Hi
Please then run next combofix in safe mode
Hi
Please then run next combofix in safe mode
Microsoft MVP Consumer Security 2008-2011
Member of ASAP and UNITE since 2006
tried it in safe mode and the same thing happened
Hi
Please delete your copy of combofix and download a fresh one.
That should be a bug which is already fixed
Microsoft MVP Consumer Security 2008-2011
Member of ASAP and UNITE since 2006
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:03:16 AM, on 4/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Win_Performance\Win_Performance.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jucheck.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\Bat\X_Bat.exe
C:\WINDOWS\system32\wscntfy.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: BatBHO - {63F7460B-C831-4142-A4AA-5EC303EC4343} - C:\Program Files\Bat\Bat.dll
O2 - BHO: BndFibu7 IE Helper - {8041E642-8CFC-4720-BC9D-D2DB8904286F} - C:\Program Files\QdrDrive\QdrDrive12.dll (file missing)
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {B4923358-9C2F-49FA-9F6D-1C7C95D3F3CC} - C:\WINDOWS\system32\jkkJbaxW.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D65F96C8-90AE-459F-BBD7-5EDB80BE9C60} - C:\WINDOWS\system32\byXOffGV.dll (file missing)
O2 - BHO: (no name) - {FB02AF34-91B1-42ED-B0AE-CE9F11F4E957} - C:\WINDOWS\system32\awtsSkLf.dll (file missing)
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] c:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [IS CfgWiz] c:\Program Files\Common Files\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [SetDefaultPrinter] c:\hp\bin\cloaker.exe c:\windows\system32\cmd.exe /c c:\hp\bin\defaultprinter\SetDefaultPrinter.cmd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Win_Performance] C:\Program Files\Win_Performance\Win_Performance.lnk
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [b4fe43bd] rundll32.exe "C:\WINDOWS\system32\vfqpuvtf.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Srro] "C:\PROGRA~1\SEMBLY~1\mmc.exe" -vt yazb
O4 - HKCU\..\Run: [QdrPack14] "C:\Program Files\QdrPack\QdrPack14.exe"
O4 - HKCU\..\Run: [Dybrcq] "C:\Program Files\Common Files\?icrosoft.NET\w?auclt.exe"
O4 - Startup: Bat - Auto Update.lnk = C:\Program Files\Bat\Bat.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Register.lnk = C:\Program Files\AzureBay\AzureBay Screen Saver\Register.exe
O4 - Global Startup: SoftStuff Wallpaper Changer.lnk = C:\Program Files\SoftStuff Corporation\Screen Saver and Wallpaper\softstrt.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O4 - Global Startup: Wallpaper Changer.lnk = C:\Program Files\AzureBay\AzureBay Screen Saver\WPChanger.exe
O4 - Global Startup: WPChanger.lnk = C:\Program Files\AzureBay\AzureBay Screen Saver\WPChanger.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 9380 bytes
Had to run combofix in safemode for it to get past like step 5
ComboFix 08-04-07.5 - Administrator 2008-04-08 8:51:43.3 - NTFSx86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.263 [GMT -7:00]
Running from: C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Application Data\STEM~1
C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Start Menu\Programs\Internet Speed Monitor
C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Start Menu\Programs\Internet Speed Monitor\Check Now.lnk
C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Start Menu\Programs\Internet Speed Monitor\Uninstall.lnk
C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Start Menu\Programs\Outerinfo
C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Program Files\180search assistant
C:\Program Files\180search assistant\180sa.exe
C:\Program Files\180search assistant\sau.exe
C:\Program Files\180searchassistant
C:\Program Files\180searchassistant\saap.exe
C:\Program Files\180searchassistant\sac.exe
C:\Program Files\180solutions
C:\Program Files\180solutions\sais.exe
C:\Program Files\seekmo
C:\Program Files\seekmo\seekmohook.dll
C:\Program Files\stc
C:\Program Files\stc\csv5p070.exe
C:\Program Files\Sysmnt
C:\Program Files\Sysmnt\Ssmgr.exe
C:\Program Files\zango
C:\Program Files\zango\zango.exe
C:\WINDOWS\180ax.exe
C:\WINDOWS\2020search.dll
C:\WINDOWS\2020search2.dll
C:\WINDOWS\bjam.dll
C:\WINDOWS\BMb7cd7021.xml
C:\WINDOWS\bokja.exe
C:\WINDOWS\cdsm32.dll
C:\WINDOWS\default.htm
C:\WINDOWS\mspphe.dll
C:\WINDOWS\mssvr.exe
C:\WINDOWS\saiemod.dll
C:\WINDOWS\salm.exe
C:\WINDOWS\stcloader.exe
C:\WINDOWS\swin32.dll
C:\WINDOWS\system32\chslxedm.ini
C:\WINDOWS\system32\DfPVCfhk.ini
C:\WINDOWS\system32\DfPVCfhk.ini2
C:\WINDOWS\system32\fLkSstwa.ini
C:\WINDOWS\system32\fLkSstwa.ini2
C:\WINDOWS\system32\imjmlyde.dll
C:\WINDOWS\system32\jkkICrPg.dll
C:\WINDOWS\system32\khfCVPfD.dll
C:\WINDOWS\system32\mdexlshc.dll
C:\WINDOWS\system32\mmipecci.dll
C:\WINDOWS\system32\msixu.dll
C:\WINDOWS\system32\rsvwycju.dll
C:\WINDOWS\system32\VGffOXyb.ini
C:\WINDOWS\system32\VGffOXyb.ini2
C:\WINDOWS\system32\wer8274.dll
C:\WINDOWS\system32\WxabJkkj.ini
C:\WINDOWS\system32\WxabJkkj.ini2
C:\WINDOWS\system32\xdjb.dll
C:\WINDOWS\system32\yujeaoay.dll
C:\WINDOWS\TEMP\salm.exe
C:\WINDOWS\updatetc.exe
C:\WINDOWS\voiceip.dll
.
---- Previous Run -------
.
C:\Program Files\180search assistant
C:\Program Files\180search assistant\180sa.exe
C:\Program Files\180search assistant\sau.exe
C:\Program Files\180searchassistant
C:\Program Files\180searchassistant\saap.exe
C:\Program Files\180searchassistant\sac.exe
C:\Program Files\180solutions
C:\Program Files\180solutions\sais.exe
C:\Program Files\Common Files\icroso~1.net
C:\Program Files\Common Files\wnsxs~1
C:\Program Files\ISM
C:\Program Files\outerinfo
C:\Program Files\QdrDrive
C:\Program Files\QdrModule
C:\Program Files\QdrPack
C:\Program Files\seekmo
C:\Program Files\seekmo\seekmohook.dll
C:\Program Files\sembly~1
C:\Program Files\sembly~1\??sembly\
C:\Program Files\sembly~1\mmc.exe
C:\Program Files\stc
C:\Program Files\stc\csv5p070.exe
C:\Program Files\Sysmnt
C:\Program Files\Sysmnt\Ssmgr.exe
C:\Program Files\webhancer
C:\Program Files\webhancer\Programs\webhdll.dll
C:\Program Files\ymante~1
C:\Program Files\zango
C:\Program Files\zango\zango.exe
C:\WINDOWS\180ax.exe
C:\WINDOWS\2020search.dll
C:\WINDOWS\2020search2.dll
C:\WINDOWS\bjam.dll
C:\WINDOWS\bokja.exe
C:\WINDOWS\cdsm32.dll
C:\WINDOWS\cookies.ini
C:\WINDOWS\default.htm
C:\WINDOWS\mspphe.dll
C:\WINDOWS\mssvr.exe
C:\WINDOWS\PerfInfo
C:\WINDOWS\pskt.ini
C:\WINDOWS\saiemod.dll
C:\WINDOWS\salm.exe
C:\WINDOWS\stcloader.exe
C:\WINDOWS\swin32.dll
C:\WINDOWS\system32\drivers\spools.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\msixu.dll
C:\WINDOWS\system32\pppatc~1
C:\WINDOWS\system32\scurit~1
C:\WINDOWS\system32\wer8274.dll
C:\WINDOWS\system32\winfrun32.bin
C:\WINDOWS\TEMP\salm.exe
C:\WINDOWS\updatetc.exe
C:\WINDOWS\voiceip.dll
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2008-03-08 to 2008-04-08 )))))))))))))))))))))))))))))))
.
2008-04-08 08:55 . 2008-04-08 08:58 <DIR> d-------- C:\Program Files\zango
2008-04-08 08:55 . 2008-04-08 08:58 <DIR> d-------- C:\Program Files\Sysmnt
2008-04-08 08:55 . 2008-04-08 08:58 <DIR> d-------- C:\Program Files\stc
2008-04-08 08:55 . 2008-04-08 08:58 <DIR> d-------- C:\Program Files\seekmo
2008-04-08 08:55 . 2008-04-08 08:58 <DIR> d-------- C:\Program Files\180solutions
2008-04-08 08:55 . 2008-04-08 08:58 <DIR> d-------- C:\Program Files\180searchassistant
2008-04-08 08:55 . 2008-04-08 08:58 <DIR> d-------- C:\Program Files\180search assistant
2008-04-08 07:36 . 2008-04-08 08:19 5,120 --a------ C:\WINDOWS\system32\~3224.tmp
2008-04-08 07:24 . 2008-04-08 07:24 58,347 --a------ C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\cftmon.exe
2008-04-07 16:33 . 2008-04-07 16:33 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-04-07 14:41 . 2008-04-07 14:41 <DIR> d-------- C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Application Data\AdobeUM
2008-04-06 12:29 . 2008-04-07 12:29 354 ---hs---- C:\WINDOWS\system32\iujfjesx.ini
2008-04-06 09:45 . 2008-04-06 09:45 58,347 --a------ C:\Documents and Settings\LocalService\cftmon.exe
2008-04-06 09:45 . 2008-04-08 08:19 0 --a------ C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\cftmon.exe
2008-04-06 09:17 . 2008-04-06 09:17 <DIR> d-------- C:\WINDOWS\FLEOK
2008-04-06 09:15 . 2008-04-06 09:15 32,000 --a------ C:\WINDOWS\didduid.ini
2008-04-05 08:52 . 2008-04-05 08:52 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-05 08:20 . 2008-04-05 08:20 294 --ahs---- C:\WINDOWS\system32\uoukefaf.ini
2008-04-01 17:23 . 2004-08-07 14:22 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\WINDOWS
2008-04-01 17:23 . 2004-08-08 07:56 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\Application Data\Symantec
2008-04-01 17:23 . 2004-08-07 14:59 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\Application Data\SampleView
2008-04-01 17:23 . 2004-08-07 14:20 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\Application Data\Apple Computer
2008-04-01 17:06 . 2008-04-06 09:15 1,114 --a------ C:\WINDOWS\wininit.ini
2008-04-01 16:28 . 2008-04-01 16:28 18,944 --a------ C:\WINDOWS\system32\~.exe
2008-04-01 16:13 . 2008-04-01 17:15 1,600,507 --ahs---- C:\WINDOWS\system32\ftvupqfv.ini
2008-03-31 15:37 . 2008-03-31 15:37 <DIR> d-------- C:\Program Files\RcvSystem
2008-03-31 13:10 . 2008-04-01 16:09 534 --ahs---- C:\WINDOWS\system32\vwrywcwt.ini
2008-03-31 13:07 . 2008-03-31 13:07 1,584,360 --ahs---- C:\WINDOWS\system32\lokokpjq.ini
2008-03-30 15:21 . 2008-04-07 17:11 <DIR> d-------- C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Application Data\Aim
2008-03-30 09:57 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-03-30 09:57 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-03-30 09:57 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-03-30 09:57 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-03-30 05:38 . 2008-03-31 13:07 1,597,774 --ahs---- C:\WINDOWS\system32\agjrtood.ini
2008-03-29 19:13 . 2008-03-29 19:13 <DIR> d-------- C:\temp
2008-03-29 19:13 . 2008-03-29 19:15 <DIR> d-------- C:\Program Files\Win_Performance
2008-03-29 15:10 . 2008-03-29 15:10 23,552 --a------ C:\6v0ip4.exe
2008-03-29 15:03 . 2008-03-29 15:03 18,944 --a------ C:\W3NG.exe
2008-03-29 14:54 . 2008-03-29 14:54 <DIR> d---s---- C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\UserData
2008-03-29 14:31 . 2008-04-06 12:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Rabio
2008-03-29 14:31 . 2008-03-29 14:31 3,806,230 --a------ C:\WINDOWS\tD4Mxb1WfF.exe
2008-03-29 14:30 . 2008-03-29 14:30 <DIR> d-------- C:\WINDOWS\ktavdlri
2008-03-29 14:30 . 2008-03-29 14:30 90,540 --a------ C:\WINDOWS\lmtibgxs.exe
2008-03-29 14:30 . 2008-03-29 14:30 46,080 --a------ C:\WINDOWS\ghkzczaz.exe
2008-03-29 14:29 . 2008-03-29 14:32 <DIR> d-------- C:\Program Files\Bat
2008-03-29 14:29 . 2008-03-29 14:29 229,527 --a------ C:\WINDOWS\system32\L31FD.tmp
2008-03-29 14:29 . 2008-03-29 14:29 90,537 --a------ C:\WINDOWS\system32\sbwltbxa.exe
2008-03-29 14:29 . 2008-03-29 14:29 23,040 --a------ C:\WINDOWS\system32\L41CC.tmp
2008-03-29 14:29 . 2008-03-29 14:29 9,292 --a------ C:\WINDOWS\system32\L44E9.tmp
2008-03-29 14:17 . 2008-03-29 14:17 <DIR> d-------- C:\Program Files\AOL Search
2008-03-29 14:16 . 2008-03-29 14:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\AOL
2008-03-29 12:29 . 2006-05-05 02:41 453,120 --a--c--- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-03-29 10:25 . 2005-06-28 11:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-03-29 10:12 . 2008-03-29 10:12 <DIR> d-------- C:\Program Files\Norton AntiVirus
2008-03-29 10:11 . 2008-03-29 10:12 <DIR> d-------- C:\Program Files\Norton Personal Firewall
2008-03-12 10:34 . 2007-02-28 02:10 2,180,352 --a--c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-03-12 10:34 . 2007-02-28 02:08 2,136,064 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-03-12 10:34 . 2007-02-28 01:38 2,057,600 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-03-12 10:34 . 2007-02-28 01:38 2,015,744 --a--c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-03-12 10:33 . 2006-06-01 11:47 163,840 --a--c--- C:\WINDOWS\system32\dllcache\jgdw400.dll
2008-03-12 10:33 . 2006-06-01 11:47 27,648 --a--c--- C:\WINDOWS\system32\dllcache\jgpl400.dll
2008-03-11 18:05 . 2008-04-07 17:34 <DIR> d-------- C:\Program Files\Google
2008-03-11 17:51 . 2008-03-11 17:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-03-11 16:34 . 2008-03-11 16:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Radialpoint
2008-03-11 16:13 . 2008-03-29 10:11 <DIR> d-------- C:\Program Files\att-nap
2008-03-08 10:18 . 2003-12-04 17:09 509,152 --a------ C:\WINDOWS\system32\SymNeti.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-08 00:13 --------- d-----w C:\Program Files\Easy Internet signup
2008-04-08 00:11 --------- d-----w C:\Program Files\AIM
2008-04-02 00:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-02 00:06 --------- d-----w C:\Program Files\MacroVirus
2008-04-01 23:35 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-30 22:20 --------- d-----w C:\Program Files\AOD
2008-03-30 22:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-03-29 21:16 --------- d-----w C:\Program Files\Viewpoint
2008-03-29 17:15 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-29 17:11 --------- d-----w C:\Program Files\Symantec
2008-03-29 17:11 --------- d-----w C:\Program Files\Common Files\Motive
2008-03-29 17:03 90,112 ----a-w C:\WINDOWS\DUMPa17f.tmp
2008-03-12 00:51 --------- d-----w C:\Program Files\Common Files\AOL
2008-03-11 23:35 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-11 23:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Motive
2008-03-05 02:30 90,112 ----a-w C:\WINDOWS\DUMP3f7a.tmp
2008-03-05 01:27 90,112 ----a-w C:\WINDOWS\DUMP416e.tmp
2008-03-04 23:12 4,104 --sha-r C:\WINDOWS\system32\drivers\HP_PJ509AA-ABA A720N_YC_Pavi_QMXK440_E44NAheBLU5_4_IKelut_SASUSTek Computer INC._V2.02_B3.11_T040902_WXH2_L409_M448_J200_7AMD_8Athlon XP 3200+_92.2_111063044_N11063065_P_Z11C1048C_K_A11063059_U11063038_G11067205.MRK
2007-07-13 21:42 66,248 ----a-w C:\Program Files\INSTALL.LOG
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{63F7460B-C831-4142-A4AA-5EC303EC4343}]
2008-03-07 22:15 413696 --a------ C:\Program Files\Bat\Bat.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8041E642-8CFC-4720-BC9D-D2DB8904286F}]
C:\Program Files\QdrDrive\QdrDrive12.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4923358-9C2F-49FA-9F6D-1C7C95D3F3CC}]
C:\WINDOWS\system32\jkkJbaxW.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D65F96C8-90AE-459F-BBD7-5EDB80BE9C60}]
C:\WINDOWS\system32\byXOffGV.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB02AF34-91B1-42ED-B0AE-CE9F11F4E957}]
C:\WINDOWS\system32\awtsSkLf.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00 15360]
"ares"="C:\Program Files\Ares\Ares.exe" [ ]
"Srro"="C:\PROGRA~1\SEMBLY~1\mmc.exe" [ ]
"QdrPack14"="C:\Program Files\QdrPack\QdrPack14.exe" [ ]
"Dybrcq"="C:\Program Files\Common Files\?icrosoft.NET\w?auclt.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2004-08-07 12:36 32881]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04 52736]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 18:53 49152]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 18:42 659456]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 20:02 61440]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-08-07 14:03 180269]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-04-21 18:28 286720]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 20:43 233472]
"VTTimer"="VTTimer.exe" [2004-10-22 11:53 53248 C:\WINDOWS\system32\VTTimer.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2003-12-08 23:18 70776]
"NAV CfgWiz"="c:\Program Files\Common Files\Symantec Shared\CfgWiz.exe" [2004-01-20 17:25 124056]
"IS CfgWiz"="c:\Program Files\Common Files\Symantec Shared\cfgwiz.exe" [2004-01-20 17:25 124056]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 17:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 16:57 81920]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2003-12-17 23:31 118784]
"SetDefaultPrinter"="c:\hp\bin\cloaker.exe" [1999-11-07 07:11 27136]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-08-07 14:20 98304]
"Win_Performance"="C:\Program Files\Win_Performance\Win_Performance.lnk" [2008-03-29 19:13 743]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 13:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
"b4fe43bd"="C:\WINDOWS\system32\vfqpuvtf.dll" [ ]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 02:44:06 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 05:31:38 241664]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-10-01 08:13:30 114688]
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2005-11-04 14:04:48 176128]
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 13:12:08 16423]
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe [2004-01-28 22:36:18 57344]
Register.lnk - C:\Program Files\AzureBay\AzureBay Screen Saver\Register.exe [2006-08-10 08:18:22 323584]
SoftStuff Wallpaper Changer.lnk - C:\Program Files\SoftStuff Corporation\Screen Saver and Wallpaper\softstrt.exe [2005-07-31 06:07:06 180736]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [2004-08-07 14:33:32 16423]
Wallpaper Changer.lnk - C:\Program Files\AzureBay\AzureBay Screen Saver\WPChanger.exe [2007-03-08 13:36:28 57344]
WPChanger.lnk - C:\Program Files\AzureBay\AzureBay Screen Saver\WPChanger.exe [2007-03-08 13:36:28 57344]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 14:38]
.
Contents of the 'Scheduled Tasks' folder
"2008-03-29 17:47:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-08 17:26:27 C:\WINDOWS\Tasks\Easy Internet Sign-up.job"
- C:\Program Files\Easy Internet signup\HPSdpApp.exe
"2008-02-16 02:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - HP_Owner.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/TASK:
"2004-08-08 15:01:07 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-08 08:58:55
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Win_Performance\Win_Performance.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jucheck.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Bat\X_Bat.exe
C:\WINDOWS\system32\wscntfy.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
.
**************************************************************************
.
Completion time: 2008-04-08 9:00:18 - machine was rebooted [HP_Owner]
ComboFix-quarantined-files.txt 2008-04-08 16:00:15
Pre-Run: 181,052,006,400 bytes free
Post-Run: 181,066,113,024 bytes free
.
2008-04-07 23:33:07 --- E O F ---
Hi
Open notepad and copy/paste the text in the codebox below into it:
Save this as "CFScript"Code:File:: C:\WINDOWS\system32\~3224.tmp C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\cftmon.exe C:\WINDOWS\system32\iujfjesx.ini C:\Documents and Settings\LocalService\cftmon.exe C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\cftmon.exe C:\WINDOWS\didduid.ini C:\WINDOWS\system32\uoukefaf.ini C:\WINDOWS\system32\~.exe C:\WINDOWS\system32\ftvupqfv.ini C:\WINDOWS\system32\vwrywcwt.ini C:\WINDOWS\system32\lokokpjq.ini C:\WINDOWS\system32\agjrtood.ini C:\6v0ip4.exe C:\W3NG.exe C:\WINDOWS\tD4Mxb1WfF.exe C:\WINDOWS\lmtibgxs.exe C:\WINDOWS\ghkzczaz.exe C:\WINDOWS\system32\L31FD.tmp C:\WINDOWS\system32\sbwltbxa.exe C:\WINDOWS\system32\L41CC.tmp C:\WINDOWS\system32\L44E9.tmp Folder:: C:\Program Files\zango C:\Program Files\Sysmnt C:\Program Files\stc C:\Program Files\seekmo C:\Program Files\180solutions C:\Program Files\180searchassistant C:\Program Files\180search assistant C:\Program Files\Bat C:\WINDOWS\ktavdlri C:\Documents and Settings\All Users\Application Data\Rabio C:\temp C:\Program Files\Win_Performance Registry:: [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{63F7460B-C831-4142-A4AA-5EC303EC4343}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8041E642-8CFC-4720-BC9D-D2DB8904286F}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4923358-9C2F-49FA-9F6D-1C7C95D3F3CC}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D65F96C8-90AE-459F-BBD7-5EDB80BE9C60}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB02AF34-91B1-42ED-B0AE-CE9F11F4E957}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Srro"="- "QdrPack14"=- "Dybrcq"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Win_Performance"=- "b4fe43bd"=-
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.
Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.
Microsoft MVP Consumer Security 2008-2011
Member of ASAP and UNITE since 2006
After doing that ComboFix created a log. I saved the log. Then closed notepad, and there was nothing on my screen, no task bar, no icons, nothing. I opened the task manager (CTRL+ALT+DEL) and restarted my computer.
ComboFix 08-04-07.5 - HP_Owner 2008-04-08 12:15:52.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.161 [GMT -7:00]
Running from: C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Desktop\CFScript.txt
* Created a new restore point
FILE ::
C:\6v0ip4.exe
C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\cftmon.exe
C:\Documents and Settings\LocalService\cftmon.exe C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\cftmon.exe
C:\W3NG.exe
C:\WINDOWS\didduid.ini
C:\WINDOWS\ghkzczaz.exe
C:\WINDOWS\lmtibgxs.exe
C:\WINDOWS\system32\~.exe
C:\WINDOWS\system32\~3224.tmp
C:\WINDOWS\system32\agjrtood.ini
C:\WINDOWS\system32\ftvupqfv.ini
C:\WINDOWS\system32\iujfjesx.ini
C:\WINDOWS\system32\L31FD.tmp
C:\WINDOWS\system32\L41CC.tmp
C:\WINDOWS\system32\L44E9.tmp
C:\WINDOWS\system32\lokokpjq.ini
C:\WINDOWS\system32\sbwltbxa.exe
C:\WINDOWS\system32\uoukefaf.ini
C:\WINDOWS\system32\vwrywcwt.ini
C:\WINDOWS\tD4Mxb1WfF.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\6v0ip4.exe
C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\cftmon.exe
C:\Program Files\180search assistant
C:\Program Files\180searchassistant
C:\Program Files\180solutions
C:\Program Files\Bat
C:\Program Files\Bat\Bat.dll
C:\Program Files\Bat\Bat.dll.intermediate.manifest
C:\Program Files\Bat\Bat.exe
C:\Program Files\Bat\Bat.info
C:\Program Files\Bat\Bat.original
C:\Program Files\Bat\Info.dll
C:\Program Files\Bat\un_BatSetup_15041.exe
C:\Program Files\Bat\un_BatSetup_15041.txt
C:\Program Files\Bat\X_Bat.exe
C:\Program Files\Bat\X_Bat.log
C:\Program Files\seekmo
C:\Program Files\stc
C:\Program Files\Sysmnt
C:\Program Files\zango
C:\W3NG.exe
C:\WINDOWS\didduid.ini
C:\WINDOWS\ghkzczaz.exe
C:\WINDOWS\ktavdlri
C:\WINDOWS\ktavdlri\1.png
C:\WINDOWS\ktavdlri\2.png
C:\WINDOWS\ktavdlri\3.png
C:\WINDOWS\ktavdlri\4.png
C:\WINDOWS\ktavdlri\5.png
C:\WINDOWS\ktavdlri\6.png
C:\WINDOWS\ktavdlri\7.png
C:\WINDOWS\ktavdlri\8.png
C:\WINDOWS\ktavdlri\9.png
C:\WINDOWS\ktavdlri\bottom-rc.gif
C:\WINDOWS\ktavdlri\config.png
C:\WINDOWS\ktavdlri\content.png
C:\WINDOWS\ktavdlri\download.gif
C:\WINDOWS\ktavdlri\frame-bg.gif
C:\WINDOWS\ktavdlri\frame-bottom-left.gif
C:\WINDOWS\ktavdlri\frame-h1bg.gif
C:\WINDOWS\ktavdlri\head.png
C:\WINDOWS\ktavdlri\icon.png
C:\WINDOWS\ktavdlri\indexwp.html
C:\WINDOWS\ktavdlri\main.css
C:\WINDOWS\ktavdlri\memory-prots.png
C:\WINDOWS\ktavdlri\net.png
C:\WINDOWS\ktavdlri\pc-mag.gif
C:\WINDOWS\ktavdlri\pc.gif
C:\WINDOWS\ktavdlri\poloska1.png
C:\WINDOWS\ktavdlri\poloska2.png
C:\WINDOWS\ktavdlri\poloska3.png
C:\WINDOWS\ktavdlri\promowp1.html
C:\WINDOWS\ktavdlri\promowp2.html
C:\WINDOWS\ktavdlri\promowp3.html
C:\WINDOWS\ktavdlri\promowp4.html
C:\WINDOWS\ktavdlri\promowp5.html
C:\WINDOWS\ktavdlri\reg.png
C:\WINDOWS\ktavdlri\repair.png
C:\WINDOWS\ktavdlri\scr-1.png
C:\WINDOWS\ktavdlri\scr-2.png
C:\WINDOWS\ktavdlri\start.png
C:\WINDOWS\ktavdlri\styles.css
C:\WINDOWS\ktavdlri\Thumbs.db
C:\WINDOWS\ktavdlri\top-rc.gif
C:\WINDOWS\ktavdlri\vline.gif
C:\WINDOWS\ktavdlri\wp.png
C:\WINDOWS\lmtibgxs.exe
C:\WINDOWS\system32\~.exe
C:\WINDOWS\system32\~3224.tmp
C:\WINDOWS\system32\agjrtood.ini
C:\WINDOWS\system32\ftvupqfv.ini
C:\WINDOWS\system32\iujfjesx.ini
C:\WINDOWS\system32\L31FD.tmp
C:\WINDOWS\system32\L41CC.tmp
C:\WINDOWS\system32\L44E9.tmp
C:\WINDOWS\system32\lokokpjq.ini
C:\WINDOWS\system32\sbwltbxa.exe
C:\WINDOWS\system32\uoukefaf.ini
C:\WINDOWS\system32\vwrywcwt.ini
C:\WINDOWS\tD4Mxb1WfF.exe
.
((((((((((((((((((((((((( Files Created from 2008-03-08 to 2008-04-08 )))))))))))))))))))))))))))))))
.
2008-04-08 11:34 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-04-08 10:45 . 2008-04-08 10:45 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-04-08 10:44 . 2008-03-01 06:06 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-08 10:44 . 2007-06-30 20:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-08 10:44 . 2007-06-30 20:36 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-08 10:44 . 2008-03-01 06:06 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-08 10:44 . 2008-03-01 06:06 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-04-08 10:44 . 2008-03-01 06:06 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-08 10:44 . 2008-03-01 06:06 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-08 10:44 . 2008-03-01 06:06 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-08 10:44 . 2008-02-22 03:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-08 10:28 . 2008-04-08 10:28 <DIR> d-------- C:\Program Files\MSBuild
2008-04-08 10:25 . 2008-04-08 10:25 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2008-04-08 10:24 . 2008-04-08 10:24 <DIR> d-------- C:\Program Files\Reference Assemblies
2008-04-08 10:23 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-04-08 10:20 . 2008-04-08 10:20 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-04-08 10:19 . 2008-04-08 10:19 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-04-08 10:18 . 2008-04-08 10:18 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-04-08 10:18 . 2008-04-08 10:18 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-04-07 16:33 . 2008-04-07 16:33 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-04-07 14:41 . 2008-04-07 14:41 <DIR> d-------- C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Application Data\AdobeUM
2008-04-06 09:45 . 2008-04-06 09:45 58,347 --a------ C:\Documents and Settings\LocalService\cftmon.exe
2008-04-06 09:45 . 2008-04-08 08:19 0 --a------ C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\cftmon.exe
2008-04-06 09:17 . 2008-04-06 09:17 <DIR> d-------- C:\WINDOWS\FLEOK
2008-04-05 08:52 . 2008-04-05 08:52 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-01 17:23 . 2004-08-07 14:22 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\WINDOWS
2008-04-01 17:23 . 2004-08-08 07:56 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\Application Data\Symantec
2008-04-01 17:23 . 2004-08-07 14:59 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\Application Data\SampleView
2008-04-01 17:23 . 2004-08-07 14:20 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-AE066C3A9B.000\Application Data\Apple Computer
2008-04-01 17:06 . 2008-04-06 09:15 1,114 --a------ C:\WINDOWS\wininit.ini
2008-03-31 15:37 . 2008-03-31 15:37 <DIR> d-------- C:\Program Files\RcvSystem
2008-03-30 15:21 . 2008-04-07 17:11 <DIR> d-------- C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\Application Data\Aim
2008-03-30 09:57 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-03-30 09:57 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-03-30 09:57 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-03-30 09:57 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-03-29 19:13 . 2008-04-08 10:45 <DIR> d-------- C:\temp
2008-03-29 19:13 . 2008-04-08 10:34 <DIR> d-------- C:\Program Files\Win_Performance
2008-03-29 14:54 . 2008-03-29 14:54 <DIR> d---s---- C:\Documents and Settings\HP_Owner.YOUR-AE066C3A9B\UserData
2008-03-29 14:31 . 2008-04-06 12:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Rabio
2008-03-29 14:17 . 2008-03-29 14:17 <DIR> d-------- C:\Program Files\AOL Search
2008-03-29 14:16 . 2008-03-29 14:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\AOL
2008-03-29 12:29 . 2006-05-05 02:41 453,120 --a--c--- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2008-03-29 10:25 . 2006-10-16 16:10 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-03-12 10:34 . 2007-02-28 02:10 2,180,352 --a--c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-03-12 10:34 . 2007-02-28 02:08 2,136,064 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-03-12 10:34 . 2007-02-28 01:38 2,057,600 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-03-12 10:34 . 2007-02-28 01:38 2,015,744 --a--c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-03-12 10:33 . 2006-06-01 11:47 163,840 --a--c--- C:\WINDOWS\system32\dllcache\jgdw400.dll
2008-03-12 10:33 . 2006-06-01 11:47 27,648 --a--c--- C:\WINDOWS\system32\dllcache\jgpl400.dll
2008-03-11 18:05 . 2008-04-07 17:34 <DIR> d-------- C:\Program Files\Google
2008-03-11 17:51 . 2008-03-11 17:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-03-11 16:34 . 2008-03-11 16:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Radialpoint
2008-03-11 16:13 . 2008-03-29 10:11 <DIR> d-------- C:\Program Files\att-nap
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-08 18:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-08 18:38 --------- d-----w C:\Program Files\iTunes
2008-04-08 18:34 --------- d-----w C:\Program Files\Java
2008-04-08 18:31 --------- d-----w C:\Program Files\Symantec
2008-04-08 17:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-04-08 00:13 --------- d-----w C:\Program Files\Easy Internet signup
2008-04-08 00:11 --------- d-----w C:\Program Files\AIM
2008-04-02 00:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-02 00:06 --------- d-----w C:\Program Files\MacroVirus
2008-04-01 23:35 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-30 22:20 --------- d-----w C:\Program Files\AOD
2008-03-30 22:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-03-29 21:16 --------- d-----w C:\Program Files\Viewpoint
2008-03-29 17:11 --------- d-----w C:\Program Files\Common Files\Motive
2008-03-29 17:03 90,112 ----a-w C:\WINDOWS\DUMPa17f.tmp
2008-03-12 00:51 --------- d-----w C:\Program Files\Common Files\AOL
2008-03-11 23:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Motive
2008-03-05 02:30 90,112 ----a-w C:\WINDOWS\DUMP3f7a.tmp
2008-03-05 01:27 90,112 ----a-w C:\WINDOWS\DUMP416e.tmp
2008-03-04 23:12 4,104 --sha-r C:\WINDOWS\system32\drivers\HP_PJ509AA-ABA A720N_YC_Pavi_QMXK440_E44NAheBLU5_4_IKelut_SASUSTek Computer INC._V2.02_B3.11_T040902_WXH2_L409_M448_J200_7AMD_8Athlon XP 3200+_92.2_111063044_N11063065_P_Z11C1048C_K_A11063059_U11063038_G11067205.MRK
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-07-13 21:42 66,248 ----a-w C:\Program Files\INSTALL.LOG
.
((((((((((((((((((((((((((((( snapshot@2008-04-08_ 9.00.04.79 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
- 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
- 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
- 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-03-06 01:22:56 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
- 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-06-30 20:22:56 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
- 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
- 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
- 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
- 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
- 2006-05-25 16:29:04 213,216 -c----w C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe
+ 2006-05-25 17:29:04 213,216 -c----w C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe
- 2006-05-25 16:29:04 371,424 -c----w C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\updspapi.dll
+ 2006-05-25 17:29:04 371,424 -c----w C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\updspapi.dll
- 2006-05-24 18:32:48 213,216 -c----w C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe
+ 2006-05-24 19:32:48 213,216 -c----w C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe
- 2006-05-24 18:32:48 371,424 -c----w C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\updspapi.dll
+ 2006-05-24 19:32:48 371,424 -c----w C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\updspapi.dll
+ 2005-10-12 23:12:25 22,752 -c----w C:\WINDOWS\$NtUninstallKB915865$\spcustom.dll
+ 2005-10-12 23:12:25 14,048 -c----w C:\WINDOWS\$NtUninstallKB915865$\spmsg.dll
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB915865$\spuninst.exe
+ 2005-10-12 23:12:28 716,000 -c----w C:\WINDOWS\$NtUninstallKB915865$\update.exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\$NtUninstallKB915865$\updspapi.dll
+ 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
+ 2008-04-08 17:21:28 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-04-08 17:21:40 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-04-08 17:24:43 151,552 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-04-08 17:21:42 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-04-08 17:25:15 3,915,776 ----a-w C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-04-08 17:21:43 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-04-08 17:21:37 2,878,976 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-04-08 17:21:21 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-04-08 17:21:21 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-04-08 17:25:17 344,064 ----a-w C:\WINDOWS\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-04-08 17:21:50 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-04-08 17:21:32 5,025,792 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-04-08 17:21:27 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-04-08 17:21:20 503,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-04-08 17:21:23 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-04-08 17:21:39 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-04-08 17:21:39 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-04-08 17:21:40 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-04-08 17:21:24 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-04-08 17:21:25 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-04-08 17:21:26 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-04-08 17:21:27 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-04-08 17:21:24 745,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-04-08 17:24:43 352,256 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-04-08 17:21:53 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-04-08 17:21:52 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-04-08 17:21:16 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-04-08 17:21:52 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-04-08 17:21:53 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-04-08 17:21:20 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-04-08 17:21:19 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-04-08 17:21:19 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-04-08 17:25:15 593,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-04-08 17:25:15 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-04-08 17:25:17 184,320 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-04-08 17:25:17 126,976 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-04-08 17:25:17 376,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-04-08 17:25:17 151,552 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-04-08 17:25:16 4,972,544 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-04-08 17:25:16 897,024 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-04-08 17:25:17 528,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-04-08 17:24:44 94,208 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-04-08 17:21:47 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-04-08 17:21:28 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-04-08 17:21:47 389,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-04-08 17:21:44 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-04-08 17:21:22 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-04-08 17:21:38 5,050,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-04-08 17:21:30 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-04-08 17:21:29 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-04-08 17:21:30 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-04-08 17:21:49 700,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-04-08 17:24:44 126,976 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2008-04-08 17:24:44 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2008-04-08 17:24:44 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2008-04-08 17:21:45 368,640 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-04-08 17:21:49 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-04-08 17:21:46 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-04-08 17:21:46 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-04-08 17:24:45 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2008-04-08 17:21:28 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-04-08 17:24:48 159,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2008-04-08 17:24:48 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2008-04-08 17:24:46 5,623,808 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2008-04-08 17:21:30 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-04-08 17:25:17 688,128 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2008-04-08 17:21:51 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-04-08 17:21:33 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-04-08 17:21:34 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-04-08 17:21:35 5,316,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-04-08 17:28:42 1,108,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2008-04-08 17:28:43 1,641,272 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2008-04-08 17:28:42 588,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2008-04-08 17:21:36 2,035,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-04-08 17:21:48 3,018,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-04-08 17:25:16 163,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2008-04-08 17:25:17 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2008-04-08 17:25:16 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2008-04-08 17:25:16 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2008-04-08 17:25:14 1,167,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2008-04-08 17:25:17 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2008-04-08 17:26:16 26,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\8a9bb67960766d44b16ec95671fc2203\Accessibility.ni.dll
+ 2008-04-08 17:31:46 860,160 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\440ca16bb8fb4947be5c24586ac6184c\AspNetMMCExt.ni.dll
+ 2008-04-08 17:31:24 434,176 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\41360a29177ef546a06a6ca3469aac9d\ComSvcConfig.ni.exe
+ 2008-04-08 17:31:47 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\b13183e25224d241a33c23642430b08c\CustomMarshalers.ni.dll
+ 2008-04-08 17:31:46 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\6d1ce8a7f533ba43932f8b5b04b76835\dfsvc.ni.exe
+ 2008-04-08 17:31:48 880,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0f24dc3cafbac40961ff1dadc49d571\Microsoft.Build.Engine.ni.dll
+ 2008-04-08 17:29:00 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4603026d9b7bd24c963003e49cb42c15\Microsoft.Build.Framework.ni.dll
+ 2008-04-08 17:29:02 1,691,648 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\0c0374dedf56a140bce4c70c30a7343f\Microsoft.Build.Tasks.ni.dll
+ 2008-04-08 17:29:00 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\83d9986b7f4d5d4dad99dc469691d8cd\Microsoft.Build.Utilities.ni.dll
+ 2008-04-08 17:31:27 1,069,056 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1b5bd5bac285d046a7d67ba75f7dc6d5\Microsoft.Transactions.Bridge.ni.dll
+ 2008-04-08 17:31:27 405,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\7545b61a59ddf7448e30e6612a7667d3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2008-04-08 17:31:50 1,724,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\344d591af981ed41a6f950064083c522\Microsoft.VisualBasic.ni.dll
+ 2008-04-08 17:25:49 17,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\4f1ca4c58a76c44f8ef7cffb581755b6\Microsoft.VisualC.ni.dll
+ 2008-04-08 17:22:33 11,411,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\53b07eae28f1844c84b4fdc87375e663\mscorlib.ni.dll
+ 2008-04-08 17:31:52 1,576,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\98c98e40f4f82a46925fcb2191d2c0fc\PresentationBuildTasks.ni.dll
+ 2008-04-08 17:27:03 40,448 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\9008a3e27d980e4f8657baaccfe3b4b4\PresentationCFFRasterizer.ni.dll
+ 2008-04-08 17:27:02 12,038,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\9e0bec9281382c48a049cdb0197a9ff6\PresentationCore.ni.dll
+ 2008-04-08 17:28:26 49,152 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\11af84654e2c0d4fb5f0d8be0bcd4c52\PresentationFontCache.ni.exe
+ 2008-04-08 17:28:23 548,864 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4023df0c76b9e745a5d43767383ca300\PresentationFramework.Luna.ni.dll
+ 2008-04-08 17:28:25 393,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\97ae25d5f9dda94aa31fde30579c1d3c\PresentationFramework.Aero.ni.dll
+ 2008-04-08 17:28:24 266,240 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2c4346d622df34cb4171f1f0173bda3\PresentationFramework.Royale.ni.dll
+ 2008-04-08 17:28:22 204,800 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a99f0af2d9eaae46ba9af7ab04c6970b\PresentationFramework.Classic.ni.dll
+ 2008-04-08 17:28:06 14,643,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e49db5835102f14192fe30cc0af10dc9\PresentationFramework.ni.dll
+ 2008-04-08 17:28:12 1,757,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationUI\1090bcf9fac377489931f0231aa83685\PresentationUI.ni.dll
+ 2008-04-08 17:28:19 2,338,816 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ReachFramework\05a60fdcded9f84f966dd0135f963781\ReachFramework.ni.dll
+ 2008-04-08 17:31:28 139,264 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72108d58b0b4d34faa9e108d734ef3df\ServiceModelReg.ni.exe
+ 2008-04-08 17:31:28 286,720 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\cf96f8b13cdb7747812ff1e2e52d3757\SMDiagnostics.ni.dll
+ 2008-04-08 17:31:29 323,584 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMSvcHost\ea50a7bf976d574684bbcdd3218af33a\SMSvcHost.ni.exe
+ 2008-04-08 17:31:55 262,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\sysglobl\3427e58938b968499c91464bdfa9d641\sysglobl.ni.dll
+ 2008-04-08 17:26:22 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f9cac58a2f593940a95119ce193d4be5\System.Configuration.Install.ni.dll
+ 2008-04-08 17:25:43 962,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\a313ffd2a98ef34cbf191c5cb9f142f1\System.Configuration.ni.dll
+ 2008-04-08 17:26:20 1,179,648 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\b998e0e9f0d9ba49a7bdc2f706985f65\System.Data.OracleClient.ni.dll
+ 2008-04-08 17:25:47 2,703,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\b9a3383ba4f6e546be6a14d826539725\System.Data.SqlXml.ni.dll
+ 2008-04-08 17:23:23 6,688,768 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\82bcbc5c819d894baf4a5610b72b0d4b\System.Data.ni.dll
+ 2008-04-08 17:26:19 1,712,128 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\83a4d1bbe733544f91435e6b118ef42a\System.Deployment.ni.dll
+ 2008-04-08 17:23:38 10,723,328 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\fb7ff2f70823374787054b773465fdbd\System.Design.ni.dll
+ 2008-04-08 17:26:21 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1acd1e3c30118c43b729a0b7d83720e3\System.DirectoryServices.Protocols.ni.dll
+ 2008-04-08 17:25:53 1,220,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\4cb7ac24d269ad46a87689b81662f71a\System.DirectoryServices.ni.dll
+ 2008-04-08 17:22:50 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\96257b1a36b1d940a57f145643b23802\System.Drawing.Design.ni.dll
+ 2008-04-08 17:22:52 1,626,112 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\6d519ea8ee189a45a5ca4639ee5aa0f5\System.Drawing.ni.dll
+ 2008-04-08 17:25:51 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\10447973a73c284fb26865c181743dff\System.EnterpriseServices.ni.dll
+ 2008-04-08 17:25:51 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\10447973a73c284fb26865c181743dff\System.EnterpriseServices.Wrapper.dll
+ 2008-04-08 17:30:50 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\92730c1159371e48917effa7cc56328a\System.IdentityModel.Selectors.ni.dll
+ 2008-04-08 17:30:50 995,328 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\aa84a34ccb17704a8be5150a536e556a\System.IdentityModel.ni.dll
+ 2008-04-08 17:30:51 425,984 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IO.Log\1068b06cdd14db41bc29af9167e22bbc\System.IO.Log.ni.dll
+ 2008-04-08 17:29:07 655,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Messaging\e539a9cfa47db24581ea7066efce0fc4\System.Messaging.ni.dll
+ 2008-04-08 17:28:21 1,052,672 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Printing\b993f541e320004d8f19335179cbfcfa\System.Printing.ni.dll
+ 2008-04-08 17:25:54 815,104 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\f9de87c44caed24d96911e618699f32f\System.Runtime.Remoting.ni.dll
+ 2008-04-08 17:26:16 339,968 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c9c2ea939d9a4d4d8ee0ea623b40c07f\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2008-04-08 17:30:54 2,371,584 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd224d51be59544fa090cd1422062376\System.Runtime.Serialization.ni.dll
+ 2008-04-08 17:25:48 729,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\332c93a7873c7a4982c223b1dbef3f9a\System.Security.ni.dll
+ 2008-04-08 17:31:22 17,506,304 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\feb392912a72f2498e4d20da2944880f\System.ServiceModel.ni.dll
+ 2008-04-08 17:26:22 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ad0be5eec0871c4eb254dde50f571244\System.ServiceProcess.ni.dll
+ 2008-04-08 17:31:55 2,043,904 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Speech\9dc64080997e2c4cbadec6e20328bb6e\System.Speech.ni.dll
+ 2008-04-08 17:25:50 684,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\314242553e9d5a4c8fbfe231d73787a5\System.Transactions.ni.dll
+ 2008-04-08 17:31:59 2,310,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\654a42cfd2ecdd40bd29e1b97e33d41c\System.Web.Mobile.ni.dll
+ 2008-04-08 17:26:21 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\a244ec52df6fde4c8288f5ec1fc3fca9\System.Web.RegularExpressions.ni.dll
+ 2008-04-08 17:26:16 1,945,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\0a032209e5372241b15aa29963debe82\System.Web.Services.ni.dll
+ 2008-04-08 17:26:12 11,808,768 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\6e92d7384bb53942944c1f83dbfd507c\System.Web.ni.dll
+ 2008-04-08 17:23:07 13,107,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\45c3e56b1f59354ab12c7de737067966\System.Windows.Forms.ni.dll
+ 2008-04-08 17:28:51 2,965,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\5f9adf05020f7a40b00a452925c9af71\System.Workflow.Activities.ni.dll
+ 2008-04-08 17:28:59 4,599,808 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\8d4bdc406d64f4429986995e5cac37a6\System.Workflow.ComponentModel.ni.dll
+ 2008-04-08 17:29:06 2,064,384 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\a9a415172b85b840bdc74fa8daa83c35\System.Workflow.Runtime.ni.dll
+ 2008-04-08 17:23:14 5,640,192 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\b61d240dc97ca041b923578837c10785\System.Xml.ni.dll
+ 2008-04-08 17:22:48 8,093,696 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af92ceb7c8bfdd4196361cc7704a60cf\System.ni.dll
+ 2008-04-08 17:32:00 483,328 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\3e3e7ff1145e884b93883ca047305994\UIAutomationClient.ni.dll
+ 2008-04-08 17:32:02 1,122,304 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\3ed734637a7fc244a784f4cd949091b5\UIAutomationClientsideProviders.ni.dll
+ 2008-04-08 17:27:02 51,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\698109cace4e7d42b87ff8008bcf11fd\UIAutomationProvider.ni.dll
+ 2008-04-08 17:27:03 196,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\53a9ca23fd1c9e47b05d57fdc6fd72cc\UIAutomationTypes.ni.dll
+ 2008-04-08 17:25:41 3,289,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\f120490faa836e4782b4853dbb45f712\WindowsBase.ni.dll
+ 2008-04-08 17:32:03 245,760 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\0f1d9e8ab58ca0439c2c086b4c1a85cb\WindowsFormsIntegration.ni.dll
+ 2008-04-08 17:31:30 380,928 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WsatConfig\51d16495c2bc6e46872e769b3af4bde7\WsatConfig.ni.exe
- 2004-09-23 00:45:40 28,672 -c--a-w C:\WINDOWS\ie7\custsat.dll
+ 2006-06-03 11:40:49 33,792 -c--a-w C:\WINDOWS\ie7\custsat.dll
- 2006-10-23 15:17:52 357,888 -c--a-w C:\WINDOWS\ie7\dxtmsft.dll
+ 2007-12-07 01:07:12 357,888 -c--a-w C:\WINDOWS\ie7\dxtmsft.dll
- 2006-10-23 15:17:52 205,312 -c--a-w C:\WINDOWS\ie7\dxtrans.dll
+ 2007-12-07 01:07:12 205,312 -c--a-w C:\WINDOWS\ie7\dxtrans.dll
- 2006-10-23 15:17:52 55,808 -c--a-w C:\WINDOWS\ie7\extmgr.dll
+ 2007-12-07 01:07:12 55,808 -c--a-w C:\WINDOWS\ie7\extmgr.dll
- 2006-10-23 11:00:41 18,432 -c--a-w C:\WINDOWS\ie7\iedw.exe
+ 2007-12-06 13:07:07 18,432 -c--a-w C:\WINDOWS\ie7\iedw.exe
- 2006-10-23 15:17:52 251,392 -c--a-w C:\WINDOWS\ie7\iepeers.dll
+ 2007-12-07 01:07:12 251,392 -c--a-w C:\WINDOWS\ie7\iepeers.dll
+ 2006-11-08 03:03:36 287,744 -c--a-w C:\WINDOWS\ie7\ieproxy.dll
- 2006-10-23 15:17:52 96,256 -c--a-w C:\WINDOWS\ie7\inseng.dll
+ 2007-12-07 01:07:12 96,256 -c--a-w C:\WINDOWS\ie7\inseng.dll
- 2006-05-18 05:24:25 450,560 -c--a-w C:\WINDOWS\ie7\jscript.dll
+ 2007-11-14 07:26:56 450,560 -c--a-w C:\WINDOWS\ie7\jscript.dll
- 2006-10-23 15:17:52 16,384 -c--a-w C:\WINDOWS\ie7\jsproxy.dll
+ 2007-12-07 01:07:12 16,384 -c--a-w C:\WINDOWS\ie7\jsproxy.dll
- 2006-10-23 15:17:52 3,055,104 -c--a-w C:\WINDOWS\ie7\mshtml.dll
+ 2007-12-07 14:37:14 3,059,200 -c--a-w C:\WINDOWS\ie7\mshtml.dll
- 2006-10-23 15:17:52 448,512 -c--a-w C:\WINDOWS\ie7\mshtmled.dll
+ 2007-12-07 01:07:13 449,024 -c--a-w C:\WINDOWS\ie7\mshtmled.dll
- 2006-10-23 15:17:52 146,432 -c--a-w C:\WINDOWS\ie7\msrating.dll
+ 2007-12-07 01:07:13 146,432 -c--a-w C:\WINDOWS\ie7\msrating.dll
- 2006-10-23 15:17:52 532,480 -c--a-w C:\WINDOWS\ie7\mstime.dll
+ 2007-12-07 01:07:13 532,480 -c--a-w C:\WINDOWS\ie7\mstime.dll
- 2006-10-23 15:17:52 39,424 -c--a-w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-12-07 01:07:13 39,424 -c--a-w C:\WINDOWS\ie7\pngfilt.dll
- 2006-11-08 03:04:18 31,856 -c--a-w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-08-14 01:54:42 32,960 -c--a-w C:\WINDOWS\ie7\spuninst\iecustom.dll
- 2006-11-08 03:01:06 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2007-08-14 01:52:06 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
- 2006-09-06 22:43:16 213,216 -c--a-w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-07 00:43:16 213,216 -c--a-w C:\WINDOWS\ie7\spuninst\spuninst.exe
- 2006-09-06 22:43:18 371,424 -c--a-w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2006-09-07 00:43:18 371,424 -c--a-w C:\WINDOWS\ie7\spuninst\updspapi.dll
- 2006-10-23 15:17:53 613,888 -c--a-w C:\WINDOWS\ie7\urlmon.dll
+ 2007-12-07 01:07:14 615,424 -c--a-w C:\WINDOWS\ie7\urlmon.dll
- 2006-09-18 14:15:52 851,968 -c--a-w C:\WINDOWS\ie7\vgx.dll
+ 2007-06-26 15:13:22 851,968 -c--a-w C:\WINDOWS\ie7\vgx.dll
- 2006-10-23 15:17:53 658,944 -c--a-w C:\WINDOWS\ie7\wininet.dll
+ 2007-12-07 01:07:14 659,456 -c--a-w C:\WINDOWS\ie7\wininet.dll
- 2007-08-20 10:04:34 124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-14 01:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
- 2007-08-20 10:04:34 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-14 01:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
- 2007-08-20 10:04:34 132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-14 01:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
- 2007-08-20 10:04:34 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-14 01:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
- 2007-08-17 10:20:54 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-14 01:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
- 2007-08-20 10:04:34 153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-14 01:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
- 2007-08-20 10:04:35 230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-14 01:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
- 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-08-14 00:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-02-12 23:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dat
- 2007-08-20 10:04:35 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-07-11 19:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
- 2007-08-20 10:04:35 384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-14 01:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
- 2007-08-20 10:04:37 6,058,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-14 01:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
- 2007-08-20 10:04:38 44,544 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-14 01:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
- 2007-08-20 10:04:38 267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-14 01:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
- 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-14 01:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
- 2007-08-17 10:21:21 625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-14 01:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
- 2007-08-20 10:04:39 27,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-14 01:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
- 2007-08-20 10:04:39 459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-14 01:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
- 2007-08-20 10:04:39 52,224 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-14 01:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
- 2007-08-20 10:04:41 3,584,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-14 01:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
- 2007-08-20 10:04:41 477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-14 01:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
- 2007-08-20 10:04:41 193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-14 01:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
- 2007-08-20 10:04:42 671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-14 01:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
- 2007-08-20 10:04:42 102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-08-14 01:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:22:34 22,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spcustom.dll
+ 2007-03-06 01:22:36 14,048 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst.exe
- 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
- 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-06-30 20:22:56 371,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-03-06 01:22:59 716,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\update.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\updspapi.dll
- 2007-08-20 10:04:42 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-14 01:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
- 2007-08-20 10:04:42 1,152,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-14 01:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
- 2007-08-20 10:04:42 232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-14 01:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
- 2007-08-20 10:04:43 824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
+ 2007-08-14 01:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
- 2006-10-17 17:58:06 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-08-14 01:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-07-01 03:31:33 2,455,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dat
- 2007-10-30 23:42:28 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-10-31 12:12:30 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-10-31 12:12:30 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll.000
- 2006-10-17 17:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-08-14 01:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:22:34 22,752 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spcustom.dll
+ 2007-03-06 01:22:36 14,048 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst.exe
- 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:22:59 716,000 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\update.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\updspapi.dll
+ 2007-12-07 02:21:45 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-07 02:21:45 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll.000
+ 2007-12-19 23:01:06 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-19 23:01:06 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll.000
+ 2007-12-07 02:21:45 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:21:45 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll.000
+ 2007-12-07 02:21:45 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:21:45 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-07 02:21:45 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll.000
+ 2007-12-06 11:00:57 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:21:45 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:21:45 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dat
+ 2007-12-07 02:21:45 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:21:45 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll.000
+ 2007-12-07 02:21:45 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:21:46 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:21:46 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll.000
+ 2007-12-07 02:21:46 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:21:46 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-07 02:21:46 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll.000
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:01:25 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-06 11:01:25 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe.000
+ 2007-12-07 02:21:47 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:21:47 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll.000
+ 2007-12-07 02:21:47 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:21:47 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll.000
+ 2007-12-07 02:21:47 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-07 02:21:47 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll.000
+ 2007-12-08 17:51:48 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-08 17:51:48 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll.000
+ 2007-12-07 02:21:47 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:21:47 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll.000
+ 2007-12-07 02:21:48 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:21:48 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:21:48 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:53:32 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:21:48 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:21:48 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll.000
+ 2007-12-07 02:21:48 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:21:48 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll.000
+ 2007-12-07 02:21:48 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:21:48 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll.000
+ 2007-12-07 02:21:48 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
+ 2007-12-07 02:21:48 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll.000
- 2004-08-04 19:00:00 208,896 ----a-w C:\WINDOWS\inf\unregmp2.exe
+ 2006-11-02 01:31:34 315,904 ----a-w C:\WINDOWS\inf\unregmp2.exe
- 2003-02-21 09:09:46 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2005-09-23 14:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
- 2003-02-21 09:09:32 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2005-09-23 14:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2005-09-23 14:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2005-09-23 14:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2005-09-23 14:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
- 2003-02-21 08:43:50 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2005-09-23 14:28:52 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2005-09-23 14:28:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2005-09-23 14:28:42 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2005-09-23 14:28:44 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2005-09-23 14:29:04 183,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2005-09-23 14:28:28 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2005-09-23 14:28:56 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2005-09-23 14:28:58 138,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2005-09-23 14:28:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2005-09-23 14:28:58 55,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2005-09-23 14:28:32 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2005-09-23 14:28:32 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2005-09-23 14:28:32 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2005-09-23 14:28:32 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2005-09-23 14:28:32 70,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2005-09-23 14:28:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2005-09-23 14:28:32 26,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2005-09-23 14:28:32 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2005-09-23 14:28:32 29,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2005-09-23 14:28:32 29,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2005-09-23 14:28:32 503,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2005-09-23 14:28:56 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2005-09-23 14:28:56 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2005-09-23 14:28:42 76,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2005-09-23 14:28:42 1,144,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2005-09-23 14:28:42 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2005-09-23 14:28:58 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2005-09-23 14:28:56 68,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2005-09-23 14:28:44 31,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2005-09-23 14:28:38 52,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2005-09-23 14:28:38 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2005-09-23 14:29:12 547,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2005-09-23 14:28:56 788,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2005-09-23 14:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2005-09-23 14:28:56 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2005-09-23 14:28:56 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2005-09-23 14:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2005-09-23 14:28:56 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2005-09-23 14:28:56 224,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2005-09-23 14:28:56 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2005-09-23 14:28:56 55,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2005-09-23 14:28:56 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2005-09-23 14:28:48 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2005-09-23 14:01:16 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
+ 2005-09-23 13:29:48 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1025.dll
+ 2005-09-23 13:32:24 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1028.dll
+ 2005-09-23 13:34:10 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1029.dll
+ 2005-09-23 13:34:12 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1030.dll
+ 2005-09-23 13:34:44 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1031.dll
+ 2005-09-23 13:36:24 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1032.dll
+ 2005-09-23 10:46:14 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1033.dll
+ 2005-09-23 13:38:26 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1035.dll
+ 2005-09-23 13:38:52 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1036.dll
+ 2005-09-23 13:40:30 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1037.dll
+ 2005-09-23 13:40:32 83,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1038.dll
+ 2005-09-23 13:40:56 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1040.dll
+ 2005-09-23 13:42:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1041.dll
+ 2005-09-23 13:44:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1042.dll
+ 2005-09-23 13:46:38 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1043.dll
+ 2005-09-23 13:46:38 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1044.dll
+ 2005-09-23 13:46:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1045.dll
+ 2005-09-23 13:47:04 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1046.dll
+ 2005-09-23 13:47:30 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1049.dll
+ 2005-09-23 13:47:32 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1053.dll
+ 2005-09-23 13:47:32 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1055.dll
+ 2005-09-23 13:30:18 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2052.dll
+ 2005-09-23 13:47:06 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2070.dll
+ 2005-09-23 13:29:50 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3076.dll
+ 2005-09-23 13:36:48 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3082.dll
+ 2005-09-23 14:57:06 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\unicows.dll
+ 2005-09-23 14:28:48 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2005-09-23 14:28:48 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2005-09-23 14:28:48 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2005-09-23 14:28:48 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2005-09-23 14:28:48 745,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2005-09-23 14:29:10 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2005-09-23 14:29:10 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2005-09-23 14:29:08 667,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2005-09-23 14:28:30 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2005-09-23 14:29:10 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2005-09-23 14:28:30 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2005-09-23 14:28:30 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
Posting Permissions
