prosze o sprawdzenie loga z combofix-wolny start systemu xp

INSTALKI.pl - programy, gry, sterowniki

Logi, zabezpieczenie komputera, danych. Programy antywirusowe antyspyware, firewall itp.

Regulamin forum

1. Każdy temat powinien odzwierciedlać treść wątku.
2. W przypadku wklejania logów; należy je wykonać od razu przynajmniej z dwóch narzędzi: FRST oraz z GMER
3. Wszelkie logi proszę publikować na przeznaczonych do tego stronach a w poście wklejać tylko link.
4. Nie wskazane jest skracanie logów, należy wkleić cały - od początku, do końca.
5. Nie wskazane jest podczepianie się do tematów innych użytkowników - proszę założyć nowy temat w dziale Bezpieczeństwo, ułatwi to pomoc sprawdzającemu.
6. Osoby nie posiadające odpowiedniej wiedzy, nie powinny sprawdzać logów, ponieważ grozi to poważnym uszkodzeniem systemu lub aplikacji zainstalowanych na komputerze.
7. Należy dokładnie opisać problem, występujące objawy oraz wszelkie podjęte działania.
8. Każdy skrypt jest unikatowy, napisany dla każdego przypadku z osobna, więc nie może być stosowany przez innych.
9. W przypadku zamieszczenia zrzutu ekranu (screenshot'a) proszę korzystać z zewnętrznego serwisu oferującego hosting zdjęć.
Wyślij odpowiedź
 
keisyr
  • keisyr
  • Posty: 5
  • Dołączenie: 30 Sie 2008, 17:10

prosze o sprawdzenie loga z combofix-wolny start systemu xp

30 Sie 2008, 17:30

ComboFix 08-08-29.02 - Rysiek 2008-08-30 17:11:49.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.645 [GMT 2:00]
Running from: C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Pulpit\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Cookies\rysiek@antispywaremaster[2].txt
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Cookies\rysiek@oczyszczaczkomputerza[1].txt
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\WINDOWS\BMa72d2cdf.txt
C:\WINDOWS\BMa72d2cdf.xml
C:\WINDOWS\system32\btfunc.dll
C:\WINDOWS\system32\eewbcbxb.ini
C:\WINDOWS\system32\flsnyfqb.ini
C:\WINDOWS\system32\lnkhndvq.ini
C:\WINDOWS\system32\ltoagpqs.ini
C:\WINDOWS\system32\wctytmla.ini
C:\WINDOWS\system32\wjgupnqe.ini
C:\WINDOWS\system32\ynbdsich.ini

.
((((((((((((((((((((((((( Files Created from 2008-07-28 to 2008-08-30 )))))))))))))))))))))))))))))))
.

2008-08-28 00:03 . 2004-08-03 23:10 38,016 --a------ C:\WINDOWS\system32\drivers\bthmodem.sys
2008-08-28 00:03 . 2004-08-03 23:10 38,016 --a--c--- C:\WINDOWS\system32\dllcache\bthmodem.sys
2008-08-27 23:59 . 2008-08-27 23:59 <DIR> d-------- C:\Program Files\Avanquest update
2008-08-27 23:59 . 2008-08-27 23:59 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\BVRP Software
2008-08-27 23:58 . 2008-08-27 23:58 <DIR> d-------- C:\Program Files\Sony Ericsson
2008-08-27 23:58 . 2008-08-27 23:58 <DIR> d-------- C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\InstallShield
2008-08-27 23:58 . 2008-08-27 23:58 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Sony Ericsson
2008-08-26 18:36 . 2008-08-26 18:36 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-08-19 19:20 . 2008-08-19 19:25 <DIR> d-------- C:\Program Files\eMule
2008-08-19 18:50 . 2008-08-19 18:50 <DIR> d-------- C:\Program Files\uTorrent
2008-08-19 18:50 . 2008-08-20 22:37 <DIR> d-------- C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\uTorrent
2008-08-09 20:43 . 2008-08-09 20:43 <DIR> d-------- C:\Program Files\Avira
2008-08-09 20:43 . 2008-08-09 20:43 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Avira
2008-08-09 16:39 . 2008-08-09 16:39 <DIR> d-------- C:\Program Files\Panda Security
2008-08-09 16:39 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\system32\drivers\pavboot.sys
2008-08-07 17:40 . 2008-08-07 17:40 315,392 --a------ C:\WINDOWS\HideWin.exe
2008-08-05 13:56 . 2008-08-05 14:04 <DIR> d-------- C:\Program Files\Mozilla Thunderbird
2008-08-05 13:56 . 2008-08-05 13:56 <DIR> d-------- C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Thunderbird
2008-07-31 18:27 . 2008-07-31 18:27 <DIR> d-------- C:\Program Files\Common Files\Synacast
2008-07-31 18:25 . 2008-07-31 18:27 <DIR> d-------- C:\Program Files\PPLive
2008-07-20 17:50 . 2008-07-20 17:52 0 --a------ C:\dump_dvd.vob
2008-07-15 13:52 . 2008-07-15 13:52 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-15 13:52 . 2008-07-15 13:52 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Kaspersky Lab
2008-07-14 12:21 . 2008-07-14 12:21 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-13 22:55 . 2008-07-13 22:55 <DIR> d-------- C:\WINDOWS\McAfee.com
2008-07-06 21:58 . 2008-07-06 22:22 19 --a------ C:\WINDOWS\compedia.ini
2008-07-04 23:02 . 2008-07-04 23:02 <DIR> d-------- C:\Program Files\Common Files\Motorola Shared

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-30 15:09 --------- d-----w C:\Program Files\Neostrada TP
2008-08-30 14:37 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP
2008-08-27 21:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-27 21:55 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2008-08-27 21:50 --------- d-----w C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Teleca
2008-08-25 22:06 --------- d-----w C:\Program Files\Google
2008-08-22 16:29 --------- d-----w C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Image Zone Express
2008-08-20 19:59 --------- d-----w C:\Program Files\BitComet
2008-08-20 18:52 --------- d-----w C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\BitTorrent
2008-08-19 16:30 --------- d-----w C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Skype
2008-08-17 10:05 --------- d-----w C:\Program Files\Winamp
2008-07-24 11:23 --------- d-----w C:\Program Files\YouTube Video Downloader
2008-07-24 10:35 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Downloaded Installations
2008-07-21 10:20 --------- d-----w C:\Program Files\EA GAMES
2008-07-18 10:16 --------- d-----w C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\AdobeUM
2008-07-15 17:38 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-15 10:17 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Spybot - Search & Destroy
2008-07-15 09:55 --------- d-----w C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\DNA
2008-07-07 20:33 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:24 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 15:41 662,016 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:42 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2007-09-20 11:42 88 --sh--r C:\WINDOWS\system32\08BD94C332.sys
2007-09-20 11:42 900 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-04-25_18.38.24.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2007-11-01 05:16:26 178,976 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:16:27 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 03:28:35 16,096 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 03:28:40 216,288 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 03:28:33 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 03:28:58 723,680 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 03:29:50 386,784 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-21 06:58:11 1,024,000 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\browseui.dll
+ 2008-04-21 06:58:11 151,552 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\cdfview.dll
+ 2008-04-21 06:58:12 1,055,744 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\danim.dll
+ 2008-04-21 06:58:12 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\dxtmsft.dll
+ 2008-04-21 06:58:13 205,312 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\dxtrans.dll
+ 2008-04-21 06:58:13 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\extmgr.dll
+ 2008-04-17 10:46:59 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\iedw.exe
+ 2008-04-21 06:58:13 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\iepeers.dll
+ 2008-04-21 06:58:13 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\inseng.dll
+ 2008-04-21 06:58:13 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\jsproxy.dll
+ 2008-04-21 06:58:17 3,087,872 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mshtml.dll
+ 2008-04-21 06:58:18 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mshtmled.dll
+ 2008-04-21 06:58:18 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\msrating.dll
+ 2008-04-21 06:58:18 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mstime.dll
+ 2008-04-21 06:58:19 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\pngfilt.dll
+ 2008-04-21 06:58:20 1,499,136 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\shdocvw.dll
+ 2008-04-21 06:58:21 474,112 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\shlwapi.dll
+ 2008-04-17 11:03:57 369,152 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\spru0415.dll
+ 2008-04-21 06:58:22 619,520 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\urlmon.dll
+ 2008-04-21 06:58:22 669,184 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\wininet.dll
+ 2008-04-21 06:44:32 3,087,872 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\mshtml.dll
+ 2008-04-21 06:44:33 668,672 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll
+ 2008-04-21 06:41:26 3,088,384 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\mshtml.dll
+ 2008-04-21 06:41:27 669,184 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll
+ 2007-11-30 12:40:46 19,320 ----a-w C:\WINDOWS\$hf_mig$\KB950759\spmsg.dll
+ 2007-11-30 12:40:46 234,360 ----a-w C:\WINDOWS\$hf_mig$\KB950759\spuninst.exe
+ 2007-11-30 12:40:46 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\spcustom.dll
+ 2007-11-30 12:40:47 763,256 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\update.exe
+ 2007-11-30 12:40:47 398,200 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\updspapi.dll
+ 2007-11-30 12:40:46 19,320 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:40:46 234,360 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:40:46 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:40:47 763,256 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:40:47 398,200 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:40:46 19,320 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:40:46 234,360 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:40:46 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:40:47 763,256 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:40:47 398,200 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:19:06 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:29:10 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:25:43 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:40:46 19,320 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:40:46 234,360 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:40:46 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:40:47 763,256 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:40:48 398,200 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:21:28 19,320 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:21:28 234,360 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:21:28 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:40:47 763,256 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:40:47 398,200 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:06:01 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:36:22 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:41:01 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:21:28 19,320 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:21:28 234,360 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:21:28 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:21:28 763,256 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:21:29 398,200 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:17:51 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 16:00:25 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:22:51 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:21:28 19,320 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:21:28 234,360 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:21:28 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:21:28 763,256 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:21:29 398,200 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 05:03:16 1,291,776 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:18 1,291,776 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:09:08 1,291,776 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:21:28 19,320 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:21:28 234,360 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:21:28 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:40:47 763,256 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:40:47 398,200 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2008-06-24 16:30:57 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:46:33 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:54:28 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:40:46 19,320 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:40:46 234,360 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:40:46 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:40:47 763,256 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:40:47 398,200 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 16:16:52 1,024,000 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\browseui.dll
+ 2008-06-23 16:16:52 151,552 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\cdfview.dll
+ 2008-06-23 16:16:52 1,055,744 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\danim.dll
+ 2008-06-23 16:16:52 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\dxtmsft.dll
+ 2008-06-23 16:16:52 205,312 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\dxtrans.dll
+ 2008-06-23 16:16:52 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\extmgr.dll
+ 2008-06-23 09:53:58 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\iedw.exe
+ 2008-06-23 16:16:53 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\iepeers.dll
+ 2008-06-23 16:16:53 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\inseng.dll
+ 2008-06-23 16:16:53 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\jsproxy.dll
+ 2008-06-23 16:16:53 3,088,384 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\mshtml.dll
+ 2008-06-23 16:16:53 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\mshtmled.dll
+ 2008-06-23 16:16:53 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\msrating.dll
+ 2008-06-23 16:16:54 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\mstime.dll
+ 2008-06-23 16:16:54 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\pngfilt.dll
+ 2008-06-23 16:16:54 1,499,136 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\shdocvw.dll
+ 2008-06-23 16:16:54 474,112 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\shlwapi.dll
+ 2008-07-03 09:42:47 369,152 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\spru0415.dll
+ 2008-06-23 16:16:54 619,520 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\urlmon.dll
+ 2008-06-23 16:16:55 669,696 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP2QFE\wininet.dll
+ 2008-06-23 15:13:22 3,088,384 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\mshtml.dll
+ 2008-06-26 08:14:35 1,499,136 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\shdocvw.dll
+ 2008-06-26 08:14:35 619,520 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\urlmon.dll
+ 2008-06-23 15:13:22 668,672 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\wininet.dll
+ 2008-06-25 04:27:42 3,088,896 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\mshtml.dll
+ 2008-06-26 08:01:04 1,499,136 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\shdocvw.dll
+ 2008-06-26 08:01:05 619,520 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\urlmon.dll
+ 2008-06-23 14:57:40 669,184 ----a-w C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\wininet.dll
+ 2007-11-30 12:40:46 19,320 ----a-w C:\WINDOWS\$hf_mig$\KB953838\spmsg.dll
+ 2007-11-30 12:40:46 234,360 ----a-w C:\WINDOWS\$hf_mig$\KB953838\spuninst.exe
+ 2007-11-30 12:40:46 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB953838\update\spcustom.dll
+ 2007-11-30 12:40:47 763,256 ----a-w C:\WINDOWS\$hf_mig$\KB953838\update\update.exe
+ 2007-11-30 12:40:48 398,200 ----a-w C:\WINDOWS\$hf_mig$\KB953838\update\updspapi.dll
+ 2006-03-02 12:00:00 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2006-03-02 12:00:00 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2006-03-02 12:00:00 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2006-03-02 12:00:00 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2006-03-02 12:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll
+ 2006-03-02 12:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2006-03-02 12:00:00 172,063 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2006-03-02 12:00:00 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2006-03-02 12:00:00 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2006-03-02 12:00:00 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2006-03-02 12:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2006-03-02 12:00:00 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2006-03-02 12:00:00 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2006-03-02 12:00:00 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2006-03-02 12:00:00 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2006-03-02 12:00:00 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2006-03-02 12:00:00 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2006-03-02 12:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 03:28:40 216,288 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 03:29:50 386,784 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2008-02-16 09:05:10 1,023,488 -c----w C:\WINDOWS\$NtUninstallKB950759$\browseui.dll
+ 2008-02-16 09:05:10 151,552 -c----w C:\WINDOWS\$NtUninstallKB950759$\cdfview.dll
+ 2008-02-16 09:05:11 1,055,744 -c----w C:\WINDOWS\$NtUninstallKB950759$\danim.dll
+ 2008-02-16 09:05:11 357,888 -c----w C:\WINDOWS\$NtUninstallKB950759$\dxtmsft.dll
+ 2008-02-16 09:05:11 205,312 -c----w C:\WINDOWS\$NtUninstallKB950759$\dxtrans.dll
+ 2008-02-16 09:05:11 55,808 -c----w C:\WINDOWS\$NtUninstallKB950759$\extmgr.dll
+ 2008-02-15 09:23:37 18,432 -c----w C:\WINDOWS\$NtUninstallKB950759$\iedw.exe
+ 2008-02-16 09:05:11 251,392 -c----w C:\WINDOWS\$NtUninstallKB950759$\iepeers.dll
+ 2008-02-16 09:05:11 96,768 -c----w C:\WINDOWS\$NtUninstallKB950759$\inseng.dll
+ 2008-02-16 09:05:11 16,384 -c----w C:\WINDOWS\$NtUninstallKB950759$\jsproxy.dll
+ 2008-02-16 22:35:14 3,080,704 -c----w C:\WINDOWS\$NtUninstallKB950759$\mshtml.dll
+ 2008-02-16 09:05:13 449,024 -c----w C:\WINDOWS\$NtUninstallKB950759$\mshtmled.dll
+ 2008-02-16 09:05:13 146,432 -c----w C:\WINDOWS\$NtUninstallKB950759$\msrating.dll
+ 2008-02-16 09:05:13 532,480 -c----w C:\WINDOWS\$NtUninstallKB950759$\mstime.dll
+ 2008-02-16 09:05:14 39,424 -c----w C:\WINDOWS\$NtUninstallKB950759$\pngfilt.dll
+ 2008-02-16 09:05:15 1,494,528 -c----w C:\WINDOWS\$NtUninstallKB950759$\shdocvw.dll
+ 2008-02-16 09:05:15 474,112 -c----w C:\WINDOWS\$NtUninstallKB950759$\shlwapi.dll
+ 2007-11-30 12:40:46 234,360 -c----w C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe
+ 2007-11-30 12:40:47 398,200 -c----w C:\WINDOWS\$NtUninstallKB950759$\spuninst\updspapi.dll
+ 2008-02-16 09:05:15 616,960 -c----w C:\WINDOWS\$NtUninstallKB950759$\urlmon.dll
+ 2008-02-16 09:05:15 662,016 -c----w C:\WINDOWS\$NtUninstallKB950759$\wininet.dll
+ 2008-02-15 23:03:24 369,152 -c----w C:\WINDOWS\$NtUninstallKB950759$\xpsp3res.dll
+ 2007-11-30 12:40:46 234,360 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:40:47 398,200 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:40:46 234,360 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:40:47 398,200 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2008-04-14 15:53:43 273,024 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:21:28 234,360 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:21:29 398,200 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2004-08-03 23:35:54 275,200 -c----w C:\WINDOWS\$NtUninstallKB951376$\bthport.sys
+ 2007-11-30 11:21:28 234,360 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:21:29 398,200 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:44:30 1,291,264 -c----w C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:21:28 234,360 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:40:47 398,200 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\updspapi.dll
- 2007-09-10 16:32:59 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-04-19 11:49:40 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2007-09-10 16:32:59 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-04-19 11:49:41 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2007-09-10 16:32:59 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-04-19 11:49:41 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2007-09-10 16:32:57 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-19 11:49:41 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-09-10 16:32:59 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-04-19 11:49:42 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2007-09-10 16:32:59 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-04-19 11:49:42 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2007-09-10 16:32:59 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-04-19 11:49:42 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2007-09-10 16:33:00 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-04-19 11:49:42 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2007-09-10 16:32:59 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-04-19 11:49:40 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-04-30 13:25:02 451,072 ----a-w C:\WINDOWS\CSI Kryminalne zagadki Miami\uninstall.exe
+ 2008-06-30 08:39:58 128,256 ----a-w C:\WINDOWS\Downloaded Program Files\as2stubie.dll
+ 2008-06-14 18:01:34 273,024 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
- 2000-08-31 06:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 06:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe
- 2007-10-31 14:26:46 25,622 ----a-r C:\WINDOWS\Installer\{0A2A5039-B37F-489D-B1DC-A5258DF9E697}\fifapc.exe
+ 2008-05-01 10:07:18 25,622 ----a-r C:\WINDOWS\Installer\{0A2A5039-B37F-489D-B1DC-A5258DF9E697}\fifapc.exe
+ 2008-04-08 12:19:13 10,134 ----a-r C:\WINDOWS\Installer\{0D80391C-0A72-43BB-9BC2-143F63CC111D}\ARPPRODUCTICON.exe
+ 2008-04-09 16:51:23 3,262 ----a-r C:\WINDOWS\Installer\{4F1DCA42-2030-437C-A94E-736692A499C1}\ARPPRODUCTICON.exe
+ 2008-04-09 16:51:29 3,262 ----a-r C:\WINDOWS\Installer\{A4E0CA0F-1903-440A-9B98-FEA6CB049999}\ARPPRODUCTICON.exe
+ 2008-07-18 10:21:12 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A71000000002}\SC_Reader.exe
+ 2008-04-19 11:31:43 5,120 ----a-r C:\WINDOWS\Installer\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\IconE9F814234.exe
+ 2008-04-19 11:31:43 49,152 ----a-r C:\WINDOWS\Installer\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\IconE9F814236.exe
+ 1998-10-07 10:54:38 327,168 ----a-w C:\WINDOWS\IsUn0415.exe
- 1998-10-29 15:45:06 306,688 ----a-w C:\WINDOWS\IsUninst.exe
+ 1998-10-29 14:45:06 306,688 ----a-w C:\WINDOWS\IsUninst.exe
+ 2002-07-31 00:50:00 24,576 ----a-w C:\WINDOWS\McAfee.com\FreeScan\avdat.exe
+ 2007-07-09 04:20:00 5,264 ----a-w C:\WINDOWS\McAfee.com\FreeScan\config.dat
+ 2008-07-14 07:49:20 156,984 ----a-w C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll
+ 2007-07-09 04:20:00 2,724,006 ----a-w C:\WINDOWS\McAfee.com\FreeScan\mcscan32.dll
+ 2008-07-14 03:20:00 885,942 ----a-w C:\WINDOWS\McAfee.com\FreeScan\names.DAT
+ 2006-12-18 09:03:00 7,449 ----a-w C:\WINDOWS\McAfee.com\FreeScan\rwabs16.dll
+ 2006-12-18 09:03:10 16,921 ----a-w C:\WINDOWS\McAfee.com\FreeScan\rwabs32.dll
+ 2008-07-14 03:20:00 33,186,585 ----a-w C:\WINDOWS\McAfee.com\FreeScan\scan.DAT
- 2005-03-18 14:23:10 53,248 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2005-03-18 15:23:10 53,248 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
- 2005-03-18 14:23:10 12,800 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2005-03-18 15:23:10 12,800 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
- 2005-03-18 14:23:14 473,600 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2005-03-18 15:23:14 473,600 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
- 2005-03-18 14:23:10 145,920 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2005-03-18 15:23:10 145,920 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
- 2005-03-18 14:23:10 159,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2005-03-18 15:23:10 159,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
- 2005-03-18 14:23:14 364,544 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2005-03-18 15:23:14 364,544 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
- 2005-03-18 14:23:12 178,176 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2005-03-18 15:23:12 178,176 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
- 2005-03-18 14:23:14 223,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2005-03-18 15:23:14 223,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
- 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
- 2006-09-12 06:34:26 499,712 ------r C:\WINDOWS\RtlExUpd.dll
+ 2007-07-26 15:09:20 520,192 ----a-w C:\WINDOWS\RtlExUpd.dll
- 2008-04-01 11:04:52 451,072 ----a-w C:\WINDOWS\San Andreas Mod Installer\uninstall.exe
+ 2008-06-19 17:59:44 451,072 ----a-w C:\WINDOWS\San Andreas Mod Installer\uninstall.exe
+ 2001-07-14 15:32:24 69,632 ----a-w C:\WINDOWS\setupupd\temp\wsdueng.dll
- 2008-02-16 09:05:10 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-06-23 15:41:35 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll
- 2008-02-16 09:05:10 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-06-23 15:41:35 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-04-25 17:42:55 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
+ 2006-06-05 12:04:02 242,688 ----a-w C:\WINDOWS\system32\ConnAPI.dll
+ 2006-07-04 12:26:42 704,000 ----a-w C:\WINDOWS\system32\DAAPI.dll
- 2008-02-16 09:05:11 1,055,744 ----a-w C:\WINDOWS\system32\danim.dll
+ 2008-06-23 15:41:36 1,055,744 ----a-w C:\WINDOWS\system32\danim.dll
- 2006-03-02 12:00:00 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-20 10:44:38 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2004-08-03 20:59:44 95,360 -c--a-w C:\WINDOWS\system32\dllcache\atapi.sys
- 2008-02-16 09:05:10 1,023,488 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2008-06-23 15:41:35 1,023,488 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2004-08-03 23:35:54 275,200 -c--a-w C:\WINDOWS\system32\dllcache\bthport.sys
+ 2008-06-14 18:01:34 273,024 -c--a-w C:\WINDOWS\system32\dllcache\bthport.sys
- 2008-02-16 09:05:10 151,552 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2008-06-23 15:41:35 151,552 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2008-02-16 09:05:11 1,055,744 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
+ 2008-06-23 15:41:36 1,055,744 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
- 2006-03-02 12:00:00 561,179 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
- 2008-02-20 05:38:07 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:42:20 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2008-02-16 09:05:11 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 15:41:36 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-02-16 09:05:11 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 15:41:36 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2005-07-26 04:42:34 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
+ 2008-07-07 20:33:22 253,952 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
- 2008-02-16 09:05:11 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 15:41:36 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-02-15 09:23:37 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2008-06-23 09:49:29 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2008-02-16 09:05:11 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-06-23 15:41:36 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2007-08-21 06:18:06 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:52 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2008-02-16 09:05:11 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2008-06-23 15:41:36 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2008-02-16 09:05:11 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-23 15:41:36 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2006-03-02 12:00:00 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll
+ 2008-05-01 14:33:01 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll
- 2005-06-29 01:52:57 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
+ 2008-06-24 16:24:26 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
- 2006-03-02 12:00:00 512,029 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
- 2006-03-02 12:00:00 319,517 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2008-02-16 22:35:14 3,080,704 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-23 15:41:37 3,080,704 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-02-16 09:05:13 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-06-23 15:41:37 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2006-03-02 12:00:00 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
- 2006-03-02 12:00:00 358,976 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
- 2006-03-02 12:00:00 172,063 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:52:02 178,976 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
- 2006-03-02 12:00:00 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
- 2006-03-02 12:00:00 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
- 2006-03-02 12:00:00 213,023 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
- 2006-03-02 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2008-02-16 09:05:13 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 15:41:37 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2006-03-02 12:00:00 421,919 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2006-03-02 12:00:00 315,423 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2006-03-02 12:00:00 552,989 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
- 2006-03-02 12:00:00 258,077 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2008-02-16 09:05:13 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 15:41:37 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2006-03-02 12:00:00 831,519 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2006-03-02 12:00:00 246,784 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2008-06-20 17:42:21 246,784 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
- 2006-03-02 12:00:00 614,429 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:52:02 621,344 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
- 2006-03-02 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
- 2008-02-16 09:05:14 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 15:41:37 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:44:30 1,291,264 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:16:26 1,291,264 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2008-02-16 09:05:15 1,494,528 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-06-23 15:41:37 1,494,528 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2008-02-16 09:05:15 474,112 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-06-23 15:41:37 474,112 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2008-02-16 09:05:15 616,960 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-06-23 15:41:37 616,960 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-02-16 09:05:15 662,016 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-06-23 15:41:38 662,016 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-02-20 05:38:07 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:42:20 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2004-04-30 07:37:02 160,640 ----a-w C:\WINDOWS\system32\drivers\a347bus.sys
+ 2004-04-30 07:33:00 5,248 ----a-w C:\WINDOWS\system32\drivers\a347scsi.sys
- 2006-03-02 12:00:00 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
- 2006-03-02 12:00:00 95,360 ----a-w C:\WINDOWS\system32\drivers\atapi.sys
+ 2004-08-03 20:59:44 95,360 ----a-w C:\WINDOWS\system32\drivers\atapi.sys
+ 2008-05-09 11:15:51 45,376 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2008-01-21 16:11:28 22,336 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2008-06-27 13:03:55 75,072 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
- 2004-08-03 23:35:54 275,200 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
+ 2008-06-14 18:01:34 273,024 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
+ 2007-03-01 08:34:22 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
- 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2007-11-29 08:39:42 16,896 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmb_B642931F7B28F01BE617200298CCA42B44AAC343\ccdcmb.sys
+ 2007-11-29 08:32:38 48,128 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmb_B642931F7B28F01BE617200298CCA42B44AAC343\nmwcdcls.dll
+ 2007-11-29 08:39:44 95,744 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmb_B642931F7B28F01BE617200298CCA42B44AAC343\nmwcdcocls.dll
+ 2007-11-29 08:33:04 1,419,232 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmb_B642931F7B28F01BE617200298CCA42B44AAC343\wdfcoinstaller01005.dll
+ 2007-11-29 08:39:52 8,064 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmbcj_B642931F7B28F01BE617200298CCA42B44AAC343\usbser_lowerfltj.sys
+ 2007-11-29 08:39:42 8,064 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmbm_B642931F7B28F01BE617200298CCA42B44AAC343\usbser_lowerflt.sys
+ 2007-11-29 08:39:40 19,328 -c--a-w C:\WINDOWS\system32\DRVSTORE\ccdcmbo_B642931F7B28F01BE617200298CCA42B44AAC343\ccdcmbo.sys
+ 2006-08-11 06:34:10 6,144 -c--a-w C:\WINDOWS\system32\DRVSTORE\M2501at_2F5F7EFE99B5F227AF0764DFDBB083834C1FFEC1\M2501cn.sys
+ 2006-08-11 06:34:12 90,128 -c--a-w C:\WINDOWS\system32\DRVSTORE\M2501at_2F5F7EFE99B5F227AF0764DFDBB083834C1FFEC1\M2501md.sys
+ 2006-12-06 14:33:50 94,592 -c--a-w C:\WINDOWS\system32\DRVSTORE\M2501HCD_B072F3C073A4376B25683AA0AD2B77942B3E843A\M2501HCD.sys
+ 2006-08-11 06:34:10 6,144 -c--a-w C:\WINDOWS\system32\DRVSTORE\M2501md_3F9C70CED7D1F0C5A3749D5A551A3DAA6C9518B6\M2501cn.sys
+ 2006-08-11 06:34:12 90,128 -c--a-w C:\WINDOWS\system32\DRVSTORE\M2501md_3F9C70CED7D1F0C5A3749D5A551A3DAA6C9518B6\M2501md.sys
+ 2006-08-11 06:34:18 9,360 -c--a-w C:\WINDOWS\system32\DRVSTORE\M2501md_3F9C70CED7D1F0C5A3749D5A551A3DAA6C9518B6\M2501mf.sys
+ 2006-08-11 06:34:22 66,592 -c--a-w C:\WINDOWS\system32\DRVSTORE\M2501uc_6ABE1D60E560C01F808EBE80F1BCA5A3D9FDEC66\M2501uc.sys
+ 2006-08-11 06:34:24 5,808 -c--a-w C:\WINDOWS\system32\DRVSTORE\M2501uc_6ABE1D60E560C01F808EBE80F1BCA5A3D9FDEC66\M2501wn.sys
+ 2006-12-13 15:52:50 20,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\motmodem_EB300D82ECD3AD9E7DA068DFA2569A01A85B9F9C\motmodem.sys
+ 2006-11-13 12:45:54 1,419,232 -c--a-w C:\WINDOWS\system32\DRVSTORE\motmodem_EB300D82ECD3AD9E7DA068DFA2569A01A85B9F9C\wdfcoinstaller01005.dll
+ 2006-07-28 05:10:08 6,144 -c--a-w C:\WINDOWS\system32\DRVSTORE\motodrv_CC544B6797ABA663F418A1F79EC747D1ADA34BC6\mot_ci.dll
+ 2006-12-13 22:39:28 40,832 -c--a-w C:\WINDOWS\system32\DRVSTORE\motodrv_CC544B6797ABA663F418A1F79EC747D1ADA34BC6\motodrv.sys
+ 2006-12-06 15:34:06 3,584 -c--a-w C:\WINDOWS\system32\DRVSTORE\motousbnet_5BC626884DE0FEE967CA346A411190DC3882A85F\motfilt.sys
+ 2006-12-06 15:34:04 22,016 -c--a-w C:\WINDOWS\system32\DRVSTORE\motousbnet_5BC626884DE0FEE967CA346A411190DC3882A85F\Motousbnet.sys
+ 2006-12-06 15:33:54 6,400 -c--a-w C:\WINDOWS\system32\DRVSTORE\motousbnet_5BC626884DE0FEE967CA346A411190DC3882A85F\motswch.sys
+ 2006-11-13 12:36:28 1,419,232 -c--a-w C:\WINDOWS\system32\DRVSTORE\motousbnet_5BC626884DE0FEE967CA346A411190DC3882A85F\wdfcoinstaller01005.dll
+ 2006-12-13 15:52:52 20,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\motport_5B98A006FF1E3DD3285A44EF7ECDDC6341E1B407\motport.sys
+ 2006-11-13 12:45:54 1,419,232 -c--a-w C:\WINDOWS\system32\DRVSTORE\motport_5B98A006FF1E3DD3285A44EF7ECDDC6341E1B407\wdfcoinstaller01005.dll
+ 2006-08-11 06:42:32 56,736 -c--a-w C:\WINDOWS\system32\DRVSTORE\Netmon-MF_54D35AC3CE4F1550B4A3FF022449FFA11B845D09\Motorola-Netmon-MF.sys
+ 2006-08-11 06:42:36 90,436 -c--a-w C:\WINDOWS\system32\DRVSTORE\Netmon-mod_9AD3A142CE55E6AECAA17B567997991448C3690E\Motorola-Netmon-Serial.sys
+ 2006-08-11 06:42:36 90,436 -c--a-w C:\WINDOWS\system32\DRVSTORE\Netmon-MPl_2579B0EBA4376B2FB2088FD12E3D79CCD20283AF\Motorola-Netmon-Serial.sys
+ 2008-02-01 13:17:04 90,624 -c--a-w C:\WINDOWS\system32\DRVSTORE\nmwcdnsu_AB69B9857FBB820139A32719113E6DF4E761B11D\nmwcdcls.dll
+ 2008-02-01 13:17:12 138,112 -c--a-w C:\WINDOWS\system32\DRVSTORE\nmwcdnsu_AB69B9857FBB820139A32719113E6DF4E761B11D\nmwcdnsu.sys
+ 2008-02-01 13:17:06 8,320 -c--a-w C:\WINDOWS\system32\DRVSTORE\nmwcdnsuc_AB69B9857FBB820139A32719113E6DF4E761B11D\nmwcdnsuc.sys
+ 2006-07-28 05:10:08 6,144 -c--a-w C:\WINDOWS\system32\DRVSTORE\p2k_1DEAB2DB9CA23F8BBDA4595DABF7495F444485A8\mot_ci.dll
+ 2006-12-13 22:39:28 40,832 -c--a-w C:\WINDOWS\system32\DRVSTORE\p2k_1DEAB2DB9CA23F8BBDA4595DABF7495F444485A8\motodrv.sys
- 2008-02-16 09:05:11 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 15:41:36 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-02-16 09:05:11 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 15:41:36 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-02-16 09:05:11 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 15:41:36 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-04-23 09:18:56 230,392 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-04-20 10:45:19 223,224 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2008-02-16 09:05:11 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2008-06-23 15:41:36 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2007-08-21 06:18:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:51:52 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2008-02-16 09:05:11 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2008-06-23 15:41:36 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
- 2008-02-16 09:05:11 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 15:41:36 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2005-05-24 10:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 13:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 13:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2006-07-28 05:10:08 6,144 ----a-w C:\WINDOWS\system32\mot_ci.dll
+ 2001-05-11 11:18:14 420,240 ----a-w C:\WINDOWS\system32\mpg4c32.dll
- 2008-04-06 05:56:20 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe
- 2006-03-02 12:00:00 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2006-03-02 12:00:00 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2008-02-16 22:35:14 3,080,704 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-23 15:41:37 3,080,704 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-02-16 09:05:13 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 15:41:37 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2006-03-02 12:00:00 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2006-03-02 12:00:00 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2006-03-02 12:00:00 172,063 ----a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-03-25 04:52:02 178,976 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2006-03-02 12:00:00 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2006-03-02 12:00:00 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2006-03-02 12:00:00 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2006-03-02 12:00:00 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2008-02-16 09:05:13 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 15:41:37 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 2006-03-02 12:00:00 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2006-03-02 12:00:00 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2006-03-02 12:00:00 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2006-03-02 12:00:00 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2008-02-16 09:05:13 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 15:41:37 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
- 2006-03-02 12:00:00 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2006-03-02 12:00:00 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:52:02 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2006-03-02 12:00:00 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2007-05-15 13:43:10 1,320,800 ----a-w C:\WINDOWS\system32\msxml6.dll
+ 2006-10-05 02:31:10 79,872 ----a-w C:\WINDOWS\system32\msxml6r.dll
+ 2006-07-04 12:25:40 131,072 ----a-w C:\WINDOWS\system32\NclAPI.dll
+ 2006-06-12 11:55:00 61,440 ----a-w C:\WINDOWS\system32\NclTools.dll
+ 2008-02-01 13:17:04 90,624 ----a-w C:\WINDOWS\system32\nmwcdcls.dll
- 2008-04-25 15:16:15 52,764 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-08-30 14:40:53 52,764 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-04-25 15:16:15 67,078 ----a-w C:\WINDOWS\system32\perfc015.dat
+ 2008-08-30 14:40:53 67,078 ----a-w C:\WINDOWS\system32\perfc015.dat
- 2008-04-25 15:16:15 380,350 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-08-30 14:40:53 380,350 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-04-25 15:16:15 435,978 ----a-w C:\WINDOWS\system32\perfh015.dat
+ 2008-08-30 14:40:53 435,978 ----a-w C:\WINDOWS\system32\perfh015.dat
- 2008-02-16 09:05:14 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 15:41:37 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2008-02-16 09:05:15 1,494,528 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-06-23 15:41:37 1,494,528 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2008-02-16 09:05:15 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-06-23 15:41:37 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2006-09-25 15:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 12:40:46 19,320 ------w C:\WINDOWS\system32\spmsg.dll
- 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
- 2008-02-16 09:05:15 616,960 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 15:41:37 616,960 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2006-07-04 12:25:30 245,760 ----a-w C:\WINDOWS\system32\VersitConverter.dll
+ 2001-05-16 15:54:44 309,616 ----a-w C:\WINDOWS\system32\wmv8dmod.dll
- 2008-02-15 23:03:24 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-07-03 09:42:47 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-21 14:32 68856]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39 2119104]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2008-07-17 15:50 2599224]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 17:20 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2003-09-05 06:59 878080]
"WooCnxMon"="C:\PROGRA~1\NEOSTR~1\CnxMon.exe" [2003-10-16 18:07 24576]
"WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 18:07 53248]
"WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2003-10-16 18:07 20480]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 08:51 7323648]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-12 10:58 16264192 C:\WINDOWS\RTHDCPL.EXE]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VQJC"= PD016dec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\NAPI-PROJEKT\\napisy.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10420:TCP"= 10420:TCP:BitComet 10420 TCP
"10420:UDP"= 10420:UDP:BitComet 10420 UDP

R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-06-19 17:24]
S3 DMSKSSRh;DMSKSSRh;C:\DOCUME~1\RYSIEK~1.RYS\USTAWI~1\Temp\DMSKSSRh.sys []
S3 FT3893;FT3893 Filter;C:\WINDOWS\system32\DRIVERS\FT3893.sys []
S3 PD016BLK;Creative PC-CAM 300 (Still Image);C:\WINDOWS\system32\DRIVERS\PD016Blk.sys [2002-06-21 01:10]
S3 PD016VID;Creative PC-CAM 300 (Video);C:\WINDOWS\system32\DRIVERS\PD016Vid.sys [2002-06-21 01:10]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 16:54]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 16:54]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 16:54]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s115mgmt.sys [2007-04-23 16:54]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 16:54]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{09e94bbb-c5f3-11dc-bef0-000e50914fc3}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{09e94bbc-c5f3-11dc-bef0-000e50914fc3}]
\Shell\AutoRun\command - setupSNK.exe

*Newly Created Service* - CATCHME
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.www.daemon-search.com/default
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-30 17:15:08
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-30 17:17:06
ComboFix-quarantined-files.txt 2008-08-30 15:16:53
ComboFix2.txt 2008-04-25 16:38:40

Pre-Run: 4,913,389,568 bajtów wolnych
Post-Run: 5,090,750,464 bajtów wolnych

693 --- E O F --- 2008-08-14 01:37:35
 
huber2t
  • huber2t
  • Posty: 2798
  • Dołączenie: 21 Mar 2008, 10:07

Re: prosze o sprawdzenie loga z combofix-wolny start systemu xp

30 Sie 2008, 18:15

Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:
Kod:
Driver::
DMSKSSRh
FT3893

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{09e94bbb-c5f3-11dc-bef0-000e50914fc3}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{09e94bbc-c5f3-11dc-bef0-000e50914fc3}]

Plik -> zapisz jako -> CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu ->
Image
Rozpocznie się usuwanie i powstanie log, daj ten log na forum.

Logi dajesz na http://www.wklej.eu a w poście dajesz tylko link
 
keisyr
  • keisyr
  • Posty: 5
  • Dołączenie: 30 Sie 2008, 17:10

Prosze o sprawdzenie loga

30 Sie 2008, 22:17

to jest log z combofix.Złapałem jakies wirusy teraz niby wszystko jest ok ale system startuje bardzo wolno i generalnie muli sie komp.Z góry dzieki za pomoc
http://www.wklej.eu/index.php?id=e1510ba615
 
huber2t
  • huber2t
  • Posty: 2798
  • Dołączenie: 21 Mar 2008, 10:07

Re: Prosze o sprawdzenie loga

31 Sie 2008, 06:31

otwórz notatnik i wklej
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=-
"RTHDCPL"=-


Z menu Notatnika -> Plik -> Zapisz jako -> Zmień rozszerzenie z .txt na wszystkie pliki -> zapisz pod nazwą Fix.reg

Uruchom ten plik, uruchom ponownie komputer

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

Dr.WEB CureIt!
 
keisyr
  • keisyr
  • Posty: 5
  • Dołączenie: 30 Sie 2008, 17:10

Re: prosze o sprawdzenie loga z combofix-wolny start systemu xp

01 Wrz 2008, 17:43

bardzo dziekuje za pomoc!!!To jest raport z kaspersky

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
1 wrzesień 2008 17:25:30
System operacyjny: Microsoft Windows XP Home Edition, Dodatek Service Pack 2 (Build 2600)
Kaspersky Online Scanner wersja: 5.0.98.1
Ostatnia aktualizacja Kaspersky Anti-Virus 1/09/2008
Liczba wpisów w bazie danych Kaspersky Anti-Virus1172461
-------------------------------------------------------------------------------

Ustawienia skanowania:
Skanowanie przy użyciu następujących baz danych: rozszerzone
Skanuj archiwa: tak
Skanuj pocztowe bazy danych: tak

Obszar skanowania - Mój komputer:
A:\
C:\
D:\
E:\
F:\
G:\

Statystyki skanowania:
Liczba skanowanych obiektów: 85118
Liczba wykrytych wirusów: 2
Liczba zainfekowanych obiektów: 4
Liczba podejrzanych obiektów: 4
Czas trwania skanowania: 04:18:09

Nazwa zainfekowanego obiektu / Nazwa wirusa / Ostatnie działanie
C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Dr Watson\user.dmp Object is locked pominięty
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft\Network\Downloader\qmgr0.dat Object is locked pominięty
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Microsoft\Network\Downloader\qmgr1.dat Object is locked pominięty
C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Cookies\index.dat Object is locked pominięty
C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\NTUSER.DAT Object is locked pominięty
C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\ntuser.dat.LOG Object is locked pominięty
C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty
C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty
C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty
C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty
C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\NTUSER.DAT Object is locked pominięty
C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\ntuser.dat.LOG Object is locked pominięty
C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty
C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Cookies\index.dat Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\cert8.db Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\formhistory.dat Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\history.dat Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\key3.db Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\parent.lock Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\search.sqlite Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\urlclassifier2.sqlite Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\MozillaControl\profiles\MozillaControl\0a4fls0c.slt\parent.lock Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Dane aplikacji\Onet\Listonosz\getionary_op_pl_Listonosz.db3 Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\NTUSER.DAT Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\ntuser.dat.LOG Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Identities\{883C475C-B7D3-4C37-B69F-F45A2B7216E3}\Microsoft\Outlook Express\Skrzynka odbiorcza.dbx/[Date 26 Mar 2008 18:51:31 +0100]/UNNAMED/UNNAMED/html Podejrzanych: Exploit.HTML.Iframe.FileDownload pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Identities\{883C475C-B7D3-4C37-B69F-F45A2B7216E3}\Microsoft\Outlook Express\Skrzynka odbiorcza.dbx/[Date 26 Mar 2008 18:51:31 +0100]/UNNAMED/UNNAMED Podejrzanych: Exploit.HTML.Iframe.FileDownload pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Identities\{883C475C-B7D3-4C37-B69F-F45A2B7216E3}\Microsoft\Outlook Express\Skrzynka odbiorcza.dbx/[Date 26 Mar 2008 18:51:31 +0100]/UNNAMED Podejrzanych: Exploit.HTML.Iframe.FileDownload pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Identities\{883C475C-B7D3-4C37-B69F-F45A2B7216E3}\Microsoft\Outlook Express\Skrzynka odbiorcza.dbx MailMSOutlook5: podejrzany - 3 pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Identities\{B8C58AA4-8EDE-41B2-8DD2-C74DECBD4739}\Microsoft\Outlook Express\Folders.dbx Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Identities\{B8C58AA4-8EDE-41B2-8DD2-C74DECBD4739}\Microsoft\Outlook Express\Kopie robocze.dbx Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Identities\{B8C58AA4-8EDE-41B2-8DD2-C74DECBD4739}\Microsoft\Outlook Express\Offline.dbx Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Identities\{B8C58AA4-8EDE-41B2-8DD2-C74DECBD4739}\Microsoft\Outlook Express\Pop3uidl.dbx Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\Cache\_CACHE_001_ Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\Cache\_CACHE_002_ Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\Cache\_CACHE_003_ Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\i7vlyd8d.default\Cache\_CACHE_MAP_ Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Historia\History.IE5\MSHist012008090120080902\index.dat Object is locked pominięty
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\accounts.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\accounts.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_auctions.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_auctions.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_auctions_status.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_auctions_status.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_contacts.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_contacts.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_emails.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_emails.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_komentarze_otrzymane.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_komentarze_otrzymane.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_komentarze_wystawione.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_komentarze_wystawione.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_koresp.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_koresp.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_offline.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_offline.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_printqueue.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_printqueue.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_slownik.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_slownik.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_statusy_data.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_statusy_data.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_transactions.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_transactions.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_uwagi.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_uwagi.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_wplata.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_wplata.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_wysylka.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\akcecom_wysylka.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_auctions.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_auctions.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_auctions_status.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_auctions_status.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_contacts.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_contacts.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_emails.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_emails.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_emails_offline.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_emails_offline.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_komentarze_otrzymane.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_komentarze_otrzymane.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_komentarze_wystawione.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_komentarze_wystawione.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_koresp.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_koresp.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_offline.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_offline.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_printqueue.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_printqueue.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_slownik.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_slownik.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_statusy_data.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_statusy_data.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_transactions.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_transactions.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_uwagi.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_uwagi.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_wplata.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_wplata.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_wysylka.MYD Object is locked pominięty
C:\Program Files\Asystent4\MySQL\database\uzytkownik_wysylka.MYI Object is locked pominięty
C:\Program Files\Asystent4\MySQL\ibdata1 Object is locked pominięty
C:\Program Files\Asystent4\MySQL\ib_logfile0 Object is locked pominięty
C:\Program Files\Asystent4\MySQL\innodb.status.2888 Object is locked pominięty
C:\Program Files\Asystent4\MySQL\RYSIEK.err Object is locked pominięty
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty
C:\System Volume Information\_restore{55D006CB-8D54-4791-BDAF-1B36F0C5AF78}\RP431\change.log Object is locked pominięty
C:\WINDOWS\Debug\PASSWD.LOG Object is locked pominięty
C:\WINDOWS\SchedLgU.Txt Object is locked pominięty
C:\WINDOWS\SoftwareDistribution\EventCache\{38BF1E2E-0F7A-4529-9325-6A667EEB69D1}.bin Object is locked pominięty
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked pominięty
C:\WINDOWS\Sti_Trace.log Object is locked pominięty
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked pominięty
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked pominięty
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked pominięty
C:\WINDOWS\system32\config\default Object is locked pominięty
C:\WINDOWS\system32\config\default.LOG Object is locked pominięty
C:\WINDOWS\system32\config\SAM Object is locked pominięty
C:\WINDOWS\system32\config\SAM.LOG Object is locked pominięty
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked pominięty
C:\WINDOWS\system32\config\SECURITY Object is locked pominięty
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked pominięty
C:\WINDOWS\system32\config\software Object is locked pominięty
C:\WINDOWS\system32\config\software.LOG Object is locked pominięty
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked pominięty
C:\WINDOWS\system32\config\system Object is locked pominięty
C:\WINDOWS\system32\config\system.LOG Object is locked pominięty
C:\WINDOWS\system32\drivers\atapi.sys Object is locked pominięty
C:\WINDOWS\system32\drivers\sptd.sys Object is locked pominięty
C:\WINDOWS\system32\h323log.txt Object is locked pominięty
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked pominięty
C:\WINDOWS\wiadebug.log Object is locked pominięty
C:\WINDOWS\wiaservc.log Object is locked pominięty
C:\WINDOWS\WindowsUpdate.log Object is locked pominięty
D:\RECYCLER\S-1-5-21-1409082233-1123561945-839522115-1004\De3\PROMY\internetowe\IINNE\DAP\DAP74.EXE/WISE0024.BIN/dapiebar.dll Zainfekowanych: not-a-virus:AdWare.Win32.Dap.h pominięty
D:\RECYCLER\S-1-5-21-1409082233-1123561945-839522115-1004\De3\PROMY\internetowe\IINNE\DAP\DAP74.EXE/WISE0024.BIN Zainfekowanych: not-a-virus:AdWare.Win32.Dap.h pominięty
D:\RECYCLER\S-1-5-21-1409082233-1123561945-839522115-1004\De3\PROMY\internetowe\IINNE\DAP\DAP74.EXE WiseSFX: zainfekowany - 2 pominięty
D:\RECYCLER\S-1-5-21-1409082233-1123561945-839522115-1004\De3\PROMY\internetowe\IINNE\DAP\DAP74.EXE WiseSFXDropper: zainfekowany - 2 pominięty
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty

Proces skanowania został zakończony.
 
huber2t
  • huber2t
  • Posty: 2798
  • Dołączenie: 21 Mar 2008, 10:07

Re: prosze o sprawdzenie loga z combofix-wolny start systemu xp

01 Wrz 2008, 18:10

Pobierz The Avenger

wklej do niego ten tekst:
Kod:
Files to delete:
C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Identities\{883C475C-B7D3-4C37-B69F-F45A2B7216E3}\Microsoft\Outlook Express\Skrzynka odbiorcza.dbx


kopiuj to i klikasz na Paste Script from Clipboard wybierasz Execute oraz Potwierdzasz i zgadzasz się na restart klikając OK.
Kasujesz ręcznie z dysku plik: C:\Avenger\backup.zip i wklejasz na forum raport: C:\avenger.txt


Opróżnij kosz

:)
 
keisyr
  • keisyr
  • Posty: 5
  • Dołączenie: 30 Sie 2008, 17:10

Re: prosze o sprawdzenie loga z combofix-wolny start systemu xp

01 Wrz 2008, 18:40

to raport z avangera.komp dalej muli:(

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File "C:\Documents and Settings\Rysiek.RYSIEK-4B8B1D55\Ustawienia lokalne\Dane aplikacji\Identities\{883C475C-B7D3-4C37-B69F-F45A2B7216E3}\Microsoft\Outlook Express\Skrzynka odbiorcza.dbx" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
 
huber2t
  • huber2t
  • Posty: 2798
  • Dołączenie: 21 Mar 2008, 10:07

Re: prosze o sprawdzenie loga z combofix-wolny start systemu xp

01 Wrz 2008, 18:43

usunięte

Powinno być ok

Optymalizacja xp --> viewtopic.php?t=10892 , viewtopic.php?t=3660

:)
 
keisyr
  • keisyr
  • Posty: 5
  • Dołączenie: 30 Sie 2008, 17:10

Re: prosze o sprawdzenie loga z combofix-wolny start systemu xp

01 Wrz 2008, 18:48

Czyli jestem bez wirusa?:)To po kiego ja antybiotyk jem na zapalenie ucha:)Dzieki wielkie za pomoc!!!
 
huber2t
  • huber2t
  • Posty: 2798
  • Dołączenie: 21 Mar 2008, 10:07

Re: prosze o sprawdzenie loga z combofix-wolny start systemu xp

01 Wrz 2008, 19:05

Tak, masz system bez wirusów

:)
Wyślij odpowiedź
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Strona główna