c----w c:\windows\system32\dllcache\mrxsmb.sys + 2008-05-01 14:30:33 331,776 -c----w c:\windows\system32\dllcache\msadce.dll + 2008-06-24 16:23:05 74,240 -c----w c:\windows\system32\dllcache\mscms.dll - 2008-03-01 13:06:26 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll + 2008-10-16 20:38:37 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll - 2008-03-01 13:06:26 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll + 2008-10-16 20:38:37 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll - 2008-03-01 16:36:30 3,591,680 -c----w c:\windows\system32\dllcache\mshtml.dll + 2008-12-13 06:40:02 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll - 2008-03-01 13:06:28 478,208 -c----w c:\windows\system32\dllcache\mshtmled.dll + 2008-10-16 20:38:38 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll + 2005-01-28 11:44:28 142,336 -c--a-w c:\windows\system32\dllcache\msnetobj.dll + 2005-01-28 11:44:28 25,088 -c--a-w c:\windows\system32\dllcache\mspmsnsv.dll + 2005-01-28 11:44:28 173,568 -c--a-w c:\windows\system32\dllcache\mspmsp.dll - 2008-03-01 13:06:28 193,024 -c----w c:\windows\system32\dllcache\msrating.dll + 2008-10-16 20:38:38 193,024 -c----w c:\windows\system32\dllcache\msrating.dll + 2005-01-28 11:44:28 364,784 -c--a-w c:\windows\system32\dllcache\msscp.dll - 2008-03-01 13:06:29 671,232 -c----w c:\windows\system32\dllcache\mstime.dll + 2008-10-16 20:38:39 671,232 -c----w c:\windows\system32\dllcache\mstime.dll + 2005-01-28 11:44:28 315,904 -c--a-w c:\windows\system32\dllcache\mswmdm.dll + 2008-06-20 17:41:10 245,248 -c----w c:\windows\system32\dllcache\mswsock.dll - 2007-06-26 06:08:16 1,104,896 -c--a-w c:\windows\system32\dllcache\msxml3.dll + 2008-09-04 16:42:02 1,106,944 -c--a-w c:\windows\system32\dllcache\msxml3.dll - 2006-08-17 12:28:27 332,288 -c----w c:\windows\system32\dllcache\netapi32.dll + 2008-10-15 16:57:55 332,800 -c----w c:\windows\system32\dllcache\netapi32.dll - 2007-02-28 09:08:48 2,136,064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe + 2008-08-14 09:58:27 2,136,064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe - 2007-02-28 08:38:55 2,057,600 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-08-14 09:22:13 2,057,728 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe - 2007-02-28 08:38:57 2,015,744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe + 2008-08-14 09:22:14 2,015,744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe - 2007-02-28 09:10:57 2,180,352 -c----w c:\windows\system32\dllcache\ntoskrnl.exe + 2008-08-14 10:00:45 2,180,352 -c----w c:\windows\system32\dllcache\ntoskrnl.exe - 2008-03-01 13:06:29 102,912 -c----w c:\windows\system32\dllcache\occache.dll + 2008-10-16 20:38:39 102,912 -c----w c:\windows\system32\dllcache\occache.dll - 2008-03-01 13:06:29 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll + 2008-10-16 20:38:39 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll + 2005-01-28 11:44:28 221,184 -c--a-w c:\windows\system32\dllcache\qasf.dll - 2007-10-29 22:43:03 1,287,680 -c----w c:\windows\system32\dllcache\quartz.dll + 2008-05-07 05:18:48 1,287,680 -c----w c:\windows\system32\dllcache\quartz.dll - 2006-07-13 08:48:58 202,240 -c--a-w c:\windows\system32\dllcache\rmcast.sys + 2008-05-08 12:28:49 202,752 -c--a-w c:\windows\system32\dllcache\rmcast.sys - 2006-08-14 10:34:41 332,928 -c----w c:\windows\system32\dllcache\srv.sys + 2008-08-28 10:04:17 333,056 -c----w c:\windows\system32\dllcache\srv.sys - 2006-08-21 08:52:08 246,814 -c----w c:\windows\system32\dllcache\strmdll.dll + 2008-10-03 10:15:47 247,326 -c----w c:\windows\system32\dllcache\strmdll.dll - 2007-10-30 17:20:55 360,064 -c----w c:\windows\system32\dllcache\tcpip.sys + 2008-06-20 10:45:13 360,320 -c--a-w c:\windows\system32\dllcache\tcpip.sys - 2006-08-16 09:37:30 225,664 -c----w c:\windows\system32\dllcache\tcpip6.sys + 2008-06-20 09:52:06 225,920 -c--a-w c:\windows\system32\dllcache\tcpip6.sys - 2008-03-01 13:06:29 105,984 -c----w c:\windows\system32\dllcache\url.dll + 2008-10-16 20:38:39 105,984 -c----w c:\windows\system32\dllcache\url.dll - 2008-03-01 13:06:30 1,159,680 -c----w c:\windows\system32\dllcache\urlmon.dll + 2008-10-16 20:38:39 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll + 2004-08-04 04:58:46 15,104 -c--a-w c:\windows\system32\dllcache\usbscan.sys - 2008-03-01 13:06:30 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll + 2008-10-16 20:38:39 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll - 2008-03-19 09:47:00 1,845,248 -c----w c:\windows\system32\dllcache\win32k.sys + 2008-09-15 11:57:41 1,846,016 -c----w c:\windows\system32\dllcache\win32k.sys - 2008-03-01 13:06:31 826,368 -c----w c:\windows\system32\dllcache\wininet.dll + 2008-10-16 20:38:40 826,368 -c----w c:\windows\system32\dllcache\wininet.dll + 2005-01-28 11:44:28 396,528 -c--a-w c:\windows\system32\dllcache\wmadmod.dll + 2005-01-28 11:44:28 716,288 -c--a-w c:\windows\system32\dllcache\wmadmoe.dll - 2007-10-27 16:39:20 230,912 -c----w c:\windows\system32\dllcache\wmasf.dll + 2007-10-27 15:40:06 227,328 -c--a-w c:\windows\system32\dllcache\wmasf.dll + 2005-01-28 11:44:28 28,160 -c--a-w c:\windows\system32\dllcache\wmdmlog.dll + 2005-01-28 11:44:28 33,792 -c--a-w c:\windows\system32\dllcache\wmdmps.dll + 2005-01-28 11:44:28 150,016 -c--a-w c:\windows\system32\dllcache\wmidx.dll + 2008-06-10 05:28:36 1,028,096 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll + 2005-01-28 11:44:28 774,904 -c--a-w c:\windows\system32\dllcache\wmsdmod.dll + 2005-01-28 11:44:28 1,119,744 -c--a-w c:\windows\system32\dllcache\wmsdmoe2.dll + 2005-01-28 11:44:28 413,944 -c--a-w c:\windows\system32\dllcache\wmspdmod.dll + 2005-01-28 11:44:28 940,544 -c--a-w c:\windows\system32\dllcache\wmspdmoe.dll - 2007-10-27 16:37:38 2,109,440 -c----w c:\windows\system32\dllcache\wmvcore.dll + 2008-06-10 06:07:24 2,376,760 -c--a-w c:\windows\system32\dllcache\WMVCore.dll + 2005-01-28 11:44:28 895,736 -c--a-w c:\windows\system32\dllcache\wmvdmod.dll + 2005-01-28 11:44:28 1,003,008 -c--a-w c:\windows\system32\dllcache\wmvdmoe2.dll + 2008-10-16 13:12:20 561,688 -c--a-w c:\windows\system32\dllcache\wuapi.dll - 2007-07-30 18:19:16 53,080 -c--a-w c:\windows\system32\dllcache\wuauclt.exe + 2008-10-16 13:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe - 2007-07-30 18:19:42 1,712,984 -c--a-w c:\windows\system32\dllcache\wuaueng.dll + 2008-10-16 13:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll + 2008-10-16 13:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll + 2008-10-16 13:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll + 2008-10-16 13:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll - 2008-02-20 05:32:43 148,992 ----a-w c:\windows\system32\dnsapi.dll + 2008-06-20 17:41:10 148,992 ----a-w c:\windows\system32\dnsapi.dll - 2004-08-04 06:14:14 138,496 ----a-w c:\windows\system32\drivers\afd.sys + 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys - 2004-08-04 06:10:37 274,304 ------w c:\windows\system32\drivers\bthport.sys + 2008-06-13 13:10:50 272,128 ------w c:\windows\system32\drivers\bthport.sys + 2007-03-07 23:51:00 9,336 ------w c:\windows\system32\drivers\cdr4_xp.sys + 2007-03-07 23:51:00 9,464 ------w c:\windows\system32\drivers\cdralw2k.sys + 2007-11-21 15:31:48 11,304 ----a-w c:\windows\system32\drivers\imagedrv.sys + 2007-11-21 15:31:48 132,904 ----a-w c:\windows\system32\drivers\imagesrv.sys - 2006-05-05 09:41:45 453,120 ----a-w c:\windows\system32\drivers\mrxsmb.sys + 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys + 2007-03-07 23:51:00 43,528 ------w c:\windows\system32\drivers\PxHelp20.sys - 2006-07-13 08:48:58 202,240 ----a-w c:\windows\system32\drivers\rmcast.sys + 2008-05-08 12:28:49 202,752 ----a-w c:\windows\system32\drivers\rmcast.sys + 2006-11-01 04:01:56 3,328 ----a-w c:\windows\system32\drivers\rminiv3.sys + 2008-07-07 07:40:49 56,108 ----a-w c:\windows\system32\drivers\scdemu.sys - 2008-02-12 17:03:50 716,272 ----a-w c:\windows\system32\drivers\sptd.sys + 2008-07-26 10:44:40 717,296 ----a-w c:\windows\system32\drivers\sptd.sys - 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys + 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\drivers\srv.sys - 2007-10-30 17:20:55 360,064 ----a-w c:\windows\system32\drivers\tcpip.sys + 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\drivers\tcpip.sys - 2006-08-16 09:37:30 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys + 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\drivers\tcpip6.sys + 2004-08-04 04:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys + 2005-01-28 11:44:28 18,944 ----a-w c:\windows\system32\drivers\wpdusb.sys - 2004-08-04 07:57:04 299,520 ----a-w c:\windows\system32\drmclien.dll + 2005-01-28 11:44:28 258,296 ----a-w c:\windows\system32\drmclien.dll - 2004-08-04 07:56:42 87,040 ----a-w c:\windows\system32\drmstor.dll + 2005-01-28 11:44:28 96,768 ----a-w c:\windows\system32\drmstor.dll - 2004-08-04 07:57:02 695,296 ----a-w c:\windows\system32\drmv2clt.dll + 2005-01-28 11:44:28 502,272 ----a-w c:\windows\system32\drmv2clt.dll - 2008-03-01 13:06:21 347,136 ----a-w c:\windows\system32\dxtmsft.dll + 2008-10-16 20:38:34 347,136 ----a-w c:\windows\system32\dxtmsft.dll - 2008-03-01 13:06:21 214,528 ------w c:\windows\system32\dxtrans.dll + 2008-10-16 20:38:34 214,528 ------w c:\windows\system32\dxtrans.dll - 2005-07-26 04:39:45 243,200 ----a-w c:\windows\system32\es.dll + 2008-07-07 20:32:22 253,952 ----a-w c:\windows\system32\es.dll - 2008-03-01 13:06:21 133,120 ------w c:\windows\system32\extmgr.dll + 2008-10-16 20:38:35 133,120 ------w c:\windows\system32\extmgr.dll - 2008-04-09 12:31:56 91,888 ----a-w c:\windows\system32\FNTCACHE.DAT + 2008-10-16 19:18:47 91,888 ----a-w c:\windows\system32\FNTCACHE.DAT - 2008-02-20 06:51:05 282,624 ----a-w c:\windows\system32\gdi32.dll + 2008-10-23 13:01:36 283,648 ----a-w c:\windows\system32\gdi32.dll + 2008-12-21 17:05:17 62,714 --sha-w c:\windows\system32\hotomoho.dll - 2008-03-01 13:06:21 63,488 ----a-w c:\windows\system32\icardie.dll + 2008-10-16 20:38:35 63,488 ----a-w c:\windows\system32\icardie.dll - 2008-02-29 08:55:23 70,656 ------w c:\windows\system32\ie4uinit.exe + 2008-10-16 13:11:09 70,656 ------w c:\windows\system32\ie4uinit.exe - 2008-03-01 13:06:21 153,088 ------w c:\windows\system32\ieakeng.dll + 2008-10-16 20:38:35 153,088 ------w c:\windows\system32\ieakeng.dll - 2008-03-01 13:06:21 230,400 ------w c:\windows\system32\ieaksie.dll + 2008-10-16 20:38:35 230,400 ------w c:\windows\system32\ieaksie.dll - 2008-02-15 05:44:25 161,792 ------w c:\windows\system32\ieakui.dll + 2008-10-15 07:04:53 161,792 ------w c:\windows\system32\ieakui.dll - 2008-03-01 13:06:22 383,488 ----a-w c:\windows\system32\ieapfltr.dll + 2008-10-16 20:38:35 383,488 ----a-w c:\windows\system32\ieapfltr.dll - 2008-03-01 13:06:22 384,512 ------w c:\windows\system32\iedkcs32.dll + 2008-10-16 20:38:35 384,512 ------w c:\windows\system32\iedkcs32.dll - 2008-03-01 13:06:24 6,066,176 ----a-w c:\windows\system32\ieframe.dll + 2008-10-16 20:38:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll - 2008-03-01 13:06:24 44,544 ------w c:\windows\system32\iernonce.dll + 2008-10-16 20:38:37 44,544 ------w c:\windows\system32\iernonce.dll - 2008-03-01 13:06:25 267,776 ----a-w c:\windows\system32\iertutil.dll + 2008-10-16 20:38:37 267,776 ----a-w c:\windows\system32\iertutil.dll - 2008-02-22 10:00:51 13,824 ----a-w c:\windows\system32\ieudinit.exe + 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe + 2006-03-17 09:45:52 1,757,184 ----a-w c:\windows\system32\imagX7.dll + 2006-03-17 09:45:54 497,296 ----a-w c:\windows\system32\imagXpr7.dll + 2006-03-17 09:45:54 258,048 ----a-w c:\windows\system32\imagXR7.dll + 2006-03-17 09:45:54 802,816 ----a-w c:\windows\system32\imagXRA7.dll - 2007-08-21 06:15:44 683,520 ----a-w c:\windows\system32\inetcomm.dll + 2008-04-11 18:50:43 683,520 ----a-w c:\windows\system32\inetcomm.dll - 2008-03-01 13:06:25 27,648 ------w c:\windows\system32\jsproxy.dll + 2008-10-16 20:38:37 27,648 ------w c:\windows\system32\jsproxy.dll - 2004-08-04 07:56:42 6,656 ----a-w c:\windows\system32\laprxy.dll + 2005-01-28 11:44:28 6,656 ----a-w c:\windows\system32\laprxy.dll - 2004-08-04 07:56:50 103,936 ----a-w c:\windows\system32\logagent.exe + 2008-06-10 04:52:04 96,768 ----a-w c:\windows\system32\logagent.exe + 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe - 2008-01-17 17:13:33 74,649 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe + 2008-12-12 13:39:42 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe + 2006-11-01 06:17:02 10,752 ----a-w c:\windows\system32\mirrorv3.dll - 2005-06-29 01:46:00 74,240 ----a-w c:\windows\system32\mscms.dll + 2008-06-24 16:23:05 74,240 ----a-w c:\windows\system32\mscms.dll - 2008-03-01 13:06:26 459,264 ----a-w c:\windows\system32\msfeeds.dll + 2008-10-16 20:38:37 459,264 ----a-w c:\windows\system32\msfeeds.dll - 2008-03-01 13:06:26 52,224 ----a-w c:\windows\system32\msfeedsbs.dll + 2008-10-16 20:38:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll - 2008-03-01 16:36:30 3,591,680 ----a-w c:\windows\system32\mshtml.dll + 2008-12-13 06:40:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll - 2008-03-01 13:06:28 478,208 ------w c:\windows\system32\mshtmled.dll + 2008-10-16 20:38:38 477,696 ------w c:\windows\system32\mshtmled.dll - 2004-08-04 07:57:01 259,072 ----a-w c:\windows\system32\msnetobj.dll + 2005-01-28 11:44:28 142,336 ----a-w c:\windows\system32\msnetobj.dll - 2004-08-04 07:56:43 52,224 ------w c:\windows\system32\mspmsnsv.dll + 2005-01-28 11:44:28 25,088 ----a-w c:\windows\system32\MsPMSNSv.dll - 2004-08-04 07:56:43 201,728 ----a-w c:\windows\system32\mspmsp.dll + 2005-01-28 11:44:28 173,568 ----a-w c:\windows\system32\MsPMSP.dll - 2008-03-01 13:06:28 193,024 ------w c:\windows\system32\msrating.dll + 2008-10-16 20:38:38 193,024 ------w c:\windows\system32\msrating.dll - 2004-08-04 07:57:01 356,352 ----a-w c:\windows\system32\msscp.dll + 2005-01-28 11:44:28 364,784 ----a-w c:\windows\system32\MSSCP.dll - 2008-03-01 13:06:29 671,232 ------w c:\windows\system32\mstime.dll + 2008-10-16 20:38:39 671,232 ------w c:\windows\system32\mstime.dll - 2004-08-04 07:56:44 245,760 ----a-w c:\windows\system32\mswmdm.dll + 2005-01-28 11:44:28 315,904 ----a-w c:\windows\system32\MSWMDM.dll - 2004-08-04 07:56:44 245,248 ----a-w c:\windows\system32\mswsock.dll + 2008-06-20 17:41:10 245,248 ----a-w c:\windows\system32\mswsock.dll - 2007-06-26 06:08:16 1,104,896 ----a-w c:\windows\system32\msxml3.dll + 2008-09-04 16:42:02 1,106,944 ----a-w c:\windows\system32\msxml3.dll + 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll + 2003-04-18 14:29:26 82,432 ----a-w c:\windows\system32\msxml4r.dll - 2007-07-30 18:19:10 271,224 ----a-w c:\windows\system32\mucltui.dll + 2008-10-16 13:06:48 268,648 ----a-w c:\windows\system32\mucltui.dll - 2007-07-30 18:19:04 207,736 ----a-w c:\windows\system32\muweb.dll + 2008-10-16 13:06:48 208,744 ----a-w c:\windows\system32\muweb.dll + 2007-12-03 16:04:12 95,600 ----a-w c:\windows\system32\NeroCo.dll - 2006-08-17 12:28:27 332,288 ----a-w c:\windows\system32\netapi32.dll + 2008-10-15 16:57:55 332,800 ----a-w c:\windows\system32\netapi32.dll - 2007-02-28 08:38:57 2,015,744 ----a-w c:\windows\system32\ntkrnlpa.exe + 2008-08-14 09:22:14 2,015,744 ----a-w c:\windows\system32\ntkrnlpa.exe - 2007-02-28 09:08:48 2,136,064 ----a-w c:\windows\system32\ntoskrnl.exe + 2008-08-14 09:58:27 2,136,064 ----a-w c:\windows\system32\ntoskrnl.exe - 2008-03-01 13:06:29 102,912 ------w c:\windows\system32\occache.dll + 2008-10-16 20:38:39 102,912 ------w c:\windows\system32\occache.dll - 2008-04-11 23:22:07 59,780 ----a-w c:\windows\system32\perfc009.dat + 2008-11-20 20:33:19 59,780 ----a-w c:\windows\system32\perfc009.dat - 2008-04-11 23:22:07 397,560 ----a-w c:\windows\system32\perfh009.dat + 2008-11-20 20:33:19 397,560 ----a-w c:\windows\system32\perfh009.dat - 2008-03-01 13:06:29 44,544 ----a-w c:\windows\system32\pngfilt.dll + 2008-10-16 20:38:39 44,544 ----a-w c:\windows\system32\pngfilt.dll + 2001-08-17 20:36:30 5,632 ----a-w c:\windows\system32\ptpusb.dll + 2004-08-04 06:56:44 159,232 ----a-w c:\windows\system32\ptpusd.dll + 2007-03-07 23:51:00 547,576 ------w c:\windows\system32\px.dll + 2007-03-07 23:51:00 129,784 ------w c:\windows\system32\pxafs.dll + 2007-03-07 23:51:00 64,760 ------w c:\windows\system32\pxcpya64.exe + 2007-03-07 23:51:00 510,712 ------w c:\windows\system32\pxdrv.dll + 2007-03-07 23:51:00 72,440 ------w c:\windows\system32\pxhpinst.exe + 2007-03-07 23:51:00 64,760 ------w c:\windows\system32\pxinsa64.exe + 2007-03-07 23:51:00 187,128 ------w c:\windows\system32\pxmas.dll + 2007-03-07 23:51:00 1,628,920 ------w c:\windows\system32\pxsfs.dll + 2007-03-07 23:51:00 379,640 ------w c:\windows\system32\pxwave.dll - 2004-08-04 07:56:44 237,568 ----a-w c:\windows\system32\qasf.dll + 2005-01-28 11:44:28 221,184 ----a-w c:\windows\system32\qasf.dll - 2007-10-29 22:43:03 1,287,680 ----a-w c:\windows\system32\quartz.dll + 2008-05-07 05:18:48 1,287,680 ----a-w c:\windows\system32\quartz.dll + 2008-04-24 06:44:10 435,528 ----a-w c:\windows\system32\rserver30\ChatLPCx.dll + 2008-04-24 06:44:12 99,720 ----a-w c:\windows\system32\rserver30\FamItrf2.Exe + 2008-04-24 06:44:14 99,720 ----a-w c:\windows\system32\rserver30\FamItrfc.Exe + 2007-06-20 18:45:24 44,904 ----a-w c:\windows\system32\rserver30\FirewallInstallHelper.dll + 2006-11-01 06:17:02 10,752 ----a-w c:\windows\system32\rserver30\mirrorv3.dll + 2008-04-26 22:00:00 15,872 ----a-w c:\windows\system32\rserver30\newtstop.dll + 2008-04-24 06:44:28 289,608 ----a-w c:\windows\system32\rserver30\R_sui.dll + 2008-04-24 06:49:26 45,848 ----a-w c:\windows\system32\rserver30\raddrvv3.sys + 2008-04-24 06:44:16 189,768 ----a-w c:\windows\system32\rserver30\raudiox.dll + 2008-04-24 06:44:18 361,800 ----a-w c:\windows\system32\rserver30\rchatx.dll + 2007-01-31 17:08:14 7,104 ----a-w c:\windows\system32\rserver30\RCur9x16.dll + 2008-04-24 06:44:20 54,600 ----a-w c:\windows\system32\rserver30\RCur9x32.dll + 2008-04-24 06:44:22 79,176 ----a-w c:\windows\system32\rserver30\RCursor.dll + 2006-11-01 04:01:56 3,328 ----a-w c:\windows\system32\rserver30\rminiv3.sys + 2008-04-24 06:44:22 148,808 ----a-w c:\windows\system32\rserver30\rsaudiox.dll + 2008-04-24 06:44:24 107,848 ----a-w c:\windows\system32\rserver30\rschatx.dll + 2008-04-24 06:44:26 1,238,344 ----a-w c:\windows\system32\rserver30\rserver3.exe + 2008-04-24 06:47:24 52,040 ----a-w c:\windows\system32\rserver30\rsetup.exe + 2008-04-24 06:44:28 54,600 ----a-w c:\windows\system32\rserver30\rsl.exe + 2008-04-24 06:44:34 419,144 ----a-w c:\windows\system32\rserver30\vcintcx.dll + 2008-04-24 06:44:34 116,040 ----a-w c:\windows\system32\rserver30\vcintsx.dll + 2008-04-24 06:44:38 206,152 ----a-w c:\windows\system32\rserver30\voicex.dll + 2008-04-24 06:44:40 167,240 ----a-w c:\windows\system32\rserver30\WinLpcDl.dll + 2008-04-24 06:44:40 166,728 ----a-w c:\windows\system32\rserver30\WinLpcDl2.dll + 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll + 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll + 2008-07-18 20:10:40 45,768 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll + 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll - 2007-03-06 01:22:36 14,048 ------w c:\windows\system32\spmsg.dll + 2007-07-27 08:41:40 16,760 ------w c:\windows\system32\spmsg.dll - 2006-08-21 08:52:08 246,814 ----a-w c:\windows\system32\strmdll.dll + 2008-10-03 10:15:47 247,326 ----a-w c:\windows\system32\strmdll.dll + 2006-03-17 12:49:46 368,640 ----a-w c:\windows\system32\TwnLib4.dll - 2007-11-13 11:31:11 60,416 ------w c:\windows\system32\tzchange.exe + 2008-10-22 09:47:07 62,976 ------w c:\windows\system32\tzchange.exe - 2008-03-01 13:06:29 105,984 ----a-w c:\windows\system32\url.dll + 2008-10-16 20:38:39 105,984 ----a-w c:\windows\system32\url.dll - 2008-03-01 13:06:30 1,159,680 ----a-w c:\windows\system32\urlmon.dll + 2008-10-16 20:38:39 1,160,192 ----a-w c:\windows\system32\urlmon.dll + 2005-01-28 11:44:28 47,104 ----a-w c:\windows\system32\uwdf.exe + 2007-03-07 23:51:00 39,672 ------w c:\windows\system32\vxblock.dll + 2005-01-28 11:44:28 15,872 ----a-w c:\windows\system32\wdfapi.dll + 2005-01-28 11:44:28 38,912 ----a-w c:\windows\system32\wdfmgr.exe - 2008-03-01 13:06:30 233,472 ----a-w c:\windows\system32\webcheck.dll + 2008-10-16 20:38:39 233,472 ----a-w c:\windows\system32\webcheck.dll - 2008-03-19 09:47:00 1,845,248 ----a-w c:\windows\system32\win32k.sys + 2008-09-15 11:57:41 1,846,016 ----a-w c:\windows\system32\win32k.sys - 2008-03-01 13:06:31 826,368 ----a-w c:\windows\system32\wininet.dll + 2008-10-16 20:38:40 826,368 ----a-w c:\windows\system32\wininet.dll - 2004-08-04 07:56:46 408,064 ----a-w c:\windows\system32\wmadmod.dll + 2005-01-28 11:44:28 396,528 ----a-w c:\windows\system32\wmadmod.dll - 2004-08-04 07:56:46 670,720 ----a-w c:\windows\system32\wmadmoe.dll + 2005-01-28 11:44:28 716,288 ----a-w c:\windows\system32\wmadmoe.dll - 2007-10-27 16:39:20 230,912 ----a-w c:\windows\system32\wmasf.dll + 2007-10-27 15:40:06 227,328 ----a-w c:\windows\system32\wmasf.dll - 2004-08-04 07:56:46 27,136 ----a-w c:\windows\system32\wmdmlog.dll + 2005-01-28 11:44:28 28,160 ----a-w c:\windows\system32\WMDMLOG.dll - 2004-08-04 07:56:46 23,552 ----a-w c:\windows\system32\wmdmps.dll + 2005-01-28 11:44:28 33,792 ----a-w c:\windows\system32\WMDMPS.dll + 2005-01-28 11:44:28 335,872 ----a-w c:\windows\system32\WMDRMdev.dll + 2005-01-28 11:44:28 290,816 ----a-w c:\windows\system32\WMDRMNet.dll - 2004-08-04 07:56:46 151,552 ------w c:\windows\system32\wmidx.dll + 2005-01-28 11:44:28 150,016 ----a-w c:\windows\system32\wmidx.dll - 2004-08-04 07:56:46 1,050,624 ----a-w c:\windows\system32\wmnetmgr.dll + 2008-06-10 05:28:36 1,028,096 ----a-w c:\windows\system32\WMNetmgr.dll - 2004-08-04 07:56:46 759,296 ----a-w c:\windows\system32\wmsdmod.dll + 2005-01-28 11:44:28 774,904 ----a-w c:\windows\system32\wmsdmod.dll - 2004-08-04 07:56:46 1,119,744 ------w c:\windows\system32\wmsdmoe2.dll + 2005-01-28 11:44:28 1,119,744 ----a-w c:\windows\system32\wmsdmoe2.dll - 2004-08-04 07:56:46 484,864 ------w c:\windows\system32\wmspdmod.dll + 2005-01-28 11:44:28 413,944 ----a-w c:\windows\system32\wmspdmod.dll - 2004-08-04 07:56:46 896,512 ------w c:\windows\system32\wmspdmoe.dll + 2005-01-28 11:44:28 940,544 ----a-w c:\windows\system32\wmspdmoe.dll + 2005-01-28 11:44:28 1,218,808 ----a-w c:\windows\system32\wmvadvd.dll + 2005-01-28 11:44:28 1,512,448 ----a-w c:\windows\system32\WMVADVE.DLL - 2007-10-27 16:37:38 2,109,440 ----a-w c:\windows\system32\wmvcore.dll + 2008-06-10 06:07:24 2,376,760 ----a-w c:\windows\system32\WMVCore.dll - 2004-08-04 07:56:46 809,984 ----a-w c:\windows\system32\wmvdmod.dll + 2005-01-28 11:44:28 895,736 ----a-w c:\windows\system32\wmvdmod.dll - 2004-08-04 07:56:46 1,001,472 ------w c:\windows\system32\wmvdmoe2.dll + 2005-01-28 11:44:28 1,003,008 ----a-w c:\windows\system32\wmvdmoe2.dll + 2005-01-28 11:44:28 38,912 ----a-w c:\windows\system32\wpd_ci.dll + 2005-01-28 11:44:28 61,952 ----a-w c:\windows\system32\wpdconns.dll + 2005-01-28 11:44:28 114,176 ----a-w c:\windows\system32\wpdmtp.dll + 2005-01-28 11:44:28 331,776 ----a-w c:\windows\system32\wpdmtpdr.dll + 2005-01-28 11:44:28 66,560 ----a-w c:\windows\system32\wpdmtpus.dll + 2005-01-28 11:44:28 331,264 ----a-w c:\windows\system32\wpdsp.dll + 2005-01-28 11:44:28 10,752 ----a-w c:\windows\system32\wpdtrace.dll - 2007-07-30 18:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll + 2008-10-16 13:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll - 2007-07-30 18:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe + 2008-10-16 13:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe - 2007-07-30 18:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll + 2008-10-16 13:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll - 2007-07-30 18:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll + 2008-10-16 13:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll - 2007-07-30 18:18:40 33,624 ----a-w c:\windows\system32\wups.dll + 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\wups.dll - 2007-07-30 18:19:12 43,352 ----a-w c:\windows\system32\wups2.dll + 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\wups2.dll - 2007-07-30 18:19:46 203,096 ----a-w c:\windows\system32\wuweb.dll + 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll + 2008-12-25 01:11:57 16,384 ----atw c:\windows\temp\Perflib_Perfdata_df0.dat + 2007-03-20 18:22:04 972,336 ----a-w c:\windows\UNNeroBackItUp.exe + 2007-12-13 17:09:06 972,072 ----a-w c:\windows\UNNeroMediaHome.exe + 2007-02-28 13:41:02 972,336 ----a-w c:\windows\UNNeroShowTime.exe + 2007-03-21 18:02:12 972,336 ----a-w c:\windows\UNNeroVision.exe + 2007-12-04 07:59:22 972,072 ----a-w c:\windows\UNRecode.exe + 2008-07-30 17:15:24 77,140 ----a-w c:\windows\War3Unin.dat + 2008-07-30 17:11:50 139,264 ----a-w c:\windows\War3Unin.exe + 2008-07-30 17:11:51 2,829 ----a-w c:\windows\War3Unin.pif + 2008-07-20 13:49:35 1,233,920 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll + 2007-05-08 13:06:44 1,275,392 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll + 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll + 2008-07-20 13:49:34 82,432 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll + 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll + 2006-12-01 20:56:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2006-12-01 22:25:52 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2006-12-01 22:25:56 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 22:25:58 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2006-12-01 22:26:00 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 22:08:00 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 22:08:00 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 22:08:00 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 22:08:00 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 22:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 22:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 22:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 22:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 22:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 22:46:44 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll + 2008-04-15 17:54:19 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-01-21 20480] "LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-01-18 196608] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 1688872] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Norman ZANDA"="c:\program files\Norman\Npm\bin\ZLH.EXE" [2008-06-02 273520] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184] "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-18 458752] "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-01-18 217088] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-11 286720] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-12-11 267048] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 c:\windows\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe] "nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-01-21 450560] NETGEAR WG311T Smart Wizard.lnk - c:\program files\NETGEAR\WG311T\wlancfg5.exe [2006-02-22 1486848] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "d:\\Spill\\Ringenes herre 2 heksekongen\\game.dat"= "d:\\Spill\\LOTR2 witch king game\\game.dat"= "c:\\WINDOWS\\system32\\rserver30\\rserver3.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "d:\\Spill\\LOTR kampen om midgard\\game.dat"= "c:\\WINDOWS\\system32\\rserver30\\FamItrfc.Exe"= R0 NDIS_RD;Firewall Engine Type-R2;c:\windows\system32\drivers\NDIS_RD.sys [2008-01-17 53320] R1 raddrvv3;raddrvv3;\??\c:\windows\system32\rserver30\raddrvv3.sys [2008-04-24 45848] R1 TDI_RD;Firewall Engine Type-R;\??\c:\windows\System32\drivers\tdi_rd.sys [2008-01-17 32176] R2 Ndiskio;Ndiskio;\??\c:\program files\Norman\Nse\bin\NDISKIO.SYS [2008-01-17 20448] R2 RServer3;Radmin Server V3;"c:\windows\system32\rserver30\RServer3.exe" /service [2008-04-24 1238344] R3 mirrorv3;mirrorv3;c:\windows\system32\DRIVERS\rminiv3.sys [2006-11-01 3328] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-07-21 31592] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-25 38496] S3 NVCScheduler;Norman Virus Control Scheduler;c:\program files\Norman\Nvc\BIN\NVCSCHED.EXE [2008-01-17 146488] S3 SetupNTGLM7X;SetupNTGLM7X;\??\I:\NTGLM7X.sys [] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [2008-01-21 30464] S3 Video3D;ASUS Video3D Service;c:\windows\system32\Drivers\Video3D32.sys [] . Contents of the 'Scheduled Tasks' folder 2008-12-16 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] 2008-12-25 c:\windows\Tasks\cgiiqyyd.job - c:\windows\system32\rundll32.exe [2004-08-04 08:56] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.vg.no/ uInternet Settings,ProxyOverride = localhost . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-25 02:11:29 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . c:\program files\Norman\Npm\Bin\elogsvc.exe c:\program files\Norman\Npm\Bin\Zanda.exe c:\windows\system32\acs.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\program files\Norman\npf\bin\Npfsvice.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\rserver30\FamItrfc.Exe c:\program files\Common Files\Nero\Lib\NMIndexingService.exe c:\windows\system32\wscntfy.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Completion time: 2008-12-25 2:12:58 - machine was rebooted ComboFix-quarantined-files.txt 2008-12-25 01:12:55 ComboFix2.txt 2008-06-04 21:04:22 Pre-Run: 775 774 208 bytes free Post-Run: 1,804,447,744 bytes free 1206 --- E O F --- 2008-12-17 21:31:18 Endret 25. desember 2008 av Gjest Lenke til kommentar
raWrz Skrevet 25. desember 2008 Del Skrevet 25. desember 2008 (endret) du har 2 antivirus programmer innstalert: hvis du vil fjerne McAfee se her: http://majorgeeks.com/downloadget.php?id=5...04f95b4c72f1b9e last ned det programmet og kjør det hvis du vil ha bort Norman Antivirus se her: http://download.norman.no/public/Delnvc5.exe kjør programmet Endret 25. desember 2008 av Submit Lenke til kommentar
norbat Skrevet 25. desember 2008 Del Skrevet 25. desember 2008 Åpne notisblokk, kopier og lim inn det som står i fet skrift under, lagre fila på skriveboret som CFScript.txt Dra og slipp fila over combofix-iconet. Combofix vil starte igjen. File:: c:\windows\system32\opipimew.tmp c:\windows\system32\KcrnadDrv.dll c:\windows\Tasks\cgiiqyyd.job Lenke til kommentar
Gjest Skrevet 25. desember 2008 Del Skrevet 25. desember 2008 Ny logg: ComboFix 08-12-24.01 - JoachimK 2008-12-25 15:32:44.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2047.1545 [GMT 1:00] Running from: c:\documents and settings\JoachimK\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\JoachimK\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: c:\windows\system32\KcrnadDrv.dll c:\windows\system32\opipimew.tmp c:\windows\Tasks\cgiiqyyd.job . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\KcrnadDrv.dll c:\windows\system32\opipimew.tmp c:\windows\Tasks\cgiiqyyd.job . ((((((((((((((((((((((((( Files Created from 2008-11-25 to 2008-12-25 ))))))))))))))))))))))))))))))) . 2008-12-25 15:23 . 2008-06-04 19:34 6,175 --a------ c:\windows\NPFFILE.NDF_B 2008-12-25 14:59 . 2008-12-25 14:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\Logitech 2008-12-25 14:58 . 2008-12-25 14:58 <DIR> d-------- c:\program files\Ventrilo 2008-12-25 14:57 . 2008-12-25 14:57 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-12-25 01:22 . 2008-12-25 01:22 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-25 01:22 . 2008-12-25 01:22 <DIR> d-------- c:\documents and settings\JoachimK\Application Data\Malwarebytes 2008-12-25 01:22 . 2008-12-25 01:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-25 01:22 . 2008-12-03 19:59 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-25 01:22 . 2008-12-03 19:59 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-24 22:02 . 2004-08-04 08:56 21,504 --a------ c:\windows\system32\hidserv.dll 2008-12-21 00:08 . 2008-12-21 00:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\McAfee 2008-12-13 20:50 . 2008-12-13 21:23 <DIR> d-------- c:\documents and settings\JoachimK\Application Data\Mine Kampen om Midgard-filer 2008-12-06 21:19 . 2008-12-14 18:35 31 --a------ c:\documents and settings\JoachimK\jagex_runescape_preferences.dat 2008-11-28 22:14 . 2008-11-28 22:14 244 --ah----- C:\sqmnoopt05.sqm 2008-11-28 22:14 . 2008-11-28 22:14 232 --ah----- C:\sqmdata05.sqm . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-25 14:23 --------- d-----w c:\program files\Norman 2008-12-25 14:23 --------- d-----w c:\documents and settings\All Users\Application Data\NPF 2008-12-25 13:59 --------- d-----w c:\program files\Logitech 2008-12-25 10:47 --------- d-----w c:\documents and settings\JoachimK\Application Data\uTorrent 2008-12-24 10:28 --------- d-----w c:\documents and settings\All Users\Application Data\TrackMania 2008-12-24 09:34 --------- d-----w c:\program files\Steam 2008-12-21 17:05 62,714 --sha-w c:\windows\system32\hotomoho.dll 2008-10-31 16:29 --------- d-----w c:\program files\uTorrent 2008-10-31 16:27 --------- d-----w c:\documents and settings\JoachimK\Application Data\vlc 2008-10-31 16:17 --------- d-----w c:\program files\VideoLAN 2008-10-23 13:01 283,648 ----a-w c:\windows\system32\gdi32.dll 2008-10-16 20:38 826,368 ----a-w c:\windows\system32\wininet.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-03 10:15 247,326 ----a-w c:\windows\system32\strmdll.dll 2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2005-09-20 10:05 456,768 ----a-w c:\windows\inf\WG311T\WG311T13.sys 2004-10-19 18:58 35,232 ----a-w c:\windows\inf\WG311T\ME_INST.EXE 2004-10-19 18:58 26,112 ----a-w c:\windows\inf\WG311T\install.exe . ((((((((((((((((((((((((((((( snapshot_2008-12-25_ 2.12.38.89 ))))))))))))))))))))))))))))))))))))))))) . + 2008-12-25 13:59:53 22,486 ----a-r c:\windows\Installer\{948BE614-F37B-4A73-AD43-0245F23C110D}\ARPPRODUCTICON.exe + 2008-12-25 13:59:53 335,872 ----a-r c:\windows\Installer\{948BE614-F37B-4A73-AD43-0245F23C110D}\NewShortcut1_948BE614F37B4A73AD430245F23C110D.exe + 2008-12-25 13:59:53 49,152 ----a-r c:\windows\Installer\{948BE614-F37B-4A73-AD43-0245F23C110D}\NewShortcut2_948BE614F37B4A73AD430245F23C110D.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-01-21 20480] "LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-01-18 196608] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 1688872] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184] "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-18 458752] "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-01-18 217088] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-11 286720] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-12-11 267048] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936] "Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2007-07-18 1687824] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2007-07-18 2094352] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 c:\windows\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe] "nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-01-21 450560] NETGEAR WG311T Smart Wizard.lnk - c:\program files\NETGEAR\WG311T\wlancfg5.exe [2006-02-22 1486848] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "d:\\Spill\\Ringenes herre 2 heksekongen\\game.dat"= "d:\\Spill\\LOTR2 witch king game\\game.dat"= "c:\\WINDOWS\\system32\\rserver30\\rserver3.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "d:\\Spill\\LOTR kampen om midgard\\game.dat"= "c:\\WINDOWS\\system32\\rserver30\\FamItrfc.Exe"= R1 raddrvv3;raddrvv3;\??\c:\windows\system32\rserver30\raddrvv3.sys [2008-04-24 45848] R2 RServer3;Radmin Server V3;"c:\windows\system32\rserver30\RServer3.exe" /service [2008-04-24 1238344] R3 mirrorv3;mirrorv3;c:\windows\system32\DRIVERS\rminiv3.sys [2006-11-01 3328] R4 NDIS_RD;Firewall Engine Type-R2; [] R4 TDI_RD;Firewall Engine Type-R;\??\c:\windows\System32\drivers\tdi_rd.sys [] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-07-21 31592] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-25 38496] S3 SetupNTGLM7X;SetupNTGLM7X;\??\I:\NTGLM7X.sys [] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [2008-01-21 30464] S3 Video3D;ASUS Video3D Service;c:\windows\system32\Drivers\Video3D32.sys [] . Contents of the 'Scheduled Tasks' folder 2008-12-16 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.vg.no/ uInternet Settings,ProxyOverride = localhost . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-25 15:34:03 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-12-25 15:34:46 ComboFix-quarantined-files.txt 2008-12-25 14:34:30 ComboFix2.txt 2008-12-25 01:12:59 ComboFix3.txt 2008-06-04 21:04:22 Pre-Run: 1 789 382 656 bytes free Post-Run: 1,791,258,624 bytes free 157 --- E O F --- 2008-12-17 21:31:18 Lenke til kommentar
norbat Skrevet 27. desember 2008 Del Skrevet 27. desember 2008 Bruk utforsker til å finne og slett fila: c:\windows\system32\hotomoho.dll Oppdater og kjør deretter en rask skann med MBAM. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå