Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Winlogon


  • This topic is locked This topic is locked
13 replies to this topic

#1 Metushelah

Metushelah

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 08 March 2008 - 01:23 PM

Hello there my friends,
after much great and appreciated help you gave me last time with my vundo trojan, seems i have encpuntered another difficulty.
It seems that from time to time, not always, when i am turning on my computer and just before the login it shows some wierd msg, usually in gibrish.
I have checked on the net about it but didnt find quite satisfactory answers.
I am writing this here because i believe it is something with my Winlogon thing.
what should i do next in order to fix this "problem"?

2) btw it seems i am having some troubles with my registry because i had once a problem and my firewall (sygate) accidently blocked all my registry and it got deleted, i recovered most of it but i am not sure whether it is all, is there anything else i might do to check on it? i think the fact i cant "safely remove" usb drives i enter now is affected by it.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:58:03 PM, on 3/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
D:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\DU Super Controler\DUSuperControler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\DU Super Controler\DUSuperControler.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\richcomm\PowerManagerLite\PMLService.exe
C:\Program Files\Megatec\RUPS 2000\Rupsd.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
d:\Assassin's Creed\AssassinsCreed_Dx9.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Trend Micro\HijackThis\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.il/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NSRKey] C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] d:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DUSuperControler.lnk = D:\Program Files\DU Super Controler\DUSuperControler.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CBF2C04B-50B5-4C7B-8D49-ACB62582F8E6} (LauncherV1 Class) - http://chat-basic.nana.co.il/Cabs/launcher.cab
O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} (LauncherV1 Class) - http://irc.nana10.co.il/Cabs/launcher39.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D44236C2-0018-4AB7-85B9-2937C3E87D16}: NameServer = 192.115.106.35,62.219.186.7
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PMLService - richcomm - C:\Program Files\richcomm\PowerManagerLite\PMLService.exe
O23 - Service: Rupsd - Mega System Technologies, Inc. - C:\Program Files\Megatec\RUPS 2000\Rupsd.exe

--
End of file - 9445 bytes

Thank you guys your are the best!!!

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 PM

Posted 27 March 2008 - 10:16 AM

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.

When posting your logs please post them directly into the reply. Do not attach them.

Also make sure you have already followed the steps outlined below:

Preparation Guide For Use Before Posting A Hijackthis Log

Thank you for your patience.

#3 Metushelah

Metushelah
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 17 April 2008 - 08:58 AM

Hello,
i would be most glad to have your help as it seems the problem is yet to disappear, and it actually became more frequent, almost every turning on of the computer.
I will repeat the problem.
It seems, as i am not quite sure it really is that, that i have this thing called Winlogon, each time my computer reaches the part after the Windows symbol and before he actually enters an account (he does it automaticly without asking for a spesific account, its default) he shows me a window with a message in gibrish usually 4- 7 letters, mostly computer symbols like this "[[]]'||" and stuff and i am not quite sure what to do, and i really dont know how i even got it.
Your help last time was most appericiated so i turnned to you guys cause you are to be counted on.

here is my Hijackthis log hope this will help:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:52:29 PM, on 4/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
D:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\DU Super Controler\DUSuperControler.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\DU Super Controler\DUSuperControler.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\richcomm\PowerManagerLite\PMLService.exe
C:\Program Files\Megatec\RUPS 2000\Rupsd.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Trend Micro\HijackThis\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.il/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NSRKey] C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] d:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DUSuperControler.lnk = D:\Program Files\DU Super Controler\DUSuperControler.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CBF2C04B-50B5-4C7B-8D49-ACB62582F8E6} (LauncherV1 Class) - http://chat-basic.nana.co.il/Cabs/launcher.cab
O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} (LauncherV1 Class) - http://irc.nana10.co.il/Cabs/launcher39.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D44236C2-0018-4AB7-85B9-2937C3E87D16}: NameServer = 192.115.106.35,62.219.186.7
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PMLService - richcomm - C:\Program Files\richcomm\PowerManagerLite\PMLService.exe
O23 - Service: Rupsd - Mega System Technologies, Inc. - C:\Program Files\Megatec\RUPS 2000\Rupsd.exe

--
End of file - 10266 bytes

hope to hear from you soon...

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 PM

Posted 18 April 2008 - 11:11 AM

Please visit the following link and use the instructions there to post a ComboFix log as a reply to this topic:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

When following the instructions please install the Windows XP Recovery Console if you are using XP.

After running ComboFix, please post the ComboFix log as well as a brand new HijackThis as a reply to this topic.

#5 Metushelah

Metushelah
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 20 April 2008 - 05:16 PM

Combofix log

ComboFix 08-04-20.2 - User 2008-04-21 1:09:33.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1255.972.1033.18.1542 [GMT 3:00]
Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\User\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\mcrh.tmp

.
((((((((((((((((((((((((( Files Created from 2008-03-20 to 2008-04-20 )))))))))))))))))))))))))))))))
.

2008-04-11 18:18 . 2008-04-11 18:18 <DIR> d-------- C:\0e95f3d8c3217bd5fe9e198cbc28d7
2008-04-10 17:56 . 2008-04-10 17:56 <DIR> d-------- C:\Program Files\Skype
2008-04-10 17:53 . 2008-04-10 17:53 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-04-10 17:50 . 2008-04-21 00:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-10 17:48 . 2008-04-10 17:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-04-10 17:47 . 2008-04-10 17:47 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-04-03 16:53 . 2008-04-03 16:53 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-12 09:04 --------- d-----w C:\Documents and Settings\User\Application Data\AdobeUM
2008-04-10 14:58 --------- d-----w C:\Documents and Settings\User\Application Data\Skype
2008-04-10 14:52 --------- d-----w C:\Program Files\Java
2008-04-10 14:50 --------- d-----w C:\Program Files\Google
2008-04-10 14:45 --------- d-----w C:\Program Files\ATI Technologies
2008-03-19 09:40 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-08 09:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-06 19:43 --------- d-----w C:\Documents and Settings\User\Application Data\True Sword
2008-03-06 19:09 --------- d-----w C:\Documents and Settings\User\Application Data\Uniblue
2008-03-05 07:33 --------- d-----w C:\Documents and Settings\User\Application Data\Ubisoft
2008-03-05 07:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft
2008-03-05 07:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-05 06:54 --------- d-----w C:\Documents and Settings\User\Application Data\GrabIt
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-29 22:01 --------- d-----w C:\Documents and Settings\User\Application Data\Bioshock
2008-02-29 14:35 --------- d-----w C:\Documents and Settings\User\Application Data\fretsonfire
2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-02-26 03:10 299,520 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-02-26 02:49 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-02-26 02:41 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-02-26 02:21 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-02-26 02:16 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-02-25 18:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2008-02-20 18:49 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-09-14 00:01 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_2-59-58_9551664.dnp
2007-09-13 23:27 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_2-26-9_4140903.dnp
2007-09-13 21:11 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_0-9-10_827457.dnp
2007-09-13 21:05 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_0-3-47_8892105.dnp
2007-08-25 10:52 25,600 ----a-w C:\Documents and Settings\User\usbsermptxp.sys
2007-08-25 10:52 22,768 ----a-w C:\Documents and Settings\User\usbsermpt.sys
2007-06-15 17:54 1 -c--a-w C:\Documents and Settings\User\SI.bin
.

------- Sigcheck -------

2004-08-04 02:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\svchost.exe
2004-08-04 02:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\dllcache\svchost.exe

2005-10-13 23:36 577024 1800f293bccc8ede8a70e12b88d80036 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2007-03-08 18:48 578048 7aa4f6c00405dfc4b70ed4214e7d687b C:\WINDOWS\system32\user32.dll
2007-03-08 18:48 578048 7aa4f6c00405dfc4b70ed4214e7d687b C:\WINDOWS\system32\dllcache\user32.dll

2004-08-04 02:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\ws2_32.dll
2004-08-04 02:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\dllcache\ws2_32.dll

2006-02-19 03:06 360448 5562cc0a47b2aef06d3417b733f3c195 C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
2006-04-20 15:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
2007-10-30 19:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-30 19:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\system32\drivers\tcpip.sys

2004-08-04 02:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\winlogon.exe
2004-08-04 02:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\dllcache\winlogon.exe

2004-08-04 01:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys
2004-08-04 01:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys

2004-08-04 01:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys
2004-08-04 01:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys

2006-12-19 19:12 2059392 ba4b97c00a437c1cc3da365d93ee1e9d C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
2006-03-17 13:22 2015232 f17e50c2700d50cab02ecd608b94f352 C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe
2007-02-28 01:15 2059392 4d3dbdccbf97f5ba1e74f322b155c3ba C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
2007-02-28 12:15 2017280 2dfb215e291e3d9b1cf9a6739b3bf16c C:\WINDOWS\system32\ntkrnlpa.exe
2007-02-28 01:15 2059392 4d3dbdccbf97f5ba1e74f322b155c3ba C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

2006-12-19 19:51 2182016 cef243f6defd20be4adde26c7ecacb54 C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
2006-02-19 02:47 2136064 e237bafc9b56b0e36f5baf70f61eb4a5 C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
2007-02-28 12:55 2182144 5a5c8db4aa962c714c8371fbdf189fc9 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
2007-02-28 12:53 2137600 e6679c3023b17d8b78946bc5df53fa20 C:\WINDOWS\system32\ntoskrnl.exe
2007-02-28 12:55 2182144 5a5c8db4aa962c714c8371fbdf189fc9 C:\WINDOWS\system32\dllcache\ntoskrnl.exe

2007-06-13 14:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\explorer.exe
2005-10-15 11:07 1032192 45757077a47c68a603a79b03a1a836ab C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 14:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\system32\dllcache\explorer.exe

2004-08-04 02:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\ctfmon.exe
2004-08-04 02:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\dllcache\ctfmon.exe
.
((((((((((((((((((((((((((((( snapshot@2007-10-12_11.12.15.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-06 09:52:38 72,960 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:08:11 138,240 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:08:11 47,104 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:08:11 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 04:08:12 660,992 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:08:11 177,152 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:08:11 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:08:11 48,640 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:08:11 471,552 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:12:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:12:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:12:33 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-07-12 23:28:55 765,952 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\SP2QFE\vgx.dll
+ 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spmsg.dll
+ 2005-10-12 23:12:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spuninst.exe
+ 2005-10-12 23:12:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe
+ 2005-10-12 23:12:33 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\updspapi.dll
+ 2007-10-10 23:47:27 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\advpack.dll
+ 2007-10-10 23:47:27 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\dxtrans.dll
+ 2007-10-10 23:47:27 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\extmgr.dll
+ 2007-10-10 23:47:27 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\icardie.dll
+ 2007-10-10 08:16:47 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2007-10-10 23:47:27 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakeng.dll
+ 2007-10-10 23:47:27 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieaksie.dll
+ 2007-10-10 05:47:20 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakui.dll
+ 2007-07-01 03:31:33 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dat
+ 2007-10-10 23:47:27 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dll
+ 2007-10-10 23:47:27 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll
+ 2007-10-10 23:47:27 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
+ 2007-10-10 23:47:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iernonce.dll
+ 2007-10-10 23:47:27 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
+ 2007-10-10 08:16:47 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2007-10-10 08:16:56 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2007-10-10 23:47:28 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\jsproxy.dll
+ 2007-10-10 23:47:28 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeeds.dll
+ 2007-10-10 23:47:28 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeedsbs.dll
+ 2007-10-30 23:48:49 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
+ 2007-10-10 23:47:28 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtmled.dll
+ 2007-10-10 23:47:28 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll
+ 2007-10-10 23:47:28 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mstime.dll
+ 2007-10-10 23:47:28 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\occache.dll
+ 2007-10-10 23:47:28 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\url.dll
+ 2007-10-10 23:47:29 1,162,240 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\urlmon.dll
+ 2007-10-10 23:47:29 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\webcheck.dll
+ 2007-10-10 23:47:29 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-06-30 20:22:56 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:23:47 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-12-04 18:29:10 551,936 ----a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:23:47 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-12-07 02:01:07 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:57:52 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 02:01:07 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 02:01:07 133,120 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 02:01:07 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 02:01:08 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 02:01:08 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 02:01:08 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 02:01:08 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 02:01:10 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 02:01:10 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 02:01:11 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 02:01:11 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 02:01:11 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 02:01:11 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 02:01:12 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 02:01:12 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 02:01:13 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 02:01:13 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 02:01:13 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:57:26 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 02:01:13 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 02:01:13 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 02:01:13 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 02:01:13 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2007-11-13 10:25:53 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:23:47 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 ----a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:23:47 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
+ 2008-03-01 13:03:00 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 13:03:00 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 13:03:00 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 13:03:00 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 13:03:00 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 13:03:00 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 13:03:00 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 13:03:00 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 13:03:00 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 13:03:01 6,067,712 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 13:03:01 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 13:03:01 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 13:03:01 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 13:03:01 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 13:03:01 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 13:03:01 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 13:03:01 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 13:03:01 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 13:03:01 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 13:03:01 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 13:03:01 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 13:03:02 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 13:03:02 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 13:03:02 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 13:03:02 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2007-03-06 01:22:33 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:23:47 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\updspapi.dll
+ 2004-08-03 21:58:22 72,960 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqac.sys
+ 2004-08-03 23:56:44 138,240 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqad.dll
+ 2004-08-03 23:56:44 47,104 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqdscli.dll
+ 2004-08-03 23:56:44 16,896 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqise.dll
+ 2004-08-03 23:56:44 660,992 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqqm.dll
+ 2004-08-03 23:56:44 177,152 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqrt.dll
+ 2004-08-03 23:56:44 95,744 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqsec.dll
+ 2004-08-03 23:56:44 48,640 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqupgrd.dll
+ 2004-08-03 23:56:44 471,552 -c----w C:\WINDOWS\$NtUninstallKB937894$\mqutil.dll
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\$NtUninstallKB937894$\spuninst\updspapi.dll
+ 2006-05-10 12:51:40 1,287,680 -c----w C:\WINDOWS\$NtUninstallKB941568$\quartz.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w C:\WINDOWS\$NtUninstallKB941568$\spuninst\updspapi.dll
+ 2007-10-27 14:39:36 213,216 -c----w C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe
+ 2007-10-27 14:39:46 371,424 -c----w C:\WINDOWS\$NtUninstallKB941569$\spuninst\updspapi.dll
+ 2006-10-18 18:47:18 222,208 -c----w C:\WINDOWS\$NtUninstallKB941569$\wmasf.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w C:\WINDOWS\$NtUninstallKB941644$\spuninst\updspapi.dll
+ 2006-04-20 12:18:35 360,576 -c----w C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\updspapi.dll
+ 2007-07-18 12:42:22 60,416 -c----w C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe
+ 2007-05-17 11:28:05 549,376 -c----w C:\WINDOWS\$NtUninstallKB943055$\oleaut32.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w C:\WINDOWS\$NtUninstallKB943055$\spuninst\updspapi.dll
+ 2006-12-19 21:50:10 8,458,752 -c----w C:\WINDOWS\$NtUninstallKB943460$\shell32.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w C:\WINDOWS\$NtUninstallKB943460$\spuninst\updspapi.dll
+ 2007-06-19 07:24:36 350,720 -c----w C:\WINDOWS\$NtUninstallKB943460$\xpsp3res.dll
+ 2006-08-17 12:37:49 726,528 -c----w C:\WINDOWS\$NtUninstallKB943485$\lsasrv.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w C:\WINDOWS\$NtUninstallKB943485$\spuninst\updspapi.dll
+ 2005-10-12 16:14:12 163,644 -c----w C:\WINDOWS\$NtUninstallKB944653$\secdrv.sys
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w C:\WINDOWS\$NtUninstallKB944653$\spuninst\updspapi.dll
+ 2004-08-03 22:00:58 181,248 -c----w C:\WINDOWS\$NtUninstallKB946026$\mrxdav.sys
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w C:\WINDOWS\$NtUninstallKB946026$\spuninst\updspapi.dll
- 2007-10-02 16:53:48 135,168 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
+ 2008-04-10 14:46:02 135,168 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
- 2007-10-02 16:53:48 212,992 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
+ 2008-04-10 14:46:02 212,992 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
- 2007-10-02 16:53:45 15,360 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
+ 2008-04-10 14:45:59 15,360 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
- 2007-10-02 16:53:45 143,360 ----a-w C:\WINDOWS\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
+ 2008-04-10 14:45:59 143,360 ----a-w C:\WINDOWS\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
- 2007-10-02 16:53:48 225,280 ----a-w C:\WINDOWS\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
+ 2008-04-10 14:46:02 225,280 ----a-w C:\WINDOWS\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
- 2007-10-02 16:53:48 360,448 ----a-w C:\WINDOWS\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
+ 2008-04-10 14:46:02 360,448 ----a-w C:\WINDOWS\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
- 2007-10-02 16:53:48 49,152 ----a-w C:\WINDOWS\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
+ 2008-04-10 14:46:02 49,152 ----a-w C:\WINDOWS\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
- 2007-10-02 16:53:45 13,312 ----a-w C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
+ 2008-04-10 14:45:59 13,312 ----a-w C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
- 2007-10-02 17:23:12 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-03-05 07:25:28 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2007-10-02 17:23:12 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-03-05 07:25:28 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2007-10-02 17:23:12 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-03-05 07:25:28 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2007-10-02 17:23:08 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-05 07:25:21 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-02 17:23:09 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-05 07:25:22 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-02 17:23:09 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-05 07:25:23 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-02 17:23:09 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-05 07:25:24 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-02 17:23:10 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-05 07:25:24 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-02 17:23:10 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-05 07:25:25 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-02 17:23:11 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-05 07:25:25 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-02 17:23:11 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-05 07:25:25 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-02 17:23:11 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-05 07:25:26 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-02 17:23:13 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-03-05 07:25:28 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-10-02 17:23:13 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-03-05 07:25:29 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2007-10-02 17:23:13 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-03-05 07:25:29 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2007-10-02 17:23:13 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-03-05 07:25:29 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2007-10-02 17:23:13 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-03-05 07:25:30 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2007-10-02 17:23:12 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-03-05 07:25:27 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2007-07-12 15:45:49 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-04-11 20:18:20 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2007-07-12 15:45:54 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-04-11 20:18:24 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2007-07-12 15:45:54 4,308,992 -c--a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-04-11 20:18:13 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-07-12 15:45:54 482,304 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-04-11 20:18:25 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-07-12 15:45:52 2,902,016 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-04-11 20:18:17 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2007-07-12 15:45:47 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-04-11 20:18:26 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-07-12 15:45:47 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-04-11 20:18:26 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2007-07-12 15:45:57 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-04-11 20:18:24 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-07-12 15:45:50 5,156,864 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-04-11 20:18:16 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-07-12 15:45:49 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-04-11 20:18:19 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-10-02 16:53:45 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL
+ 2008-04-10 14:46:00 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL
+ 2008-04-10 14:46:02 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL
+ 2008-04-10 14:46:00 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.DLL
+ 2008-04-10 14:46:02 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL
+ 2008-04-10 14:46:02 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL
+ 2008-04-10 14:46:02 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL
+ 2008-04-10 14:46:02 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL
+ 2008-04-10 14:46:02 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.2939.23736__90ba9c70f846762e\AEM.Plugin.REG.Shared.DLL
+ 2008-04-10 14:46:02 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.EEU.Shared\2.0.2939.23769__90ba9c70f846762e\AEM.Plugin.Source.EEU.Shared.DLL
+ 2008-04-10 14:46:02 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.GD.Shared\2.0.2939.23769__90ba9c70f846762e\AEM.Plugin.Source.GD.Shared.DLL
+ 2008-04-10 14:45:59 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2977.39353__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL
+ 2008-04-10 14:46:00 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.DLL
+ 2008-04-10 14:45:57 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2977.39055__90ba9c70f846762e\AEM.Server.DLL
+ 2008-04-10 14:46:00 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.UI.Shared\2.0.2939.23760__90ba9c70f846762e\AEM.UI.Shared.DLL
+ 2008-04-10 14:45:57 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.UI\2.0.2977.39323__90ba9c70f846762e\AEM.UI.DLL
+ 2008-04-10 14:46:00 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.DLL
+ 2008-04-10 14:45:57 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2977.39055__90ba9c70f846762e\APM.Server.DLL
- 2007-07-12 15:45:46 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-04-11 20:18:16 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2007-10-02 16:53:44 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
+ 2008-04-10 14:45:57 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
+ 2008-04-10 14:45:57 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2977.39057__90ba9c70f846762e\ATIDEMOS.DLL
- 2007-10-02 16:53:48 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
+ 2008-04-10 14:46:02 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
- 2007-10-02 16:53:48 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1.0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL
+ 2008-04-10 14:46:02 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1.0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL
+ 2008-04-10 14:45:57 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2977.39323__90ba9c70f846762e\CCC.Implementation.DLL
- 2007-10-02 16:53:47 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE
+ 2008-04-10 14:46:02 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE
+ 2008-04-10 14:46:03 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Dashboard\2.0.2977.39353__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:03 12,288 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Runtime\2.0.2977.39352__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Shared\2.0.2939.23770__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Shared.DLL
+ 2008-04-10 14:46:00 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL
+ 2008-04-10 14:45:57 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.DLL
+ 2008-04-10 14:46:02 98,304 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard\2.0.2977.39197__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:03 479,232 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2977.39219__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:03 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2977.39226__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL
+ 2008-04-10 14:46:03 663,552 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2977.39265__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:07 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2977.39263__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL
+ 2008-04-10 14:46:07 688,128 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2977.39285__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.DLL
+ 2008-04-10 14:46:03 442,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2977.39211__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:03 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2977.39218__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL
+ 2008-04-10 14:46:03 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2977.39256__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:03 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2977.39255__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL
+ 2008-04-10 14:46:03 307,200 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2977.39138__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL
+ 2008-04-10 14:46:03 282,624 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared\2.0.2977.39204__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.DLL
+ 2008-04-10 14:46:07 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2977.39217__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL
+ 2008-04-10 14:46:03 901,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2977.39302__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:07 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2977.39300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL
+ 2008-04-10 14:46:07 364,544 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2977.39309__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.DLL
+ 2008-04-10 14:46:04 585,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2977.39131__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:03 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2977.39137__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL
+ 2008-04-10 14:46:04 438,272 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2977.39085__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:07 1,679,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2977.39104__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL
+ 2008-04-10 14:46:04 118,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2977.39244__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:04 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2977.39243__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL
+ 2008-04-10 14:46:07 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2977.39084__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL
+ 2008-04-10 14:46:04 217,088 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2977.39124__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:08 196,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2977.39118__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL
+ 2008-04-10 14:46:04 249,856 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Dashboard\2.0.2977.39152__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:04 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime\2.0.2977.39158__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared\2.0.2939.23737__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared.DLL
+ 2008-04-10 14:46:04 802,816 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2977.39227__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:04 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2977.39226__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL
+ 2008-04-10 14:46:04 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2977.39292__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL
+ 2008-04-10 14:46:04 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Dashboard\2.0.2977.39229__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:04 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Runtime\2.0.2977.39228__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Shared.DLL
+ 2008-04-10 14:46:05 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Dashboard\2.0.2977.39237__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:05 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Runtime\2.0.2977.39236__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Shared.DLL
+ 2008-04-10 14:46:05 208,896 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Dashboard\2.0.2977.39326__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:05 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Runtime\2.0.2977.39324__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Shared.DLL
+ 2008-04-10 14:46:05 147,456 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Dashboard\2.0.2977.39367__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:05 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Runtime\2.0.2977.39365__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Shared\2.0.2939.23715__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Shared.DLL
+ 2008-04-10 14:46:05 479,232 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Dashboard\2.0.2977.39159__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:05 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Runtime\2.0.2977.39158__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Shared\2.0.2939.23737__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Shared.DLL
+ 2008-04-10 14:46:05 1,032,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.2977.39179__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:05 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.2977.39172__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.DLL
+ 2008-04-10 14:46:05 442,368 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.2977.39361__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:05 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.2977.39361__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.DLL
+ 2008-04-10 14:46:00 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.2939.23747__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.DLL
+ 2008-04-10 14:46:06 167,936 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Dashboard\2.0.2977.39262__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:06 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Runtime\2.0.2977.39263__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Runtime.DLL
+ 2008-04-10 14:46:01 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Shared.DLL
+ 2008-04-10 14:46:06 139,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.2977.39347__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:06 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.2977.39347__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.DLL
+ 2008-04-10 14:46:01 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.2939.23766__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.DLL
+ 2008-04-10 14:46:06 147,456 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2977.39332__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:06 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2977.39331__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL
+ 2008-04-10 14:46:01 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL
+ 2008-04-10 14:46:06 118,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.2977.39359__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:06 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.2977.39360__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.DLL
+ 2008-04-10 14:46:01 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.2939.23762__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.DLL
+ 2008-04-10 14:46:06 352,256 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2977.39271__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:06 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2977.39270__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL
+ 2008-04-10 14:46:01 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL
+ 2008-04-10 14:46:06 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2977.39277__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL
+ 2008-04-10 14:46:06 282,624 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Dashboard\2.0.2977.39145__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:06 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Runtime\2.0.2977.39151__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Runtime.DLL
+ 2008-04-10 14:46:01 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Shared\2.0.2939.23736__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Shared.DLL
+ 2008-04-10 14:46:01 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL
+ 2008-04-10 14:46:07 483,328 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2977.39334__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL
+ 2008-04-10 14:46:06 167,936 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard\2.0.2977.39250__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:06 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime\2.0.2977.39249__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime.DLL
+ 2008-04-10 14:46:01 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Shared.DLL
+ 2008-04-10 14:46:07 102,400 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2977.39111__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:07 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2977.39110__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.DLL
+ 2008-04-10 14:46:01 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.DLL
+ 2008-04-10 14:46:07 135,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2977.39340__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:07 98,304 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard\2.0.2977.39367__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard.DLL
+ 2008-04-10 14:46:07 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Runtime\2.0.2977.39367__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Runtime.DLL
+ 2008-04-10 14:46:01 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Shared\2.0.2939.23760__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Shared.DLL
+ 2008-04-10 14:46:01 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL
+ 2008-04-10 14:46:07 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2977.39076__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL
+ 2008-04-10 14:45:57 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL
+ 2008-04-10 14:46:08 253,952 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2977.39064__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL
+ 2008-04-10 14:46:01 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL
+ 2008-04-10 14:46:01 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL
+ 2008-04-10 14:46:08 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2977.39097__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL
+ 2008-04-10 14:45:57 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.AutoRemoval\2.0.2977.39300__90ba9c70f846762e\CLI.Component.Autoremoval.DLL
+ 2008-04-10 14:45:58 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL
+ 2008-04-10 14:46:01 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.DLL
+ 2008-04-10 14:45:58 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager.Resources\2.0.2977.39190__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.Resources.DLL
+ 2008-04-10 14:45:58 204,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager\2.0.2977.39185__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.DLL
+ 2008-04-10 14:45:58 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager.Resources\2.0.2977.39197__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.Resources.DLL
+ 2008-04-10 14:45:58 208,896 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager\2.0.2977.39191__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.DLL
+ 2008-04-10 14:45:58 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL
+ 2008-04-10 14:46:01 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL
+ 2008-04-10 14:45:58 1,507,328 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2977.39071__90ba9c70f846762e\CLI.Component.Dashboard.DLL
+ 2008-04-10 14:45:58 602,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Eeu\2.0.2977.39294__90ba9c70f846762e\CLI.Component.Eeu.DLL
+ 2008-04-10 14:45:58 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Erecord\2.0.2977.39166__90ba9c70f846762e\CLI.Component.Erecord.DLL
+ 2008-04-10 14:45:58 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Help\2.0.2977.39321__90ba9c70f846762e\CLI.Component.Help.DLL
+ 2008-04-10 14:45:58 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Icomponent\2.0.2977.39117__90ba9c70f846762e\CLI.Component.Icomponent.DLL
+ 2008-04-10 14:45:58 458,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Launchpad\2.0.2977.39360__90ba9c70f846762e\CLI.Component.Launchpad.DLL
+ 2008-04-10 14:45:58 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Load\2.0.2977.39322__90ba9c70f846762e\CLI.Component.Load.DLL
+ 2008-04-10 14:46:07 98,304 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.PowerXpressHybrid\2.0.2977.39372__90ba9c70f846762e\CLI.Component.PowerXpressHybrid.DLL
+ 2008-04-10 14:45:59 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2977.39056__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL
+ 2008-04-10 14:45:58 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL
+ 2008-04-10 14:46:01 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL
+ 2008-04-10 14:45:58 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2977.39056__90ba9c70f846762e\CLI.Component.Runtime.DLL
+ 2008-04-10 14:45:58 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.2977.39058__90ba9c70f846762e\CLI.Component.SkinFactory.DLL
+ 2008-04-10 14:45:58 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2977.39315__90ba9c70f846762e\CLI.Component.Systemtray.DLL
+ 2008-04-10 14:45:59 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL
+ 2008-04-10 14:46:01 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL
+ 2008-04-10 14:45:59 491,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2977.39091__90ba9c70f846762e\CLI.Component.Wizard.DLL
+ 2008-04-10 14:45:59 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.DLL
+ 2008-04-10 14:46:01 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.DLL
+ 2008-04-10 14:46:01 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.DLL
+ 2008-04-10 14:45:59 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Implementation\2.0.2977.39054__90ba9c70f846762e\CLI.Implementation.DLL
- 2007-10-02 16:53:48 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE
+ 2008-04-10 14:46:02 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE
- 2007-07-12 15:45:47 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-04-11 20:18:20 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2007-10-02 16:53:47 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
+ 2008-04-10 14:46:01 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
- 2007-10-02 16:53:47 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
+ 2008-04-10 14:46:01 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
- 2007-10-02 16:53:47 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.DLL
+ 2008-04-10 14:46:01 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.DLL
- 2007-10-02 16:53:47 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.DLL
+ 2008-04-10 14:46:01 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.DLL
- 2007-10-02 16:53:47 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
+ 2008-04-10 14:46:01 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
+ 2008-04-10 14:46:01 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.DLL
+ 2008-04-10 14:46:01 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.DLL
+ 2008-04-10 14:46:01 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.DLL
- 2007-07-12 15:45:53 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-04-11 20:18:22 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-07-12 15:45:53 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-04-11 20:18:22 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-07-12 15:45:53 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-04-11 20:18:23 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2007-10-02 16:53:48 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__90ba9c70f846762e\Interop.SHDocVw.DLL
+ 2008-04-10 14:46:02 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__90ba9c70f846762e\Interop.SHDocVw.DLL
+ 2008-04-10 14:46:00 11,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2977.39364__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.DLL
+ 2008-04-10 14:45:59 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.DLL
+ 2008-04-10 14:45:59 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL
+ 2008-04-10 14:45:59 61,440 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2977.39322__90ba9c70f846762e\LOG.Foundation.Implementation.DLL
+ 2008-04-10 14:45:59 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.DLL
+ 2008-04-10 14:46:02 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.DLL
+ 2008-04-10 14:45:59 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.2977.39323__90ba9c70f846762e\LOG.EXE
- 2007-07-12 15:45:48 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-04-11 20:18:27 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2007-07-12 15:45:48 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-04-11 20:18:27 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-07-12 15:45:48 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-04-11 20:18:27 655,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-07-12 15:45:48 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-04-11 20:18:28 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-07-12 15:45:48 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-04-11 20:18:23 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-07-12 15:45:58 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-04-11 20:18:22 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-07-12 15:45:58 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-04-11 20:18:21 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-07-12 15:45:45 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-04-11 20:18:25 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2007-07-12 15:45:57 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-04-11 20:18:21 671,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-07-12 15:45:58 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-04-11 20:18:14 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-07-12 15:45:46 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-04-11 20:18:26 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-07-12 15:45:46 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-04-11 20:18:21 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-07-12 15:45:46 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-04-11 20:18:21 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-04-10 14:46:02 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.DLL
+ 2008-04-10 14:45:59 102,400 ----a-w C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2977.39324__90ba9c70f846762e\MOM.Implementation.DLL
- 2007-10-02 16:53:47 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE
+ 2008-04-10 14:46:02 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE
+ 2008-04-10 14:46:02 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.DLL
+ 2008-04-10 14:45:59 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PCKGHLP.Foundation.Implementation\2.0.2977.39353__90ba9c70f846762e\PCKGHLP.Foundation.Implementation.DLL
+ 2008-04-10 14:45:59 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PCKGHLP.Foundation.Private\2.0.2939.23761__90ba9c70f846762e\PCKGHLP.Foundation.Private.DLL
- 2007-07-12 15:45:56 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-04-11 20:18:23 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-07-12 15:45:49 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-04-11 20:18:23 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-07-12 15:45:56 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-04-11 20:18:16 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-07-12 15:45:55 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-04-11 20:18:17 741,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-07-12 15:45:47 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-04-11 20:18:18 933,888 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-07-12 15:45:52 5,001,216 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-04-11 20:18:28 5,070,848 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-07-12 15:45:50 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-04-11 20:18:27 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-07-12 15:45:49 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-04-11 20:18:20 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-07-12 15:45:50 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-04-11 20:18:26 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-07-12 15:45:56 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-04-11 20:18:14 630,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-07-12 15:45:55 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-04-11 20:18:26 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-07-12 15:45:57 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-04-11 20:18:25 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-07-12 15:45:55 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-04-11 20:18:24 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-07-12 15:45:55 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-04-11 20:18:24 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-07-12 15:45:49 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-04-11 20:18:14 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-07-12 15:45:50 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-04-11 20:18:15 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-07-12 15:45:57 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-04-11 20:18:19 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-07-12 15:45:51 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-04-11 20:18:19 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-07-12 15:45:51 823,296 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-04-11 20:18:18 839,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-07-12 15:45:51 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-04-11 20:18:20 5,013,504 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-07-12 15:45:52 2,027,520 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-04-11 20:18:15 2,068,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2007-07-12 15:45:56 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-04-11 20:18:18 3,076,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-04-12 10:24:17 27,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll
+ 2008-04-12 10:24:19 884,736 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll
+ 2008-04-12 10:45:42 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll
+ 2008-04-12 10:24:19 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe
+ 2008-04-12 10:45:44 876,544 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll
+ 2008-04-12 10:45:45 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll
+ 2008-04-12 10:45:49 1,695,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll
+ 2008-04-12 10:45:50 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll
+ 2008-04-12 10:45:53 1,740,800 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll
+ 2008-04-12 02:18:55 11,722,752 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll
+ 2008-04-12 10:45:55 1,011,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll
+ 2008-04-12 02:19:15 7,049,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll
+ 2008-04-12 10:45:57 1,798,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll
+ 2008-04-12 02:19:25 10,969,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll
+ 2008-04-12 10:45:59 1,224,704 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll
+ 2008-04-12 10:46:01 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll
+ 2008-04-12 02:19:30 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll
+ 2008-04-12 02:19:28 1,667,072 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll
+ 2008-04-12 10:46:02 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll
+ 2008-04-12 10:46:02 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll
+ 2008-04-12 10:46:04 733,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll
+ 2008-04-12 10:46:05 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll
+ 2008-04-12 10:46:06 679,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll
+ 2008-04-12 10:46:26 2,342,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll
+ 2008-04-12 10:46:27 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll
+ 2008-04-12 10:46:30 1,986,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll
+ 2008-04-12 10:46:22 12,509,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll
+ 2008-04-12 02:19:42 13,193,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll
+ 2008-04-12 02:19:50 5,771,264 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll
+ 2008-04-12 02:19:04 8,265,728 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll
+ 2008-04-20 21:42:05 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2005-10-20 17:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2000-08-31 05:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 05:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
- 2006-08-24 04:57:00 239,176 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-08-13 16:54:42 32,960 -c--a-w C:\WINDOWS\ie7\spuninst\iecustom.dll
- 2006-08-22 21:28:46 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2007-08-13 16:52:06 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
- 2006-08-10 16:46:06 213,216 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 15:43:16 213,216 -c--a-w C:\WINDOWS\ie7\spuninst\spuninst.exe
- 2006-08-10 16:46:08 371,424 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2006-09-06 15:43:18 371,424 -c--a-w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-13 16:54:10 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\vgx.dll
+ 2007-08-13 16:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-13 16:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-13 16:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-13 16:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-13 16:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-13 16:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-13 16:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-13 15:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-02-12 14:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dat
+ 2007-07-11 10:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-13 16:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-13 16:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-13 16:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-13 16:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-13 16:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-13 16:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-13 16:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-13 16:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-13 16:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-13 16:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-13 16:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-13 16:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-13 16:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-13 16:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-06-30 20:22:56 371,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-13 16:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-13 16:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-13 16:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-13 16:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
+ 2007-10-10 23:55:51 124,928 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2007-08-13 16:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-10-10 23:55:51 214,528 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-10-10 23:55:51 132,608 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-10-10 23:55:51 63,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-10-10 10:59:40 70,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-10-10 23:55:51 153,088 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-10-10 23:55:51 230,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-10-10 23:55:52 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-10-10 23:55:52 384,512 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-10-10 23:55:54 6,065,664 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-10-10 23:55:55 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-10-10 23:55:55 267,776 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-10-10 10:59:52 625,152 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-10-10 23:55:56 27,648 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-10-10 23:55:56 459,264 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-10-10 23:55:56 52,224 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-10-31 03:12:30 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-10-10 23:55:58 478,208 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-10-10 23:55:58 193,024 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-10-10 23:55:59 671,232 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-10-10 23:55:59 102,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2007-08-13 16:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-10-10 23:55:59 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-10-10 23:56:00 1,159,680 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-10-10 23:56:00 232,960 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-10-10 23:56:00 824,832 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2007-12-07 02:21:45 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-19 23:01:06 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:21:45 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:21:45 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:21:45 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-06 11:00:57 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:21:45 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:21:45 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-12-07 02:21:45 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:21:45 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:21:46 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:21:46 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:21:46 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:01:25 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-07 02:21:47 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:21:47 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:21:47 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-08 08:51:48 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-07 02:21:47 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:21:48 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:21:48 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:21:48 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:53:32 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:21:48 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:21:48 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:21:48 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:21:48 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
+ 2004-05-25 02:45:09 2,482,176 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.7969\VBE6.DLL
+ 2008-04-10 14:45:49 10,134 ----a-r C:\WINDOWS\Installer\{035E858B-2E6E-7AC7-16A9-41506F698D1E}\ARPPRODUCTICON.exe
+ 2008-04-10 14:45:53 10,134 ----a-r C:\WINDOWS\Installer\{2F06D374-97CE-D8FB-9383-73150A2382DF}\ARPPRODUCTICON.exe
+ 2008-04-10 14:45:49 10,134 ----a-r C:\WINDOWS\Installer\{2F93BFDD-EECE-924B-54ED-B0896F03D758}\ARPPRODUCTICON.exe
+ 2008-04-10 14:45:45 10,134 ----a-r C:\WINDOWS\Installer\{4FA944D6-623E-EBBD-47D7-CE02A28C0796}\ARPPRODUCTICON.exe
- 2007-09-25 23:09:38 40,960 ----a-r C:\WINDOWS\Installer\{50E125D1-88E5-48CE-80AE-98EC9698E639}\DTIcon.ECFEE69D_DA66_4F00_ABE5_54E931059C01.exe
+ 2007-11-17 01:54:03 40,960 ----a-r C:\WINDOWS\Installer\{50E125D1-88E5-48CE-80AE-98EC9698E639}\DTIcon.ECFEE69D_DA66_4F00_ABE5_54E931059C01.exe
+ 2008-04-10 14:45:48 10,134 ----a-r C:\WINDOWS\Installer\{77654E99-F083-ED32-B326-118741828039}\ARPPRODUCTICON.exe
+ 2008-04-10 14:45:39 10,134 ----a-r C:\WINDOWS\Installer\{87CA98F3-0A13-77FE-A9F0-2AB1F28D741A}\ARPPRODUCTICON.exe
+ 2008-04-10 14:45:51 10,134 ----a-r C:\WINDOWS\Installer\{8C8BC74F-E17F-4D59-D098-2F90BB9AE9E0}\ARPPRODUCTICON.exe
- 2007-10-11 01:00:57 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-04-09 16:32:11 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2007-10-11 01:00:57 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-04-09 16:32:11 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2007-10-11 01:00:57 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-04-09 16:32:11 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2007-10-11 01:00:57 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-04-09 16:32:11 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-10-11 01:00:57 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-04-09 16:32:11 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-10-11 01:00:57 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-04-09 16:32:11 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-10-11 01:00:57 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-04-09 16:32:11 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2007-10-11 01:00:57 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-04-09 16:32:11 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-10-11 01:00:57 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-04-09 16:32:11 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2007-10-11 01:00:57 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-04-09 16:32:11 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-10-11 01:00:57 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-04-09 16:32:11 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2007-10-11 01:00:57 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-04-09 16:32:11 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-10-11 01:00:57 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-04-09 16:32:11 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-04-10 14:45:43 10,134 ----a-r C:\WINDOWS\Installer\{9B5337F7-0444-5607-A397-909EFEFA7CFF}\ARPPRODUCTICON.exe
+ 2008-03-08 09:16:49 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
+ 2008-04-10 14:45:55 10,134 ----a-r C:\WINDOWS\Installer\{B6A51892-D4A5-616B-4489-44B790179455}\ARPPRODUCTICON.exe
+ 2008-04-10 14:45:57 10,134 ----a-r C:\WINDOWS\Installer\{CB20D3BC-6C7C-A9CA-D679-914240CDA0D3}\ARPPRODUCTICON.exe
+ 2008-04-10 14:45:57 9,158 ----a-r C:\WINDOWS\Installer\{CB20D3BC-6C7C-A9CA-D679-914240CDA0D3}\NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe
+ 2007-11-29 06:34:06 3,262 ----a-r C:\WINDOWS\Installer\{CC419DDC-E0F0-4013-B25A-6FA036516F0D}\nfs_icon.exe
+ 2007-12-28 14:35:59 1,038,336 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC.exe
+ 2007-12-28 14:35:59 178,688 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC1.exe
+ 2007-12-28 14:35:59 171,008 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B.exe
+ 2007-12-28 14:35:59 8,704 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B1.exe
- 2005-09-23 05:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2007-10-23 22:47:38 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
- 2005-09-23 05:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2007-10-23 22:47:38 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
- 2005-09-23 05:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2007-10-23 22:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2005-09-23 05:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2007-10-23 22:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2005-09-23 05:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
+ 2007-10-23 22:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
- 2005-09-23 05:28:52 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2007-10-23 22:47:38 97,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
- 2005-09-23 05:28:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2007-10-23 22:47:26 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2005-09-23 05:28:42 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2007-10-23 22:47:30 145,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2005-09-23 05:28:44 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2007-10-23 22:47:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2005-09-23 05:29:04 183,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2007-10-23 22:47:48 193,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2005-09-23 05:28:28 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2007-10-23 22:47:20 218,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2005-09-23 05:28:56 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2007-10-23 22:47:40 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2005-09-23 05:28:58 138,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2007-10-23 22:47:42 147,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2005-09-23 05:28:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2007-10-23 22:47:26 99,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2007-04-13 00:21:18 58,712 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-10-23 22:47:42 59,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 05:28:32 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2007-10-23 22:47:22 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2007-04-13 00:20:52 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-10-23 22:47:22 22,024 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-04-13 00:20:52 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-10-23 22:47:22 17,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2007-04-13 00:20:52 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-10-23 22:47:22 33,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2007-04-13 00:20:50 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-10-23 22:47:22 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 05:28:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2007-10-23 22:47:22 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-04-13 00:20:52 32,608 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-10-23 22:47:22 32,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 05:28:32 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2007-10-23 22:47:22 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-04-13 00:20:52 33,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-10-23 22:47:22 33,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2007-04-13 00:20:52 32,600 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-10-23 22:47:22 33,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2007-04-13 00:20:52 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-10-23 22:47:22 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 05:28:56 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2007-10-23 22:47:40 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-04-13 00:21:16 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-10-23 22:47:40 101,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 05:28:42 76,984 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2007-10-23 22:47:30 80,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
- 2005-09-23 05:28:42 1,144,832 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2007-10-23 22:47:30 1,162,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
- 2005-09-23 05:28:42 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2007-10-23 22:47:30 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2005-09-23 05:28:58 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2007-10-23 22:47:42 27,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2005-09-23 05:28:56 68,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2007-10-23 22:47:40 69,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2005-09-23 05:28:44 31,936 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2007-10-23 22:47:30 35,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2005-09-23 05:28:38 52,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2007-10-23 22:47:28 66,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
- 2007-04-13 00:20:58 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-10-23 22:47:28 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2005-09-23 05:29:12 547,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2007-10-23 22:47:54 572,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2005-09-23 05:28:56 788,992 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2007-10-23 22:47:40 798,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2005-09-23 05:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2007-10-23 22:47:36 18,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
- 2007-04-13 00:21:16 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-10-23 22:47:40 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 05:28:56 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2007-10-23 22:47:40 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2005-09-23 05:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2007-10-23 22:47:40 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2005-09-23 05:28:56 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2007-10-23 22:47:40 6,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-04-13 00:21:16 228,688 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-10-23 22:47:40 230,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2007-04-13 00:21:16 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-10-23 22:47:40 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 05:28:56 55,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2007-10-23 22:47:40 65,032 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2005-09-23 05:28:56 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2007-10-23 22:47:40 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2005-09-23 05:28:48 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2007-10-23 22:47:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-04-13 00:21:10 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-10-23 22:47:36 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 05:28:48 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2007-10-23 22:47:36 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-04-13 00:21:10 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-10-23 22:47:36 655,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 05:28:48 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2007-10-23 22:47:36 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-04-13 00:21:08 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-10-23 22:47:34 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 05:29:10 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2007-10-23 22:47:52 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 05:29:10 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2007-10-23 22:47:52 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2005-09-23 05:29:08 667,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2007-10-23 22:47:50 671,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2005-09-23 05:28:30 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2007-10-23 22:47:20 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2005-09-23 05:29:10 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2007-10-23 22:47:52 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2005-09-23 05:28:30 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2007-10-23 22:47:20 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 05:28:30 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2007-10-23 22:47:20 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2005-09-23 05:28:30 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2007-10-23 22:47:20 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-04-13 00:20:52 87,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-10-23 22:47:22 97,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 05:28:48 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2007-10-23 22:47:36 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-04-13 00:21:18 802,304 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-10-23 22:47:40 822,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 05:28:56 73,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2007-10-23 22:47:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2005-09-23 05:28:56 288,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2007-10-23 22:47:40 308,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2007-04-13 00:21:16 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-10-23 22:47:40 47,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-04-13 00:21:16 326,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-10-23 22:47:40 348,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 05:28:56 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2007-10-23 22:47:40 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
- 2007-04-13 00:21:16 4,308,992 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-10-23 22:47:40 4,444,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2007-04-13 00:21:16 102,912 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-10-23 22:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 05:29:00 330,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2007-10-23 22:47:44 340,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
- 2005-09-23 05:28:56 67,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2007-10-23 22:47:40 77,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2005-09-23 05:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2007-10-23 22:47:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-04-13 00:21:18 227,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-10-23 22:47:40 242,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2007-04-13 00:21:18 68,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-10-23 22:47:40 70,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 05:28:56 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2007-10-23 22:47:40 19,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
- 2007-04-13 00:21:12 5,634,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-10-23 22:47:36 5,814,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 05:29:00 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2007-10-23 22:47:44 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-04-13 00:21:16 99,152 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-10-23 22:47:40 101,880 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2007-04-13 00:21:18 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-10-23 22:47:40 24,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 05:28:56 78,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2007-10-23 22:47:40 89,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-04-13 00:21:12 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-10-23 22:47:36 144,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 05:28:56 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2007-10-23 22:47:40 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2005-09-23 05:28:56 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2007-10-23 22:47:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2005-09-23 05:29:02 59,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2007-10-23 22:47:46 61,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2005-09-23 05:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2007-10-23 22:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2005-09-23 05:28:56 107,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2007-10-23 22:47:40 119,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
- 2005-09-23 05:29:00 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2007-10-23 22:47:44 95,232 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2007-04-13 00:21:18 382,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-10-23 22:47:40 392,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2007-04-13 00:21:18 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-10-23 22:47:40 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2007-04-13 00:21:18 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-10-23 22:47:42 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 05:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2007-10-23 22:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-04-13 00:21:16 2,902,016 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-10-23 22:47:40 3,036,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2007-04-13 00:21:18 482,304 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-10-23 22:47:40 483,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2007-04-13 00:21:18 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-10-23 22:47:40 741,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2007-04-13 00:20:58 888,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-10-23 22:47:28 933,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2007-04-13 00:21:16 5,001,216 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-10-23 22:47:40 5,070,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 05:28:56 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2007-10-23 22:47:40 401,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
- 2007-04-13 00:21:18 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-10-23 22:47:40 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-04-13 00:21:16 2,940,928 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-10-23 22:47:40 3,076,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 05:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2007-10-23 22:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-04-13 00:21:16 577,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-10-23 22:47:40 630,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2007-04-13 00:21:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-10-23 22:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2007-04-13 00:21:18 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-10-23 22:47:40 57,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-04-13 00:21:18 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-10-23 22:47:40 113,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-04-13 00:21:16 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-10-23 22:47:40 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 05:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2007-10-23 22:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-04-13 00:21:16 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-10-23 22:47:40 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 05:28:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2007-10-23 22:47:40 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2005-09-23 05:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2007-10-23 22:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 05:28:56 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2007-10-23 22:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-04-13 00:21:18 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-10-23 22:47:40 261,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2007-04-13 00:21:16 5,156,864 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-10-23 22:47:40 5,431,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 05:28:56 835,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2007-10-23 22:47:40 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2005-09-23 05:28:56 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2007-10-23 22:47:40 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
- 2005-09-23 05:28:56 823,296 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2007-10-23 22:47:40 839,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2007-04-13 00:21:16 5,152,768 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-10-23 22:47:40 5,013,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2007-04-13 00:21:16 2,027,520 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-10-23 22:47:40 2,068,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2005-09-23 05:28:56 71,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2007-10-23 22:47:40 81,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
- 2007-04-13 00:21:28 1,166,672 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-10-23 22:47:48 1,172,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2007-04-13 00:20:50 1,330,688 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-10-23 22:47:20 1,344,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2007-04-13 00:20:52 406,016 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-10-23 22:47:22 434,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2005-09-23 05:28:56 28,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2007-10-23 22:47:40 37,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2006-07-06 08:49:52 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
+ 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2007-06-16 22:11:58 51,200 ----a-w C:\WINDOWS\NirCmd.exe
+ 2000-08-31 05:00:00 28,160 ----a-w C:\WINDOWS\NirCmd.exe
+ 2000-08-31 05:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
+ 1997-01-16 02:00:00 71,680 ----a-w C:\WINDOWS\ST5UNST.EXE
+ 2000-08-31 05:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 05:00:00 136,704 ----a-w C:\WINDOWS\swsc.exe
+ 2000-08-31 05:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe
+ 2001-08-23 12:00:00 2,000 -c--a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2001-08-23 12:00:00 73,376 -c--a-w C:\WINDOWS\system\MCIAVI.DRV
+ 2001-08-23 12:00:00 25,264 -c--a-w C:\WINDOWS\system\MCISEQ.DRV
+ 2001-08-23 12:00:00 28,160 ----a-w C:\WINDOWS\system\MCIWAVE.DRV
+ 2001-08-23 12:00:00 2,032 -c--a-w C:\WINDOWS\system\MOUSE.DRV
+ 2001-08-23 12:00:00 1,744 -c--a-w C:\WINDOWS\system\SOUND.DRV
+ 2001-08-23 12:00:00 3,360 -c--a-w C:\WINDOWS\system\SYSTEM.DRV
+ 2001-08-23 12:00:00 4,048 ----a-w C:\WINDOWS\system\TIMER.DRV
+ 2001-08-23 12:00:00 2,176 -c--a-w C:\WINDOWS\system\VGA.DRV
+ 2001-08-23 12:00:00 13,600 ----a-w C:\WINDOWS\system\WFWNET.DRV
+ 2004-08-03 23:56:58 146,432 ----a-w C:\WINDOWS\system\WINSPOOL.DRV
- 2006-08-22 21:13:42 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 16:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2008-03-19 16:23:20 114,688 ----a-w C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
+ 2008-03-19 16:36:22 202,168 ----a-w C:\WINDOWS\system32\Adobe\Director\SwDir.dll
+ 2008-03-19 16:24:02 487,424 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Control.dll
+ 2008-03-19 15:46:26 1,798,144 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\dirapi.dll
+ 2008-03-19 16:24:04 9,216 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2008-03-19 15:36:14 754,688 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gi.dll
+ 2008-03-19 15:36:16 1,145,896 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gt.exe
+ 2008-03-19 15:36:14 52,288 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\gtapi.dll
+ 2008-03-19 15:42:42 892,928 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\iml32.dll
+ 2008-03-19 16:22:34 249,856 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Plugin.dll
+ 2008-03-19 16:25:36 442,368 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\Proj.dll
+ 2008-03-19 16:36:06 439,736 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1100429.exe
+ 2008-03-19 16:26:20 110,592 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
+ 2008-03-19 16:22:22 94,208 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2008-03-19 15:36:14 50,808 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 1999-06-25 07:55:30 149,504 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\UNWISE.EXE
- 2006-08-22 21:13:20 122,880 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-03-01 13:06:20 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2006-09-08 07:01:50 45,056 ----a-r C:\WINDOWS\system32\AgCPanelFrench.dll
+ 2007-02-20 12:59:06 53,248 ----a-w C:\WINDOWS\system32\AgCPanelFrench.dll
- 2006-09-08 07:01:50 45,056 ----a-r C:\WINDOWS\system32\AgCPanelGerman.dll
+ 2007-02-20 12:59:06 53,248 ----a-w C:\WINDOWS\system32\AgCPanelGerman.dll
- 2006-09-26 12:01:40 45,056 ----a-r C:\WINDOWS\system32\AgCPanelJapanese.dll
+ 2007-02-20 12:59:08 53,248 ----a-w C:\WINDOWS\system32\AgCPanelJapanese.dll
- 2006-09-08 07:01:50 45,056 ----a-r C:\WINDOWS\system32\AgCPanelKorean.dll
+ 2007-02-20 12:59:06 53,248 ----a-w C:\WINDOWS\system32\AgCPanelKorean.dll
- 2006-09-08 07:01:50 45,056 ----a-r C:\WINDOWS\system32\AgCPanelPortugese.dll
+ 2007-02-20 12:59:06 53,248 ----a-w C:\WINDOWS\system32\AgCPanelPortugese.dll
- 2006-09-08 07:01:50 45,056 ----a-r C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll
+ 2007-02-20 12:59:06 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll
- 2006-09-08 07:01:50 45,056 ----a-r C:\WINDOWS\system32\AgCPanelSpanish.dll
+ 2007-02-20 12:59:04 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSpanish.dll
- 2006-09-08 07:01:50 45,056 ----a-r C:\WINDOWS\system32\AgCPanelSwedish.dll
+ 2007-02-20 12:59:06 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSwedish.dll
- 2006-09-08 07:01:50 45,056 ----a-r C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll
+ 2007-02-20 12:59:06 53,248 ----a-w C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll
- 2006-09-19 09:16:10 198,997 -c--a-r C:\WINDOWS\system32\AGEIA\app.bin
+ 2007-01-05 18:38:18 198,257 ----a-w C:\WINDOWS\system32\AGEIA\app.bin
- 2006-09-08 08:10:16 122,249 -c--a-r C:\WINDOWS\system32\AGEIA\diag.bin
+ 2007-01-05 18:38:18 122,249 ----a-w C:\WINDOWS\system32\AGEIA\diag.bin
+ 2008-03-29 18:45:49 1,146,232 ----a-w C:\WINDOWS\system32\aswBoot.exe
- 2007-08-14 21:11:53 156,671 ----a-w C:\WINDOWS\system32\atiicdxx.dat
+ 2008-02-14 17:35:13 166,450 ----a-w C:\WINDOWS\system32\atiicdxx.dat
- 2007-08-22 01:35:20 972,072 ----a-w C:\WINDOWS\system32\ativva6x.dat
+ 2008-02-26 02:41:28 887,724 ----a-w C:\WINDOWS\system32\ativva6x.dat
+ 2008-03-29 18:23:22 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
+ 2001-08-23 12:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
+ 2007-03-12 14:42:30 1,123,696 ----a-w C:\WINDOWS\system32\D3DCompiler_33.dll
+ 2007-05-16 14:45:16 1,124,720 ----a-w C:\WINDOWS\system32\D3DCompiler_34.dll
+ 2007-07-19 16:14:42 1,358,192 ----a-w C:\WINDOWS\system32\D3DCompiler_35.dll
+ 2007-10-12 13:14:00 1,374,232 ----a-w C:\WINDOWS\system32\D3DCompiler_36.dll
+ 2007-03-15 14:57:58 443,752 ----a-w C:\WINDOWS\system32\d3dx10_33.dll
+ 2007-05-16 14:45:16 443,752 ----a-w C:\WINDOWS\system32\d3dx10_34.dll
+ 2007-07-19 16:14:42 444,776 ----a-w C:\WINDOWS\system32\d3dx10_35.dll
+ 2007-10-02 07:56:34 444,776 ----a-w C:\WINDOWS\system32\d3dx10_36.dll
- 2006-09-28 13:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll
+ 2006-09-28 14:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll
- 2006-11-29 10:06:18 3,426,072 ----a-w C:\WINDOWS\system32\d3dx9_32.dll
+ 2006-11-29 11:06:18 3,426,072 ----a-w C:\WINDOWS\system32\d3dx9_32.dll
+ 2007-03-12 14:42:30 3,495,784 ----a-w C:\WINDOWS\system32\d3dx9_33.dll
+ 2007-05-16 14:45:16 3,497,832 ----a-w C:\WINDOWS\system32\d3dx9_34.dll
+ 2007-07-19 16:14:42 3,727,720 ----a-w C:\WINDOWS\system32\d3dx9_35.dll
+ 2007-10-12 13:14:00 3,734,536 ----a-w C:\WINDOWS\system32\d3dx9_36.dll
+ 2004-08-04 00:07:22 1,788 -c--a-w C:\WINDOWS\system32\Dcache.bin
- 2005-09-23 05:28:38 83,456 ----a-w C:\WINDOWS\system32\dfshim.dll
+ 2007-10-23 22:47:28 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll
- 2006-08-22 21:13:42 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2007-08-13 16:39:20 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
- 2006-08-22 21:13:20 122,880 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-03-01 13:06:20 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2007-08-22 02:07:39 2,417,664 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys
+ 2008-02-26 05:51:43 2,863,616 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys
- 2006-08-22 21:31:08 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2007-08-13 16:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
- 2006-06-26 17:45:19 147,456 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:19:35 147,968 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2004-08-03 23:56:44 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2008-02-20 18:49:36 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2004-08-03 21:07:58 2,944 -c--a-w C:\WINDOWS\system32\dllcache\drmkaud.sys
- 2006-08-22 21:10:44 346,624 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-03-01 13:06:21 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2006-08-22 21:10:08 213,504 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-03-01 13:06:21 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2006-08-22 21:31:08 130,560 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-03-01 13:06:21 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-06-19 13:37:21 282,112 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:52:43 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2004-08-03 22:56:44 21,504 -c--a-w C:\WINDOWS\system32\dllcache\hidserv.dll
- 2006-08-22 20:52:46 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2007-08-13 16:18:02 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2008-03-01 13:06:21 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2006-08-22 21:13:34 54,784 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-02-29 08:55:23 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2006-08-22 21:13:54 152,064 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-03-01 13:06:21 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2006-08-22 21:14:02 229,376 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-03-01 13:06:21 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2006-08-22 20:30:58 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-07-01 03:31:33 2,455,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dat
+ 2008-03-01 13:06:22 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2006-08-22 21:14:10 378,368 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-03-01 13:06:22 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2006-08-22 21:17:06 68,608 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 16:44:02 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2006-08-22 21:18:20 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2007-08-13 16:45:18 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2008-03-01 13:06:24 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2006-08-22 21:31:08 189,440 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-13 16:54:10 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2006-08-22 21:13:30 43,008 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-03-01 13:06:24 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-03-01 13:06:25 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2006-08-22 21:13:40 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2007-08-13 16:39:12 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2006-08-22 21:16:58 620,032 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-02-29 08:55:46 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2006-08-22 21:10:30 35,328 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2007-08-13 16:36:06 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
- 2006-08-22 21:13:34 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 16:39:02 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2006-08-22 21:12:56 487,424 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-08-13 16:38:04 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2006-08-22 21:31:08 26,624 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-03-01 13:06:25 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2004-08-03 20:58:36 14,848 -c--a-w C:\WINDOWS\system32\dllcache\kbdhid.sys
+ 2001-08-23 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\dllcache\keyboard.drv
- 2006-08-22 21:17:26 40,448 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2007-08-13 16:44:18 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
- 2006-08-17 12:37:49 726,528 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:50:47 727,040 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2001-08-23 12:00:00 2,560 -c--a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2001-08-23 12:00:00 73,376 -c--a-w C:\WINDOWS\system32\dllcache\mciavi.drv
+ 2001-08-23 12:00:00 25,264 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.drv
+ 2001-08-23 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.drv
+ 2001-08-23 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\dllcache\mouse.drv
- 2004-08-03 21:58:22 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:47 72,960 -c--a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2004-08-03 23:56:44 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:46:59 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-03 23:56:44 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:46:59 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-03 23:56:44 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:46:59 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2004-08-03 23:56:44 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:46:59 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-03 23:56:44 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:46:59 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2004-08-03 23:56:44 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:46:59 95,744 -c--a-w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-03 23:56:44 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:46:59 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-03 23:56:44 471,552 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-07-06 12:46:59 471,552 -c--a-w C:\WINDOWS\system32\dllcache\mqutil.dll
- 2004-08-03 22:00:58 181,248 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2008-03-01 13:06:26 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-03-01 13:06:26 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2006-08-22 21:07:44 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
+ 2007-08-13 16:32:30 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
- 2006-08-22 21:31:08 3,494,400 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-03-01 15:36:30 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2006-08-22 21:31:08 472,576 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-03-01 13:06:28 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2006-08-22 20:37:30 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
+ 2007-08-13 16:01:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2006-08-22 21:31:08 152,064 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 16:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
- 2006-08-22 21:17:30 192,000 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-03-01 13:06:28 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2006-08-22 21:31:08 670,720 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-03-01 13:06:29 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2001-08-23 12:00:00 2,944 -c--a-w C:\WINDOWS\system32\dllcache\null.sys
- 2006-08-22 21:17:14 100,352 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-03-01 13:06:29 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2007-05-17 11:28:05 549,376 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-12-04 18:38:13 550,912 -c--a-w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2006-08-22 21:10:40 44,032 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-03-01 13:06:29 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2006-05-10 12:51:40 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2007-10-29 22:35:13 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-12-19 21:50:10 8,458,752 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2001-08-23 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\dllcache\sound.drv
+ 2001-08-23 12:00:00 3,360 -c--a-w C:\WINDOWS\system32\dllcache\system.drv
+ 2001-08-23 12:00:00 4,048 -c--a-w C:\WINDOWS\system32\dllcache\timer.drv
- 2006-08-22 21:17:32 105,472 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-03-01 13:06:29 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2006-08-22 21:31:08 1,138,688 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-03-01 13:06:30 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2006-08-22 21:31:08 413,696 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-08-13 16:54:10 413,696 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2001-08-23 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\dllcache\vga.drv
- 2006-08-22 21:31:08 765,952 -c--a-w C:\WINDOWS\system32\dllcache\VGX.dll
+ 2007-07-12 23:31:54 765,952 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
- 2006-02-28 19:39:56 49,152 -c--a-w C:\WINDOWS\system32\dllcache\wdigest.dll
+ 2006-03-24 04:47:44 49,152 -c--a-w C:\WINDOWS\system32\dllcache\wdigest.dll
+ 2004-08-03 22:56:58 23,552 -c--a-w C:\WINDOWS\system32\dllcache\wdmaud.drv
- 2006-08-22 21:31:08 225,792 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-03-01 13:06:30 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2001-08-23 12:00:00 13,600 -c--a-w C:\WINDOWS\system32\dllcache\wfwnet.drv
- 2007-03-08 13:49:49 1,843,968 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-19 09:40:27 1,845,888 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2006-08-22 21:31:08 809,472 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-03-01 13:06:31 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2001-08-23 12:00:00 2,864 -c--a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2004-08-03 23:56:58 146,432 -c--a-w C:\WINDOWS\system32\dllcache\winspool.drv
+ 2001-08-23 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\dllcache\winspool.exe
- 2006-10-18 18:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\WMASF.dll
+ 2007-10-27 15:40:30 222,720 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2001-08-23 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
- 2006-06-26 17:45:19 147,456 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-02-20 05:19:35 147,968 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-03-29 18:26:52 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-03-29 18:35:49 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
+ 2008-01-17 15:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
+ 2008-03-29 18:35:21 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
+ 2008-03-29 18:29:08 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-03-29 18:31:34 75,856 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
+ 2008-03-29 18:27:33 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
- 2007-01-05 02:26:28 168,832 ----a-w C:\WINDOWS\system32\drivers\atinavt2.sys
+ 2007-11-07 03:40:20 169,856 ----a-w C:\WINDOWS\system32\drivers\atinavt2.sys
- 2007-06-04 13:14:56 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
+ 2007-07-11 11:37:26 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
- 2007-09-21 20:04:37 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
+ 2007-08-07 10:58:08 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
+ 2004-08-03 21:07:58 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
+ 2004-08-03 20:58:36 14,848 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
- 2004-08-03 21:58:22 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
- 2004-08-03 22:00:58 181,248 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
- 2007-09-21 20:04:37 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
+ 2007-08-07 10:56:58 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
+ 2001-08-23 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
- 2005-10-12 16:14:12 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
+ 2007-11-13 10:25:53 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
- 2006-08-22 21:10:44 346,624 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-03-01 13:06:21 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2006-08-22 21:10:08 213,504 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-03-01 13:06:21 214,528 ------w C:\WINDOWS\system32\dxtrans.dll
- 2006-08-22 21:31:08 130,560 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-03-01 13:06:21 133,120 ------w C:\WINDOWS\system32\extmgr.dll
- 2007-09-15 15:26:02 271,784 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-04-10 14:09:36 271,784 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2004-08-03 22:56:44 21,504 ----a-w C:\WINDOWS\system32\hidserv.dll
- 2006-08-22 21:10:54 61,440 ------w C:\WINDOWS\system32\icardie.dll
+ 2008-03-01 13:06:21 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2006-08-22 21:13:34 54,784 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-02-29 08:55:23 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2006-08-22 21:13:54 152,064 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-03-01 13:06:21 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2006-08-22 21:14:02 229,376 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-03-01 13:06:21 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2006-08-22 20:30:58 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-02-15 05:44:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2006-08-10 16:44:46 2,451,824 ------w C:\WINDOWS\system32\ieapfltr.dat
+ 2007-07-01 03:31:33 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat
- 2006-08-22 20:36:04 380,928 ------w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-03-01 13:06:22 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2006-08-22 21:14:10 378,368 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-03-01 13:06:22 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2006-08-22 21:18:20 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-08-13 16:45:18 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
- 2006-08-22 21:31:08 5,906,432 ------w C:\WINDOWS\system32\ieframe.dll
+ 2008-03-01 13:06:24 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2006-08-22 21:31:08 189,440 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 16:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2006-08-22 21:13:30 43,008 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-03-01 13:06:24 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2006-08-22 21:09:46 262,656 ------w C:\WINDOWS\system32\iertutil.dll
+ 2008-03-01 13:06:25 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2006-08-22 21:13:40 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 16:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
- 2006-08-22 21:13:34 11,776 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2006-08-22 21:31:08 175,616 ------w C:\WINDOWS\system32\ieui.dll
+ 2007-08-13 16:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
- 2006-08-22 21:10:30 35,328 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 16:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2006-08-22 21:13:34 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 16:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2007-07-11 22:22:00 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-02-21 22:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-07-11 22:22:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-02-21 22:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-07-11 23:22:38 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-02-21 23:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2006-08-22 21:12:56 487,424 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-08-13 16:38:04 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
- 2006-08-22 21:31:08 26,624 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-03-01 13:06:25 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2001-08-23 12:00:00 2,000 ----a-w C:\WINDOWS\system32\keyboard.drv
+ 2001-08-23 12:00:00 221,600 ----a-w C:\WINDOWS\system32\lanman.drv
- 2006-08-22 21:17:26 40,448 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 16:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
- 2006-08-17 12:37:49 726,528 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2007-11-07 09:50:47 727,040 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2007-04-13 13:19:52 7,680 ----a-w C:\WINDOWS\system32\lsdelete.exe
+ 2008-01-11 13:00:28 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
+ 2001-08-23 12:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
- 2006-09-03 20:10:30 54,960 ----a-w C:\WINDOWS\system32\Macromed\Director\SwDir.dll
+ 2007-08-07 15:20:44 182,248 ----a-w C:\WINDOWS\system32\Macromed\Director\SwDir.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
- 2007-06-11 11:34:00 2,115,816 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2008-03-25 03:21:18 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
- 2007-06-11 11:34:00 190,696 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2007-09-14 01:02:37 48,749 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-04-10 14:49:40 74,137 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-04-10 14:49:50 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
- 2007-02-05 04:14:44 585,728 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
+ 2007-08-07 11:35:56 585,728 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
- 2006-09-03 10:11:18 1,490,944 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
+ 2007-08-07 11:19:40 1,490,944 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
- 2006-09-03 10:13:02 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2007-08-07 11:36:32 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2007-02-05 04:14:28 606,208 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
+ 2007-08-07 11:17:24 606,208 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
- 2006-11-10 12:49:32 339,968 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
+ 2007-08-07 11:35:22 339,968 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
- 2006-11-10 12:49:40 483,328 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
+ 2007-08-07 11:35:32 483,328 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
- 2006-11-10 12:49:56 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2007-08-07 11:28:38 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2007-08-07 15:20:28 391,144 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwHelper_1020023.exe
- 2006-11-10 12:49:28 73,728 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
+ 2007-08-07 11:37:56 77,824 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
- 2006-11-10 12:49:22 86,016 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
+ 2007-08-07 11:35:18 86,016 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
- 2006-11-10 12:49:24 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2007-08-07 11:37:58 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
- 1999-06-25 07:55:30 149,504 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
+ 1999-06-25 08:55:30 149,504 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
+ 2001-08-23 12:00:00 73,376 ----a-w C:\WINDOWS\system32\mciavi.drv
+ 2001-08-23 12:00:00 25,264 ----a-w C:\WINDOWS\system32\mciseq.drv
+ 2001-08-23 12:00:00 28,160 ----a-w C:\WINDOWS\system32\mciwave.drv
+ 2001-08-23 12:00:00 2,032 ----a-w C:\WINDOWS\system32\mouse.drv
- 2004-08-03 23:56:44 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:46:59 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
- 2004-08-03 23:56:44 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:46:59 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-03 23:56:44 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:46:59 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
- 2004-08-03 23:56:44 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:46:59 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
- 2004-08-03 23:56:44 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:46:59 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
- 2004-08-03 23:56:44 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:46:59 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
- 2004-08-03 23:56:44 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:46:59 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-03 23:56:44 471,552 ----a-w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:46:59 471,552 ----a-w C:\WINDOWS\system32\mqutil.dll
- 2007-09-28 05:19:39 18,089,592 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-04-06 05:56:20 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2001-08-23 12:00:00 20,480 ----a-w C:\WINDOWS\system32\msacm32.drv
- 2007-04-13 00:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2007-10-23 22:47:38 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2005-09-23 05:28:52 150,016 ----a-w C:\WINDOWS\system32\mscorier.dll
+ 2007-10-23 22:47:38 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
- 2005-09-23 05:28:52 74,240 ----a-w C:\WINDOWS\system32\mscories.dll
+ 2007-10-23 22:47:38 84,480 ----a-w C:\WINDOWS\system32\mscories.dll
- 2006-08-22 21:31:08 457,728 ------w C:\WINDOWS\system32\msfeeds.dll
+ 2008-03-01 13:06:26 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2006-08-22 21:31:08 50,688 ------w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-03-01 13:06:26 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2006-08-22 21:11:18 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
+ 2007-08-13 16:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
+ 2004-08-03 23:56:58 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
+ 2004-08-03 21:56:58 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
- 2006-08-22 21:07:44 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 16:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2006-08-22 21:31:08 3,494,400 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-03-01 15:36:30 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2006-08-22 21:31:08 472,576 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-03-01 13:06:28 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
- 2006-08-22 20:37:30 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 16:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2006-08-22 21:31:08 152,064 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 16:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2006-08-22 21:17:30 192,000 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-03-01 13:06:28 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2006-08-22 21:31:08 670,720 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-03-01 13:06:29 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2006-12-22 10:02:36 6,144 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll
+ 2007-10-23 22:47:44 15,360 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll
+ 2001-08-23 12:00:00 2,656 -c--a-w C:\WINDOWS\system32\netware.drv
- 2006-08-22 21:17:14 100,352 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-03-01 13:06:29 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2007-05-17 11:28:05 549,376 ------w C:\WINDOWS\system32\oleaut32.dll
+ 2007-12-04 18:38:13 550,912 ------w C:\WINDOWS\system32\oleaut32.dll
- 2007-10-02 20:01:57 63,266 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-11 20:18:32 64,450 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-10-02 20:01:57 403,664 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-11 20:18:32 408,928 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2006-09-28 12:55:34 53,248 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
+ 2007-03-26 08:45:18 71,208 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
- 2006-08-22 21:10:40 44,032 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-03-01 13:06:29 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2006-05-10 12:51:40 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2007-10-29 22:35:13 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-02-26 02:29:25 46,080 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\amdpcom32.dll
+ 2007-08-22 01:48:15 8,306,688 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atioglx2.dll
+ 2007-08-22 01:15:37 172,032 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atiok3x2.dll
+ 2007-08-22 01:35:20 3,107,788 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ativva5x.dat
+ 2007-08-22 01:35:20 972,072 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ativva6x.dat
+ 2008-02-26 02:29:25 46,080 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\amdpcom32.dll
+ 2008-02-26 02:59:23 9,797,632 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\atioglx2.dll
+ 2007-08-22 01:15:37 172,032 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\atiok3x2.dll
+ 2007-08-22 01:35:20 3,107,788 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\ativva5x.dat
+ 2008-02-26 02:41:28 887,724 ----a-w C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\ativva6x.dat
+ 2004-08-03 22:56:58 23,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\wdmaud.drv
+ 2004-08-03 21:56:58 294,912 ----a-w C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\msh263.drv
+ 2004-08-03 22:56:58 23,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\wdmaud.drv
+ 2007-11-07 03:40:20 169,856 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\atinavt2.sys
+ 2004-08-03 20:10:14 11,776 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\BdaSup.sys
+ 2004-08-03 20:08:00 60,288 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\drmk.sys
+ 2004-08-03 21:56:44 47,616 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\iyuv_32.dll
+ 2004-08-03 22:56:44 4,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\ksuser.dll
+ 2004-08-03 21:56:58 294,912 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\msh263.drv
+ 2004-08-03 21:56:46 17,408 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\msyuv.dll
+ 2006-01-31 17:31:46 145,920 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\portcls.sys
+ 2005-03-25 13:42:50 363,520 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\PsisDecd.dll
+ 2005-11-04 16:55:10 48,768 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\stream.sys
+ 2001-08-17 19:36:34 8,192 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\tsbyuv.dll
+ 2004-08-03 21:56:48 53,760 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\vfwwdm32.dll
+ 2004-08-03 22:56:58 23,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\wdmaud.drv
- 2006-12-19 21:50:10 8,458,752 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2001-08-23 12:00:00 1,744 ----a-w C:\WINDOWS\system32\sound.drv
- 2005-10-12 23:12:25 14,048 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-03-06 01:22:33 14,048 ------w C:\WINDOWS\system32\spmsg.dll
- 2005-06-28 07:21:34 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2006-09-06 15:43:16 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2001-08-23 12:00:00 3,360 ----a-w C:\WINDOWS\system32\system.drv
+ 2001-08-23 12:00:00 4,048 ----a-w C:\WINDOWS\system32\timer.drv
- 2007-07-18 12:42:22 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2006-08-22 21:17:32 105,472 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-03-01 13:06:29 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2006-08-22 21:31:08 1,138,688 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-03-01 13:06:30 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2005-10-13 20:36:00 2,560 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll
+ 1997-01-16 02:00:00 29,696 ----a-w C:\WINDOWS\system32\VB5StKit.dll
- 2006-08-22 21:31:08 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-08-13 16:54:10 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2001-08-23 12:00:00 2,176 ----a-w C:\WINDOWS\system32\vga.drv
- 2006-02-28 19:39:56 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
+ 2006-03-24 04:47:44 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
+ 2004-08-03 22:56:58 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
- 2006-08-22 21:31:08 225,792 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-03-01 13:06:30 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2001-08-23 12:00:00 13,600 ----a-w C:\WINDOWS\system32\wfwnet.drv
- 2006-08-22 21:18:14 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
+ 2007-08-13 16:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
+ 2001-08-23 12:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
+ 2004-08-03 23:56:58 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2001-08-23 12:00:00 2,112 ----a-w C:\WINDOWS\system32\winspool.exe
- 2006-10-18 18:47:18 222,208 ----a-w C:\WINDOWS\system32\WMASF.dll
+ 2007-10-27 15:40:30 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
+ 2001-08-23 12:00:00 2,736 ----a-w C:\WINDOWS\system32\wowdeb.exe
- 2007-01-08 12:30:42 15,128 ----a-w C:\WINDOWS\system32\x3daudio1_1.dll
+ 2007-03-05 10:42:18 15,128 ----a-w C:\WINDOWS\system32\x3daudio1_1.dll
+ 2007-10-22 01:37:16 17,928 ----a-w C:\WINDOWS\system32\X3DAudio1_2.dll
+ 2007-10-22 01:39:54 267,272 ----a-w C:\WINDOWS\system32\xactengine2_10.dll
- 2006-09-28 13:05:56 237,848 ----a-w C:\WINDOWS\system32\xactengine2_4.dll
+ 2006-09-28 14:05:56 237,848 ----a-w C:\WINDOWS\system32\xactengine2_4.dll
- 2006-12-08 09:02:00 251,672 ----a-w C:\WINDOWS\system32\xactengine2_5.dll
+ 2006-12-08 10:02:00 251,672 ----a-w C:\WINDOWS\system32\xactengine2_5.dll
- 2007-01-24 12:27:30 255,848 ----a-w C:\WINDOWS\system32\xactengine2_6.dll
+ 2007-01-24 13:27:30 255,848 ----a-w C:\WINDOWS\system32\xactengine2_6.dll
+ 2007-04-04 16:55:00 261,480 ----a-w C:\WINDOWS\system32\xactengine2_7.dll
+ 2007-06-20 18:46:04 266,088 ----a-w C:\WINDOWS\system32\xactengine2_8.dll
+ 2007-07-19 22:57:12 267,112 ----a-w C:\WINDOWS\system32\xactengine2_9.dll
- 2006-09-28 13:04:02 68,888 ----a-w C:\WINDOWS\system32\xinput1_3.dll
+ 2007-04-04 16:53:42 81,768 ----a-w C:\WINDOWS\system32\xinput1_3.dll
- 2007-06-19 07:24:36 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 10:04:03 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-04-20 21:42:11 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_f0.dat
+ 2000-08-31 05:00:00 49,152 ----a-w C:\WINDOWS\VFind.exe
+ 2008-04-11 20:18:22 8,192 ----a-w C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2007-10-23 22:47:56 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll
+ 2007-10-23 22:47:56 558,080 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll
+ 2007-10-23 22:47:56 635,904 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll
- 2006-06-05 11:14:28 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
+ 2006-06-05 12:14:28 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
- 2006-06-05 11:14:28 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
+ 2006-06-05 12:14:28 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
- 2006-06-05 11:14:28 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
+ 2006-06-05 12:14:28 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
- 2007-07-12 15:45:47 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-04-11 20:18:26 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2007-07-12 15:45:47 114,176 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2008-04-11 20:18:26 113,664 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2000-08-31 05:00:00 68,096 ----a-w C:\WINDOWS\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]
"BitComet"="D:\Program Files\BitComet\BitComet.exe" [2008-03-25 09:38 2196280]
"Uniblue RegistryBooster 2"="d:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"NSRKey"="C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe" [ ]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30 517768]
"DAEMON Tools"="D:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 13:48 157592]
"IntelAudioStudio"="C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" [2006-08-02 18:17 9134080]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 12:25 6731312]
"avast!"="d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 21:37 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 02:56 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DUSuperControler.lnk - D:\Program Files\DU Super Controler\DUSuperControler.exe [2004-01-20 23:09:46 724992]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-10 17:50:47 125624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= d:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"vidc.wmv3"= d:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
--------- 2006-07-27 09:19 282624 C:\Program Files\SigmaTel\C-Major Audio\STACGUI\sttray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra--c--- 2006-11-24 01:06 487424 D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\Program Files\\BitComet\\BitComet.exe"=
"D:\\Program Files\\eMule\\emule.exe"=
"D:\\Program Files\\ICQ6\\ICQ.exe"=
"D:\\My Documents\\ICQ Lite\\154850876\\????_172322936\\eMule_Pakapaka_v1.4\\ee\\PaKaPaKa_Emule_Speed1.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Roger Wilco\\roger.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"D:\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"D:\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"D:\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"D:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8188:TCP"= 8188:TCP:BitComet 8188 TCP
"8188:UDP"= 8188:UDP:BitComet 8188 UDP

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 21:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 21:35]
R2 BCMNTIO;BCMNTIO;C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys [2004-03-05 17:09]
R2 MAPMEM;MAPMEM;C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys [2004-03-05 17:09]
R2 PMLService;PMLService;C:\Program Files\richcomm\PowerManagerLite\PMLService.exe [2005-05-19 10:16]
R2 ups2501_xp;ups2501_xp;C:\WINDOWS\system32\Drivers\ups2501_XP.sys [2001-10-05 17:02]
R3 HomeQOS;HomeQOS Miniport;C:\WINDOWS\system32\DRIVERS\homeqos.sys [2004-01-20 23:09]
S3 hamachi_oem;PlayLinc Adapter;C:\WINDOWS\system32\DRIVERS\gan_adapter.sys [2006-08-29 00:54]
S3 ZSMC302;VIMICRO USB PC Camera;C:\WINDOWS\system32\Drivers\usbVM31b.sys [2004-08-17 06:44]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11f11bbe-bba7-11dc-b18c-001676cf4331}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86f0faff-a575-11dc-b16f-001676cf4331}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a84ce9b2-e3bc-11db-950a-001676cf4331}]
\Shell\AutoRun\command - G:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c713884a-a971-11db-94c5-001676cf4331}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-21 01:10:29
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-04-21 1:11:26
ComboFix-quarantined-files.txt 2008-04-20 22:11:13
ComboFix2.txt 2007-10-12 17:29:47

Pre-Run: 27,037,507,584 bytes free
Post-Run: 27,868,282,880 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

1687 --- E O F --- 2008-04-11 20:19:09

HiJackThis log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:14:29 AM, on 4/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\richcomm\PowerManagerLite\PMLService.exe
C:\Program Files\Megatec\RUPS 2000\Rupsd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
D:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\DU Super Controler\DUSuperControler.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\DU Super Controler\DUSuperControler.exe
C:\WINDOWS\explorer.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\internet explorer\iexplore.exe
D:\Program Files\Trend Micro\HijackThis\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.il/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NSRKey] C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] d:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DUSuperControler.lnk = D:\Program Files\DU Super Controler\DUSuperControler.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CBF2C04B-50B5-4C7B-8D49-ACB62582F8E6} (LauncherV1 Class) - http://chat-basic.nana.co.il/Cabs/launcher.cab
O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} (LauncherV1 Class) - http://irc.nana10.co.il/Cabs/launcher39.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D44236C2-0018-4AB7-85B9-2937C3E87D16}: NameServer = 192.115.106.35,62.219.186.7
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PMLService - richcomm - C:\Program Files\richcomm\PowerManagerLite\PMLService.exe
O23 - Service: Rupsd - Mega System Technologies, Inc. - C:\Program Files\Megatec\RUPS 2000\Rupsd.exe

--
End of file - 10120 bytes

thx again for the time and help

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 PM

Posted 21 April 2008 - 10:36 AM

Do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
Please save the Kaspersky report as I want you to post it after the next step.

Then,

* Open notepad - don't use any other texteditor than notepad or the script will fail.
Copy/paste the text in the quotebox below into notepad:

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c713884a-a971-11db-94c5-001676cf4331}]

File::
C:\Recycled\ctfmon.exe


Save this as the txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with the kaspersky log.

#7 Metushelah

Metushelah
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 21 April 2008 - 11:15 PM

ComboFix log:

ComboFix 08-04-20.2 - User 2008-04-22 7:08:54.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1255.972.1033.18.1402 [GMT 3:00]
Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\User\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\Recycled\ctfmon.exe
.

((((((((((((((((((((((((( Files Created from 2008-03-22 to 2008-04-22 )))))))))))))))))))))))))))))))
.

2008-04-22 00:29 . 2008-04-22 00:29 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-22 00:29 . 2008-04-22 00:29 <DIR> d-------- C:\WINDOWS\LastGood
2008-04-22 00:29 . 2008-04-22 00:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-11 18:18 . 2008-04-11 18:18 <DIR> d-------- C:\0e95f3d8c3217bd5fe9e198cbc28d7
2008-04-10 17:56 . 2008-04-10 17:56 <DIR> d-------- C:\Program Files\Skype
2008-04-10 17:53 . 2008-04-10 17:53 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-04-10 17:50 . 2008-04-22 01:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-10 17:48 . 2008-04-10 17:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-04-10 17:47 . 2008-04-10 17:47 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-04-03 16:53 . 2008-04-03 16:53 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-12 09:04 --------- d-----w C:\Documents and Settings\User\Application Data\AdobeUM
2008-04-10 14:58 --------- d-----w C:\Documents and Settings\User\Application Data\Skype
2008-04-10 14:52 --------- d-----w C:\Program Files\Java
2008-04-10 14:50 --------- d-----w C:\Program Files\Google
2008-04-10 14:45 --------- d-----w C:\Program Files\ATI Technologies
2008-03-19 09:40 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-08 09:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-06 19:43 --------- d-----w C:\Documents and Settings\User\Application Data\True Sword
2008-03-06 19:09 --------- d-----w C:\Documents and Settings\User\Application Data\Uniblue
2008-03-05 07:33 --------- d-----w C:\Documents and Settings\User\Application Data\Ubisoft
2008-03-05 07:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft
2008-03-05 07:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-05 06:54 --------- d-----w C:\Documents and Settings\User\Application Data\GrabIt
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-29 22:01 --------- d-----w C:\Documents and Settings\User\Application Data\Bioshock
2008-02-29 14:35 --------- d-----w C:\Documents and Settings\User\Application Data\fretsonfire
2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-02-26 03:10 299,520 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-02-26 02:49 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-02-26 02:41 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-02-26 02:21 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-02-26 02:16 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-02-25 18:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2008-02-20 18:49 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-09-14 00:01 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_2-59-58_9551664.dnp
2007-09-13 23:27 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_2-26-9_4140903.dnp
2007-09-13 21:11 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_0-9-10_827457.dnp
2007-09-13 21:05 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_0-3-47_8892105.dnp
2007-08-25 10:52 25,600 ----a-w C:\Documents and Settings\User\usbsermptxp.sys
2007-08-25 10:52 22,768 ----a-w C:\Documents and Settings\User\usbsermpt.sys
2007-06-15 17:54 1 -c--a-w C:\Documents and Settings\User\SI.bin
.

------- Sigcheck -------

2004-08-04 02:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\svchost.exe
2004-08-04 02:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\dllcache\svchost.exe

2005-10-13 23:36 577024 1800f293bccc8ede8a70e12b88d80036 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2007-03-08 18:48 578048 7aa4f6c00405dfc4b70ed4214e7d687b C:\WINDOWS\system32\user32.dll
2007-03-08 18:48 578048 7aa4f6c00405dfc4b70ed4214e7d687b C:\WINDOWS\system32\dllcache\user32.dll

2004-08-04 02:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\ws2_32.dll
2004-08-04 02:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\dllcache\ws2_32.dll

2006-02-19 03:06 360448 5562cc0a47b2aef06d3417b733f3c195 C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
2006-04-20 15:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
2007-10-30 19:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-30 19:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\system32\drivers\tcpip.sys

2004-08-04 02:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\winlogon.exe
2004-08-04 02:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\dllcache\winlogon.exe

2004-08-04 01:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys
2004-08-04 01:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys

2004-08-04 01:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys
2004-08-04 01:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys

2006-12-19 19:12 2059392 ba4b97c00a437c1cc3da365d93ee1e9d C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
2006-03-17 13:22 2015232 f17e50c2700d50cab02ecd608b94f352 C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe
2007-02-28 01:15 2059392 4d3dbdccbf97f5ba1e74f322b155c3ba C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
2007-02-28 12:15 2017280 2dfb215e291e3d9b1cf9a6739b3bf16c C:\WINDOWS\system32\ntkrnlpa.exe
2007-02-28 01:15 2059392 4d3dbdccbf97f5ba1e74f322b155c3ba C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

2006-12-19 19:51 2182016 cef243f6defd20be4adde26c7ecacb54 C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
2006-02-19 02:47 2136064 e237bafc9b56b0e36f5baf70f61eb4a5 C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
2007-02-28 12:55 2182144 5a5c8db4aa962c714c8371fbdf189fc9 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
2007-02-28 12:53 2137600 e6679c3023b17d8b78946bc5df53fa20 C:\WINDOWS\system32\ntoskrnl.exe
2007-02-28 12:55 2182144 5a5c8db4aa962c714c8371fbdf189fc9 C:\WINDOWS\system32\dllcache\ntoskrnl.exe

2007-06-13 14:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\explorer.exe
2005-10-15 11:07 1032192 45757077a47c68a603a79b03a1a836ab C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 14:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\system32\dllcache\explorer.exe

2004-08-04 02:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\ctfmon.exe
2004-08-04 02:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\dllcache\ctfmon.exe
.
((((((((((((((((((((((((((((( snapshot_2008-04-21_ 1.11.07.67 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:42:05 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-21 21:09:45 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2005-05-24 09:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 12:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 12:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2008-04-21 14:41:28 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_1b4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]
"BitComet"="D:\Program Files\BitComet\BitComet.exe" [2008-03-25 09:38 2196280]
"Uniblue RegistryBooster 2"="d:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"NSRKey"="C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe" [ ]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30 517768]
"DAEMON Tools"="D:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 13:48 157592]
"IntelAudioStudio"="C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" [2006-08-02 18:17 9134080]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 12:25 6731312]
"avast!"="d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 21:37 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 02:56 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DUSuperControler.lnk - D:\Program Files\DU Super Controler\DUSuperControler.exe [2004-01-20 23:09:46 724992]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-10 17:50:47 125624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= d:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"vidc.wmv3"= d:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
--------- 2006-07-27 09:19 282624 C:\Program Files\SigmaTel\C-Major Audio\STACGUI\sttray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra--c--- 2006-11-24 01:06 487424 D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\Program Files\\BitComet\\BitComet.exe"=
"D:\\Program Files\\eMule\\emule.exe"=
"D:\\Program Files\\ICQ6\\ICQ.exe"=
"D:\\My Documents\\ICQ Lite\\154850876\\????_172322936\\eMule_Pakapaka_v1.4\\ee\\PaKaPaKa_Emule_Speed1.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Roger Wilco\\roger.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"D:\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"D:\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"D:\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"D:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8188:TCP"= 8188:TCP:BitComet 8188 TCP
"8188:UDP"= 8188:UDP:BitComet 8188 UDP

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 21:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 21:35]
R2 BCMNTIO;BCMNTIO;C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys [2004-03-05 17:09]
R2 MAPMEM;MAPMEM;C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys [2004-03-05 17:09]
R2 PMLService;PMLService;C:\Program Files\richcomm\PowerManagerLite\PMLService.exe [2005-05-19 10:16]
R2 ups2501_xp;ups2501_xp;C:\WINDOWS\system32\Drivers\ups2501_XP.sys [2001-10-05 17:02]
R3 HomeQOS;HomeQOS Miniport;C:\WINDOWS\system32\DRIVERS\homeqos.sys [2004-01-20 23:09]
S3 hamachi_oem;PlayLinc Adapter;C:\WINDOWS\system32\DRIVERS\gan_adapter.sys [2006-08-29 00:54]
S3 ZSMC302;VIMICRO USB PC Camera;C:\WINDOWS\system32\Drivers\usbVM31b.sys [2004-08-17 06:44]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11f11bbe-bba7-11dc-b18c-001676cf4331}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86f0faff-a575-11dc-b16f-001676cf4331}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a84ce9b2-e3bc-11db-950a-001676cf4331}]
\Shell\AutoRun\command - G:\autorun.exe

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 07:09:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-04-22 7:10:48
ComboFix-quarantined-files.txt 2008-04-22 04:10:30
ComboFix2.txt 2008-04-20 22:11:26
ComboFix3.txt 2007-10-12 17:29:47

Pre-Run: 28,684,288,000 bytes free
Post-Run: 28,675,629,056 bytes free

196 --- E O F --- 2008-04-11 20:19:09


Kasparsky Log

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, April 22, 2008 7:06:42 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 21/04/2008
Kaspersky Anti-Virus database records: 719519
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 76347
Number of viruses found: 3
Number of infected objects: 12
Number of suspicious objects: 0
Duration of the scan process: 01:45:38

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-04-22_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\6.0\52\7e615cf4-5d16784a/BnnnnBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\6.0\52\7e615cf4-5d16784a/VaannnaaBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\6.0\52\7e615cf4-5d16784a/Bnnnnn.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\6.0\52\7e615cf4-5d16784a ZIP: infected - 3 skipped
C:\Documents and Settings\User\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\User\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\User\Local Settings\History\History.IE5\MSHist012008042220080423\index.dat Object is locked skipped
C:\Documents and Settings\User\Local Settings\Temp\~DF688F.tmp Object is locked skipped
C:\Documents and Settings\User\Local Settings\Temp\~DFA479.tmp Object is locked skipped
C:\Documents and Settings\User\Local Settings\Temp\~DFB638.tmp Object is locked skipped
C:\Documents and Settings\User\Local Settings\Temp\~DFE972.tmp Object is locked skipped
C:\Documents and Settings\User\Local Settings\Temp\~DFE984.tmp Object is locked skipped
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\User\ntuser.dat Object is locked skipped
C:\Documents and Settings\User\ntuser.dat.LOG Object is locked skipped
C:\Program Files\richcomm\PowerManagerLite\powermanager.ldb Object is locked skipped
C:\Program Files\richcomm\PowerManagerLite\powermanager.mdb Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{20B8781F-17E9-401F-A5D2-A8F99655D39B}\RP153\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\aoxyomqp.dll Infected: Packed.Win32.Monder.gen skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\kdmymoha.dll Infected: Packed.Win32.Monder.gen skipped
C:\WINDOWS\system32\qelnetay.dll Infected: Packed.Win32.Monder.gen skipped
C:\WINDOWS\system32\qykhewwx.dll Infected: Packed.Win32.Monder.gen skipped
C:\WINDOWS\system32\voxdubbf.dll Infected: Packed.Win32.Monder.gen skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\xywsxshe.dll Infected: Packed.Win32.Monder.gen skipped
C:\WINDOWS\Temp\JETADB4.tmp Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_1b4.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
D:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
D:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
D:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
D:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
D:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
D:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{20B8781F-17E9-401F-A5D2-A8F99655D39B}\RP145\A0026636.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
D:\System Volume Information\_restore{20B8781F-17E9-401F-A5D2-A8F99655D39B}\RP145\A0026636.exe 7-Zip: infected - 1 skipped
D:\System Volume Information\_restore{20B8781F-17E9-401F-A5D2-A8F99655D39B}\RP153\change.log Object is locked skipped

Scan process completed.

Thank you

#8 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 PM

Posted 22 April 2008 - 10:04 AM

Please download ATF Cleaner by Atribune.Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.]

Then,

* Open notepad - don't use any other texteditor than notepad or the script will fail.
Copy/paste the text in the quotebox below into notepad:

File::
C:\WINDOWS\system32\aoxyomqp.dll
C:\WINDOWS\system32\kdmymoha.dll
C:\WINDOWS\system32\qelnetay.dll
C:\WINDOWS\system32\qykhewwx.dll
C:\WINDOWS\system32\voxdubbf.dll
C:\WINDOWS\system32\xywsxshe.dll

Suspect::[3]
C:\WINDOWS\system32\user32.dll
C:\WINDOWS\system32\drivers\tcpip.sys
C:\WINDOWS\system32\ntkrnlpa.exe
C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
C:\WINDOWS\system32\ntoskrnl.exe
C:\WINDOWS\system32\dllcache\ntoskrnl.exe
C:\WINDOWS\explorer.exe


Save this as the txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThislog.

#9 Metushelah

Metushelah
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 22 April 2008 - 12:40 PM

ComboFix 08-04-20.2 - User 2008-04-22 20:31:57.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1255.972.1033.18.1523 [GMT 3:00]
Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\User\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\WINDOWS\system32\aoxyomqp.dll
C:\WINDOWS\system32\kdmymoha.dll
C:\WINDOWS\system32\qelnetay.dll
C:\WINDOWS\system32\qykhewwx.dll
C:\WINDOWS\system32\voxdubbf.dll
C:\WINDOWS\system32\xywsxshe.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\aoxyomqp.dll
C:\WINDOWS\system32\kdmymoha.dll
C:\WINDOWS\system32\qelnetay.dll
C:\WINDOWS\system32\qykhewwx.dll
C:\WINDOWS\system32\voxdubbf.dll
C:\WINDOWS\system32\xywsxshe.dll

.
((((((((((((((((((((((((( Files Created from 2008-03-22 to 2008-04-22 )))))))))))))))))))))))))))))))
.

2008-04-22 00:29 . 2008-04-22 00:29 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-22 00:29 . 2008-04-22 00:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-11 18:18 . 2008-04-11 18:18 <DIR> d-------- C:\0e95f3d8c3217bd5fe9e198cbc28d7
2008-04-10 17:56 . 2008-04-10 17:56 <DIR> d-------- C:\Program Files\Skype
2008-04-10 17:53 . 2008-04-10 17:53 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-04-10 17:50 . 2008-04-22 01:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-10 17:48 . 2008-04-10 17:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-04-10 17:47 . 2008-04-10 17:47 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-04-03 16:53 . 2008-04-03 16:53 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-12 09:04 --------- d-----w C:\Documents and Settings\User\Application Data\AdobeUM
2008-04-10 14:58 --------- d-----w C:\Documents and Settings\User\Application Data\Skype
2008-04-10 14:52 --------- d-----w C:\Program Files\Java
2008-04-10 14:50 --------- d-----w C:\Program Files\Google
2008-04-10 14:45 --------- d-----w C:\Program Files\ATI Technologies
2008-03-19 09:40 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-08 09:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-06 19:43 --------- d-----w C:\Documents and Settings\User\Application Data\True Sword
2008-03-06 19:09 --------- d-----w C:\Documents and Settings\User\Application Data\Uniblue
2008-03-05 07:33 --------- d-----w C:\Documents and Settings\User\Application Data\Ubisoft
2008-03-05 07:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft
2008-03-05 07:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-05 06:54 --------- d-----w C:\Documents and Settings\User\Application Data\GrabIt
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-29 22:01 --------- d-----w C:\Documents and Settings\User\Application Data\Bioshock
2008-02-29 14:35 --------- d-----w C:\Documents and Settings\User\Application Data\fretsonfire
2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-02-26 03:10 299,520 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-02-26 02:49 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-02-26 02:41 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-02-26 02:21 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-02-26 02:16 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-02-25 18:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2008-02-20 18:49 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-09-14 00:01 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_2-59-58_9551664.dnp
2007-09-13 23:27 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_2-26-9_4140903.dnp
2007-09-13 21:11 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_0-9-10_827457.dnp
2007-09-13 21:05 18 ----a-w C:\Program Files\XP Repair Pro 2007ERR_Item0-9-14-2007_0-3-47_8892105.dnp
2007-08-25 10:52 25,600 ----a-w C:\Documents and Settings\User\usbsermptxp.sys
2007-08-25 10:52 22,768 ----a-w C:\Documents and Settings\User\usbsermpt.sys
2007-06-15 17:54 1 -c--a-w C:\Documents and Settings\User\SI.bin
.

------- Sigcheck -------

2004-08-04 02:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\svchost.exe
2004-08-04 02:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\dllcache\svchost.exe

2005-10-13 23:36 577024 1800f293bccc8ede8a70e12b88d80036 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2007-03-08 18:48 578048 7aa4f6c00405dfc4b70ed4214e7d687b C:\WINDOWS\system32\user32.dll
2007-03-08 18:48 578048 7aa4f6c00405dfc4b70ed4214e7d687b C:\WINDOWS\system32\dllcache\user32.dll

2004-08-04 02:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\ws2_32.dll
2004-08-04 02:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\dllcache\ws2_32.dll

2006-02-19 03:06 360448 5562cc0a47b2aef06d3417b733f3c195 C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
2006-04-20 15:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
2007-10-30 19:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-30 19:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\system32\drivers\tcpip.sys

2004-08-04 02:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\winlogon.exe
2004-08-04 02:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\dllcache\winlogon.exe

2004-08-04 01:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys
2004-08-04 01:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys

2004-08-04 01:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys
2004-08-04 01:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys

2006-12-19 19:12 2059392 ba4b97c00a437c1cc3da365d93ee1e9d C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
2006-03-17 13:22 2015232 f17e50c2700d50cab02ecd608b94f352 C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe
2007-02-28 01:15 2059392 4d3dbdccbf97f5ba1e74f322b155c3ba C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
2007-02-28 12:15 2017280 2dfb215e291e3d9b1cf9a6739b3bf16c C:\WINDOWS\system32\ntkrnlpa.exe
2007-02-28 01:15 2059392 4d3dbdccbf97f5ba1e74f322b155c3ba C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

2006-12-19 19:51 2182016 cef243f6defd20be4adde26c7ecacb54 C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
2006-02-19 02:47 2136064 e237bafc9b56b0e36f5baf70f61eb4a5 C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
2007-02-28 12:55 2182144 5a5c8db4aa962c714c8371fbdf189fc9 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
2007-02-28 12:53 2137600 e6679c3023b17d8b78946bc5df53fa20 C:\WINDOWS\system32\ntoskrnl.exe
2007-02-28 12:55 2182144 5a5c8db4aa962c714c8371fbdf189fc9 C:\WINDOWS\system32\dllcache\ntoskrnl.exe

2007-06-13 14:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\explorer.exe
2005-10-15 11:07 1032192 45757077a47c68a603a79b03a1a836ab C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 14:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\system32\dllcache\explorer.exe

2004-08-04 02:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\ctfmon.exe
2004-08-04 02:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\dllcache\ctfmon.exe
.
((((((((((((((((((((((((((((( snapshot_2008-04-21_ 1.11.07.67 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:42:05 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-22 14:45:43 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2005-05-24 09:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 12:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 12:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2008-04-22 14:45:49 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_1b0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]
"BitComet"="D:\Program Files\BitComet\BitComet.exe" [2008-03-25 09:38 2196280]
"Uniblue RegistryBooster 2"="d:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"NSRKey"="C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe" [ ]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30 517768]
"DAEMON Tools"="D:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 13:48 157592]
"IntelAudioStudio"="C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" [2006-08-02 18:17 9134080]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 12:25 6731312]
"avast!"="d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 21:37 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 02:56 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DUSuperControler.lnk - D:\Program Files\DU Super Controler\DUSuperControler.exe [2004-01-20 23:09:46 724992]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-10 17:50:47 125624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= d:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"vidc.wmv3"= d:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
--------- 2006-07-27 09:19 282624 C:\Program Files\SigmaTel\C-Major Audio\STACGUI\sttray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra--c--- 2006-11-24 01:06 487424 D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\Program Files\\BitComet\\BitComet.exe"=
"D:\\Program Files\\eMule\\emule.exe"=
"D:\\Program Files\\ICQ6\\ICQ.exe"=
"D:\\My Documents\\ICQ Lite\\154850876\\????_172322936\\eMule_Pakapaka_v1.4\\ee\\PaKaPaKa_Emule_Speed1.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Roger Wilco\\roger.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"D:\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"D:\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"D:\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"D:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8188:TCP"= 8188:TCP:BitComet 8188 TCP
"8188:UDP"= 8188:UDP:BitComet 8188 UDP

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 21:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 21:35]
R2 BCMNTIO;BCMNTIO;C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys [2004-03-05 17:09]
R2 MAPMEM;MAPMEM;C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys [2004-03-05 17:09]
R2 PMLService;PMLService;C:\Program Files\richcomm\PowerManagerLite\PMLService.exe [2005-05-19 10:16]
R2 ups2501_xp;ups2501_xp;C:\WINDOWS\system32\Drivers\ups2501_XP.sys [2001-10-05 17:02]
R3 HomeQOS;HomeQOS Miniport;C:\WINDOWS\system32\DRIVERS\homeqos.sys [2004-01-20 23:09]
S3 hamachi_oem;PlayLinc Adapter;C:\WINDOWS\system32\DRIVERS\gan_adapter.sys [2006-08-29 00:54]
S3 ZSMC302;VIMICRO USB PC Camera;C:\WINDOWS\system32\Drivers\usbVM31b.sys [2004-08-17 06:44]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11f11bbe-bba7-11dc-b18c-001676cf4331}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86f0faff-a575-11dc-b16f-001676cf4331}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a84ce9b2-e3bc-11db-950a-001676cf4331}]
\Shell\AutoRun\command - G:\autorun.exe

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 20:32:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-04-22 20:33:47
ComboFix-quarantined-files.txt 2008-04-22 17:33:35
ComboFix2.txt 2008-04-22 04:10:49
ComboFix3.txt 2008-04-20 22:11:26
ComboFix4.txt 2007-10-12 17:29:47

Pre-Run: 28,700,504,064 bytes free
Post-Run: 28,683,522,048 bytes free

210 --- E O F --- 2008-04-11 20:19:09


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:37:42 PM, on 4/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\richcomm\PowerManagerLite\PMLService.exe
C:\Program Files\Megatec\RUPS 2000\Rupsd.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\DU Super Controler\DUSuperControler.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\DU Super Controler\DUSuperControler.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Trend Micro\HijackThis\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.il/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NSRKey] C:\PROGRA~1\NORTON~1\NSR\Agent\NSRTray.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "D:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] d:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DUSuperControler.lnk = D:\Program Files\DU Super Controler\DUSuperControler.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CBF2C04B-50B5-4C7B-8D49-ACB62582F8E6} (LauncherV1 Class) - http://chat-basic.nana.co.il/Cabs/launcher.cab
O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} (LauncherV1 Class) - http://irc.nana10.co.il/Cabs/launcher39.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D44236C2-0018-4AB7-85B9-2937C3E87D16}: NameServer = 192.115.106.35,62.219.186.7
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PMLService - richcomm - C:\Program Files\richcomm\PowerManagerLite\PMLService.exe
O23 - Service: Rupsd - Mega System Technologies, Inc. - C:\Program Files\Megatec\RUPS 2000\Rupsd.exe

--
End of file - 10310 bytes


Its wierd, cause at the end of ComboFix it asked me to send some report to you, i tried, and it didnt quite work, was this supposed to happen?

#10 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 PM

Posted 22 April 2008 - 12:48 PM

Yes, it was. Did combofix create a zip file on your desktop ? If so, submit the file to http://www.bleepingcomputer.com/submit-malware.php?channel=3

#11 Metushelah

Metushelah
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 23 April 2008 - 08:25 AM

I have sent this file, sorry for the trouble

#12 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 PM

Posted 23 April 2008 - 10:11 AM

Files are all clean as is your computer :thumbsup:

Is everything operating properly?

#13 Metushelah

Metushelah
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 23 April 2008 - 02:20 PM

Yes it seems to work quite well,
even after the first Combofix i ran, but i guess it works wonderfully

Thanks alot :thumbsup:

#14 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 PM

Posted 23 April 2008 - 03:36 PM

Let's uninstall ComboFix

Please navigate to, and delete the following:
  • Click on : Start >> Run...
  • Type: Combofix /u and hit Enter

Then,

Now that your clean:

Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point.

You can find instructions on how to enable and reenable system restore here for your particular Windows Version:

Managing Windows Millenium System Restore

or

Windows XP System Restore Guide

or

Windows Vista System Restore Guide


Renable system restore with instructions from tutorial above


Next,

This process will clean out your Temp files and your Temporary Internet Files. Please do both steps:

Step 1:Delete Temp Files
To clean out your temp files, click on Start and then run, and type %temp% and press the ok button.

This should open up the temp directory that your machine uses. Please delete all files that are found there. If you get an error when deleting a file, skip that file and delete all the others. If you had trouble deleting a file, reboot into Safe Mode and follow this step again. You should now be able to delete all the files.

Step 2: Delete Temporary Internet Files
Now I want you to open up Internet Explorer, and click on the Tools menu and then Internet Options. At the General tab, which should be the first tab you are currently on, click on the Delete Files button and put a checkmark in Delete offline content. Then press the OK button. This may take quite a while, so do not be alarmed with how long it takes. When it is done, your Temporary Internet Files will now be deleted.

Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:

Simple and easy ways to keep your computer safe and secure on the Internet


I am closing this topic. Please message a moderator if you need it reopened.

Glad I was able to help and if there any other problems related to your computer please feel free to post them in the appropriate forum. Though we help people with spyware and viruses here at BC, we also help people with other computer problems! Do not forget to tell your friends about us!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users