Inactive PC being Monitored? Can't update anti virus

clubECGR · 2009/02/03

[Inactive] PC being Monitored? Can't update anti virus

Hello again to all. I seem to have problems with my new laptop that was bought last Oct. 2008. The last time was for my sis and now, it's my turn. sigh...

I can wait if there are available slots for removing malware. I intend to shut this laptop for the time being but since I'm posting here, I can look at the updates.

My problems:

1) I cant update installed AVG 8.0 Free, Malwarebytes Anti Malware and Kasperky Online Scanner

2)Malwarebytes Anti-Malware gives bluescreen in partial and full scans

3)My vaporeon_william Yahoo Messenger is not loading. Other email works as they can logged in. This may be possible that my computer was hacked and got my email and disable it. So a possible of my laptop being monitore by a hacker to get information.

Possible cause:

1: A Hijacker had access to my computer and changed the ports or gateways of my internet or being able to monitor the laptop

2: A Trojan/virus/Malware was installed on my system

I was asked to post to this forum as mentioned on the other forum (category: Other Software)

My possible solution: buy an external hard drive and reformat the system back to factory default.

Here's the scan from Trend Micro HijackThis

I un-installed AVG for the moment. I will post 2 log files from different programs

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:12:39 PM, on 2/3/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Opera 10 Preview\opera.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe "
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe "
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: []
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DFA87BE-ED50-4F1C-8E9B-D68143240F9A}: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CS2\Services\Tcpip\..\{4DFA87BE-ED50-4F1C-8E9B-D68143240F9A}: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CS3\Services\Tcpip\..\{4DFA87BE-ED50-4F1C-8E9B-D68143240F9A}: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CS4\Services\Tcpip\..\{4DFA87BE-ED50-4F1C-8E9B-D68143240F9A}: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.77,85.255.112.159
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\asus\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c96116a681bcde) (gupdate1c96116a681bcde) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\asus\NB Probe\SPM\spmgr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 9843 bytes

From Rootrepeal

I see red marks on gaopdxcyjnuocp.sys

ROOTREPEAL (c) AD, 2007-2008
==================================================
Scan Time: 2009/02/03 21:29
Program Version: Version 1.2.3.0
Windows Version: Windows Vista SP1
==================================================

Drivers
-------------------
Name: 000.fcl
Image Path: C:\Program Files\CyberLink\PowerDVD\000.fcl
Address: 0xAD1D5000 Size: 118784 File Visible: -
Status: -

Name: acpi.sys
Image Path: C:\Windows\system32\drivers\acpi.sys
Address: 0x80694000 Size: 286720 File Visible: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x82E19000 Size: 3903488 File Visible: -
Status: -

Name: afd.sys
Image Path: C:\Windows\system32\drivers\afd.sys
Address: 0xA0A0F000 Size: 294912 File Visible: -
Status: -

Name: AGRSM.sys
Image Path: C:\Windows\system32\DRIVERS\AGRSM.sys
Address: 0x9D206000 Size: 1203776 File Visible: -
Status: -

Name: AsDsm.sys
Image Path: C:\Windows\System32\Drivers\AsDsm.sys
Address: 0x80D3F000 Size: 40960 File Visible: -
Status: -

Name: ASMMAP.sys
Image Path: C:\Program Files\ATKGFNEX\ASMMAP.sys
Address: 0x82513000 Size: 28672 File Visible: -
Status: -

Name: atapi.sys
Image Path: C:\Windows\system32\drivers\atapi.sys
Address: 0x80CCD000 Size: 32768 File Visible: -
Status: -

Name: ataport.SYS
Image Path: C:\Windows\system32\drivers\ataport.SYS
Address: 0x80CD5000 Size: 122880 File Visible: -
Status: -

Name: athr.sys
Image Path: C:\Windows\system32\DRIVERS\athr.sys
Address: 0x8CC0E000 Size: 933888 File Visible: -
Status: -

Name: ATKACPI.sys
Image Path: C:\Windows\system32\DRIVERS\ATKACPI.sys
Address: 0x8CD6D000 Size: 32768 File Visible: -
Status: -

Name: ATMFD.DLL
Image Path: C:\Windows\System32\ATMFD.DLL
Address: 0xA5A90000 Size: 311296 File Visible: -
Status: -

Name: avgmfx86.sys
Image Path: C:\Windows\System32\Drivers\avgmfx86.sys
Address: 0xA0B2A000 Size: 20160 File Visible: No
Status: -

Name: BATTC.SYS
Image Path: C:\Windows\system32\DRIVERS\BATTC.SYS
Address: 0x80724000 Size: 40960 File Visible: -
Status: -

Name: Beep.SYS
Image Path: C:\Windows\System32\Drivers\Beep.SYS
Address: 0x9D5DF000 Size: 28672 File Visible: -
Status: -

Name: BOOTVID.dll
Image Path: C:\Windows\system32\BOOTVID.dll
Address: 0x80483000 Size: 32768 File Visible: -
Status: -

Name: bowser.sys
Image Path: C:\Windows\system32\DRIVERS\bowser.sys
Address: 0x825A2000 Size: 102400 File Visible: -
Status: -

Name: cdd.dll
Image Path: C:\Windows\System32\cdd.dll
Address: 0xA5A80000 Size: 57344 File Visible: -
Status: -

Name: cdfs.sys
Image Path: C:\Windows\system32\DRIVERS\cdfs.sys
Address: 0xAD0CB000 Size: 90112 File Visible: -
Status: -

Name: cdrom.sys
Image Path: C:\Windows\system32\DRIVERS\cdrom.sys
Address: 0x8CD4E000 Size: 98304 File Visible: -
Status: -

Name: CI.dll
Image Path: C:\Windows\system32\CI.dll
Address: 0x804CC000 Size: 917504 File Visible: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS
Address: 0x88997000 Size: 135168 File Visible: -
Status: -

Name: CLFS.SYS
Image Path: C:\Windows\system32\CLFS.SYS
Address: 0x8048B000 Size: 266240 File Visible: -
Status: -

Name: CmBatt.sys
Image Path: C:\Windows\system32\DRIVERS\CmBatt.sys
Address: 0x8CD69000 Size: 14208 File Visible: -
Status: -

Name: compbatt.sys
Image Path: C:\Windows\system32\DRIVERS\compbatt.sys
Address: 0x80721000 Size: 10496 File Visible: -
Status: -

Name: crashdmp.sys
Image Path: C:\Windows\System32\Drivers\crashdmp.sys
Address: 0xA1388000 Size: 53248 File Visible: -
Status: -

Name: crcdisk.sys
Image Path: C:\Windows\system32\drivers\crcdisk.sys
Address: 0x889B8000 Size: 36864 File Visible: -
Status: -

Name: CRFILTER.sys
Image Path: C:\Windows\system32\DRIVERS\CRFILTER.sys
Address: 0xA0BE5000 Size: 28672 File Visible: -
Status: -

Name: dfsc.sys
Image Path: C:\Windows\System32\Drivers\dfsc.sys
Address: 0xA0B13000 Size: 94208 File Visible: -
Status: -

Name: disk.sys
Image Path: C:\Windows\system32\drivers\disk.sys
Address: 0x88986000 Size: 69632 File Visible: -
Status: -

Name: drmk.sys
Image Path: C:\Windows\system32\drivers\drmk.sys
Address: 0x805D9000 Size: 151552 File Visible: -
Status: -

Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x88708000 Size: 819200 File Visible: No
Status: -

Name: Dxapi.sys
Image Path: C:\Windows\System32\drivers\Dxapi.sys
Address: 0xA1395000 Size: 40960 File Visible: -
Status: -

Name: dxgkrnl.sys
Image Path: C:\Windows\System32\drivers\dxgkrnl.sys
Address: 0x8CAC8000 Size: 651264 File Visible: -
Status: -

Name: ecache.sys
Image Path: C:\Windows\System32\drivers\ecache.sys
Address: 0x8895F000 Size: 159744 File Visible: -
Status: -

Name: fastfat.SYS
Image Path: C:\Windows\System32\Drivers\fastfat.SYS
Address: 0xA1360000 Size: 163840 File Visible: -
Status: -

Name: fileinfo.sys
Image Path: C:\Windows\system32\drivers\fileinfo.sys
Address: 0x80D2F000 Size: 65536 File Visible: -
Status: -

Name: fltmgr.sys
Image Path: C:\Windows\system32\drivers\fltmgr.sys
Address: 0x80CFD000 Size: 204800 File Visible: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS
Address: 0x9D5CF000 Size: 36864 File Visible: -
Status: -

Name: fwpkclnt.sys
Image Path: C:\Windows\System32\drivers\fwpkclnt.sys
Address: 0x886ED000 Size: 110592 File Visible: -
Status: -

Name: gaopdxcyjnuocp.sys
Image Path: C:\Windows\system32\drivers\gaopdxcyjnuocp.sys
Address: 0x9D382000 Size: 176128 File Visible: -
Status: Hidden from Windows API!

Name: GEARAspiWDM.sys
Image Path: C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
Address: 0x8CD66000 Size: 9984 File Visible: -
Status: -

Name: ghaio.sys
Image Path: C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
Address: 0xAD0C5000 Size: 9536 File Visible: -
Status: -

Name: halmacpi.dll
Image Path: C:\Windows\system32\halmacpi.dll
Address: 0x831D2000 Size: 208896 File Visible: -
Status: -

Name: HDAudBus.sys
Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys
Address: 0x8CBCC000 Size: 73728 File Visible: -
Status: -

Name: HIDCLASS.SYS
Image Path: C:\Windows\system32\DRIVERS\HIDCLASS.SYS
Address: 0x9D34C000 Size: 65536 File Visible: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\Windows\system32\DRIVERS\HIDPARSE.SYS
Address: 0x9D35C000 Size: 28672 File Visible: -
Status: -

Name: hidusb.sys
Image Path: C:\Windows\system32\DRIVERS\hidusb.sys
Address: 0x9D343000 Size: 36864 File Visible: -
Status: -

Name: HTTP.sys
Image Path: C:\Windows\system32\drivers\HTTP.sys
Address: 0x8251A000 Size: 438272 File Visible: -
Status: -

Name: i8042prt.sys
Image Path: C:\Windows\system32\DRIVERS\i8042prt.sys
Address: 0x8CCF2000 Size: 77824 File Visible: -
Status: -

Name: iaStor.sys
Image Path: C:\Windows\system32\DRIVERS\iaStor.sys
Address: 0x80C05000 Size: 819200 File Visible: -
Status: -

Name: igdkmd32.sys
Image Path: C:\Windows\system32\DRIVERS\igdkmd32.sys
Address: 0x8C40D000 Size: 7057408 File Visible: -
Status: -

Name: intelide.sys
Image Path: C:\Windows\system32\drivers\intelide.sys
Address: 0x80787000 Size: 28672 File Visible: -
Status: -

Name: intelppm.sys
Image Path: C:\Windows\system32\DRIVERS\intelppm.sys
Address: 0x889E2000 Size: 61440 File Visible: -
Status: -

Name: ipnat.sys
Image Path: C:\Windows\system32\DRIVERS\ipnat.sys
Address: 0xA13D9000 Size: 155648 File Visible: -
Status: -

Name: kbdclass.sys
Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys
Address: 0x8CD07000 Size: 45056 File Visible: -
Status: -

Name: kbfiltr.sys
Image Path: C:\Windows\system32\DRIVERS\kbfiltr.sys
Address: 0x8CD05000 Size: 5632 File Visible: -
Status: -

Name: kdcom.dll
Image Path: C:\Windows\system32\kdcom.dll
Address: 0x8040A000 Size: 32768 File Visible: -
Status: -

Name: ks.sys
Image Path: C:\Windows\system32\DRIVERS\ks.sys
Address: 0x80FBF000 Size: 172032 File Visible: -
Status: -

Name: ksecdd.sys
Image Path: C:\Windows\System32\Drivers\ksecdd.sys
Address: 0x80D49000 Size: 462848 File Visible: -
Status: -

Name: lltdio.sys
Image Path: C:\Windows\system32\DRIVERS\lltdio.sys
Address: 0x824BC000 Size: 65536 File Visible: -
Status: -

Name: luafv.sys
Image Path: C:\Windows\system32\drivers\luafv.sys
Address: 0xA139F000 Size: 110592 File Visible: -
Status: -

Name: mbam.sys
Image Path: C:\Windows\system32\drivers\mbam.sys
Address: 0xAD0C8000 Size: 11776 File Visible: -
Status: -

Name: mcupdate_GenuineIntel.dll
Image Path: C:\Windows\system32\mcupdate_GenuineIntel.dll
Address: 0x80412000 Size: 393216 File Visible: -
Status: -

Name: modem.sys
Image Path: C:\Windows\system32\drivers\modem.sys
Address: 0x9D32C000 Size: 53248 File Visible: -
Status: -

Name: MODEMCSA.sys
Image Path: C:\Windows\system32\drivers\MODEMCSA.sys
Address: 0x9D339000 Size: 40960 File Visible: -
Status: -

Name: monitor.sys
Image Path: C:\Windows\system32\DRIVERS\monitor.sys
Address: 0x80DE7000 Size: 61440 File Visible: -
Status: -

Name: mouclass.sys
Image Path: C:\Windows\system32\DRIVERS\mouclass.sys
Address: 0x8CD43000 Size: 45056 File Visible: -
Status: -

Name: mouhid.sys
Image Path: C:\Windows\system32\DRIVERS\mouhid.sys
Address: 0x9D37A000 Size: 32768 File Visible: -
Status: -

Name: mountmgr.sys
Image Path: C:\Windows\System32\drivers\mountmgr.sys
Address: 0x8079C000 Size: 65536 File Visible: -
Status: -

Name: mpsdrv.sys
Image Path: C:\Windows\System32\drivers\mpsdrv.sys
Address: 0x825BB000 Size: 86016 File Visible: -
Status: -

Name: mrxdav.sys
Image Path: C:\Windows\system32\drivers\mrxdav.sys
Address: 0x825D0000 Size: 131072 File Visible: -
Status: -

Name: mrxsmb.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys
Address: 0xA13BA000 Size: 126976 File Visible: -
Status: -

Name: mrxsmb10.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Address: 0xAD001000 Size: 233472 File Visible: -
Status: -

Name: mrxsmb20.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Address: 0xAD03A000 Size: 98304 File Visible: -
Status: -

Name: msahci.sys
Image Path: C:\Windows\system32\drivers\msahci.sys
Address: 0x80CF3000 Size: 40960 File Visible: -
Status: -

Name: Msfs.SYS
Image Path: C:\Windows\System32\Drivers\Msfs.SYS
Address: 0x9D3AD000 Size: 45056 File Visible: -
Status: -

Name: msisadrv.sys
Image Path: C:\Windows\system32\drivers\msisadrv.sys
Address: 0x806E3000 Size: 32768 File Visible: -
Status: -

Name: msiscsi.sys
Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys
Address: 0x8CD75000 Size: 188416 File Visible: -
Status: -

Name: msrpc.sys
Image Path: C:\Windows\system32\drivers\msrpc.sys
Address: 0x80F12000 Size: 176128 File Visible: -
Status: -

Name: mssmbios.sys
Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys
Address: 0x8C400000 Size: 40960 File Visible: -
Status: -

Name: mup.sys
Image Path: C:\Windows\System32\Drivers\mup.sys
Address: 0x88950000 Size: 61440 File Visible: -
Status: -

Name: ndis.sys
Image Path: C:\Windows\system32\drivers\ndis.sys
Address: 0x80E07000 Size: 1093632 File Visible: -
Status: -

Name: ndistapi.sys
Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys
Address: 0x8CDEF000 Size: 45056 File Visible: -
Status: -

Name: ndisuio.sys
Image Path: C:\Windows\system32\DRIVERS\ndisuio.sys
Address: 0x824F6000 Size: 40960 File Visible: -
Status: -

Name: ndiswan.sys
Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys
Address: 0x80F77000 Size: 143360 File Visible: -
Status: -

Name: NDProxy.SYS
Image Path: C:\Windows\System32\Drivers\NDProxy.SYS
Address: 0x807E0000 Size: 69632 File Visible: -
Status: -

Name: netbios.sys
Image Path: C:\Windows\system32\DRIVERS\netbios.sys
Address: 0xA0A9F000 Size: 57344 File Visible: -
Status: -

Name: netbt.sys
Image Path: C:\Windows\System32\DRIVERS\netbt.sys
Address: 0xA0A57000 Size: 204800 File Visible: -
Status: -

Name: NETIO.SYS
Image Path: C:\Windows\system32\drivers\NETIO.SYS
Address: 0x80F3D000 Size: 237568 File Visible: -
Status: -

Name: Npfs.SYS
Image Path: C:\Windows\System32\Drivers\Npfs.SYS
Address: 0x9D3B8000 Size: 57344 File Visible: -
Status: -

Name: nsiproxy.sys
Image Path: C:\Windows\system32\drivers\nsiproxy.sys
Address: 0xA0B09000 Size: 40960 File Visible: -
Status: -

Name: Ntfs.sys
Image Path: C:\Windows\System32\Drivers\Ntfs.sys
Address: 0x88800000 Size: 1110016 File Visible: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\Windows\system32\ntkrnlpa.exe
Address: 0x82E19000 Size: 3903488 File Visible: -
Status: -

Name: Null.SYS
Image Path: C:\Windows\System32\Drivers\Null.SYS
Address: 0x9D5D8000 Size: 28672 File Visible: -
Status: -

Name: nwifi.sys
Image Path: C:\Windows\system32\DRIVERS\nwifi.sys
Address: 0x824CC000 Size: 172032 File Visible: -
Status: -

Name: pacer.sys
Image Path: C:\Windows\system32\DRIVERS\pacer.sys
Address: 0xA0A89000 Size: 90112 File Visible: -
Status: -

Name: partmgr.sys
Image Path: C:\Windows\System32\drivers\partmgr.sys
Address: 0x80712000 Size: 61440 File Visible: -
Status: -

Name: pci.sys
Image Path: C:\Windows\system32\drivers\pci.sys
Address: 0x806EB000 Size: 159744 File Visible: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS
Address: 0x8078E000 Size: 57344 File Visible: -
Status: -

Name: pcouffin.sys
Image Path: C:\Windows\System32\Drivers\pcouffin.sys
Address: 0x8CC00000 Size: 47360 File Visible: -
Status: -

Name: peauth.sys
Image Path: C:\Windows\system32\drivers\peauth.sys
Address: 0xAD0E1000 Size: 909312 File Visible: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x82E19000 Size: 3903488 File Visible: -
Status: -

Name: portcls.sys
Image Path: C:\Windows\system32\drivers\portcls.sys
Address: 0x805AC000 Size: 184320 File Visible: -
Status: -

Name: PSHED.dll
Image Path: C:\Windows\system32\PSHED.dll
Address: 0x80472000 Size: 69632 File Visible: -
Status: -

Name: rasacd.sys
Image Path: C:\Windows\System32\DRIVERS\rasacd.sys
Address: 0x9D5F6000 Size: 36864 File Visible: -
Status: -

Name: rasl2tp.sys
Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys
Address: 0x887D0000 Size: 94208 File Visible: -
Status: -

Name: raspppoe.sys
Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys
Address: 0x889F1000 Size: 61440 File Visible: -
Status: -

Name: raspptp.sys
Image Path: C:\Windows\system32\DRIVERS\raspptp.sys
Address: 0x887E7000 Size: 81920 File Visible: -
Status: -

Name: rassstp.sys
Image Path: C:\Windows\system32\DRIVERS\rassstp.sys
Address: 0x80F9A000 Size: 86016 File Visible: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x82E19000 Size: 3903488 File Visible: -
Status: -

Name: rdbss.sys
Image Path: C:\Windows\system32\DRIVERS\rdbss.sys
Address: 0xA0ACD000 Size: 245760 File Visible: -
Status: -

Name: RDPCDD.sys
Image Path: C:\Windows\System32\DRIVERS\RDPCDD.sys
Address: 0x9D5E6000 Size: 32768 File Visible: -
Status: -

Name: rdpencdd.sys
Image Path: C:\Windows\system32\drivers\rdpencdd.sys
Address: 0x9D5EE000 Size: 32768 File Visible: -
Status: -

Name: rfcomm.sys
Image Path: C:\Windows\system32\DRIVERS\rfcomm.sys
Address: 0xA1207000 Size: 167936 File Visible: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xB2E3F000 Size: 45056 File Visible: No
Status: -

Name: rspndr.sys
Image Path: C:\Windows\system32\DRIVERS\rspndr.sys
Address: 0x82500000 Size: 77824 File Visible: -
Status: -

Name: RTKVHDA.sys
Image Path: C:\Windows\system32\drivers\RTKVHDA.sys
Address: 0x9D005000 Size: 2017088 File Visible: -
Status: -

Name: Rtlh86.sys
Image Path: C:\Windows\system32\DRIVERS\Rtlh86.sys
Address: 0x8CBDE000 Size: 139264 File Visible: -
Status: -

Name: SCDEmu.SYS
Image Path: C:\Windows\System32\Drivers\SCDEmu.SYS
Address: 0xA0AC0000 Size: 52768 File Visible: -
Status: -

Name: secdrv.SYS
Image Path: C:\Windows\System32\Drivers\secdrv.SYS
Address: 0xAD1BF000 Size: 40960 File Visible: -
Status: -

Name: smb.sys
Image Path: C:\Windows\system32\DRIVERS\smb.sys
Address: 0x9D3DC000 Size: 81920 File Visible: -
Status: -

Name: sncduvc.SYS
Image Path: C:\Windows\system32\DRIVERS\sncduvc.SYS
Address: 0x9D5C8000 Size: 28672 File Visible: -
Status: -

Name: snp2uvc.sys
Image Path: C:\Windows\system32\DRIVERS\snp2uvc.sys
Address: 0x9D40A000 Size: 1769984 File Visible: -
Status: -

Name: spldr.sys
Image Path: C:\Windows\System32\Drivers\spldr.sys
Address: 0x88948000 Size: 32768 File Visible: -
Status: -

Name: spsys.sys
Image Path: C:\Windows\system32\drivers\spsys.sys
Address: 0x8240D000 Size: 716800 File Visible: -
Status: -

Name: srv.sys
Image Path: C:\Windows\System32\DRIVERS\srv.sys
Address: 0xAD079000 Size: 311296 File Visible: -
Status: -

Name: srv2.sys
Image Path: C:\Windows\System32\DRIVERS\srv2.sys
Address: 0xAD052000 Size: 159744 File Visible: -
Status: -

Name: srvnet.sys
Image Path: C:\Windows\System32\DRIVERS\srvnet.sys
Address: 0x82585000 Size: 118784 File Visible: -
Status: -

Name: storport.sys
Image Path: C:\Windows\system32\DRIVERS\storport.sys
Address: 0x8CDA3000 Size: 266240 File Visible: -
Status: -

Name: STREAM.SYS
Image Path: C:\Windows\system32\DRIVERS\STREAM.SYS
Address: 0x9D5BB000 Size: 53248 File Visible: -
Status: -

Name: swenum.sys
Image Path: C:\Windows\system32\DRIVERS\swenum.sys
Address: 0x8CC0C000 Size: 4992 File Visible: -
Status: -

Name: SynTP.sys
Image Path: C:\Windows\system32\DRIVERS\SynTP.sys
Address: 0x8CD12000 Size: 189696 File Visible: -
Status: -

Name: tcpip.sys
Image Path: C:\Windows\System32\drivers\tcpip.sys
Address: 0x88606000 Size: 946176 File Visible: -
Status: -

Name: tcpipreg.sys
Image Path: C:\Windows\System32\drivers\tcpipreg.sys
Address: 0xAD1C9000 Size: 49152 File Visible: -
Status: -

Name: TDI.SYS
Image Path: C:\Windows\system32\DRIVERS\TDI.SYS
Address: 0x8CDE4000 Size: 45056 File Visible: -
Status: -

Name: tdx.sys
Image Path: C:\Windows\system32\DRIVERS\tdx.sys
Address: 0x9D3C6000 Size: 90112 File Visible: -
Status: -

Name: termdd.sys
Image Path: C:\Windows\system32\DRIVERS\termdd.sys
Address: 0x80FAF000 Size: 65536 File Visible: -
Status: -

Name: TSDDD.dll
Image Path: C:\Windows\System32\TSDDD.dll
Address: 0xA5A60000 Size: 36864 File Visible: -
Status: -

Name: tunmp.sys
Image Path: C:\Windows\system32\DRIVERS\tunmp.sys
Address: 0x889D9000 Size: 36864 File Visible: -
Status: -

Name: tunnel.sys
Image Path: C:\Windows\system32\DRIVERS\tunnel.sys
Address: 0x889CE000 Size: 45056 File Visible: -
Status: -

Name: umbus.sys
Image Path: C:\Windows\system32\DRIVERS\umbus.sys
Address: 0x80FE9000 Size: 53248 File Visible: -
Status: -

Name: usbccgp.sys
Image Path: C:\Windows\system32\DRIVERS\usbccgp.sys
Address: 0x9D363000 Size: 94208 File Visible: -
Status: -

Name: USBD.SYS
Image Path: C:\Windows\system32\DRIVERS\USBD.SYS
Address: 0x8CD41000 Size: 8192 File Visible: -
Status: -

Name: usbehci.sys
Image Path: C:\Windows\system32\DRIVERS\usbehci.sys
Address: 0x8CBBD000 Size: 61440 File Visible: -
Status: -

Name: usbhub.sys
Image Path: C:\Windows\system32\DRIVERS\usbhub.sys
Address: 0x807AC000 Size: 212992 File Visible: -
Status: -

Name: USBPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS
Address: 0x8CB7F000 Size: 253952 File Visible: -
Status: -

Name: USBSTOR.SYS
Image Path: C:\Windows\system32\DRIVERS\USBSTOR.SYS
Address: 0xA0BD3000 Size: 73728 File Visible: -
Status: -

Name: usbuhci.sys
Image Path: C:\Windows\system32\DRIVERS\usbuhci.sys
Address: 0x8CB74000 Size: 45056 File Visible: -
Status: -

Name: vga.sys
Image Path: C:\Windows\System32\drivers\vga.sys
Address: 0x80DBA000 Size: 49152 File Visible: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS
Address: 0x80DC6000 Size: 135168 File Visible: -
Status: -

Name: volmgr.sys
Image Path: C:\Windows\system32\drivers\volmgr.sys
Address: 0x8072E000 Size: 61440 File Visible: -
Status: -

Name: volmgrx.sys
Image Path: C:\Windows\System32\drivers\volmgrx.sys
Address: 0x8073D000 Size: 303104 File Visible: -
Status: -

Name: volsnap.sys
Image Path: C:\Windows\system32\drivers\volsnap.sys
Address: 0x8890F000 Size: 233472 File Visible: -
Status: -

Name: wanarp.sys
Image Path: C:\Windows\system32\DRIVERS\wanarp.sys
Address: 0xA0AAD000 Size: 77824 File Visible: -
Status: -

Name: watchdog.sys
Image Path: C:\Windows\System32\drivers\watchdog.sys
Address: 0x8CB67000 Size: 53248 File Visible: -
Status: -

Name: Wdf01000.sys
Image Path: C:\Windows\system32\drivers\Wdf01000.sys
Address: 0x8060B000 Size: 507904 File Visible: -
Status: -

Name: WDFLDR.SYS
Image Path: C:\Windows\system32\drivers\WDFLDR.SYS
Address: 0x80687000 Size: 53248 File Visible: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xA5840000 Size: 2105344 File Visible: -
Status: -

Name: win32k.sys
Image Path: C:\Windows\System32\win32k.sys
Address: 0xA5840000 Size: 2105344 File Visible: -
Status: -

Name: WMILIB.SYS
Image Path: C:\Windows\system32\drivers\WMILIB.SYS
Address: 0x806DA000 Size: 36864 File Visible: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x82E19000 Size: 3903488 File Visible: -
Status: -

Name: WUDFPf.sys
Image Path: C:\Windows\system32\DRIVERS\WUDFPf.sys
Address: 0xB2E20000 Size: 73728 File Visible: -
Status: -

Name: WUDFRd.sys
Image Path: C:\Windows\system32\DRIVERS\WUDFRd.sys
Address: 0xB2E0B000 Size: 83328 File Visible: -
Status: -

I'm doing Panda Online Scan. Will have ComboFix upon instructed.

Like I said, I can wait for any replies as long as there are any slots open

Thank you for your time in reading this.

Regards,
Chris

noahdfear · 2009/02/03

Hi Chris,

Please disconnect the internet connection and run ComboFix. You may need to rename it prior to saving it to the drive. See if you can run MBAM when ComboFix completes.
You have a DNS hijacker aboard, which means your router (if used) has likely been hijacked as well. While disconnected, you need to do a reset of the router by pressing the reset button (using a small pointed object) on the back of the router and holding for approximately 10 seconds. Any wireless configuration such as encryption will need to be redone. You should also run MBAM on any other machines that use the router, while disconnected. Don't reconnect to the router until all machines have been scanned/cleaned and router has been reset. Be very sure to change the default login credentials on the router when done - that's how they get hijacked.

When all done and reconnected, post back with the ComboFix log and the MBAM log.

clubECGR · 2009/02/03

MBAM freezes up while scanning at full scan. Will try again as soon as the second ComboFix is done

EDIT: MBAM not responding after 7 seconds at partial scan. Will un-install it and re-install it at free version.

edit 2: I can't do MBAM as it's not functioning properly. will try at safe mode. AVG is back to normal. Our router is at default with a little editing but it was set back to factory default.

I will do kasperky, instead
-

This post was edited because MBAM freezes up while posting the message below. I apologize for any inconvenience

clubECGR · 2009/02/03

Here's the ComboFix log. Will post MBAM when it's done. I got it updated. I'll re-install AVG with newer updates. Wish for luck

Is it normal for ComboFix to have errors while installing? I receive the "some files can not be found to install. Please reboot" but I waited and it started by itself. The scan was completed.

At first, Opera got corrupted so I had to shut it for forcefully.

ComboFix 09-02-02.04 - Chris 2009-02-04 8:18:06.2 - NTFSx86
Running from: F:\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\program files\Mozilla Firefox\components\iamfamous.dll
c:\windows\system32\acovcnt.exe
c:\windows\system32\drivers\gaopdxcyjnuocp.sys
c:\windows\system32\gaopdxljtvtuml.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gaopdxserv.sys

((((((((((((((((((((((((( Files Created from 2009-01-04 to 2009-02-04 )))))))))))))))))))))))))))))))
.

2009-02-04 08:07 . 2009-02-04 08:07 <DIR> d--hs---- C:\found.000
2009-02-04 07:39 . 2009-02-04 07:58 <DIR> d-------- C:\Shari
2009-02-03 21:39 . 2008-06-19 16:24 28,544 --a------ c:\windows\System32\drivers\pavboot.sys
2009-02-03 21:35 . 2009-02-03 21:35 <DIR> d-------- c:\program files\Panda Security
2009-02-03 21:11 . 2009-02-03 21:11 <DIR> d-------- c:\program files\Trend Micro
2009-02-01 15:27 . 2009-02-04 08:11 <DIR> d-------- c:\program files\Opera 10 Preview
2009-01-30 14:53 . 2009-01-30 15:07 19,170,816 --a------ c:\windows\System32\imageres.dll
2009-01-27 19:44 . 2009-01-27 19:54 <DIR> d-------- C:\My Recordings
2009-01-27 19:43 . 2009-01-27 19:43 <DIR> d-------- c:\program files\FREE Hi-Q Recorder
2009-01-27 19:43 . 2004-08-10 05:00 1,355,776 --a------ c:\windows\System32\msvbvm50.dll
2009-01-27 19:43 . 2001-03-13 09:49 140,288 --a------ c:\windows\System32\comdlg32.ocx
2009-01-25 11:43 . 2009-01-25 11:43 <DIR> d-------- c:\program files\Panasonic
2009-01-25 11:43 . 2006-02-27 11:45 36,864 --a------ c:\windows\System32\SDDEVMGR.dll
2009-01-23 20:51 . 2009-01-23 20:51 <DIR> d-------- c:\program files\Common Files\PCSuite
2009-01-23 20:49 . 2009-01-23 20:49 <DIR> d-------- c:\program files\PC Connectivity Solution
2009-01-23 20:49 . 2008-08-26 09:26 18,816 --a------ c:\windows\System32\drivers\pccsmcfd.sys
2009-01-19 22:29 . 2009-01-19 22:30 <DIR> d-------- c:\program files\Direct MIDI to MP3 Converter
2009-01-19 21:26 . 2009-01-19 21:26 <DIR> d-------- c:\program files\feng
2009-01-17 22:58 . 2009-01-17 22:58 <DIR> d-------- c:\windows\Replay Video Capture
2009-01-17 20:42 . 2008-11-08 14:42 642,048 --a------ c:\windows\System32\calc.exe
2009-01-17 20:39 . 2008-11-04 21:07 1,152,000 --a------ c:\windows\System32\themecpl.dll
2009-01-17 14:36 . 2009-01-17 14:36 <DIR> d-------- c:\users\All Users\Stardock
2009-01-17 14:36 . 2009-01-17 14:36 <DIR> d-------- c:\programdata\Stardock
2009-01-17 14:36 . 2009-01-17 14:36 <DIR> d-------- c:\program files\Stardock
2009-01-17 14:36 . 2007-06-05 11:26 567,040 --a------ c:\windows\System32\wbocx.ocx
2009-01-17 14:36 . 2007-06-05 11:26 56,496 --a------ c:\windows\System32\wbhelp2.dll
2009-01-17 14:24 . 2009-01-17 14:24 <DIR> d-------- c:\users\Chris\AppData\Roaming\TuneUp Software
2009-01-17 14:24 . 2009-01-17 14:24 603,904 --a------ c:\windows\System32\TUProgSt.exe
2009-01-17 14:24 . 2009-01-17 14:24 362,240 --a------ c:\windows\System32\TuneUpDefragService.exe
2009-01-17 14:24 . 2008-11-12 16:44 27,904 --a------ c:\windows\System32\uxtuneup.dll
2009-01-17 14:24 . 2008-11-12 16:44 17,152 --a------ c:\windows\System32\authuitu.dll
2009-01-17 14:23 . 2009-01-17 14:23 <DIR> d-------- c:\users\All Users\TuneUp Software
2009-01-17 14:23 . 2009-01-17 14:23 <DIR> d--hs---- c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-17 14:23 . 2009-01-17 14:23 <DIR> d-------- c:\programdata\TuneUp Software
2009-01-17 14:23 . 2009-01-17 14:23 <DIR> d--hs---- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-17 14:23 . 2009-01-17 14:24 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-01-17 13:34 . 2009-01-25 09:29 201,048,984 --a------ c:\windows\MEMORY.DMP
2009-01-17 10:58 . 2009-01-17 10:58 <DIR> d-------- c:\program files\PowerISO
2009-01-15 12:39 . 2009-01-15 12:39 <DIR> d-------- c:\program files\AskBarDis
2009-01-15 12:36 . 2009-02-03 20:46 <DIR> d-------- c:\users\All Users\avg8
2009-01-15 12:36 . 2009-02-03 20:46 <DIR> d-------- c:\programdata\avg8
2009-01-15 12:36 . 2009-01-15 12:36 <DIR> d-------- c:\program files\AVG
2009-01-15 12:31 . 2009-01-15 12:31 <DIR> d-------- c:\windows\E80F62FF5D3C4A1984099721F2928206.TMP
2009-01-14 21:28 . 2008-12-16 10:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-05 21:51 . 2009-01-05 21:51 <DIR> d-------- C:\inetpub

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-03 05:03 --------- d-----w c:\program files\ATKOSD2
2009-02-02 04:09 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-01 07:23 --------- d-----w c:\program files\Opera
2009-01-27 12:01 --------- d-----w c:\users\Chris\AppData\Roaming\LimeWire
2009-01-25 03:43 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-23 12:51 --------- d-----w c:\program files\Common Files\Nokia
2009-01-23 12:46 --------- d-----w c:\program files\Nokia
2009-01-23 12:35 --------- d-----w c:\programdata\Installations
2009-01-23 07:01 --------- d-----w c:\programdata\PC Suite
2009-01-18 05:21 319,456 ----a-w c:\windows\DIFxAPI.dll
2009-01-18 05:21 --------- d-----w c:\program files\Realtek
2009-01-17 16:14 --------- d-----w c:\program files\Common Files\LightScribe
2009-01-17 04:27 --------- d-----w c:\users\Chris\AppData\Roaming\dvdcss
2009-01-15 05:53 --------- d-----w c:\program files\Bonjour
2009-01-15 05:53 --------- d-----w c:\program files\ATKGFNEX
2009-01-15 05:53 --------- d-----w c:\program files\ATK Hotkey
2009-01-15 05:46 --------- d-----w c:\programdata\P4G
2009-01-15 05:46 --------- d-----w c:\program files\Wireless Console 2
2009-01-15 05:46 --------- d-----w c:\program files\Windows Sidebar
2009-01-15 05:46 --------- d-----w c:\program files\Windows Defender
2009-01-15 05:46 --------- d-----w c:\program files\P4G
2009-01-15 04:34 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-01-15 04:31 --------- d-----w c:\programdata\Symantec
2009-01-15 04:31 --------- d-----w c:\program files\Symantec
2009-01-14 13:33 --------- d-----w c:\program files\Windows Mail
2009-01-14 08:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 08:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-11 11:17 --------- d-----w c:\users\Chris\AppData\Roaming\Vso
2009-01-11 11:17 --------- d-----w c:\programdata\CyberLink
2009-01-08 05:08 --------- d-----w c:\users\Chris\AppData\Roaming\CyberLink
2009-01-01 11:49 --------- d-----w c:\users\Chris\AppData\Roaming\CopyToDvd
2008-12-31 17:21 --------- d-----w c:\program files\VSO
2008-12-27 03:47 --------- d-----w c:\users\Chris\AppData\Roaming\Nokia
2008-12-23 07:53 --------- d-----w c:\program files\WinAce
2008-12-18 13:44 --------- d-----w c:\program files\Google
2008-12-15 09:24 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-15 09:24 --------- d-----w c:\program files\iTunes
2008-12-15 09:23 --------- d-----w c:\programdata\Apple Computer
2008-12-15 09:23 --------- d-----w c:\program files\iPod
2008-12-15 09:23 --------- d-----w c:\program files\Common Files\Apple
2008-12-15 09:22 --------- d-----w c:\program files\QuickTime
2008-12-15 09:21 --------- d-----w c:\program files\QuickTime Alternative
2008-12-12 03:18 87,336 ----a-w c:\windows\System32\dns-sd.exe
2008-12-12 03:11 61,440 ----a-w c:\windows\System32\dnssd.dll
2008-12-09 08:51 --------- d-----w c:\users\Chris\AppData\Roaming\SystemRequirementsLab
2008-12-09 08:51 --------- d-----w c:\program files\SystemRequirementsLab
2008-12-08 11:49 --------- d-----w c:\programdata\FLEXnet
2008-12-08 11:45 --------- d-----w c:\program files\Common Files\Adobe
2008-12-08 11:35 --------- d-----w c:\program files\Common Files\Macrovision Shared
2008-12-04 05:52 --------- d-----w c:\users\Chris\AppData\Roaming\PC Suite
2008-11-25 02:35 84 ---ha-w c:\users\All Users\aspg.dat
2008-11-25 02:35 84 ---ha-w c:\programdata\aspg.dat
2008-10-19 11:05 456,272 ----a-w c:\users\All Users\pswi_preloaded.exe
2008-10-19 11:05 456,272 ----a-w c:\programdata\pswi_preloaded.exe
2008-10-18 07:34 81,920 ----a-w c:\users\Chris\AppData\Roaming\ezpinst.exe
2008-10-18 07:34 47,360 ----a-w c:\users\Chris\AppData\Roaming\pcouffin.sys
2008-01-21 02:57 174 --sha-w c:\program files\desktop.ini
2009-02-02 19:50 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2009-02-02 19:50 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2009-02-02 19:50 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2009-02-02 19:50 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2009-02-02 19:50 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
2007-06-10 07:04 108 --sha-r c:\windows\neoqaz2.dll
2008-10-20 05:54 88 --sha-r c:\windows\System32\7A81B36C98.sys
2008-10-20 05:55 2,828 --sha-w c:\windows\System32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@= "{A8D448F4-0431-45AC-9F5E-E1B434AB2249} "
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 08:08 143360 --a------ c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel "= "c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-12-06 2387968]
"Messenger (Yahoo!) "= "c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-09-20 4347120]
"PC Suite Tray "= "c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"WMPNSCFG "= "c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration "= "c:\progra~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2006-10-27 32560]
"HControlUser "= "c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
"ATKOSD2 "= "c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-24 7766016]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2008-02-22 141848]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2008-02-22 166424]
"Persistence "= "c:\windows\system32\igfxpers.exe" [2008-02-22 133656]
"SynTPEnh "= "c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ASUS Camera ScreenSaver "= "c:\windows\ASScrProlog.exe" [2008-08-25 37232]
"ASUS Screen Saver Protector "= "c:\windows\ASScrPro.exe" [2008-08-25 33136]
"TkBellExe "= "c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-19 185896]
"Malwarebytes' Anti-Malware "= "c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-01-14 399504]
"RtHDVCpl "= "RtHDVCpl.exe" [2007-11-23 c:\windows\RtHDVCpl.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-04-11 752168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA "= 0 (0x0)
"EnableUIADesktopToggle "= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp "= l3codecp.acm
"msacm.avis "= ff_acm.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\i:\0autocheck autochk /r \??\h:\0autocheck autochk /r \??\G:\0autocheck autochk *

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-12 13:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
-r------- 2007-11-17 11:20 91432 c:\program files\CyberLink\Shared Files\brs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
--a------ 2008-07-19 10:52 104936 c:\program files\CyberLink\Power2Go\CLMLSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2006-10-27 15:47 31016 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--------- 2007-10-11 12:06 62760 c:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
--a------ 2008-06-14 09:11 210216 c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2008-07-07 15:34 167936 c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2007-10-28 09:35 72736 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-10-18 16:24 136600 c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-10-19 17:34 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2006-09-08 01:19 15872 c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
--------- 2008-01-05 02:02 222504 c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2604780666-1855635130-1160332280-1000]
"EnableNotificationsRef "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E6D5117B-3B59-4AD3-8131-89637E355324} "= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{9CE88676-B457-421D-BB8B-94858452D8BF} "= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{ADD9768A-B85E-4F2F-9051-F04001D47C94} "= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{0F1526F2-698A-4EC8-AD75-A50D789FAC0E} "= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{7603A25D-882D-4C67-BBE9-E13B47081310} "= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{C223190F-67DF-44B6-843E-B814852C9E30} "= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{5DDFBBA9-2D8F-4FA6-A664-8693C3A7B7B0} "= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{EDF86280-60E8-4FD2-92CE-80673B1ABFF5} "= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3F1C817B-AAEF-42ED-B4C2-3F71D9750568} "= c:\program files\Cyberlink\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"TCP Query User{1D9CF969-4B70-41C0-A067-7BDC0C2DCAE1}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe "= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"UDP Query User{C0B8E7EF-B475-41EB-BA5A-18BCA13B6219}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe "= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"{3DDBCAB7-B44E-4CA5-9319-1567406E6C9B} "= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{E228A32D-5C8C-4C72-8282-B824569F0669} "= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{21AB7F65-718D-4B69-9468-03065D39B3B5} "= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{AEB28633-F226-4753-9CB4-056573A2BE9E} "= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions "= 1 (0x1)

R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [2009-02-03 28544]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};c:\program files\CyberLink\PowerDVD\000.fcl [2007-11-03 00:12:32 41456]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2008-10-23 170640]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-01-17 603904]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [2008-04-07 6656]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [2008-10-23 15504]
S2 gupdate1c96116a681bcde;Google Update Service (gupdate1c96116a681bcde);c:\program files\Google\Update\GoogleUpdate.exe [2008-12-18 133104]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2008-08-25 29736]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a856c20-cd85-11dd-8d1d-0022159e66e6}]
\shell\AutoRun\command - G:\bar311.exe %1
\shell\Explore\command - G:\bar311.exe %1
\shell\Open\command - G:\bar311.exe %1

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f3ea8dfd-9e9d-11dd-87d1-002243a02cfb}]
\shell\AutoRun\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\SYS32.exe
\shell\open\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\SYS32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe "
.
Contents of the 'Scheduled Tasks' folder

2009-02-04 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 16:28]

2009-02-04 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-18 21:43]

2009-02-03 c:\windows\Tasks\Malwarebytes' Scheduled Scan for Chris.job
- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-01-14 16:11]

2009-02-02 c:\windows\Tasks\Malwarebytes' Scheduled Update for Chris.job
- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-01-14 16:11]

2009-02-03 c:\windows\Tasks\User_Feed_Synchronization-{CC929265-66CD-41B1-8FA6-F9C1E6663B87}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 10:34]
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-TweakVI - c:\program files\TweakVI\tweakvi.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\lwk7zeyx.default\
FF - component: c:\program files\Google\Google Gears\Firefox\components\gears_ff2.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.133.33\npGoogleOneClick7.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "ui.allow_platform_file_picker ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.cookie.p3plevel ", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.enablePad ", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.remember_cert_checkbox_default_setting ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.urlbar.hideGoButton ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.search.param.Google.1.default ", "chrome://branding/content/searchconfig.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.search.param.Google.1.custom ", "chrome://branding/content/searchconfig.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "signon.prefillForms ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.enabled ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.remoteLookups ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.updateURL ", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}& ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.lookupURL ", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}& ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.reportURL ", "http://sb.google.com/safebrowsing/report? ");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-04 08:31:16
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\ADSM_PData_0150

scan completed successfully
hidden files: 1

**************************************************************************
.
Completion time: 2009-02-04 8:34:25
ComboFix-quarantined-files.txt 2009-02-04 00:34:21

Pre-Run: 14,046,806,016 bytes free
Post-Run: 13,991,510,016 bytes free

317 --- E O F --- 2009-01-14 13:33:35

clubECGR · 2009/02/04

Here's the Kasperky report says

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, February 5, 2009
Operating System: Microsoft Windows Vista Home Basic Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, February 04, 2009 08:53:58
Records in database: 1743875
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 183425
Threat name: 7
Infected objects: 4
Suspicious objects: 0
Duration of the scan: 04:07:27

File name / Threat name / Threats count
C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\components\iamfamous.dll.vir Infected: Rootkit.Win32.TDSS.eyj 1
C:\Qoobox\Quarantine\C\Windows\System32\drivers\gaopdxcyjnuocp.sys.vir Infected: Rootkit.Win32.TDSS.hoj 1
C:\Qoobox\Quarantine\C\Windows\System32\gaopdxljtvtuml.dll.vir Infected: Trojan.Win32.Agent.bknk 1
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TD98J79G\downloader[1].vbs Infected: Trojan-Downloader.JS.Psyme.amv 1

The selected area was scanned.

I really need the MBAM scan to work but it freezes up. Will do it in safe mode later after I wake up. It's 1:40am will post it here at this post.

I noticed I cant do the "write the names of the infected file and save it as alll files" and move it to ComboFix as it has a missing script. I'm using Vista Home Basic

clubECGR · 2009/02/04

Here's the MBAM done in Safe Mode. Requires restart to finnish. Is it ok to start in normal windows than do it again in safe mode?

Malwarebytes' Anti-Malware 1.33
Database version: 1723
Windows 6.0.6001 Service Pack 1

2/5/2009 1:38:05 PM
mbam-log-2009-02-05 (13-38-05).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 226114
Time elapsed: 31 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.77,85.255.112.159 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{4dfa87be-ed50-4f1c-8e9b-d68143240f9a}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.77,85.255.112.159 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{4dfa87be-ed50-4f1c-8e9b-d68143240f9a}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.77,85.255.112.159 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{b036a6b6-2462-4557-bb48-d0c5fdd15a46}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.77,85.255.112.159 -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Qoobox\Quarantine\C\Windows\System32\gaopdxljtvtuml.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\System32\msconfig.exe (Trojan.Agent) -> Quarantined and deleted successfully.

It seems you were right about the DNS hijacker. I will now do another MBAM in normal windows than in safe mode. Hopefully, it'll not freeze up or have another bluescreen. I will post another ComboFix and MBAM as soon as possible.

--

Here's another ComboFix log done in safe mode. I'm having difficulties running this baby in normal windows.

ComboFix 09-02-02.04 - Chris 2009-02-05 13:54:42.3 - NTFSx86 NETWORK
Running from: c:\users\Chris\Desktop\Shari.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\acovcnt.exe

.
((((((((((((((((((((((((( Files Created from 2009-01-05 to 2009-02-05 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-04 13:22 --------- d-----w c:\program files\Opera
2009-02-04 13:21 --------- d-----w c:\program files\Opera 10 Preview
2009-02-04 13:08 --------- d-----w c:\users\Chris\AppData\Roaming\Vso
2009-02-04 13:08 --------- d-----w c:\users\Chris\AppData\Roaming\CopyToDvd
2009-02-04 01:59 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-04 01:59 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-04 01:59 10,520 ----a-w c:\windows\System32\avgrsstx.dll
2009-02-04 01:58 --------- d-----w c:\programdata\avg8
2009-02-03 13:35 --------- d-----w c:\program files\Panda Security
2009-02-03 13:11 --------- d-----w c:\program files\Trend Micro
2009-02-03 05:03 --------- d-----w c:\program files\ATKOSD2
2009-02-02 04:09 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-01-30 07:07 19,170,816 ----a-w c:\windows\System32\imageres.dll
2009-01-27 11:43 --------- d-----w c:\program files\FREE Hi-Q Recorder
2009-01-25 03:43 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-25 03:43 --------- d-----w c:\program files\Panasonic
2009-01-23 12:51 --------- d-----w c:\program files\Common Files\PCSuite
2009-01-23 12:51 --------- d-----w c:\program files\Common Files\Nokia
2009-01-23 12:49 --------- d-----w c:\program files\PC Connectivity Solution
2009-01-23 12:46 --------- d-----w c:\program files\Nokia
2009-01-23 12:35 --------- d-----w c:\programdata\Installations
2009-01-23 07:01 --------- d-----w c:\programdata\PC Suite
2009-01-19 14:30 --------- d-----w c:\program files\Direct MIDI to MP3 Converter
2009-01-19 13:26 --------- d-----w c:\program files\feng
2009-01-18 05:21 319,456 ----a-w c:\windows\DIFxAPI.dll
2009-01-18 05:21 --------- d-----w c:\program files\Realtek
2009-01-17 16:14 --------- d-----w c:\program files\Common Files\LightScribe
2009-01-17 06:36 --------- d-----w c:\programdata\Stardock
2009-01-17 06:36 --------- d-----w c:\program files\Stardock
2009-01-17 06:24 603,904 ----a-w c:\windows\System32\TUProgSt.exe
2009-01-17 06:24 362,240 ----a-w c:\windows\System32\TuneUpDefragService.exe
2009-01-17 06:24 --------- d-----w c:\users\Chris\AppData\Roaming\TuneUp Software
2009-01-17 06:24 --------- d-----w c:\program files\TuneUp Utilities 2009
2009-01-17 06:23 --------- d-sh--w c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-17 06:23 --------- d-----w c:\programdata\TuneUp Software
2009-01-17 04:27 --------- d-----w c:\users\Chris\AppData\Roaming\dvdcss
2009-01-17 02:58 --------- d-----w c:\program files\PowerISO
2009-01-15 05:53 --------- d-----w c:\program files\Bonjour
2009-01-15 05:53 --------- d-----w c:\program files\ATKGFNEX
2009-01-15 05:53 --------- d-----w c:\program files\ATK Hotkey
2009-01-15 05:46 --------- d-----w c:\programdata\P4G
2009-01-15 05:46 --------- d-----w c:\program files\Wireless Console 2
2009-01-15 05:46 --------- d-----w c:\program files\Windows Sidebar
2009-01-15 05:46 --------- d-----w c:\program files\Windows Defender
2009-01-15 05:46 --------- d-----w c:\program files\P4G
2009-01-15 04:39 --------- d-----w c:\program files\AskBarDis
2009-01-15 04:36 --------- d-----w c:\program files\AVG
2009-01-15 04:34 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-01-15 04:31 --------- d-----w c:\programdata\Symantec
2009-01-15 04:31 --------- d-----w c:\program files\Symantec
2009-01-14 13:33 --------- d-----w c:\program files\Windows Mail
2009-01-14 08:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 08:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-11 11:17 --------- d-----w c:\programdata\CyberLink
2009-01-08 05:08 --------- d-----w c:\users\Chris\AppData\Roaming\CyberLink
2008-12-31 17:21 --------- d-----w c:\program files\VSO
2008-12-27 03:47 --------- d-----w c:\users\Chris\AppData\Roaming\Nokia
2008-12-23 07:53 --------- d-----w c:\program files\WinAce
2008-12-18 13:44 --------- d-----w c:\program files\Google
2008-12-16 02:42 288,768 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-15 09:24 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-15 09:24 --------- d-----w c:\program files\iTunes
2008-12-15 09:23 --------- d-----w c:\programdata\Apple Computer
2008-12-15 09:23 --------- d-----w c:\program files\iPod
2008-12-15 09:23 --------- d-----w c:\program files\Common Files\Apple
2008-12-15 09:22 --------- d-----w c:\program files\QuickTime
2008-12-15 09:21 --------- d-----w c:\program files\QuickTime Alternative
2008-12-12 03:18 87,336 ----a-w c:\windows\System32\dns-sd.exe
2008-12-12 03:11 61,440 ----a-w c:\windows\System32\dnssd.dll
2008-12-09 08:51 --------- d-----w c:\users\Chris\AppData\Roaming\SystemRequirementsLab
2008-12-09 08:51 --------- d-----w c:\program files\SystemRequirementsLab
2008-12-08 11:49 --------- d-----w c:\programdata\FLEXnet
2008-12-08 11:45 --------- d-----w c:\program files\Common Files\Adobe
2008-12-08 11:35 --------- d-----w c:\program files\Common Files\Macrovision Shared
2008-11-25 02:35 84 ---ha-w c:\users\All Users\aspg.dat
2008-11-25 02:35 84 ---ha-w c:\programdata\aspg.dat
2008-11-12 08:44 27,904 ----a-w c:\windows\System32\uxtuneup.dll
2008-11-12 08:44 17,152 ----a-w c:\windows\System32\authuitu.dll
2008-11-08 06:42 642,048 ----a-w c:\windows\System32\calc.exe
2008-10-19 11:05 456,272 ----a-w c:\users\All Users\pswi_preloaded.exe
2008-10-19 11:05 456,272 ----a-w c:\programdata\pswi_preloaded.exe
2008-10-18 07:34 81,920 ----a-w c:\users\Chris\AppData\Roaming\ezpinst.exe
2008-10-18 07:34 47,360 ----a-w c:\users\Chris\AppData\Roaming\pcouffin.sys
2008-01-21 02:57 174 --sha-w c:\program files\desktop.ini
2009-02-02 19:50 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2009-02-02 19:50 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2009-02-02 19:50 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2009-02-02 19:50 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2009-02-02 19:50 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
2007-06-10 07:04 108 --sha-r c:\windows\neoqaz2.dll
2008-10-20 05:54 88 --sha-r c:\windows\System32\7A81B36C98.sys
2008-10-20 05:55 2,828 --sha-w c:\windows\System32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2009-02-04_ 8.32.31.80 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-02-04 00:11:03 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-05 05:51:08 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2009-02-04 00:31:03 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-05 05:51:08 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2009-02-04 00:09:10 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-05 03:34:19 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-04 00:09:10 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-05 03:34:19 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-04 00:09:10 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-05 03:34:19 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-04 01:59:03 27,656 ----a-w c:\windows\System32\drivers\avgmfx86.sys
+ 2009-02-04 00:44:49 2,456 ----a-w c:\windows\System32\networklist\icons\{67334E0A-6D55-4CE2-8C77-39088E1F4C45}_24.bin
+ 2009-02-04 00:44:49 4,280 ----a-w c:\windows\System32\networklist\icons\{67334E0A-6D55-4CE2-8C77-39088E1F4C45}_32.bin
+ 2009-02-04 00:44:49 9,560 ----a-w c:\windows\System32\networklist\icons\{67334E0A-6D55-4CE2-8C77-39088E1F4C45}_48.bin
+ 2009-02-04 00:39:43 2,456 ----a-w c:\windows\System32\networklist\icons\{7F42B2F5-862E-4432-AAC3-8C54D7890FD7}_24.bin
+ 2009-02-04 00:39:43 4,280 ----a-w c:\windows\System32\networklist\icons\{7F42B2F5-862E-4432-AAC3-8C54D7890FD7}_32.bin
+ 2009-02-04 00:39:43 9,560 ----a-w c:\windows\System32\networklist\icons\{7F42B2F5-862E-4432-AAC3-8C54D7890FD7}_48.bin
- 2009-02-04 00:14:46 121,572 ----a-w c:\windows\System32\perfc009.dat
+ 2009-02-04 06:19:54 121,572 ----a-w c:\windows\System32\perfc009.dat
- 2009-02-04 00:14:46 648,278 ----a-w c:\windows\System32\perfh009.dat
+ 2009-02-04 06:19:54 648,278 ----a-w c:\windows\System32\perfh009.dat
- 2009-02-04 00:11:32 12,272 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2604780666-1855635130-1160332280-1000_UserData.bin
+ 2009-02-05 05:41:38 12,312 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2604780666-1855635130-1160332280-1000_UserData.bin
- 2009-02-04 00:11:32 99,174 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-05 05:41:37 99,634 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-03 23:49:17 54,506 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-02-05 05:41:32 55,036 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@= "{A8D448F4-0431-45AC-9F5E-E1B434AB2249} "
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 08:08 143360 --a------ c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel "= "c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-12-06 2387968]
"Messenger (Yahoo!) "= "c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-09-20 4347120]
"PC Suite Tray "= "c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"WMPNSCFG "= "c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration "= "c:\progra~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2006-10-27 32560]
"HControlUser "= "c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
"ATKOSD2 "= "c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-24 7766016]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2008-02-22 141848]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2008-02-22 166424]
"Persistence "= "c:\windows\system32\igfxpers.exe" [2008-02-22 133656]
"SynTPEnh "= "c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ASUS Camera ScreenSaver "= "c:\windows\ASScrProlog.exe" [2008-08-25 37232]
"ASUS Screen Saver Protector "= "c:\windows\ASScrPro.exe" [2008-08-25 33136]
"TkBellExe "= "c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-19 185896]
"Malwarebytes' Anti-Malware "= "c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-01-14 399504]
"AVG8_TRAY "= "c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-04 1601304]
"RtHDVCpl "= "RtHDVCpl.exe" [2007-11-23 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv "= "grpconv -o" [X]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-04-11 752168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA "= 0 (0x0)
"EnableUIADesktopToggle "= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs "=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp "= l3codecp.acm
"msacm.avis "= ff_acm.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\i:\0autocheck autochk /r \??\h:\0autocheck autochk /r \??\G:\0autocheck autochk *

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-12 13:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
-r------- 2007-11-17 11:20 91432 c:\program files\CyberLink\Shared Files\brs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
--a------ 2008-07-19 10:52 104936 c:\program files\CyberLink\Power2Go\CLMLSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2006-10-27 15:47 31016 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--------- 2007-10-11 12:06 62760 c:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
--a------ 2008-06-14 09:11 210216 c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2008-07-07 15:34 167936 c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2007-10-28 09:35 72736 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-10-18 16:24 136600 c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-10-19 17:34 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2006-09-08 01:19 15872 c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
--------- 2008-01-05 02:02 222504 c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2604780666-1855635130-1160332280-1000]
"EnableNotificationsRef "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E6D5117B-3B59-4AD3-8131-89637E355324} "= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{9CE88676-B457-421D-BB8B-94858452D8BF} "= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{ADD9768A-B85E-4F2F-9051-F04001D47C94} "= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{0F1526F2-698A-4EC8-AD75-A50D789FAC0E} "= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{7603A25D-882D-4C67-BBE9-E13B47081310} "= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{C223190F-67DF-44B6-843E-B814852C9E30} "= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{5DDFBBA9-2D8F-4FA6-A664-8693C3A7B7B0} "= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{EDF86280-60E8-4FD2-92CE-80673B1ABFF5} "= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3F1C817B-AAEF-42ED-B4C2-3F71D9750568} "= c:\program files\Cyberlink\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"TCP Query User{1D9CF969-4B70-41C0-A067-7BDC0C2DCAE1}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe "= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"UDP Query User{C0B8E7EF-B475-41EB-BA5A-18BCA13B6219}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe "= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"{3DDBCAB7-B44E-4CA5-9319-1567406E6C9B} "= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{E228A32D-5C8C-4C72-8282-B824569F0669} "= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{21AB7F65-718D-4B69-9468-03065D39B3B5} "= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{AEB28633-F226-4753-9CB4-056573A2BE9E} "= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{DA354452-5B8C-4700-8C0A-1470459F18AA} "= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{F5BCCFD2-9972-4A8F-AA07-A24DA725DB92} "= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"TCP Query User{4C0E4E2E-C1BC-4777-96B6-7612D3B95D22}c:\\program files\\mozilla firefox\\firefox.exe "= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{691488C3-E5A0-458C-97B7-D0FA59125057}c:\\program files\\mozilla firefox\\firefox.exe "= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{81AB6F39-85E8-4737-8D0A-95DB9D999745}c:\\program files\\mozilla firefox\\firefox.exe "= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{FB21594E-55DC-4C7B-A18A-7258EC7E0F73}c:\\program files\\mozilla firefox\\firefox.exe "= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions "= 0 (0x0)

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2009-02-04 107272]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [2008-04-07 6656]
S0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [2009-02-03 28544]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2009-02-04 325128]
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};c:\program files\CyberLink\PowerDVD\000.fcl [2007-11-03 00:12:32 41456]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-04 298264]
S2 gupdate1c96116a681bcde;Google Update Service (gupdate1c96116a681bcde);c:\program files\Google\Update\GoogleUpdate.exe [2008-12-18 133104]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2008-10-23 170640]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-01-17 603904]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2008-08-25 29736]
S3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [2008-10-23 15504]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ECACHE

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a856c20-cd85-11dd-8d1d-0022159e66e6}]
\shell\AutoRun\command - G:\bar311.exe %1
\shell\Explore\command - G:\bar311.exe %1
\shell\Open\command - G:\bar311.exe %1

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f3ea8dfd-9e9d-11dd-87d1-002243a02cfb}]
\shell\AutoRun\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\SYS32.exe
\shell\open\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\SYS32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe "
.
Contents of the 'Scheduled Tasks' folder

2009-02-05 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 16:28]

2009-02-05 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-18 21:43]

2009-02-02 c:\windows\Tasks\Malwarebytes' Scheduled Update for Chris.job
- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-01-14 16:11]

2009-02-04 c:\windows\Tasks\User_Feed_Synchronization-{CC929265-66CD-41B1-8FA6-F9C1E6663B87}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 10:34]
.
- - - - ORPHANS REMOVED - - - -

HKLM-RunOnce-<NO NAME> - (no file)

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\lwk7zeyx.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "ui.allow_platform_file_picker ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.cookie.p3plevel ", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.enablePad ", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.remember_cert_checkbox_default_setting ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.urlbar.hideGoButton ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.search.param.Google.1.default ", "chrome://branding/content/searchconfig.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.search.param.Google.1.custom ", "chrome://branding/content/searchconfig.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "signon.prefillForms ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.enabled ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.remoteLookups ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.updateURL ", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}& ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.lookupURL ", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}& ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.reportURL ", "http://sb.google.com/safebrowsing/report? ");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-05 13:57:54
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\ADSM_PData_0150

scan completed successfully
hidden files: 1

**************************************************************************
.
Completion time: 2009-02-05 14:00:32
ComboFix-quarantined-files.txt 2009-02-05 06:00:24
ComboFix2.txt 2009-02-04 00:34:26

Pre-Run: The system cannot find message text for message number 0x2379 in the message file for Application.
Post-Run: 4,975,693,824 bytes free

338 --- E O F --- 2009-01-14 13:33:35

It seems that av-what's its name is poppong up. I will try another MBAM in safe mode to prevent failures in normal windows

--

no malware in MBAM done in safe mode

clubECGR · 2009/02/05

I'll try to ComboFix and MBAM again since I system restore due to unexpected errors of the laptop. Or the system restore didnt affect the deleted malwares?

clubECGR · 2009/02/05

It seems nothing is being detected but I'm having difficulties running this in normal windows. It was done in safe mode.

ComboFix 09-02-04.04 - Chris 2009-02-05 23:18:12.3 - NTFSx86 MINIMAL
Running from: c:\users\Chris\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2009-01-05 to 2009-02-05 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-05 14:26 --------- d-----w c:\users\Chris\AppData\Roaming\Vso
2009-02-05 14:26 --------- d-----w c:\users\Chris\AppData\Roaming\CopyToDvd
2009-02-05 12:26 --------- d-----w c:\programdata\P4G
2009-02-05 12:26 --------- d-----w c:\programdata\FLEXnet
2009-02-04 13:22 --------- d-----w c:\program files\Opera
2009-02-04 13:21 --------- d-----w c:\program files\Opera 10 Preview
2009-02-04 01:59 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-04 01:59 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-04 01:59 10,520 ----a-w c:\windows\System32\avgrsstx.dll
2009-02-04 01:58 --------- d-----w c:\programdata\avg8
2009-02-03 13:35 --------- d-----w c:\program files\Panda Security
2009-02-03 13:11 --------- d-----w c:\program files\Trend Micro
2009-02-03 05:03 --------- d-----w c:\program files\ATKOSD2
2009-02-02 04:09 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-01-30 07:07 19,170,816 ----a-w c:\windows\System32\imageres.dll
2009-01-27 11:43 --------- d-----w c:\program files\FREE Hi-Q Recorder
2009-01-25 03:43 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-25 03:43 --------- d-----w c:\program files\Panasonic
2009-01-23 12:51 --------- d-----w c:\program files\Common Files\PCSuite
2009-01-23 12:51 --------- d-----w c:\program files\Common Files\Nokia
2009-01-23 12:49 --------- d-----w c:\program files\PC Connectivity Solution
2009-01-23 12:46 --------- d-----w c:\program files\Nokia
2009-01-23 12:35 --------- d-----w c:\programdata\Installations
2009-01-23 07:01 --------- d-----w c:\programdata\PC Suite
2009-01-19 14:30 --------- d-----w c:\program files\Direct MIDI to MP3 Converter
2009-01-19 13:26 --------- d-----w c:\program files\feng
2009-01-18 05:21 319,456 ----a-w c:\windows\DIFxAPI.dll
2009-01-18 05:21 --------- d-----w c:\program files\Realtek
2009-01-17 16:14 --------- d-----w c:\program files\Common Files\LightScribe
2009-01-17 06:36 --------- d-----w c:\programdata\Stardock
2009-01-17 06:36 --------- d-----w c:\program files\Stardock
2009-01-17 06:24 603,904 ----a-w c:\windows\System32\TUProgSt.exe
2009-01-17 06:24 362,240 ----a-w c:\windows\System32\TuneUpDefragService.exe
2009-01-17 06:24 --------- d-----w c:\users\Chris\AppData\Roaming\TuneUp Software
2009-01-17 06:24 --------- d-----w c:\program files\TuneUp Utilities 2009
2009-01-17 06:23 --------- d-sh--w c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-17 06:23 --------- d-----w c:\programdata\TuneUp Software
2009-01-17 04:27 --------- d-----w c:\users\Chris\AppData\Roaming\dvdcss
2009-01-17 02:58 --------- d-----w c:\program files\PowerISO
2009-01-15 05:53 --------- d-----w c:\program files\Bonjour
2009-01-15 05:53 --------- d-----w c:\program files\ATKGFNEX
2009-01-15 05:53 --------- d-----w c:\program files\ATK Hotkey
2009-01-15 05:46 --------- d-----w c:\program files\Wireless Console 2
2009-01-15 05:46 --------- d-----w c:\program files\Windows Sidebar
2009-01-15 05:46 --------- d-----w c:\program files\Windows Defender
2009-01-15 05:46 --------- d-----w c:\program files\P4G
2009-01-15 04:39 --------- d-----w c:\program files\AskBarDis
2009-01-15 04:36 --------- d-----w c:\program files\AVG
2009-01-15 04:34 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-01-15 04:31 --------- d-----w c:\programdata\Symantec
2009-01-15 04:31 --------- d-----w c:\program files\Symantec
2009-01-14 13:33 --------- d-----w c:\program files\Windows Mail
2009-01-14 08:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 08:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-11 11:17 --------- d-----w c:\programdata\CyberLink
2009-01-08 05:08 --------- d-----w c:\users\Chris\AppData\Roaming\CyberLink
2008-12-31 17:21 --------- d-----w c:\program files\VSO
2008-12-27 03:47 --------- d-----w c:\users\Chris\AppData\Roaming\Nokia
2008-12-23 07:53 --------- d-----w c:\program files\WinAce
2008-12-18 13:44 --------- d-----w c:\program files\Google
2008-12-16 02:42 288,768 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-15 09:24 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-15 09:24 --------- d-----w c:\program files\iTunes
2008-12-15 09:23 --------- d-----w c:\programdata\Apple Computer
2008-12-15 09:23 --------- d-----w c:\program files\iPod
2008-12-15 09:23 --------- d-----w c:\program files\Common Files\Apple
2008-12-15 09:22 --------- d-----w c:\program files\QuickTime
2008-12-15 09:21 --------- d-----w c:\program files\QuickTime Alternative
2008-12-12 03:18 87,336 ----a-w c:\windows\System32\dns-sd.exe
2008-12-12 03:11 61,440 ----a-w c:\windows\System32\dnssd.dll
2008-12-09 08:51 --------- d-----w c:\users\Chris\AppData\Roaming\SystemRequirementsLab
2008-12-09 08:51 --------- d-----w c:\program files\SystemRequirementsLab
2008-12-08 11:45 --------- d-----w c:\program files\Common Files\Adobe
2008-12-08 11:35 --------- d-----w c:\program files\Common Files\Macrovision Shared
2008-11-25 02:35 84 ---ha-w c:\users\All Users\aspg.dat
2008-11-25 02:35 84 ---ha-w c:\programdata\aspg.dat
2008-11-12 08:44 27,904 ----a-w c:\windows\System32\uxtuneup.dll
2008-11-12 08:44 17,152 ----a-w c:\windows\System32\authuitu.dll
2008-11-08 06:42 642,048 ----a-w c:\windows\System32\calc.exe
2008-10-19 11:05 456,272 ----a-w c:\users\All Users\pswi_preloaded.exe
2008-10-19 11:05 456,272 ----a-w c:\programdata\pswi_preloaded.exe
2008-10-18 07:34 81,920 ----a-w c:\users\Chris\AppData\Roaming\ezpinst.exe
2008-10-18 07:34 47,360 ----a-w c:\users\Chris\AppData\Roaming\pcouffin.sys
2008-01-21 02:57 174 --sha-w c:\program files\desktop.ini
2009-02-02 19:50 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2009-02-02 19:50 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2009-02-02 19:50 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2009-02-02 19:50 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2009-02-02 19:50 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
2007-06-10 07:04 108 --sha-r c:\windows\neoqaz2.dll
2008-10-20 05:54 88 --sha-r c:\windows\System32\7A81B36C98.sys
2008-10-20 05:55 2,828 --sha-w c:\windows\System32\KGyGaAvL.sys

clubECGR · 2009/02/05

((((((((((((((((((((((((((((( snapshot@2009-02-04_ 8.32.31.80 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-21 02:34:17 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-07-27 18:03:11 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-01-21 02:33:18 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-07-27 18:03:12 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-01-21 02:35:15 151,552 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-06-20 01:14:31 163,840 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2008-01-21 02:34:33 4,444,160 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-10-13 22:26:54 4,546,560 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2008-01-21 02:35:15 4,174,336 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-11-24 23:34:46 4,210,688 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-11-24 23:34:49 1,736,528 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
- 2008-01-21 02:34:42 483,840 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-10-13 22:26:57 486,400 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2008-01-21 02:34:30 3,036,160 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-07-27 18:03:15 2,933,248 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2008-01-21 02:34:25 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-01-21 02:34:25 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-07-27 18:22:54 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-01-21 02:35:14 346,624 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-06-20 01:14:43 368,640 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2008-01-21 02:34:01 261,120 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-07-27 18:03:15 261,632 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2008-01-21 02:33:19 5,431,296 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-10-13 22:26:58 5,242,880 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-01-21 02:34:17 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-01-21 02:34:18 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-07-27 18:03:11 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-01-21 02:35:16 159,744 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
+ 2008-06-20 01:14:31 168,968 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
- 2008-01-21 02:34:24 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-07-27 18:03:11 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-01-21 02:34:13 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
+ 2008-07-27 18:03:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
- 2008-01-21 02:34:34 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-07-27 18:03:12 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-01-21 02:33:14 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-01-21 02:34:15 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-07-27 18:03:12 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-02-05 13:06:43 106,496 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-01-21 02:33:17 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-07-27 18:03:12 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-02-05 13:06:44 733,184 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-01-21 02:34:08 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-07-27 18:03:12 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-02-05 13:06:44 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-02-05 13:06:45 802,816 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
- 2008-01-21 02:34:16 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-07-27 18:03:12 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-02-05 13:06:46 94,208 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
- 2008-01-21 02:34:22 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-01-21 02:34:08 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-07-27 18:03:12 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-01-21 02:35:16 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-06-20 01:14:31 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2008-01-21 02:33:22 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-27 18:03:12 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-01-21 02:34:18 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 18:03:12 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-01-21 02:33:47 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 18:03:12 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-01-21 02:33:12 671,744 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-07-27 18:03:12 659,456 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-02-05 13:06:43 41,984 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2006-10-20 01:14:05 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-07-27 18:03:12 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-01-21 02:34:47 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 18:03:12 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-01-21 02:33:42 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-07-27 18:03:12 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2006-10-20 01:14:05 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-07-27 18:03:12 7,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-01-21 02:35:13 602,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-06-20 01:14:42 598,016 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2008-01-21 02:35:12 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-06-20 01:14:44 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2008-01-21 02:35:15 36,864 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2008-06-20 01:14:44 46,104 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
- 2008-01-21 02:35:14 184,320 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-06-20 01:14:43 196,608 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2008-01-21 02:35:16 131,072 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-06-20 01:14:43 139,264 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2008-01-21 02:35:14 376,832 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-06-20 01:14:43 397,312 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2008-01-21 02:35:15 151,552 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-06-20 01:14:43 163,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2008-01-21 02:35:16 5,210,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-11-24 23:34:47 5,283,840 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2008-01-21 02:35:13 897,024 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-06-20 01:14:44 864,256 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2008-01-21 02:35:09 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-06-20 01:14:43 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-02-05 13:06:46 5,632 ----a-w c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2008-01-21 02:35:16 61,440 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
+ 2008-06-20 01:14:31 156,688 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
- 2008-01-21 02:35:15 102,400 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-06-20 01:14:31 110,592 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2008-01-21 02:35:13 122,880 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
+ 2008-06-20 01:14:31 132,096 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
- 2008-01-21 02:34:15 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-07-27 18:03:14 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-10-18 08:42:58 47,832 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-02-05 13:06:47 45,056 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-02-05 13:06:48 163,840 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-02-05 13:06:58 57,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2008-01-21 02:34:05 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-07-27 18:03:14 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-01-21 02:33:41 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-07-27 18:03:14 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-02-05 13:06:50 667,648 ----a-w c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-02-05 13:06:50 53,248 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-02-05 13:06:51 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-02-05 13:06:52 2,879,488 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-02-05 13:06:42 684,032 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-02-05 13:08:22 294,912 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-02-05 13:06:41 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-02-05 13:08:23 442,368 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2008-01-21 02:34:22 741,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-07-27 18:03:15 745,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2008-01-21 02:33:40 933,888 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-07-27 18:03:15 970,752 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2008-01-21 02:33:12 5,070,848 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-07-27 18:03:15 5,062,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-02-05 13:06:41 286,720 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2008-01-21 02:33:51 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-07-27 18:03:15 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-01-21 02:33:40 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-07-27 18:03:15 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-01-21 02:34:26 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-07-27 18:03:15 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-01-21 02:34:46 630,784 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-07-27 18:03:15 626,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-01-21 02:35:14 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:14:29 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2008-01-21 02:35:13 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2008-06-20 01:14:29 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2008-01-21 02:35:12 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2008-06-20 01:14:29 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-02-05 13:06:54 143,360 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2008-01-21 02:33:15 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-07-27 18:03:15 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-01-21 02:33:26 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-02-05 13:06:58 233,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2008-01-21 02:33:45 299,008 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-07-27 18:03:15 303,104 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2008-01-21 02:33:26 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-27 18:03:15 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-01-21 02:35:16 929,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2008-06-20 01:14:29 966,656 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2008-01-21 02:34:36 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2008-01-21 02:35:13 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2008-06-20 01:14:32 73,728 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2008-04-20 02:24:01 442,368 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_es_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2008-07-11 00:48:47 466,944 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_es_b77a5c561934e089\System.ServiceModel.Resources.dll
- 2008-04-20 02:28:11 380,928 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_zh-CHS_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2008-06-20 01:08:36 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_zh-CHS_b77a5c561934e089\System.ServiceModel.Resources.dll
- 2008-04-20 02:34:13 380,928 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_zh-CHT_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2008-06-30 22:53:17 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_zh-CHT_b77a5c561934e089\System.ServiceModel.Resources.dll
- 2008-01-21 02:35:16 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2008-06-20 01:14:33 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-02-05 13:06:40 569,344 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2008-01-21 02:35:14 5,971,968 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2008-11-24 23:34:36 5,931,008 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2008-01-21 02:34:06 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-07-27 18:03:15 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-02-05 13:07:00 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-02-05 13:07:00 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-02-05 13:08:23 229,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-02-05 13:06:54 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-02-05 13:08:23 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-02-05 13:07:03 335,872 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-02-05 13:08:24 1,277,952 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2008-01-21 02:34:37 884,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-07-27 18:03:15 835,584 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2008-01-21 02:33:23 90,112 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-07-27 18:03:15 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-02-05 13:07:04 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2008-01-21 02:34:26 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-07-27 18:03:15 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-01-21 02:33:44 5,013,504 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-07-27 18:03:15 5,025,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-02-05 13:06:56 12,288 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2008-01-21 02:35:13 1,152,040 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2008-06-20 01:14:46 1,138,688 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
- 2008-01-21 02:35:16 1,635,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:14:47 1,630,208 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2008-01-21 02:35:15 578,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2008-06-20 01:14:47 540,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-02-05 13:06:40 507,904 ----a-w c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-02-05 13:06:56 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2008-01-21 02:33:46 2,068,480 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-10-13 22:26:58 2,048,000 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2008-01-21 02:33:54 3,076,096 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-07-27 18:03:15 3,149,824 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2008-01-21 02:35:14 163,840 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2008-06-20 01:14:43 167,936 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2008-01-21 02:35:14 372,736 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:14:43 385,024 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2008-01-21 02:35:14 32,768 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2008-06-20 01:14:43 40,960 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2008-01-21 02:35:12 86,016 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2008-06-20 01:14:43 98,304 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2008-01-21 02:35:13 1,204,224 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2008-06-20 01:14:44 1,245,184 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2008-01-21 02:35:16 81,920 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2008-06-20 01:14:44 94,208 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2008-01-21 02:35:15 143,360 ----a-w c:\windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe
+ 2008-06-20 01:14:33 152,576 ----a-w c:\windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe
+ 2009-02-05 13:23:11 25,600 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e66c5af83e8fb89b4dc5547ef663f4c8\Accessibility.ni.dll
+ 2009-02-05 13:14:24 237,568 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\792b58f140d0f243811a3ed01c55608d\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-02-05 13:14:18 1,839,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\f6deefd97250d22ed563db710d82c4da\Microsoft.Build.Engine.ni.dll
+ 2009-02-05 13:14:14 94,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\a398906172fdf40d370291b01b45104e\Microsoft.Build.Framework.ni.dll
+ 2009-02-05 13:14:31 1,961,984 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\084ea5df8ab6197700c9aab1f60bfb6f\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-02-05 13:14:32 184,320 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\e71af055305b5a3c88452b474ec43711\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-02-05 13:23:14 15,872 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\73c0364cb7c03a06285567d8905e72a0\Microsoft.VisualC.ni.dll
+ 2009-02-05 13:14:36 401,408 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Web.Admin#\a7399687e3660e1d278e55623ac35b2a\Microsoft.Web.Administration.ni.dll
+ 2009-02-05 13:14:13 155,648 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\9caf9fa4e6eee2d6839ad7e6d4c67515\MSBuild.ni.exe
+ 2009-02-05 13:21:05 11,486,720 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c068708e16abf0be77a21b9f29817d83\mscorlib.ni.dll
+ 2009-02-05 13:23:16 39,424 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\96166332e0d92f8b7fcd3a12fba9e758\PresentationCFFRasterizer.ni.dll
+ 2009-02-05 13:22:22 12,216,320 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\8a84d9c1f313d52f24bf191df15eead2\PresentationCore.ni.dll
+ 2009-02-05 13:22:25 47,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\7dba5af5f1c6d3d23d3f3b2b4d7ebc14\PresentationFontCache.ni.exe
+ 2009-02-05 13:24:14 368,128 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\024d3dc8d8df47a0420a382959c64fdf\PresentationFramework.Aero.ni.dll
+ 2009-02-05 13:24:17 258,048 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0d856d6e0abe60939bcaf53f704eb20a\PresentationFramework.Royale.ni.dll
+ 2009-02-05 13:24:07 14,327,808 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4f15f4468f90ae42f43a74b94b064fae\PresentationFramework.ni.dll
+ 2009-02-05 13:24:16 539,648 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5bd736acc51b6b3404eb48966f04e02b\PresentationFramework.Luna.ni.dll
+ 2009-02-05 13:24:15 224,768 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d299c79f96ad1aaaffcefcc300507c39\PresentationFramework.Classic.ni.dll
+ 2009-02-05 13:14:50 106,496 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\b1d13fea1903f6d2eb80024fb292a986\System.AddIn.Contract.ni.dll
+ 2009-02-05 13:14:49 704,512 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\697ddd421b3c86977ead599c563d97f6\System.AddIn.ni.dll
+ 2009-02-05 13:14:51 114,688 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\7f7b557c3a166679258b400f316fc2f5\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-02-05 13:22:45 141,312 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\d3915d0144a91ab76bfaad80d5d7308c\System.Configuration.Install.ni.dll
+ 2009-02-05 13:22:27 971,264 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\982c005f97eacba888acdda322c49362\System.Configuration.ni.dll
+ 2009-02-05 13:08:30 2,461,696 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\5600b8d6eb67044dea243b56e3a1006b\System.Core.ni.dll
+ 2009-02-05 13:24:25 2,295,296 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\7749403068ce1f517692d61ae5af97cb\System.Core.ni.dll
+ 2009-02-05 13:14:52 184,320 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\04a5a11385f41f95034e64e0e51a79bc\System.Data.DataSetExtensions.ni.dll
+ 2009-02-05 13:15:28 897,024 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\ec946b56e73661d782516195b99f3fee\System.Data.Entity.Design.ni.dll
+ 2009-02-05 13:15:25 10,629,120 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\b05c98a36e450e0af836c92c74779c41\System.Data.Entity.ni.dll
+ 2009-02-05 13:24:48 2,516,480 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\62b42c4b95f35a32d08e0623c7e69f35\System.Data.Linq.ni.dll
+ 2009-02-05 13:08:53 2,658,304 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\a611674830d138f5108583623f412ab4\System.Data.Linq.ni.dll
+ 2009-02-05 13:15:37 1,003,520 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\6ec76a8acac0368866d944c25eeedf8b\System.Data.Services.Client.ni.dll
+ 2009-02-05 13:15:39 430,080 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\983096b60d4afa6b83f6ca371b8103e5\System.Data.Services.Design.ni.dll
+ 2009-02-05 13:15:34 1,433,600 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b405473c29e7e14ef3716f728cc4e1e6\System.Data.Services.ni.dll
+ 2009-02-05 13:22:43 2,510,336 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ec4643166993b2585f414046eb959037\System.Data.SqlXml.ni.dll
+ 2009-02-05 13:24:40 6,616,576 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\45d73bf5a07b8fd8a12fcf7d68e9b318\System.Data.ni.dll
+ 2009-02-05 13:23:13 1,801,216 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\341bad47d4e45c4b1a994ab574d18ccf\System.Deployment.ni.dll
+ 2009-02-05 13:25:05 10,683,392 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\1337348a119098c3225c4ab1843a4437\System.Design.ni.dll
+ 2009-02-05 13:15:43 962,560 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8485fc5c5ba085c1c65da2b3e4da0c3e\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-02-05 13:25:07 208,384 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\820cc14372f8725f0bae2dff459ec0d2\System.Drawing.Design.ni.dll
+ 2009-02-05 13:22:51 1,587,200 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\19d027c3381110e60c003f2c8bd307ee\System.Drawing.ni.dll
+ 2009-02-05 13:15:46 360,448 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\59178e08d0c0b67c3f42b3b4de21360a\System.Management.Instrumentation.ni.dll
+ 2009-02-05 13:15:48 729,088 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\d0ab3e1acfd2dce9e3865c4b008e450e\System.Net.ni.dll
+ 2009-02-05 13:22:46 311,296 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b404ce9f79efc15f7cb09da0881adeb9\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-02-05 13:22:45 676,352 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\91895552b86d90ec9e0bdda831f69521\System.Security.ni.dll
+ 2009-02-05 13:22:25 212,992 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ba71341e41687591124f9a5680cb0981\System.ServiceProcess.ni.dll
+ 2009-02-05 13:23:10 12,430,848 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6d75eb3ca10a514754f5e87cc2134f07\System.Windows.Forms.ni.dll
+ 2009-02-05 13:25:14 2,992,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\94d861111d5b68f7933155d15969e667\System.Workflow.Activities.ni.dll
+ 2009-02-05 13:25:23 4,514,304 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\d1567636059403190e60c4e7636a8e00\System.Workflow.ComponentModel.ni.dll
+ 2009-02-05 13:25:29 1,908,224 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\0a5e00b130eae939dbd0bfb215adc548\System.Workflow.Runtime.ni.dll
+ 2009-02-05 13:22:38 5,450,752 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\38b9d09539b67b08ee996db6c71f8a9b\System.Xml.ni.dll
+ 2009-02-05 13:21:27 7,868,416 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System\57ac9ba5419d6bf4b79f2979b0755428\System.ni.dll
+ 2009-02-05 13:23:15 60,928 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\0c6011681b9ff9fce5a7024cc945220f\UIAutomationProvider.ni.dll
+ 2009-02-05 13:23:16 187,904 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3caf0510d20c5799d772066ce085b2dc\UIAutomationTypes.ni.dll
+ 2009-02-05 13:21:38 3,313,664 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\880639d34ff339510176a4c8b4251954\WindowsBase.ni.dll
- 2008-01-21 02:34:25 82,944 ----a-w c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-27 18:03:10 82,944 ----a-w c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
- 2008-01-21 02:34:42 14,352 ----a-w c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2008-07-27 18:03:10 14,352 ----a-w c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
- 2008-01-21 02:33:44 14,336 ----a-w c:\windows\Microsoft.NET\Framework\sbs_iehost.dll
+ 2008-07-27 18:03:10 14,336 ----a-w c:\windows\Microsoft.NET\Framework\sbs_iehost.dll
- 2008-01-21 02:34:17 14,360 ----a-w c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2008-07-27 18:03:10 14,360 ----a-w c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
- 2008-01-21 02:34:18 14,904 ----a-w c:\windows\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll
+ 2008-07-27 18:03:10 14,904 ----a-w c:\windows\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll
- 2008-01-21 02:33:41 14,344 ----a-w c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2008-07-27 18:03:10 14,344 ----a-w c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
- 2008-01-21 02:34:02 14,344 ----a-w c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2008-07-27 18:03:10 14,344 ----a-w c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
- 2008-01-21 02:34:42 14,344 ----a-w c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2008-07-27 18:03:10 14,344 ----a-w c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
- 2008-01-21 02:33:41 14,384 ----a-w c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2008-07-27 18:03:10 14,384 ----a-w c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
- 2008-01-21 02:34:45 14,352 ----a-w c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2008-07-27 18:03:10 14,352 ----a-w c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
- 2008-01-21 02:33:26 14,376 ----a-w c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2008-07-27 18:03:10 14,376 ----a-w c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
- 2008-01-21 02:34:02 14,344 ----a-w c:\windows\Microsoft.NET\Framework\sbs_VsaVb7rt.dll
+ 2008-07-27 18:03:10 14,344 ----a-w c:\windows\Microsoft.NET\Framework\sbs_VsaVb7rt.dll
- 2008-01-21 02:34:08 14,352 ----a-w c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2008-07-27 18:03:10 14,352 ----a-w c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
- 2008-01-21 02:33:13 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp10.dll
- 2008-01-21 02:33:45 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2008-01-21 02:34:44 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2008-01-21 02:34:00 16,896 ----a-w c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\Microsoft.NET\Framework\SharedReg12.dll
- 2008-01-21 02:34:35 97,280 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-27 18:03:16 96,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
- 2006-10-20 01:13:36 19,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2006-10-20 01:13:36 136,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-27 18:03:10 145,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2006-10-20 01:13:37 4,608 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-27 18:03:10 13,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2006-10-20 01:13:37 183,808 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-27 18:03:10 193,016 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2006-10-20 01:13:37 208,896 ----a-w

clubECGR · 2009/02/05

c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-27 18:03:10 218,112 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2008-01-21 02:34:17 10,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2008-01-21 02:34:44 147,968 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-27 18:03:10 147,968 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2008-01-21 02:34:45 99,320 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-27 18:03:10 98,808 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2008-01-21 02:34:01 59,392 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-27 18:03:11 58,880 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2008-01-21 02:33:53 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-27 18:03:11 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2008-01-21 02:33:52 22,024 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-27 18:03:11 22,024 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2008-01-21 02:34:01 17,928 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-27 18:03:11 17,416 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2008-01-21 02:34:51 33,288 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-27 18:03:11 33,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2008-01-21 02:34:51 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-27 18:03:11 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2008-01-21 02:33:21 24,576 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-27 18:03:11 24,576 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2008-01-21 02:33:25 32,776 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-27 18:03:11 33,288 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2008-01-21 02:34:32 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-27 18:03:11 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2008-01-21 02:34:33 33,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-27 18:03:11 34,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2008-01-21 02:34:16 33,280 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-10-13 22:26:50 31,560 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2008-01-21 02:34:18 507,904 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-27 18:03:11 507,904 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2008-01-21 02:34:46 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-27 18:03:11 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2008-01-21 02:34:33 101,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-07-27 18:03:11 89,608 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2008-01-21 02:33:36 80,376 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-27 18:03:11 80,376 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
- 2008-01-21 02:34:37 1,162,744 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2008-07-27 18:03:11 1,163,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
- 2008-01-21 02:34:24 13,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-27 18:03:11 13,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2008-01-21 02:33:48 27,136 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-27 18:03:11 27,136 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2008-01-21 02:34:17 69,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-27 18:03:11 69,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2008-01-21 02:33:40 35,320 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-27 18:03:11 35,320 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2008-01-21 02:33:51 66,552 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-27 18:03:11 62,968 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
- 2008-01-21 02:34:13 5,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2008-07-27 18:03:11 5,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2008-01-21 02:33:19 575,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-27 18:03:11 575,496 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2008-01-21 02:33:22 36,344 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
+ 2008-07-27 18:03:11 36,344 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
- 2006-10-20 01:14:02 788,992 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-27 18:03:11 798,224 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2008-01-21 02:33:15 18,936 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-27 18:03:11 18,936 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
- 2008-01-21 02:33:14 9,728 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-27 18:03:12 9,728 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2008-01-21 02:34:34 8,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-27 18:03:12 8,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2008-01-21 02:33:14 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2008-01-21 02:34:15 6,656 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-27 18:03:12 6,656 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2008-01-21 02:34:16 230,904 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-27 18:03:12 230,904 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2008-01-21 02:33:25 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-27 18:03:12 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2008-01-21 02:34:38 65,032 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-27 18:03:12 65,032 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2008-01-21 02:33:18 72,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-27 18:03:12 72,192 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2008-01-21 02:34:38 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-27 18:03:12 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2008-01-21 02:33:17 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-27 18:03:12 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2008-01-21 02:34:08 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-27 18:03:12 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2008-01-21 02:34:16 655,360 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-27 18:03:12 655,360 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2008-01-21 02:34:22 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2008-01-21 02:34:08 749,568 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-27 18:03:12 749,568 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2008-01-21 02:33:22 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-27 18:03:12 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-01-21 02:34:18 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 18:03:12 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2008-01-21 02:33:12 671,744 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-27 18:03:12 659,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2008-01-21 02:33:47 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 18:03:12 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2006-10-20 01:14:05 5,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-27 18:03:12 5,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2008-01-21 02:33:42 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-27 18:03:12 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2008-01-21 02:34:47 12,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 18:03:12 12,800 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2006-10-20 01:14:05 7,168 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-27 18:03:12 7,168 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2008-01-21 02:34:37 97,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-27 18:03:12 97,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2008-01-21 02:34:26 69,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-27 18:03:12 69,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2008-01-21 02:33:14 822,280 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-10-13 22:26:53 990,032 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2008-01-21 02:34:34 83,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-27 18:03:12 83,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2008-01-21 02:33:54 308,224 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-07-27 18:03:12 308,224 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2008-01-21 02:34:02 47,104 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-27 18:03:12 46,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2008-01-21 02:33:40 348,672 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-10-13 22:26:53 364,872 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2008-01-21 02:33:46 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-27 18:03:12 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
- 2008-01-21 02:34:33 4,444,160 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-10-13 22:26:54 4,546,560 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-01-21 02:33:54 114,688 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-07-27 18:03:13 114,176 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2008-01-21 02:34:19 340,992 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-27 18:03:13 345,600 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
- 2008-01-21 02:34:48 77,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-27 18:03:13 77,312 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2008-01-21 02:33:59 18,944 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-27 18:03:13 18,944 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2008-01-21 02:33:13 242,688 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll

+ 2008-07-27 18:03:13 230,912 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2008-01-21 02:34:44 70,144 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-27 18:03:13 69,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2008-01-21 02:33:59 19,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-27 18:03:13 19,456 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
- 2008-01-21 02:33:37 5,814,784 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-10-13 22:26:55 5,813,576 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2006-10-20 01:14:43 22,528 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-27 18:03:14 31,744 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2008-01-21 02:33:46 101,880 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-27 18:03:14 100,856 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2008-01-21 02:33:36 24,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-27 18:03:14 24,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2008-01-21 02:34:54 89,096 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-27 18:03:14 88,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2008-01-21 02:33:46 144,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-27 18:03:14 143,360 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2008-01-21 02:33:19 53,248 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-27 18:03:14 53,248 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2008-01-21 02:34:00 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-27 18:03:14 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2008-01-21 02:33:58 16,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-27 18:03:14 16,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2008-01-21 02:34:36 119,296 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-27 18:03:14 118,784 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
- 2008-01-21 02:34:36 95,232 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-27 18:03:14 95,232 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2008-01-21 02:34:50 392,696 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-27 18:03:14 392,184 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2008-01-21 02:34:15 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-27 18:03:14 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2008-01-21 02:33:41 425,984 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-27 18:03:14 425,984 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2008-01-21 02:34:05 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-27 18:03:14 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2008-01-21 02:34:30 3,036,160 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-07-27 18:03:15 2,933,248 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2008-01-21 02:34:42 483,840 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-10-13 22:26:57 486,400 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2008-01-21 02:34:22 741,376 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-07-27 18:03:15 745,472 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2008-01-21 02:33:40 933,888 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-27 18:03:15 970,752 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2008-01-21 02:33:12 5,070,848 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-27 18:03:15 5,062,656 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2008-01-21 02:33:40 401,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-27 18:03:15 401,408 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
- 2008-01-21 02:33:51 188,416 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-27 18:03:15 188,416 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2008-01-21 02:33:54 3,076,096 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-27 18:03:15 3,149,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2008-01-21 02:34:26 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-27 18:03:15 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2008-01-21 02:34:46 630,784 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-27 18:03:15 626,688 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2008-01-21 02:34:25 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2008-01-21 02:34:31 57,392 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-27 18:03:15 57,392 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2008-01-21 02:34:25 113,664 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-27 18:22:54 113,664 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2008-01-21 02:33:15 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-27 18:03:15 372,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2008-01-21 02:33:26 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2008-01-21 02:33:45 299,008 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-27 18:03:15 303,104 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2008-01-21 02:33:26 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-27 18:03:15 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-01-21 02:34:36 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-01-21 02:34:06 114,688 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-27 18:03:15 114,688 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2008-01-21 02:34:01 261,120 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-27 18:03:15 261,632 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2008-01-21 02:33:19 5,431,296 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-10-13 22:26:58 5,242,880 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2008-01-21 02:34:37 884,736 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-27 18:03:15 835,584 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2008-01-21 02:33:23 90,112 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-27 18:03:15 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
- 2008-01-21 02:34:26 839,680 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-27 18:03:15 839,680 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2008-01-21 02:33:44 5,013,504 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-07-27 18:03:15 5,025,792 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2008-01-21 02:33:46 2,068,480 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-10-13 22:26:58 2,048,000 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2008-01-21 02:33:51 81,400 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-27 18:03:16 81,400 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
- 2008-01-21 02:34:22 1,172,472 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-07-27 18:03:16 1,172,472 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2008-01-21 02:34:31 1,344,000 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-27 18:03:16 1,344,000 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2008-01-21 02:33:41 435,200 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-10-13 22:26:59 436,040 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2008-01-21 02:34:05 37,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-27 18:03:16 37,896 ----a-w c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2008-01-21 02:35:16 159,744 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-06-20 01:14:31 168,968 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
- 2008-01-21 02:35:12 864,256 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-06-20 01:14:31 881,664 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
- 2008-01-21 02:35:16 397,312 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-06-20 01:14:31 397,312 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
- 2008-01-21 02:35:15 151,552 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-06-20 01:14:31 163,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
- 2008-01-21 02:35:15 2,560 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-06-20 01:14:31 11,280 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
- 2006-11-02 12:34:58 2,560 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
+ 2008-06-20 01:14:31 11,288 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
- 2008-01-21 02:35:16 61,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-06-20 01:14:31 156,688 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
- 2008-01-21 02:35:13 11,264 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-06-20 01:14:31 20,504 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
- 2008-01-21 02:35:12 112,656 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMConfigInstaller.exe
+ 2008-06-20 01:14:31 181,264 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMConfigInstaller.exe
- 2008-01-21 02:35:15 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-06-20 01:14:31 110,592 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
- 2008-01-21 02:35:13 122,880 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-06-20 01:14:31 132,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
- 2008-01-21 02:35:15 929,792 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-06-20 01:14:31 966,656 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-01-21 02:35:12 5,971,968 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-11-24 23:34:37 5,931,008 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-01-21 02:35:13 159,744 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-06-20 01:14:32 73,728 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
- 2008-01-21 02:35:16 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-06-20 01:14:33 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2008-01-21 02:35:15 143,360 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-06-20 01:14:33 152,576 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
- 2008-01-21 02:35:09 76,312 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-06-20 01:14:44 71,160 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
- 2008-01-21 02:35:12 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-06-20 01:14:44 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
- 2008-01-21 02:35:12 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-06-20 01:14:44 46,104 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
- 2008-01-21 02:35:12 121,368 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-06-20 01:14:44 132,120 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
- 2008-01-21 02:35:13 897,024 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-06-20 01:14:44 864,256 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-11-24 23:34:49 1,736,528 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
- 2008-01-21 02:35:14 14,848 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe
+ 2008-06-20 01:14:45 25,616 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe
+ 2008-07-29 15:40:48 168,448 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-29 15:40:48 233,976 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-29 15:40:48 41,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-29 15:40:48 41,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-29 15:40:48 41,984 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-29 15:40:48 1,548,280 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-07-29 15:40:48 78,856 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-29 15:40:48 95,224 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-29 15:15:24 225,490 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-29 10:47:34 97,280 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-29 10:47:34 276,984 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-29 10:47:34 1,064,448 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-29 10:47:34 177,152 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 10:47:34 269,304 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 10:47:34 113,152 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 10:47:34 84,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 10:47:34 125,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 10:47:34 126,464 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 10:47:34 130,048 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 10:47:34 137,728 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 10:47:34 122,368 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 10:47:34 133,120 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 10:47:34 111,104 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 10:47:34 132,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 10:47:34 128,512 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 10:47:34 97,792 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 10:47:34 94,720 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 10:47:34 129,024 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 10:47:34 121,856 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 10:47:34 128,512 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 10:47:34 122,880 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 10:47:34 123,904 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 10:47:34 121,344 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 10:47:34 121,344 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 10:47:34 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 10:47:34 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 10:47:34 131,584 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 10:47:34 110,080 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 10:47:34 1,364,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 10:47:34 1,054,208 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 10:47:34 632,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2008-07-29 10:47:34 413,184 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 10:47:34 689,152 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 10:47:34 102,904 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 10:47:34 89,592 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 10:47:34 108,536 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 10:47:34 108,536 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 10:47:34 111,608 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 10:47:34 113,656 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 10:47:34 106,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 10:47:34 112,120 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 10:47:34 101,368 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 10:47:34 111,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 10:47:34 110,072 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 10:47:34 95,224 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 10:47:34 92,664 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 10:47:34 108,536 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 10:47:34 106,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 10:47:34 109,048 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 10:47:34 107,512 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 10:47:34 107,000 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 10:47:34 105,976 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 10:47:34 106,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 10:47:34 89,080 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 10:47:34 110,072 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 10:47:34 111,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 10:47:34 107,512 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 10:47:34 984,056 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 15:40:48 802,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 15:40:48 40,960 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 15:40:48 41,984 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-29 15:40:48 91,136 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-29 15:40:48 5,632 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
+ 2008-07-29 15:40:48 1,720,824 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 15:40:48 196,104 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-29 15:40:48 70,648 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
- 2009-02-04 00:11:03 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-05 15:16:41 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2009-02-04 00:31:03 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-05 15:16:36 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-05 15:16:36 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-02-04 00:09:10 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-05 13:37:00 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-04 00:09:10 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-05 13:37:00 49,152 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-04 00:09:10 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-05 13:37:00 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-02-03 23:43:59 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2009-02-05 15:17:55 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
- 2008-01-21 02:33:54 96,760 ----a-w c:\windows\System32\dfshim.dll
+ 2008-07-27 18:03:16 96,760 ----a-w c:\windows\System32\dfshim.dll
+ 2009-02-04 01:59:03 27,656 ----a-w c:\windows\System32\drivers\avgmfx86.sys
- 2008-01-21 02:35:14 579,584 ----a-w c:\windows\System32\icardagt.exe
+ 2008-06-20 01:14:33 622,080 ----a-w c:\windows\System32\icardagt.exe
- 2008-01-21 02:35:14 11,776 ----a-w c:\windows\System32\icardres.dll
+ 2008-06-20 01:14:34 11,264 ----a-w c:\windows\System32\icardres.dll
- 2008-01-21 02:35:15 88,576 ----a-w c:\windows\System32\infocardapi.dll
+ 2008-06-20 01:14:34 97,800 ----a-w c:\windows\System32\infocardapi.dll
- 2008-01-21 02:33:52 282,112 ----a-w c:\windows\System32\mscoree.dll
+ 2008-07-27 18:03:17 282,112 ----a-w c:\windows\System32\mscoree.dll
- 2008-01-21 02:34:41 158,720 ----a-w c:\windows\System32\mscorier.dll
+ 2008-07-27 18:03:17 158,720 ----a-w c:\windows\System32\mscorier.dll
- 2008-01-21 02:34:46 84,480 ----a-w c:\windows\System32\mscories.dll
+ 2008-07-27 18:03:17 83,968 ----a-w c:\windows\System32\mscories.dll
- 2006-10-20 01:15:07 6,144 ----a-w c:\windows\System32\MUI\0409\mscorees.dll
+ 2008-07-27 18:03:17 15,360 ----a-w c:\windows\System32\MUI\0409\mscorees.dll
- 2006-11-02 06:34:32 32,768 ----a-w c:\windows\System32\netfxperf.dll
+ 2008-07-27 18:03:17 41,984 ----a-w c:\windows\System32\netfxperf.dll
+ 2009-02-04 00:44:49 2,456 ----a-w c:\windows\System32\networklist\icons\{67334E0A-6D55-4CE2-8C77-39088E1F4C45}_24.bin
+ 2009-02-04 00:44:49 4,280 ----a-w c:\windows\System32\networklist\icons\{67334E0A-6D55-4CE2-8C77-39088E1F4C45}_32.bin
+ 2009-02-04 00:44:49 9,560 ----a-w c:\windows\System32\networklist\icons\{67334E0A-6D55-4CE2-8C77-39088E1F4C45}_48.bin
+ 2009-02-04 00:39:43 2,456 ----a-w c:\windows\System32\networklist\icons\{7F42B2F5-862E-4432-AAC3-8C54D7890FD7}_24.bin
+ 2009-02-04 00:39:43 4,280 ----a-w c:\windows\System32\networklist\icons\{7F42B2F5-862E-4432-AAC3-8C54D7890FD7}_32.bin
+ 2009-02-04 00:39:43 9,560 ----a-w c:\windows\System32\networklist\icons\{7F42B2F5-862E-4432-AAC3-8C54D7890FD7}_48.bin
- 2009-02-04 00:14:46 121,572 ----a-w c:\windows\System32\perfc009.dat
+ 2009-02-04 06:19:54 121,572 ----a-w c:\windows\System32\perfc009.dat
- 2009-02-04 00:14:46 648,278 ----a-w c:\windows\System32\perfh009.dat
+ 2009-02-04 06:19:54 648,278 ----a-w c:\windows\System32\perfh009.dat
- 2008-01-21 02:35:15 106,520 ----a-w c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
+ 2008-06-20 01:14:45 105,016 ----a-w c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
- 2008-01-21 02:35:12 350,744 ----a-w c:\windows\System32\PresentationHost.exe
+ 2008-06-20 01:14:45 326,160 ----a-w c:\windows\System32\PresentationHost.exe
- 2008-01-21 02:35:14 33,304 ----a-w c:\windows\System32\PresentationHostProxy.dll
+ 2008-06-20 01:14:45 43,544 ----a-w c:\windows\System32\PresentationHostProxy.dll
- 2008-01-21 02:35:13 779,800 ----a-w c:\windows\System32\PresentationNative_v0300.dll
+ 2008-06-20 01:14:45 781,344 ----a-w c:\windows\System32\PresentationNative_v0300.dll
- 2009-01-14 15:23:14 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-02-05 13:17:55 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\schema.dat
- 2009-02-04 00:11:32 12,272 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2604780666-1855635130-1160332280-1000_UserData.bin
+ 2009-02-05 13:22:03 12,530 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2604780666-1855635130-1160332280-1000_UserData.bin
- 2009-02-04 00:11:32 99,174 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-05 13:22:02 99,842 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-05 06:58:04 3,032 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2009-02-03 23:49:17 54,506 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-02-05 13:21:52 55,428 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-01-21 02:35:10 308,760 ----a-w c:\windows\System32\XPSViewer\XPSViewer.exe
+ 2008-06-20 01:14:45 301,568 ----a-w c:\windows\System32\XPSViewer\XPSViewer.exe
+ 2009-02-05 13:07:36 32,427,874 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-07-27 18:00:22 10,752 ----a-w c:\windows\winsxs\msil_accessibility_b03f5f7f11d50a3a_6.0.6000.16720_none_4dd0dfd192a9f18b\Accessibility.dll
+ 2008-07-27 17:55:49 10,752 ----a-w c:\windows\winsxs\msil_accessibility_b03f5f7f11d50a3a_6.0.6000.20883_none_3708f675ac4c367e\Accessibility.dll
+ 2008-07-27 18:03:10 10,752 ----a-w c:\windows\winsxs\msil_accessibility_b03f5f7f11d50a3a_6.0.6001.18111_none_4dabc48792fbfe2c\Accessibility.dll
+ 2008-07-27 17:58:31 10,752 ----a-w c:\windows\winsxs\msil_accessibility_b03f5f7f11d50a3a_6.0.6001.22230_none_36e03523aca1773f\Accessibility.dll
+ 2008-07-27 18:00:23 507,904 ----a-w c:\windows\winsxs\msil_aspnetmmcext_b03f5f7f11d50a3a_6.0.6000.16720_none_809e9498963f10ba\AspNetMMCExt.dll
+ 2008-07-27 17:55:49 507,904 ----a-w c:\windows\winsxs\msil_aspnetmmcext_b03f5f7f11d50a3a_6.0.6000.20883_none_69d6ab3cafe155ad\AspNetMMCExt.dll
+ 2008-07-27 18:03:11 507,904 ----a-w c:\windows\winsxs\msil_aspnetmmcext_b03f5f7f11d50a3a_6.0.6001.18111_none_8079794e96911d5b\AspNetMMCExt.dll
+ 2008-07-27 17:58:31 507,904 ----a-w c:\windows\winsxs\msil_aspnetmmcext_b03f5f7f11d50a3a_6.0.6001.22230_none_69ade9eab036966e\AspNetMMCExt.dll
+ 2008-06-20 01:17:49 168,968 ----a-w c:\windows\winsxs\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6000.16708_none_ebabc572d44a2a04\ComSvcConfig.exe
+ 2008-06-20 01:12:45 168,968 ----a-w c:\windows\winsxs\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6000.20864_none_d4e47b8eedebbb90\ComSvcConfig.exe
+ 2008-06-20 01:14:31 168,968 ----a-w c:\windows\winsxs\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6001.18096_none_eb90f188d492e6d7\ComSvcConfig.exe
+ 2008-06-20 01:13:18 168,968 ----a-w c:\windows\winsxs\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6001.22208_none_d4ba1a7aee429661\ComSvcConfig.exe
+ 2008-07-27 18:00:23 13,312 ----a-w c:\windows\winsxs\msil_cscompmgd_b03f5f7f11d50a3a_6.0.6000.16720_none_18bd6f40a9b5d6a8\cscompmgd.dll
+ 2008-07-27 17:55:51 13,312 ----a-w c:\windows\winsxs\msil_cscompmgd_b03f5f7f11d50a3a_6.0.6000.20883_none_01f585e4c3581b9b\cscompmgd.dll
+ 2008-07-27 18:03:11 13,312 ----a-w c:\windows\winsxs\msil_cscompmgd_b03f5f7f11d50a3a_6.0.6001.18111_none_189853f6aa07e349\cscompmgd.dll
+ 2008-07-27 17:58:31 13,312 ----a-w c:\windows\winsxs\msil_cscompmgd_b03f5f7f11d50a3a_6.0.6001.22230_none_01ccc492c3ad5c5c\cscompmgd.dll
+ 2008-07-27 18:00:23 5,120 ----a-w c:\windows\winsxs\msil_dfsvc_b03f5f7f11d50a3a_6.0.6000.16720_none_65f34b6e88aba3e7\dfsvc.exe
+ 2008-07-27 17:55:51 5,120 ----a-w c:\windows\winsxs\msil_dfsvc_b03f5f7f11d50a3a_6.0.6000.20883_none_4f2b6212a24de8da\dfsvc.exe
+ 2008-07-27 18:03:11 5,120 ----a-w c:\windows\winsxs\msil_dfsvc_b03f5f7f11d50a3a_6.0.6001.18111_none_65ce302488fdb088\dfsvc.exe
+ 2008-07-27 17:58:31 5,120 ----a-w c:\windows\winsxs\msil_dfsvc_b03f5f7f11d50a3a_6.0.6001.22230_none_4f02a0c0a2a3299b\dfsvc.exe
+ 2008-07-27 18:00:23 9,728 ----a-w c:\windows\winsxs\msil_ieexec_b03f5f7f11d50a3a_6.0.6000.16720_none_7f06452c075a5a3c\IEExec.exe
+ 2008-07-27 17:55:51 9,728 ----a-w c:\windows\winsxs\msil_ieexec_b03f5f7f11d50a3a_6.0.6000.20883_none_683e5bd020fc9f2f\IEExec.exe
+ 2008-07-27 18:03:12 9,728 ----a-w c:\windows\winsxs\msil_ieexec_b03f5f7f11d50a3a_6.0.6001.18111_none_7ee129e207ac66dd\IEExec.exe
+ 2008-07-27 17:58:32 9,728 ----a-w c:\windows\winsxs\msil_ieexec_b03f5f7f11d50a3a_6.0.6001.22230_none_68159a7e2151dff0\IEExec.exe
+ 2008-07-27 18:00:23 8,192 ----a-w c:\windows\winsxs\msil_ieexecremote_b03f5f7f11d50a3a_6.0.6000.16720_none_ef94d833c4e430f8\IEExecRemote.dll
+ 2008-07-27 17:55:52 8,192 ----a-w c:\windows\winsxs\msil_ieexecremote_b03f5f7f11d50a3a_6.0.6000.20883_none_d8cceed7de8675eb\IEExecRemote.dll
+ 2008-07-27 18:03:12 8,192 ----a-w c:\windows\winsxs\msil_ieexecremote_b03f5f7f11d50a3a_6.0.6001.18111_none_ef6fbce9c5363d99\IEExecRemote.dll
+ 2008-07-27 17:58:32 8,192 ----a-w c:\windows\winsxs\msil_ieexecremote_b03f5f7f11d50a3a_6.0.6001.22230_none_d8a42d85dedbb6ac\IEExecRemote.dll
+ 2008-07-27 18:00:23 77,824 ----a-w c:\windows\winsxs\msil_iehost_b03f5f7f11d50a3a_6.0.6000.16720_none_7e7f95c007bcf6b5\IEHost.dll
+ 2008-07-27 17:55:52 77,824 ----a-w c:\windows\winsxs\msil_iehost_b03f5f7f11d50a3a_6.0.6000.20883_none_67b7ac64215f3ba8\IEHost.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\winsxs\msil_iehost_b03f5f7f11d50a3a_6.0.6001.18111_none_7e5a7a76080f0356\IEHost.dll
+ 2008-07-27 17:58:32 77,824 ----a-w c:\windows\winsxs\msil_iehost_b03f5f7f11d50a3a_6.0.6001.22230_none_678eeb1221b47c69\IEHost.dll
+ 2008-07-27 18:00:23 6,656 ----a-w c:\windows\winsxs\msil_iiehost_b03f5f7f11d50a3a_6.0.6000.16720_none_81aec2428b19ab74\IIEHost.dll
+ 2008-07-27 17:55:52 6,656 ----a-w c:\windows\winsxs\msil_iiehost_b03f5f7f11d50a3a_6.0.6000.20883_none_6ae6d8e6a4bbf067\IIEHost.dll
+ 2008-07-27 18:03:12 6,656 ----a-w c:\windows\winsxs\msil_iiehost_b03f5f7f11d50a3a_6.0.6001.18111_none_8189a6f88b6bb815\IIEHost.dll
+ 2008-07-27 17:58:32 6,656 ----a-w c:\windows\winsxs\msil_iiehost_b03f5f7f11d50a3a_6.0.6001.22230_none_6abe1794a5113128\IIEHost.dll
+ 2008-07-27 18:00:24 40,960 ----a-w c:\windows\winsxs\msil_jsc_b03f5f7f11d50a3a_6.0.6000.16720_none_a7f9fcdcd724c803\jsc.exe
+ 2008-07-27 17:55:52 40,960 ----a-w c:\windows\winsxs\msil_jsc_b03f5f7f11d50a3a_6.0.6000.20883_none_91321380f0c70cf6\jsc.exe
+ 2008-07-27 18:03:12 40,960 ----a-w c:\windows\winsxs\msil_jsc_b03f5f7f11d50a3a_6.0.6001.18111_none_a7d4e192d776d4a4\jsc.exe
+ 2008-07-27 17:58:32 40,960 ----a-w c:\windows\winsxs\msil_jsc_b03f5f7f11d50a3a_6.0.6001.22230_none_9109522ef11c4db7\jsc.exe
+ 2008-07-27 18:00:24 348,160 ----a-w c:\windows\winsxs\msil_microsoft.build.engine_b03f5f7f11d50a3a_6.0.6000.16720_none_38c710b80e2e0c67\Microsoft.Build.Engine.dll
+ 2008-07-27 17:55:52 348,160 ----a-w c:\windows\winsxs\msil_microsoft.build.engine_b03f5f7f11d50a3a_6.0.6000.20883_none_21ff275c27d0515a\Microsoft.Build.Engine.dll
+ 2008-07-27 18:03:12 348,160 ----a-w c:\windows\winsxs\msil_microsoft.build.engine_b03f5f7f11d50a3a_6.0.6001.18111_none_38a1f56e0e801908\Microsoft.Build.Engine.dll
+ 2008-07-27 17:58:32 348,160 ----a-w c:\windows\winsxs\msil_microsoft.build.engine_b03f5f7f11d50a3a_6.0.6001.22230_none_21d6660a2825921b\Microsoft.Build.Engine.dll
+ 2008-07-27 18:00:24 36,864 ----a-w c:\windows\winsxs\msil_microsoft.build.framework_b03f5f7f11d50a3a_6.0.6000.16720_none_c2ee2c438342bfeb\Microsoft.Build.Framework.dll
+ 2008-07-27 17:55:52 36,864 ----a-w c:\windows\winsxs\msil_microsoft.build.framework_b03f5f7f11d50a3a_6.0.6000.20883_none_ac2642e79ce504de\Microsoft.Build.Framework.dll
+ 2008-07-27 18:03:12 36,864 ----a-w c:\windows\winsxs\msil_microsoft.build.framework_b03f5f7f11d50a3a_6.0.6001.18111_none_c2c910f98394cc8c\Microsoft.Build.Framework.dll
+ 2008-07-27 17:58:32 36,864 ----a-w c:\windows\winsxs\msil_microsoft.build.framework_b03f5f7f11d50a3a_6.0.6001.22230_none_abfd81959d3a459f\Microsoft.Build.Framework.dll
+ 2008-07-27 18:00:24 655,360 ----a-w c:\windows\winsxs\msil_microsoft.build.tasks_b03f5f7f11d50a3a_6.0.6000.16720_none_9d87218c8cdc56ad\Microsoft.Build.Tasks.dll
+ 2008-07-27 17:55:52 655,360 ----a-w c:\windows\winsxs\msil_microsoft.build.tasks_b03f5f7f11d50a3a_6.0.6000.20883_none_86bf3830a67e9ba0\Microsoft.Build.Tasks.dll
+ 2008-07-27 18:03:12 655,360 ----a-w c:\windows\winsxs\msil_microsoft.build.tasks_b03f5f7f11d50a3a_6.0.6001.18111_none_9d6206428d2e634e\Microsoft.Build.Tasks.dll
+ 2008-07-27 17:58:32 655,360 ----a-w c:\windows\winsxs\msil_microsoft.build.tasks_b03f5f7f11d50a3a_6.0.6001.22230_none_869676dea6d3dc61\Microsoft.Build.Tasks.dll
+ 2008-07-27 18:00:24 77,824 ----a-w c:\windows\winsxs\msil_microsoft.build.utilities_b03f5f7f11d50a3a_6.0.6000.16720_none_e22f79faa4b204b9\Microsoft.Build.Utilities.dll
+ 2008-07-27 17:55:52 77,824 ----a-w c:\windows\winsxs\msil_microsoft.build.utilities_b03f5f7f11d50a3a_6.0.6000.20883_none_cb67909ebe5449ac\Microsoft.Build.Utilities.dll
+ 2008-07-27 18:03:12 77,824 ----a-w c:\windows\winsxs\msil_microsoft.build.utilities_b03f5f7f11d50a3a_6.0.6001.18111_none_e20a5eb0a504115a\Microsoft.Build.Utilities.dll
+ 2008-07-27 17:58:32 77,824 ----a-w c:\windows\winsxs\msil_microsoft.build.utilities_b03f5f7f11d50a3a_6.0.6001.22230_none_cb3ecf4cbea98a6d\Microsoft.Build.Utilities.dll
+ 2008-07-27 18:00:24 749,568 ----a-w c:\windows\winsxs\msil_microsoft.jscript_b03f5f7f11d50a3a_6.0.6000.16720_none_d253037d82bc5298\Microsoft.JScript.dll
+ 2008-07-27 17:55:52 749,568 ----a-w c:\windows\winsxs\msil_microsoft.jscript_b03f5f7f11d50a3a_6.0.6000.20883_none_bb8b1a219c5e978b\Microsoft.JScript.dll
+ 2008-07-27 18:03:12 749,568 ----a-w c:\windows\winsxs\msil_microsoft.jscript_b03f5f7f11d50a3a_6.0.6001.18111_none_d22de833830e5f39\Microsoft.JScript.dll
+ 2008-07-27 17:58:32 749,568 ----a-w c:\windows\winsxs\msil_microsoft.jscript_b03f5f7f11d50a3a_6.0.6001.22230_none_bb6258cf9cb3d84c\Microsoft.JScript.dll
+ 2008-06-20 01:17:50 397,312 ----a-w c:\windows\winsxs\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6000.16708_none_c8068fb7fd4c2123\Microsoft.Transactions.Bridge.dll
+ 2008-06-20 01:12:45 397,312 ----a-w c:\windows\winsxs\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6000.20864_none_b13f45d416edb2af\Microsoft.Transactions.Bridge.dll
+ 2008-06-20 01:14:31 397,312 ----a-w c:\windows\winsxs\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6001.18096_none_c7ebbbcdfd94ddf6\Microsoft.Transactions.Bridge.dll
+ 2008-06-20 01:13:18 397,312 ----a-w c:\windows\winsxs\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6001.22208_none_b114e4c017448d80\Microsoft.Transactions.Bridge.dll
+ 2008-07-27 18:00:24 110,592 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.compatibility.data_b03f5f7f11d50a3a_6.0.6000.16720_none_5f627c4b1c7d41c7\Microsoft.VisualBasic.Compatibility.Data.dll

clubECGR · 2009/02/05

Here are another. I downloaded another version of ComboFix at another anti malware site

.
+ 2008-07-27 17:55:52 110,592 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.compatibility.data_b03f5f7f11d50a3a_6.0.6000.20883_none_489a92ef361f86ba\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-27 18:03:12 110,592 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.compatibility.data_b03f5f7f11d50a3a_6.0.6001.18111_none_5f3d61011ccf4e68\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-27 17:58:32 110,592 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.compatibility.data_b03f5f7f11d50a3a_6.0.6001.22230_none_4871d19d3674c77b\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-27 18:00:24 372,736 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.0.6000.16720_none_ed8ab03894e675b5\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 17:55:52 372,736 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.0.6000.20883_none_d6c2c6dcae88baa8\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 18:03:12 372,736 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.0.6001.18111_none_ed6594ee95388256\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 17:58:32 372,736 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.0.6001.22230_none_d69a058aaeddfb69\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-27 18:00:24 28,672 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.vsa_b03f5f7f11d50a3a_6.0.6000.16720_none_f2fe695d4c27dfa3\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 17:55:52 28,672 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.vsa_b03f5f7f11d50a3a_6.0.6000.20883_none_dc36800165ca2496\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 18:03:12 28,672 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.vsa_b03f5f7f11d50a3a_6.0.6001.18111_none_f2d94e134c79ec44\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 17:58:32 28,672 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic.vsa_b03f5f7f11d50a3a_6.0.6001.22230_none_dc0dbeaf661f6557\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-27 18:00:24 659,456 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic_b03f5f7f11d50a3a_6.0.6000.16720_none_adb388aa00e25dcd\Microsoft.VisualBasic.dll
+ 2008-07-27 17:55:52 659,456 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic_b03f5f7f11d50a3a_6.0.6000.20883_none_96eb9f4e1a84a2c0\Microsoft.VisualBasic.dll
+ 2008-07-27 18:03:12 659,456 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic_b03f5f7f11d50a3a_6.0.6001.18111_none_ad8e6d6001346a6e\Microsoft.VisualBasic.dll
+ 2008-07-27 17:58:32 659,456 ----a-w c:\windows\winsxs\msil_microsoft.visualbasic_b03f5f7f11d50a3a_6.0.6001.22230_none_96c2ddfc1ad9e381\Microsoft.VisualBasic.dll
+ 2008-07-27 18:00:24 5,632 ----a-w c:\windows\winsxs\msil_microsoft.visualc_b03f5f7f11d50a3a_6.0.6000.16720_none_8517de4eb185b862\Microsoft.VisualC.Dll
+ 2008-07-27 17:55:52 5,632 ----a-w c:\windows\winsxs\msil_microsoft.visualc_b03f5f7f11d50a3a_6.0.6000.20883_none_6e4ff4f2cb27fd55\Microsoft.VisualC.Dll
+ 2008-07-27 18:03:12 5,632 ----a-w c:\windows\winsxs\msil_microsoft.visualc_b03f5f7f11d50a3a_6.0.6001.18111_none_84f2c304b1d7c503\Microsoft.VisualC.Dll
+ 2008-07-27 17:58:32 5,632 ----a-w c:\windows\winsxs\msil_microsoft.visualc_b03f5f7f11d50a3a_6.0.6001.22230_none_6e2733a0cb7d3e16\Microsoft.VisualC.Dll
+ 2008-07-27 18:00:24 12,800 ----a-w c:\windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.16720_none_44a2019ef24603f4\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 17:55:52 12,800 ----a-w c:\windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6000.20883_none_2dda18430be848e7\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 18:03:12 12,800 ----a-w c:\windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.18111_none_447ce654f2981095\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 17:58:32 12,800 ----a-w c:\windows\winsxs\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6001.22230_none_2db156f10c3d89a8\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-27 18:00:24 32,768 ----a-w c:\windows\winsxs\msil_microsoft.vsa_b03f5f7f11d50a3a_6.0.6000.16720_none_68752cae39ce89df\Microsoft.Vsa.dll
+ 2008-07-27 17:55:52 32,768 ----a-w c:\windows\winsxs\msil_microsoft.vsa_b03f5f7f11d50a3a_6.0.6000.20883_none_51ad43525370ced2\Microsoft.Vsa.dll
+ 2008-07-27 18:03:12 32,768 ----a-w c:\windows\winsxs\msil_microsoft.vsa_b03f5f7f11d50a3a_6.0.6001.18111_none_685011643a209680\Microsoft.Vsa.dll
+ 2008-07-27 17:58:32 32,768 ----a-w c:\windows\winsxs\msil_microsoft.vsa_b03f5f7f11d50a3a_6.0.6001.22230_none_5184820053c60f93\Microsoft.Vsa.dll
+ 2008-07-27 18:00:24 7,168 ----a-w c:\windows\winsxs\msil_microsoft_vsavb_b03f5f7f11d50a3a_6.0.6000.16720_none_6723493acd9cb768\Microsoft_VsaVb.dll
+ 2008-07-27 17:55:52 7,168 ----a-w c:\windows\winsxs\msil_microsoft_vsavb_b03f5f7f11d50a3a_6.0.6000.20883_none_505b5fdee73efc5b\Microsoft_VsaVb.dll
+ 2008-07-27 18:03:12 7,168 ----a-w c:\windows\winsxs\msil_microsoft_vsavb_b03f5f7f11d50a3a_6.0.6001.18111_none_66fe2df0cdeec409\Microsoft_VsaVb.dll
+ 2008-07-27 17:58:32 7,168 ----a-w c:\windows\winsxs\msil_microsoft_vsavb_b03f5f7f11d50a3a_6.0.6001.22230_none_50329e8ce7943d1c\Microsoft_VsaVb.dll
+ 2008-06-20 01:18:02 598,016 ----a-w c:\windows\winsxs\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6000.16708_none_9a4242103b6a941e\PresentationBuildTasks.dll
+ 2008-06-20 01:12:56 598,016 ----a-w c:\windows\winsxs\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6000.20864_none_9a86fe2b54bc7632\PresentationBuildTasks.dll
+ 2008-06-20 01:14:42 598,016 ----a-w c:\windows\winsxs\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6001.18096_none_9bc52ef038dbf0b3\PresentationBuildTasks.dll
+ 2008-06-20 01:13:30 598,016 ----a-w c:\windows\winsxs\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6001.22208_none_9cb21d8151aec4d9\PresentationBuildTasks.dll
+ 2008-06-20 01:18:04 32,768 ----a-w c:\windows\winsxs\msil_presentationcffrasterizer_31bf3856ad364e35_6.0.6000.16708_none_3f3d5ab21a051242\PresentationCFFRasterizer.dll
+ 2008-06-20 01:12:57 32,768 ----a-w c:\windows\winsxs\msil_presentationcffrasterizer_31bf3856ad364e35_6.0.6000.20864_none_3f8216cd3356f456\PresentationCFFRasterizer.dll
+ 2008-06-20 01:14:44 32,768 ----a-w c:\windows\winsxs\msil_presentationcffrasterizer_31bf3856ad364e35_6.0.6001.18096_none_40c0479217766ed7\PresentationCFFRasterizer.dll
+ 2008-06-20 01:13:32 32,768 ----a-w c:\windows\winsxs\msil_presentationcffrasterizer_31bf3856ad364e35_6.0.6001.22208_none_41ad3623304942fd\PresentationCFFRasterizer.dll
+ 2008-06-20 01:18:04 46,104 ----a-w c:\windows\winsxs\msil_presentationfontcache_31bf3856ad364e35_6.0.6000.16708_none_0bec965db3069c77\PresentationFontCache.exe
+ 2008-06-20 01:12:57 46,104 ----a-w c:\windows\winsxs\msil_presentationfontcache_31bf3856ad364e35_6.0.6000.20864_none_0c315278cc587e8b\PresentationFontCache.exe
+ 2008-06-20 01:14:44 46,104 ----a-w c:\windows\winsxs\msil_presentationfontcache_31bf3856ad364e35_6.0.6001.18096_none_0d6f833db077f90c\PresentationFontCache.exe
+ 2008-06-20 01:13:32 46,104 ----a-w c:\windows\winsxs\msil_presentationfontcache_31bf3856ad364e35_6.0.6001.22208_none_0e5c71cec94acd32\PresentationFontCache.exe
+ 2008-06-20 01:18:02 196,608 ----a-w c:\windows\winsxs\msil_presentationframework.aero_31bf3856ad364e35_6.0.6000.16708_none_1769d892726be62d\PresentationFramework.Aero.dll
+ 2008-06-20 01:12:56 196,608 ----a-w c:\windows\winsxs\msil_presentationframework.aero_31bf3856ad364e35_6.0.6000.20864_none_17ae94ad8bbdc841\PresentationFramework.Aero.dll
+ 2008-06-20 01:14:43 196,608 ----a-w c:\windows\winsxs\msil_presentationframework.aero_31bf3856ad364e35_6.0.6001.18096_none_18ecc5726fdd42c2\PresentationFramework.Aero.dll
+ 2008-06-20 01:13:31 196,608 ----a-w c:\windows\winsxs\msil_presentationframework.aero_31bf3856ad364e35_6.0.6001.22208_none_19d9b40388b016e8\PresentationFramework.Aero.dll
+ 2008-06-20 01:18:02 139,264 ----a-w c:\windows\winsxs\msil_presentationframework.classic_31bf3856ad364e35_6.0.6000.16708_none_ae7b1b78e763e376\PresentationFramework.Classic.dll
+ 2008-06-20 01:12:56 139,264 ----a-w c:\windows\winsxs\msil_presentationframework.classic_31bf3856ad364e35_6.0.6000.20864_none_aebfd79400b5c58a\PresentationFramework.Classic.dll
+ 2008-06-20 01:14:43 139,264 ----a-w c:\windows\winsxs\msil_presentationframework.classic_31bf3856ad364e35_6.0.6001.18096_none_affe0858e4d5400b\PresentationFramework.Classic.dll
+ 2008-06-20 01:13:31 139,264 ----a-w c:\windows\winsxs\msil_presentationframework.classic_31bf3856ad364e35_6.0.6001.22208_none_b0eaf6e9fda81431\PresentationFramework.Classic.dll
+ 2008-06-20 01:18:03 397,312 ----a-w c:\windows\winsxs\msil_presentationframework.luna_31bf3856ad364e35_6.0.6000.16708_none_1644b1707315fdb0\PresentationFramework.Luna.dll
+ 2008-06-20 01:12:56 397,312 ----a-w c:\windows\winsxs\msil_presentationframework.luna_31bf3856ad364e35_6.0.6000.20864_none_16896d8b8c67dfc4\PresentationFramework.Luna.dll
+ 2008-06-20 01:14:43 397,312 ----a-w c:\windows\winsxs\msil_presentationframework.luna_31bf3856ad364e35_6.0.6001.18096_none_17c79e5070875a45\PresentationFramework.Luna.dll
+ 2008-06-20 01:13:31 397,312 ----a-w c:\windows\winsxs\msil_presentationframework.luna_31bf3856ad364e35_6.0.6001.22208_none_18b48ce1895a2e6b\PresentationFramework.Luna.dll
+ 2008-06-20 01:18:03 163,840 ----a-w c:\windows\winsxs\msil_presentationframework.royale_31bf3856ad364e35_6.0.6000.16708_none_98cd04df9416a86e\PresentationFramework.Royale.dll
+ 2008-06-20 01:12:56 163,840 ----a-w c:\windows\winsxs\msil_presentationframework.royale_31bf3856ad364e35_6.0.6000.20864_none_9911c0faad688a82\PresentationFramework.Royale.dll
+ 2008-06-20 01:14:43 163,840 ----a-w c:\windows\winsxs\msil_presentationframework.royale_31bf3856ad364e35_6.0.6001.18096_none_9a4ff1bf91880503\PresentationFramework.Royale.dll
+ 2008-06-20 01:13:31 163,840 ----a-w c:\windows\winsxs\msil_presentationframework.royale_31bf3856ad364e35_6.0.6001.22208_none_9b3ce050aa5ad929\PresentationFramework.Royale.dll
+ 2008-06-20 01:18:03 5,283,840 ----a-w c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6000.16708_none_74d95b94f6cef266\PresentationFramework.dll
+ 2008-11-24 23:44:27 5,283,840 ----a-w c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6000.16780_none_747ad9e4f7170736\PresentationFramework.dll
+ 2008-06-20 01:12:56 5,283,840 ----a-w c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6000.20864_none_751e17b01020d47a\PresentationFramework.dll
+ 2008-11-24 23:43:38 5,283,840 ----a-w c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6000.20964_none_751e19961020d1a1\PresentationFramework.dll
+ 2008-06-20 01:14:43 5,283,840 ----a-w c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6001.18096_none_765c4874f4404efb\PresentationFramework.dll
+ 2008-11-24 23:34:47 5,283,840 ----a-w c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6001.18173_none_766ee954f432c83b\PresentationFramework.dll
+ 2008-06-20 01:13:31 5,283,840 ----a-w c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6001.22208_none_774937060d132321\PresentationFramework.dll
+ 2008-11-24 23:57:19 5,283,840 ----a-w c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6001.22317_none_773d68b60d1c22e2\PresentationFramework.dll
+ 2008-06-20 01:18:04 864,256 ----a-w c:\windows\winsxs\msil_presentationui_31bf3856ad364e35_6.0.6000.16708_none_a9cc5a883f5a2a28\PresentationUI.dll
+ 2008-06-20 01:12:57 864,256 ----a-w c:\windows\winsxs\msil_presentationui_31bf3856ad364e35_6.0.6000.20864_none_aa1116a358ac0c3c\PresentationUI.dll
+ 2008-06-20 01:14:44 864,256 ----a-w c:\windows\winsxs\msil_presentationui_31bf3856ad364e35_6.0.6001.18096_none_ab4f47683ccb86bd\PresentationUI.dll
+ 2008-06-20 01:13:32 864,256 ----a-w c:\windows\winsxs\msil_presentationui_31bf3856ad364e35_6.0.6001.22208_none_ac3c35f9559e5ae3\PresentationUI.dll
+ 2008-06-20 01:18:03 528,384 ----a-w c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6000.16708_none_3fd11d340452ef41\ReachFramework.dll
+ 2008-06-20 01:12:56 528,384 ----a-w c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6000.20864_none_4015d94f1da4d155\ReachFramework.dll
+ 2008-06-20 01:14:43 528,384 ----a-w c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6001.18096_none_41540a1401c44bd6\ReachFramework.dll
+ 2008-06-20 01:13:31 528,384 ----a-w c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6001.22208_none_4240f8a51a971ffc\ReachFramework.dll
+ 2008-06-20 01:17:50 156,688 ----a-w c:\windows\winsxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6000.16708_none_4af00a98fbb62f75\ServiceModelReg.exe
+ 2008-06-20 01:12:45 156,688 ----a-w c:\windows\winsxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6000.20864_none_3428c0b51557c101\ServiceModelReg.exe
+ 2008-06-20 01:14:31 156,688 ----a-w c:\windows\winsxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6001.18096_none_4ad536aefbfeec48\ServiceModelReg.exe
+ 2008-06-20 01:13:19 156,688 ----a-w c:\windows\winsxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6001.22208_none_33fe5fa115ae9bd2\ServiceModelReg.exe
+ 2008-06-20 01:17:50 110,592 ----a-w c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6000.16708_none_9eb5a1ecafb1f95b\SMdiagnostics.dll
+ 2008-06-20 01:12:45 110,592 ----a-w c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6000.20864_none_87ee5808c9538ae7\SMdiagnostics.dll
+ 2008-06-20 01:14:31 110,592 ----a-w c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6001.18096_none_9e9ace02affab62e\SMdiagnostics.dll
+ 2008-06-20 01:13:19 110,592 ----a-w c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6001.22208_none_87c3f6f4c9aa65b8\SMdiagnostics.dll
+ 2008-06-20 01:17:50 132,096 ----a-w c:\windows\winsxs\msil_smsvchost_b03f5f7f11d50a3a_6.0.6000.16708_none_127d14a854218213\SMSvcHost.exe
+ 2008-06-20 01:12:45 132,096 ----a-w c:\windows\winsxs\msil_smsvchost_b03f5f7f11d50a3a_6.0.6000.20864_none_fbb5cac46dc3139f\SMSvcHost.exe
+ 2008-06-20 01:14:31 132,096 ----a-w c:\windows\winsxs\msil_smsvchost_b03f5f7f11d50a3a_6.0.6001.18096_none_126240be546a3ee6\SMSvcHost.exe
+ 2008-06-20 01:13:19 132,096 ----a-w c:\windows\winsxs\msil_smsvchost_b03f5f7f11d50a3a_6.0.6001.22208_none_fb8b69b06e19ee70\SMSvcHost.exe
+ 2008-07-27 18:00:26 110,592 ----a-w c:\windows\winsxs\msil_sysglobl_b03f5f7f11d50a3a_6.0.6000.16720_none_d505e94789d4c176\sysglobl.dll
+ 2008-07-27 17:55:55 110,592 ----a-w c:\windows\winsxs\msil_sysglobl_b03f5f7f11d50a3a_6.0.6000.20883_none_be3dffeba3770669\sysglobl.dll
+ 2008-07-27 18:03:14 110,592 ----a-w c:\windows\winsxs\msil_sysglobl_b03f5f7f11d50a3a_6.0.6001.18111_none_d4e0cdfd8a26ce17\sysglobl.dll
+ 2008-07-27 17:58:34 110,592 ----a-w c:\windows\winsxs\msil_sysglobl_b03f5f7f11d50a3a_6.0.6001.22230_none_be153e99a3cc472a\sysglobl.dll
+ 2008-07-27 18:00:26 81,920 ----a-w c:\windows\winsxs\msil_system.configuration.install_b03f5f7f11d50a3a_6.0.6000.16720_none_8be75bc7785395c1\System.Configuration.Install.dll
+ 2008-07-27 17:55:55 81,920 ----a-w c:\windows\winsxs\msil_system.configuration.install_b03f5f7f11d50a3a_6.0.6000.20883_none_751f726b91f5dab4\System.Configuration.Install.dll
+ 2008-07-27 18:03:14 81,920 ----a-w c:\windows\winsxs\msil_system.configuration.install_b03f5f7f11d50a3a_6.0.6001.18111_none_8bc2407d78a5a262\System.Configuration.Install.dll
+ 2008-07-27 17:58:34 81,920 ----a-w c:\windows\winsxs\msil_system.configuration.install_b03f5f7f11d50a3a_6.0.6001.22230_none_74f6b119924b1b75\System.Configuration.Install.dll
+ 2008-07-27 18:00:26 425,984 ----a-w c:\windows\winsxs\msil_system.configuration_b03f5f7f11d50a3a_6.0.6000.16720_none_2b4a6fa23668e266\System.configuration.dll
+ 2008-07-27 17:55:55 425,984 ----a-w c:\windows\winsxs\msil_system.configuration_b03f5f7f11d50a3a_6.0.6000.20883_none_14828646500b2759\System.configuration.dll
+ 2008-07-27 18:03:14 425,984 ----a-w c:\windows\winsxs\msil_system.configuration_b03f5f7f11d50a3a_6.0.6001.18111_none_2b25545836baef07\System.configuration.dll
+ 2008-07-27 17:58:34 425,984 ----a-w c:\windows\winsxs\msil_system.configuration_b03f5f7f11d50a3a_6.0.6001.22230_none_1459c4f45060681a\System.configuration.dll
+ 2008-07-27 18:00:27 745,472 ----a-w c:\windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.0.6000.16720_none_319e3f19a4acfb15\System.Data.SqlXml.dll
+ 2008-07-27 17:55:55 745,472 ----a-w c:\windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.0.6000.20883_none_1ad655bdbe4f4008\System.Data.SqlXml.dll
+ 2008-07-27 18:03:15 745,472 ----a-w c:\windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.0.6001.18111_none_317923cfa4ff07b6\System.Data.SqlXml.dll
+ 2008-07-27 17:58:35 745,472 ----a-w c:\windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.0.6001.22230_none_1aad946bbea480c9\System.Data.SqlXml.dll
+ 2008-07-27 18:00:27 970,752 ----a-w c:\windows\winsxs\msil_system.deployment_b03f5f7f11d50a3a_6.0.6000.16720_none_60211163309e66b3\System.Deployment.dll
+ 2008-07-27 17:55:55 970,752 ----a-w c:\windows\winsxs\msil_system.deployment_b03f5f7f11d50a3a_6.0.6000.20883_none_495928074a40aba6\System.Deployment.dll
+ 2008-07-27 18:03:15 970,752 ----a-w c:\windows\winsxs\msil_system.deployment_b03f5f7f11d50a3a_6.0.6001.18111_none_5ffbf61930f07354\System.Deployment.dll
+ 2008-07-27 17:58:35 970,752 ----a-w c:\windows\winsxs\msil_system.deployment_b03f5f7f11d50a3a_6.0.6001.22230_none_493066b54a95ec67\System.Deployment.dll
+ 2008-07-27 18:00:27 5,062,656 ----a-w c:\windows\winsxs\msil_system.design_b03f5f7f11d50a3a_6.0.6000.16720_none_b57005af02cc9524\System.Design.dll
+ 2008-07-27 17:55:55 5,062,656 ----a-w c:\windows\winsxs\msil_system.design_b03f5f7f11d50a3a_6.0.6000.20883_none_9ea81c531c6eda17\System.Design.dll
+ 2008-07-27 18:03:15 5,062,656 ----a-w c:\windows\winsxs\msil_system.design_b03f5f7f11d50a3a_6.0.6001.18111_none_b54aea65031ea1c5\System.Design.dll
+ 2008-07-27 17:58:35 5,062,656 ----a-w c:\windows\winsxs\msil_system.design_b03f5f7f11d50a3a_6.0.6001.22230_none_9e7f5b011cc41ad8\System.Design.dll
+ 2008-07-27 18:00:27 188,416 ----a-w c:\windows\winsxs\msil_system.directoryservices.protocols_b03f5f7f11d50a3a_6.0.6000.16720_none_af40550f540ba4b8\System.DirectoryServices.Protocols.dll
+ 2008-07-27 17:55:55 188,416 ----a-w c:\windows\winsxs\msil_system.directoryservices.protocols_b03f5f7f11d50a3a_6.0.6000.20883_none_98786bb36dade9ab\System.DirectoryServices.Protocols.dll
+ 2008-07-27 18:03:15 188,416 ----a-w c:\windows\winsxs\msil_system.directoryservices.protocols_b03f5f7f11d50a3a_6.0.6001.18111_none_af1b39c5545db159\System.DirectoryServices.Protocols.dll
+ 2008-07-27 17:58:35 188,416 ----a-w c:\windows\winsxs\msil_system.directoryservices.protocols_b03f5f7f11d50a3a_6.0.6001.22230_none_984faa616e032a6c\System.DirectoryServices.Protocols.dll
+ 2008-07-27 18:00:27 401,408 ----a-w c:\windows\winsxs\msil_system.directoryservices_b03f5f7f11d50a3a_6.0.6000.16720_none_56c449b3311fcd6d\System.DirectoryServices.dll
+ 2008-07-27 17:55:55 401,408 ----a-w c:\windows\winsxs\msil_system.directoryservices_b03f5f7f11d50a3a_6.0.6000.20883_none_3ffc60574ac21260\System.DirectoryServices.dll
+ 2008-07-27 18:03:15 401,408 ----a-w c:\windows\winsxs\msil_system.directoryservices_b03f5f7f11d50a3a_6.0.6001.18111_none_569f2e693171da0e\System.DirectoryServices.dll
+ 2008-07-27 17:58:35 401,408 ----a-w c:\windows\winsxs\msil_system.directoryservices_b03f5f7f11d50a3a_6.0.6001.22230_none_3fd39f054b175321\System.DirectoryServices.dll
+ 2008-07-27 18:00:27 81,920 ----a-w c:\windows\winsxs\msil_system.drawing.design_b03f5f7f11d50a3a_6.0.6000.16720_none_1c2e287cb016cb42\System.Drawing.Design.dll
+ 2008-07-27 17:55:55 81,920 ----a-w c:\windows\winsxs\msil_system.drawing.design_b03f5f7f11d50a3a_6.0.6000.20883_none_05663f20c9b91035\System.Drawing.Design.dll
+ 2008-07-27 18:03:15 81,920 ----a-w c:\windows\winsxs\msil_system.drawing.design_b03f5f7f11d50a3a_6.0.6001.18111_none_1c090d32b068d7e3\System.Drawing.Design.dll
+ 2008-07-27 17:58:35 81,920 ----a-w c:\windows\winsxs\msil_system.drawing.design_b03f5f7f11d50a3a_6.0.6001.22230_none_053d7dceca0e50f6\System.Drawing.Design.dll
+ 2008-07-27 18:00:27 626,688 ----a-w c:\windows\winsxs\msil_system.drawing_b03f5f7f11d50a3a_6.0.6000.16720_none_8fb93569f081bc50\System.Drawing.dll
+ 2008-07-27 17:55:55 626,688 ----a-w c:\windows\winsxs\msil_system.drawing_b03f5f7f11d50a3a_6.0.6000.20883_none_78f14c0e0a240143\System.Drawing.dll
+ 2008-07-27 18:03:15 626,688 ----a-w c:\windows\winsxs\msil_system.drawing_b03f5f7f11d50a3a_6.0.6001.18111_none_8f941a1ff0d3c8f1\System.Drawing.dll
+ 2008-07-27 17:58:35 626,688 ----a-w c:\windows\winsxs\msil_system.drawing_b03f5f7f11d50a3a_6.0.6001.22230_none_78c88abc0a794204\System.Drawing.dll
+ 2008-06-20 01:17:48 126,976 ----a-w c:\windows\winsxs\msil_system.identitymodel.selectors_b77a5c561934e089_6.0.6000.16708_none_ac128cd0734d07a3\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:12:43 126,976 ----a-w c:\windows\winsxs\msil_system.identitymodel.selectors_b77a5c561934e089_6.0.6000.20864_none_954b42ec8cee992f\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:14:29 126,976 ----a-w c:\windows\winsxs\msil_system.identitymodel.selectors_b77a5c561934e089_6.0.6001.18096_none_abf7b8e67395c476\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:13:17 126,976 ----a-w c:\windows\winsxs\msil_system.identitymodel.selectors_b77a5c561934e089_6.0.6001.22208_none_9520e1d88d457400\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:17:48 430,080 ----a-w c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6000.16708_none_1d7dbca843be4f0d\System.IdentityModel.dll
+ 2008-06-20 01:12:43 430,080 ----a-w c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6000.20864_none_06b672c45d5fe099\System.IdentityModel.dll
+ 2008-06-20 01:14:29 430,080 ----a-w c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6001.18096_none_1d62e8be44070be0\System.IdentityModel.dll
+ 2008-06-20 01:13:17 430,080 ----a-w c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6001.22208_none_068c11b05db6bb6a\System.IdentityModel.dll
+ 2008-06-20 01:17:48 131,072 ----a-w c:\windows\winsxs\msil_system.io.log_b03f5f7f11d50a3a_6.0.6000.16708_none_85205cc01ff30fa2\System.IO.Log.dll
+ 2008-06-20 01:12:43 131,072 ----a-w c:\windows\winsxs\msil_system.io.log_b03f5f7f11d50a3a_6.0.6000.20864_none_6e5912dc3994a12e\System.IO.Log.dll
+ 2008-06-20 01:14:29 131,072 ----a-w c:\windows\winsxs\msil_system.io.log_b03f5f7f11d50a3a_6.0.6001.18096_none_850588d6203bcc75\System.IO.Log.dll
+ 2008-06-20 01:13:17 131,072 ----a-w c:\windows\winsxs\msil_system.io.log_b03f5f7f11d50a3a_6.0.6001.22208_none_6e2eb1c839eb7bff\System.IO.Log.dll
+ 2008-07-27 18:00:27 372,736 ----a-w c:\windows\winsxs\msil_system.management_b03f5f7f11d50a3a_6.0.6000.16720_none_1f5b763e0c197b33\System.Management.dll
+ 2008-07-27 17:55:55 372,736 ----a-w c:\windows\winsxs\msil_system.management_b03f5f7f11d50a3a_6.0.6000.20883_none_08938ce225bbc026\System.Management.dll
+ 2008-07-27 18:03:15 372,736 ----a-w c:\windows\winsxs\msil_system.management_b03f5f7f11d50a3a_6.0.6001.18111_none_1f365af40c6b87d4\System.Management.dll
+ 2008-07-27 17:58:35 372,736 ----a-w c:\windows\winsxs\msil_system.management_b03f5f7f11d50a3a_6.0.6001.22230_none_086acb90261100e7\System.Management.dll
+ 2008-07-27 18:00:27 258,048 ----a-w c:\windows\winsxs\msil_system.messaging_b03f5f7f11d50a3a_6.0.6000.16720_none_2dd84bdf234f2daa\System.Messaging.dll
+ 2008-07-27 17:55:55 258,048 ----a-w c:\windows\winsxs\msil_system.messaging_b03f5f7f11d50a3a_6.0.6000.20883_none_171062833cf1729d\System.Messaging.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\winsxs\msil_system.messaging_b03f5f7f11d50a3a_6.0.6001.18111_none_2db3309523a13a4b\System.Messaging.dll
+ 2008-07-27 17:58:35 258,048 ----a-w c:\windows\winsxs\msil_system.messaging_b03f5f7f11d50a3a_6.0.6001.22230_none_16e7a1313d46b35e\System.Messaging.dll
+ 2008-07-27 18:00:27 303,104 ----a-w c:\windows\winsxs\msil_system.runtime.remoting_b77a5c561934e089_6.0.6000.16720_none_c5ba723444dfcf3d\System.Runtime.Remoting.dll
+ 2008-07-27 17:55:55 303,104 ----a-w c:\windows\winsxs\msil_system.runtime.remoting_b77a5c561934e089_6.0.6000.20883_none_aef288d85e821430\System.Runtime.Remoting.dll
+ 2008-07-27 18:03:15 303,104 ----a-w c:\windows\winsxs\msil_system.runtime.remoting_b77a5c561934e089_6.0.6001.18111_none_c59556ea4531dbde\System.Runtime.Remoting.dll
+ 2008-07-27 17:58:35 303,104 ----a-w c:\windows\winsxs\msil_system.runtime.remoting_b77a5c561934e089_6.0.6001.22230_none_aec9c7865ed754f1\System.Runtime.Remoting.dll
+ 2008-07-27 18:00:27 131,072 ----a-w c:\windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16720_none_4838f505237d831c\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-27 17:55:55 131,072 ----a-w c:\windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.20883_none_31710ba93d1fc80f\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-27 18:03:15 131,072 ----a-w c:\windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18111_none_4813d9bb23cf8fbd\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-27 17:58:35 131,072 ----a-w c:\windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.22230_none_31484a573d7508d0\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-06-20 01:17:50 966,656 ----a-w c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1\System.Runtime.Serialization.dll
+ 2008-06-20 01:12:45 966,656 ----a-w c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d\System.Runtime.Serialization.dll
+ 2008-06-20 01:14:31 966,656 ----a-w c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94\System.Runtime.Serialization.dll
+ 2008-06-20 01:13:19 966,656 ----a-w c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e\System.Runtime.Serialization.dll
+ 2008-06-20 01:17:48 966,656 ----a-w c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4\System.Runtime.Serialization.dll
+ 2008-06-20 01:12:43 966,656 ----a-w c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080\System.Runtime.Serialization.dll
+ 2008-06-20 01:14:29 966,656 ----a-w c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7\System.Runtime.Serialization.dll
+ 2008-06-20 01:13:17 966,656 ----a-w c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51\System.Runtime.Serialization.dll
+ 2008-07-27 18:00:27 258,048 ----a-w c:\windows\winsxs\msil_system.security_b03f5f7f11d50a3a_6.0.6000.16720_none_9c2d1345cdee588e\System.Security.dll
+ 2008-07-27 17:55:55 258,048 ----a-w c:\windows\winsxs\msil_system.security_b03f5f7f11d50a3a_6.0.6000.20883_none_856529e9e7909d81\System.Security.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\winsxs\msil_system.security_b03f5f7f11d50a3a_6.0.6001.18111_none_9c07f7fbce40652f\System.Security.dll
+ 2008-07-27 17:58:35 258,048 ----a-w c:\windows\winsxs\msil_system.security_b03f5f7f11d50a3a_6.0.6001.22230_none_853c6897e7e5de42\System.Security.dll
+ 2008-06-20 01:17:51 73,728 ----a-w c:\windows\winsxs\msil_system.servicemodel.install_b77a5c561934e089_6.0.6000.16708_none_6bc582a4368de5bd\System.ServiceModel.Install.dll
+ 2008-06-20 01:12:46 73,728 ----a-w c:\windows\winsxs\msil_system.servicemodel.install_b77a5c561934e089_6.0.6000.20864_none_54fe38c0502f7749\System.ServiceModel.Install.dll
+ 2008-06-20 01:14:32 73,728 ----a-w c:\windows\winsxs\msil_system.servicemodel.install_b77a5c561934e089_6.0.6001.18096_none_6baaaeba36d6a290\System.ServiceModel.Install.dll
+ 2008-06-20 01:13:20 73,728 ----a-w c:\windows\winsxs\msil_system.servicemodel.install_b77a5c561934e089_6.0.6001.22208_none_54d3d7ac5086521a\System.ServiceModel.Install.dll
+ 2008-06-20 01:17:51 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6000.16708_none_6c891ffa1263c737\System.ServiceModel.dll
+ 2008-11-24 23:44:18 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6000.16780_none_6c91d88a125bc4e7\System.ServiceModel.dll
+ 2008-06-20 01:12:46 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6000.20864_none_55c1d6162c0558c3\System.ServiceModel.dll
+ 2008-11-24 23:43:30 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6000.20964_none_55c1d5f22c055914\System.ServiceModel.dll
+ 2008-06-20 01:14:32 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6001.18096_none_6c6e4c1012ac840a\System.ServiceModel.dll
+ 2008-11-24 23:34:37 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6001.18173_none_6c6c8fb012ae04ca\System.ServiceModel.dll
+ 2008-06-20 01:13:20 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6001.22208_none_559775022c5c3394\System.ServiceModel.dll
+ 2008-11-24 23:57:12 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6001.22317_none_55988bf02c5b339b\System.ServiceModel.dll
+ 2008-07-11 00:48:47 466,944 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6000.16780_es-es_51eb6692f9aef974\System.ServiceModel.Resources.dll
+ 2008-06-20 01:08:36 401,408 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6000.16780_zh-cn_0bd9e73b6e3dc32f\System.ServiceModel.Resources.dll
+ 2008-06-30 22:53:17 401,408 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6000.16780_zh-tw_0b78b8356e868e3f\System.ServiceModel.Resources.dll
+ 2008-07-11 00:47:43 466,944 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6000.20964_es-es_3b1b63fb13588da1\System.ServiceModel.Resources.dll
+ 2008-06-20 01:06:57 401,408 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6000.20964_zh-cn_f509e4a387e7575c\System.ServiceModel.Resources.dll
+ 2008-06-30 22:52:14 401,408 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6000.20964_zh-tw_f4a8b59d8830226c\System.ServiceModel.Resources.dll
+ 2008-07-11 19:39:07 466,944 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6001.18173_es-es_51c61db8fa013957\System.ServiceModel.Resources.dll
+ 2008-06-20 01:12:42 401,408 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6001.18173_zh-cn_0bb49e616e900312\System.ServiceModel.Resources.dll
+ 2008-06-30 23:02:40 401,408 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6001.18173_zh-tw_0b536f5b6ed8ce22\System.ServiceModel.Resources.dll
+ 2008-07-11 00:55:41 466,944 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6001.22317_es-es_3af219f913ae6828\System.ServiceModel.Resources.dll
+ 2008-06-20 01:14:39 401,408 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6001.22317_zh-cn_f4e09aa1883d31e3\System.ServiceModel.Resources.dll
+ 2008-06-30 23:01:28 401,408 ----a-w c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6001.22317_zh-tw_f47f6b9b8885fcf3\System.ServiceModel.Resources.dll
+ 2008-06-20 01:17:51 32,768 ----a-w c:\windows\winsxs\msil_system.servicemodel.washosting_b77a5c561934e089_6.0.6000.16708_none_be3260a4e10e6861\System.ServiceModel.WasHosting.dll
+ 2008-06-20 01:12:47 32,768 ----a-w c:\windows\winsxs\msil_system.servicemodel.washosting_b77a5c561934e089_6.0.6000.20864_none_a76b16c0faaff9ed\System.ServiceModel.WasHosting.dll
+ 2008-06-20 01:14:33 32,768 ----a-w c:\windows\winsxs\msil_system.servicemodel.washosting_b77a5c561934e089_6.0.6001.18096_none_be178cbae1572534\System.ServiceModel.WasHosting.dll
+ 2008-06-20 01:13:21 32,768 ----a-w c:\windows\winsxs\msil_system.servicemodel.washosting_b77a5c561934e089_6.0.6001.22208_none_a740b5acfb06d4be\System.ServiceModel.WasHosting.dll
+ 2008-06-20 01:17:48 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6000.16708_none_a50d9dc68a554030\System.ServiceModel.dll
+ 2008-11-24 23:44:16 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6000.16780_none_a51656568a4d3de0\System.ServiceModel.dll
+ 2008-06-20 01:12:44 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6000.20864_none_8e4653e2a3f6d1bc\System.ServiceModel.dll
+ 2008-11-24 23:43:28 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6000.20964_none_8e4653bea3f6d20d\System.ServiceModel.dll
+ 2008-06-20 01:14:30 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6001.18096_none_a4f2c9dc8a9dfd03\System.ServiceModel.dll
+ 2008-11-24 23:34:36 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6001.18173_none_a4f10d7c8a9f7dc3\System.ServiceModel.dll
+ 2008-06-20 01:13:17 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6001.22208_none_8e1bf2cea44dac8d\System.ServiceModel.dll
+ 2008-11-24 23:57:11 5,931,008 ----a-w c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6001.22317_none_8e1d09bca44cac94\System.ServiceModel.dll
+ 2008-07-27 18:00:27 114,688 ----a-w c:\windows\winsxs\msil_system.serviceprocess_b03f5f7f11d50a3a_6.0.6000.16720_none_5523dfad7c4203b6\System.ServiceProcess.dll
+ 2008-07-27 17:55:55 114,688 ----a-w c:\windows\winsxs\msil_system.serviceprocess_b03f5f7f11d50a3a_6.0.6000.20883_none_3e5bf65195e448a9\System.ServiceProcess.dll
+ 2008-07-27 18:03:15 114,688 ----a-w c:\windows\winsxs\msil_system.serviceprocess_b03f5f7f11d50a3a_6.0.6001.18111_none_54fec4637c941057\System.ServiceProcess.dll
+ 2008-07-27 17:58:35 114,688 ----a-w c:\windows\winsxs\msil_system.serviceprocess_b03f5f7f11d50a3a_6.0.6001.22230_none_3e3334ff9639896a\System.ServiceProcess.dll
+ 2008-01-21 02:35:14 688,128 ----a-w c:\windows\winsxs\msil_system.speech_31bf3856ad364e35_6.0.6000.16708_none_080e70cf835a2dc3\System.Speech.dll
+ 2008-01-21 02:35:14 688,128 ----a-w c:\windows\winsxs\msil_system.speech_31bf3856ad364e35_6.0.6000.20864_none_08532cea9cac0fd7\System.Speech.dll
+ 2008-01-21 02:35:14 688,128 ----a-w c:\windows\winsxs\msil_system.speech_31bf3856ad364e35_6.0.6001.18096_none_09915daf80cb8a58\System.Speech.dll
+ 2008-01-21 02:35:14 688,128 ----a-w c:\windows\winsxs\msil_system.speech_31bf3856ad364e35_6.0.6001.22208_none_0a7e4c40999e5e7e\System.Speech.dll
+ 2008-07-27 18:00:27 835,584 ----a-w c:\windows\winsxs\msil_system.web.mobile_b03f5f7f11d50a3a_6.0.6000.16720_none_d81670f9cfc68bea\System.Web.Mobile.dll
+ 2008-07-27 17:55:55 835,584 ----a-w c:\windows\winsxs\msil_system.web.mobile_b03f5f7f11d50a3a_6.0.6000.20883_none_c14e879de968d0dd\System.Web.Mobile.dll
+ 2008-07-27 18:03:15 835,584 ----a-w c:\windows\winsxs\msil_system.web.mobile_b03f5f7f11d50a3a_6.0.6001.18111_none_d7f155afd018988b\System.Web.Mobile.dll
+ 2008-07-27 17:58:35 835,584 ----a-w c:\windows\winsxs\msil_system.web.mobile_b03f5f7f11d50a3a_6.0.6001.22230_none_c125c64be9be119e\System.Web.Mobile.dll
+ 2008-07-27 18:00:27 77,824 ----a-w c:\windows\winsxs\msil_system.web.regularexpressions_b03f5f7f11d50a3a_6.0.6000.16720_none_4db0d24c1e2d3469\System.Web.RegularExpressions.dll
+ 2008-07-27 17:55:55 77,824 ----a-w c:\windows\winsxs\msil_system.web.regularexpressions_b03f5f7f11d50a3a_6.0.6000.20883_none_36e8e8f037cf795c\System.Web.RegularExpressions.dll
+ 2008-07-27 18:03:15 77,824 ----a-w c:\windows\winsxs\msil_system.web.regularexpressions_b03f5f7f11d50a3a_6.0.6001.18111_none_4d8bb7021e7f410a\System.Web.RegularExpressions.dll
+ 2008-07-27 17:58:35 77,824 ----a-w c:\windows\winsxs\msil_system.web.regularexpressions_b03f5f7f11d50a3a_6.0.6001.22230_none_36c0279e3824ba1d\System.Web.RegularExpressions.dll
+ 2008-07-27 18:00:27 839,680 ----a-w c:\windows\winsxs\msil_system.web.services_b03f5f7f11d50a3a_6.0.6000.16720_none_f2eba22fb1c64598\System.Web.Services.dll
+ 2008-07-27 17:55:55 839,680 ----a-w c:\windows\winsxs\msil_system.web.services_b03f5f7f11d50a3a_6.0.6000.20883_none_dc23b8d3cb688a8b\System.Web.Services.dll
+ 2008-07-27 18:03:15 839,680 ----a-w c:\windows\winsxs\msil_system.web.services_b03f5f7f11d50a3a_6.0.6001.18111_none_f2c686e5b2185239\System.Web.Services.dll
+ 2008-07-27 17:58:36 839,680 ----a-w c:\windows\winsxs\msil_system.web.services_b03f5f7f11d50a3a_6.0.6001.22230_none_dbfaf781cbbdcb4c\System.Web.Services.dll
+ 2008-07-27 18:00:27 5,025,792 ----a-w c:\windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6000.16720_none_3111dd924337ab48\System.Windows.Forms.dll
+ 2008-07-27 17:55:55 5,025,792 ----a-w c:\windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6000.20883_none_1a49f4365cd9f03b\System.Windows.Forms.dll
+ 2008-07-27 18:03:15 5,025,792 ----a-w c:\windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6001.18111_none_30ecc2484389b7e9\System.Windows.Forms.dll
+ 2008-07-27 17:58:36 5,025,792 ----a-w c:\windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6001.22230_none_1a2132e45d2f30fc\System.Windows.Forms.dll
+ 2008-06-20 01:18:06 1,138,688 ----a-w c:\windows\winsxs\msil_system.workflow.activities_31bf3856ad364e35_6.0.6000.16708_none_26c35517563cf101\System.Workflow.Activities.dll
+ 2008-06-20 01:12:59 1,138,688 ----a-w c:\windows\winsxs\msil_system.workflow.activities_31bf3856ad364e35_6.0.6000.20864_none_270811326f8ed315\System.Workflow.Activities.dll
+ 2008-06-20 01:14:46 1,138,688 ----a-w c:\windows\winsxs\msil_system.workflow.activities_31bf3856ad364e35_6.0.6001.18096_none_284641f753ae4d96\System.Workflow.Activities.dll
+ 2008-06-20 01:13:34 1,138,688 ----a-w c:\windows\winsxs\msil_system.workflow.activities_31bf3856ad364e35_6.0.6001.22208_none_293330886c8121bc\System.Workflow.Activities.dll
+ 2008-06-20 01:18:06 1,630,208 ----a-w c:\windows\winsxs\msil_system.workflow.componentmodel_31bf3856ad364e35_6.0.6000.16708_none_e69a31d9d339fc10\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:13:00 1,630,208 ----a-w c:\windows\winsxs\msil_system.workflow.componentmodel_31bf3856ad364e35_6.0.6000.20864_none_e6deedf4ec8bde24\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:14:47 1,630,208 ----a-w c:\windows\winsxs\msil_system.workflow.componentmodel_31bf3856ad364e35_6.0.6001.18096_none_e81d1eb9d0ab58a5\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:13:35 1,630,208 ----a-w c:\windows\winsxs\msil_system.workflow.componentmodel_31bf3856ad364e35_6.0.6001.22208_none_e90a0d4ae97e2ccb\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:18:07 540,672 ----a-w c:\windows\winsxs\msil_system.workflow.runtime_31bf3856ad364e35_6.0.6000.16708_none_d640ebedc22f16d0\System.Workflow.Runtime.dll
+ 2008-06-20 01:13:00 540,672 ----a-w c:\windows\winsxs\msil_system.workflow.runtime_31bf3856ad364e35_6.0.6000.20864_none_d685a808db80f8e4\System.Workflow.Runtime.dll
+ 2008-06-20 01:14:47 540,672 ----a-w c:\windows\winsxs\msil_system.workflow.runtime_31bf3856ad364e35_6.0.6001.18096_none_d7c3d8cdbfa07365\System.Workflow.Runtime.dll
+ 2008-06-20 01:13:35 540,672 ----a-w c:\windows\winsxs\msil_system.workflow.runtime_31bf3856ad364e35_6.0.6001.22208_none_d8b0c75ed873478b\System.Workflow.Runtime.dll
+ 2008-07-27 18:00:28 2,048,000 ----a-w c:\windows\winsxs\msil_system.xml_b77a5c561934e089_6.0.6000.16720_none_81c62adf49000f9d\System.XML.dll
+ 2008-10-13 22:23:41 2,048,000 ----a-w c:\windows\winsxs\msil_system.xml_b77a5c561934e089_6.0.6000.16762_none_81c9fe7748fca83b\System.XML.dll
+ 2008-07-27 17:55:56 2,048,000 ----a-w c:\windows\winsxs\msil_system.xml_b77a5c561934e089_6.0.6000.20883_none_6afe418362a25490\System.XML.dll
+ 2008-10-13 22:25:14 2,048,000 ----a-w c:\windows\winsxs\msil_system.xml_b77a5c561934e089_6.0.6000.20935_none_6af9125d62a70970\System.XML.dll
+ 2008-07-27 18:03:16 2,048,000 ----a-w c:\windows\winsxs\msil_system.xml_b77a5c561934e089_6.0.6001.18111_none_81a10f9549521c3e\System.XML.dll
+ 2008-10-13 22:26:58 2,048,000 ----a-w c:\windows\winsxs\msil_system.xml_b77a5c561934e089_6.0.6001.18155_none_81a4b59d494ee81e\System.XML.dll
+ 2008-07-27 17:58:36 2,048,000 ----a-w c:\windows\winsxs\msil_system.xml_b77a5c561934e089_6.0.6001.22230_none_6ad5803162f79551\System.XML.dll
+ 2008-10-13 22:23:27 2,048,000 ----a-w c:\windows\winsxs\msil_system.xml_b77a5c561934e089_6.0.6001.22286_none_6ad9f8f362f3adca\System.XML.dll
+ 2008-07-27 18:00:27 3,149,824 ----a-w c:\windows\winsxs\msil_system_b77a5c561934e089_6.0.6000.16720_none_dab5d0b95ba55950\System.dll
+ 2008-07-27 17:55:55 3,149,824 ----a-w c:\windows\winsxs\msil_system_b77a5c561934e089_6.0.6000.20883_none_c3ede75d75479e43\System.dll
+ 2008-07-27 18:03:15 3,149,824 ----a-w c:\windows\winsxs\msil_system_b77a5c561934e089_6.0.6001.18111_none_da90b56f5bf765f1\System.dll
+ 2008-07-27 17:58:35 3,149,824 ----a-w c:\windows\winsxs\msil_system_b77a5c561934e089_6.0.6001.22230_none_c3c5260b759cdf04\System.dll
+ 2008-06-20 01:18:03 167,936 ----a-w c:\windows\winsxs\msil_uiautomationclient_31bf3856ad364e35_6.0.6000.16708_none_1f46da1e8b11645a\UIAutomationClient.dll
+ 2008-06-20 01:12:57 167,936 ----a-w c:\windows\winsxs\msil_uiautomationclient_31bf3856ad364e35_6.0.6000.20864_none_1f8b9639a463466e\UIAutomationClient.dll
+ 2008-06-20 01:14:43 167,936 ----a-w c:\windows\winsxs\msil_uiautomationclient_31bf3856ad364e35_6.0.6001.18096_none_20c9c6fe8882c0ef\UIAutomationClient.dll
+ 2008-06-20 01:13:31 167,936 ----a-w c:\windows\winsxs\msil_uiautomationclient_31bf3856ad364e35_6.0.6001.22208_none_21b6b58fa1559515\UIAutomationClient.dll
+ 2008-06-20 01:18:03 385,024 ----a-w c:\windows\winsxs\msil_uiautomationclientsideproviders_31bf3856ad364e35_6.0.6000.16708_none_b50324b684e63181\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:12:57 385,024 ----a-w c:\windows\winsxs\msil_uiautomationclientsideproviders_31bf3856ad364e35_6.0.6000.20864_none_b547e0d19e381395\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:14:43 385,024 ----a-w c:\windows\winsxs\msil_uiautomationclientsideproviders_31bf3856ad364e35_6.0.6001.18096_none_b686119682578e16\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:13:31 385,024 ----a-w c:\windows\winsxs\msil_uiautomationclientsideproviders_31bf3856ad364e35_6.0.6001.22208_none_b77300279b2a623c\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:18:03 40,960 ----a-w c:\windows\winsxs\msil_uiautomationprovider_31bf3856ad364e35_6.0.6000.16708_none_706efb4a7cf1a096\UIAutomationProvider.dll
+ 2008-06-20 01:12:57 40,960 ----a-w c:\windows\winsxs\msil_uiautomationprovider_31bf3856ad364e35_6.0.6000.20864_none_70b3b765964382aa\UIAutomationProvider.dll
+ 2008-06-20 01:14:43 40,960 ----a-w c:\windows\winsxs\msil_uiautomationprovider_31bf3856ad364e35_6.0.6001.18096_none_71f1e82a7a62fd2b\UIAutomationProvider.dll
+ 2008-06-20 01:13:31 40,960 ----a-w c:\windows\winsxs\msil_uiautomationprovider_31bf3856ad364e35_6.0.6001.22208_none_72ded6bb9335d151\UIAutomationProvider.dll
+ 2008-06-20 01:18:03 98,304 ----a-w c:\windows\winsxs\msil_uiautomationtypes_31bf3856ad364e35_6.0.6000.16708_none_b6b19d6515224ae2\UIAutomationTypes.dll
+ 2008-06-20 01:12:57 98,304 ----a-w c:\windows\winsxs\msil_uiautomationtypes_31bf3856ad364e35_6.0.6000.20864_none_b6f659802e742cf6\UIAutomationTypes.dll
+ 2008-06-20 01:14:43 98,304 ----a-w c:\windows\winsxs\msil_uiautomationtypes_31bf3856ad364e35_6.0.6001.18096_none_b8348a451293a777\UIAutomationTypes.dll
+ 2008-06-20 01:13:31 98,304 ----a-w c:\windows\winsxs\msil_uiautomationtypes_31bf3856ad364e35_6.0.6001.22208_none_b92178d62b667b9d\UIAutomationTypes.dll
+ 2008-06-20 01:18:03 1,245,184 ----a-w c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6000.16708_none_9540b0033275cea4\WindowsBase.dll
+ 2008-06-20 01:12:57 1,245,184 ----a-w c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6000.20864_none_95856c1e4bc7b0b8\WindowsBase.dll
+ 2008-06-20 01:14:44 1,245,184 ----a-w c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6001.18096_none_96c39ce32fe72b39\WindowsBase.dll
+ 2008-06-20 01:13:32 1,245,184 ----a-w c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6001.22208_none_97b08b7448b9ff5f\WindowsBase.dll
+ 2008-06-20 01:18:03 94,208 ----a-w c:\windows\winsxs\msil_windowsformsintegration_31bf3856ad364e35_6.0.6000.16708_none_2700b43cd12f1f94\WindowsFormsIntegration.dll
+ 2008-06-20 01:12:57 94,208 ----a-w c:\windows\winsxs\msil_windowsformsintegration_31bf3856ad364e35_6.0.6000.20864_none_27457057ea8101a8\WindowsFormsIntegration.dll
+ 2008-06-20 01:14:44 94,208 ----a-w c:\windows\winsxs\msil_windowsformsintegration_31bf3856ad364e35_6.0.6001.18096_none_2883a11ccea07c29\WindowsFormsIntegration.dll
+ 2008-06-20 01:13:32 94,208 ----a-w c:\windows\winsxs\msil_windowsformsintegration_31bf3856ad364e35_6.0.6001.22208_none_29708fade773504f\WindowsFormsIntegration.dll
+ 2008-06-20 01:17:51 152,576 ----a-w c:\windows\winsxs\msil_wsatconfig_b03f5f7f11d50a3a_6.0.6000.16708_none_0900f841b7310e90\WsatConfig.exe
+ 2008-06-20 01:12:47 152,576 ----a-w c:\windows\winsxs\msil_wsatconfig_b03f5f7f11d50a3a_6.0.6000.20864_none_f239ae5dd0d2a01c\WsatConfig.exe
+ 2008-06-20 01:14:33 152,576 ----a-w c:\windows\winsxs\msil_wsatconfig_b03f5f7f11d50a3a_6.0.6001.18096_none_08e62457b779cb63\WsatConfig.exe
+ 2008-06-20 01:13:21 152,576 ----a-w c:\windows\winsxs\msil_wsatconfig_b03f5f7f11d50a3a_6.0.6001.22208_none_f20f4d49d1297aed\WsatConfig.exe
+ 2008-07-27 18:00:22 36,864 ----a-w c:\windows\winsxs\x86_aspnet_compiler_b03f5f7f11d50a3a_6.0.6000.16720_none_18ed2252583dfd4f\aspnet_compiler.exe
+ 2008-07-27 17:55:49 36,864 ----a-w c:\windows\winsxs\x86_aspnet_compiler_b03f5f7f11d50a3a_6.0.6000.20883_none_022538f671e04242\aspnet_compiler.exe
+ 2008-07-27 18:03:11 36,864 ----a-w c:\windows\winsxs\x86_aspnet_compiler_b03f5f7f11d50a3a_6.0.6001.18111_none_18c80708589009f0\aspnet_compiler.exe
+ 2008-07-27 17:58:31 36,864 ----a-w c:\windows\winsxs\x86_aspnet_compiler_b03f5f7f11d50a3a_6.0.6001.22230_none_01fc77a472358303\aspnet_compiler.exe
+ 2008-07-27 18:00:22 24,576 ----a-w c:\windows\winsxs\x86_aspnet_regbrowsers_b03f5f7f11d50a3a_6.0.6000.16720_none_098e0a5b18bfd415\aspnet_regbrowsers.exe
+ 2008-07-27 17:55:49 24,576 ----a-w c:\windows\winsxs\x86_aspnet_regbrowsers_b03f5f7f11d50a3a_6.0.6000.20883_none_f2c620ff32621908\aspnet_regbrowsers.exe
+ 2008-07-27 18:03:11 24,576 ----a-w c:\windows\winsxs\x86_aspnet_regbrowsers_b03f5f7f11d50a3a_6.0.6001.18111_none_0968ef111911e0b6\aspnet_regbrowsers.exe
+ 2008-07-27 17:58:31 24,576 ----a-w c:\windows\winsxs\x86_aspnet_regbrowsers_b03f5f7f11d50a3a_6.0.6001.22230_none_f29d5fad32b759c9\aspnet_regbrowsers.exe
+ 2008-07-27 18:00:22 106,496 ----a-w c:\windows\winsxs\x86_aspnet_regsql_b03f5f7f11d50a3a_6.0.6000.16720_none_50001be1bbe18d26\aspnet_regsql.exe
+ 2008-07-27 17:55:49 106,496 ----a-w c:\windows\winsxs\x86_aspnet_regsql_b03f5f7f11d50a3a_6.0.6000.20883_none_39383285d583d219\aspnet_regsql.exe
+ 2008-07-27 18:03:11 106,496 ----a-w c:\windows\winsxs\x86_aspnet_regsql_b03f5f7f11d50a3a_6.0.6001.18111_none_4fdb0097bc3399c7\aspnet_regsql.exe
+ 2008-07-27 17:58:31 106,496 ----a-w c:\windows\winsxs\x86_aspnet_regsql_b03f5f7f11d50a3a_6.0.6001.22230_none_390f7133d5d912da\aspnet_regsql.exe
+ 2008-07-27 18:00:23 106,496 ----a-w

clubECGR · 2009/02/05

What a long log this is

c:\windows\winsxs\x86_caspol_b03f5f7f11d50a3a_6.0.6000.16720_none_6bfcb0a8ef8c6f2e\CasPol.exe
+ 2008-07-27 17:55:49 106,496 ----a-w c:\windows\winsxs\x86_caspol_b03f5f7f11d50a3a_6.0.6000.20883_none_5534c74d092eb421\CasPol.exe
+ 2008-07-27 18:03:11 106,496 ----a-w c:\windows\winsxs\x86_caspol_b03f5f7f11d50a3a_6.0.6001.18111_none_6bd7955eefde7bcf\CasPol.exe
+ 2008-07-27 17:58:31 106,496 ----a-w c:\windows\winsxs\x86_caspol_b03f5f7f11d50a3a_6.0.6001.22230_none_550c05fb0983f4e2\CasPol.exe
+ 2008-07-27 18:00:23 69,120 ----a-w c:\windows\winsxs\x86_custommarshalers_b03f5f7f11d50a3a_6.0.6000.16720_none_7265203191693c0b\CustomMarshalers.dll
+ 2008-07-27 17:55:51 69,120 ----a-w c:\windows\winsxs\x86_custommarshalers_b03f5f7f11d50a3a_6.0.6000.20883_none_5b9d36d5ab0b80fe\CustomMarshalers.dll
+ 2008-07-27 18:03:11 69,120 ----a-w c:\windows\winsxs\x86_custommarshalers_b03f5f7f11d50a3a_6.0.6001.18111_none_724004e791bb48ac\CustomMarshalers.dll
+ 2008-07-27 17:58:31 69,120 ----a-w c:\windows\winsxs\x86_custommarshalers_b03f5f7f11d50a3a_6.0.6001.22230_none_5b747583ab60c1bf\CustomMarshalers.dll
+ 2008-06-20 01:17:49 881,664 ----a-w c:\windows\winsxs\x86_infocard_b77a5c561934e089_6.0.6000.16708_none_cbaeb523183b9d1c\infocard.exe
+ 2008-06-20 01:12:45 881,664 ----a-w c:\windows\winsxs\x86_infocard_b77a5c561934e089_6.0.6000.20864_none_b4e76b3f31dd2ea8\infocard.exe
+ 2008-06-20 01:14:31 881,664 ----a-w c:\windows\winsxs\x86_infocard_b77a5c561934e089_6.0.6001.18096_none_cb93e139188459ef\infocard.exe
+ 2008-06-20 01:13:18 881,664 ----a-w c:\windows\winsxs\x86_infocard_b77a5c561934e089_6.0.6001.22208_none_b4bd0a2b32340979\infocard.exe
+ 2008-07-27 18:00:24 28,672 ----a-w c:\windows\winsxs\x86_installutil_b03f5f7f11d50a3a_6.0.6000.16720_none_7b9d9e0320ce1b15\InstallUtil.exe
+ 2008-07-27 17:55:52 28,672 ----a-w c:\windows\winsxs\x86_installutil_b03f5f7f11d50a3a_6.0.6000.20883_none_64d5b4a73a706008\InstallUtil.exe
+ 2008-07-27 18:03:12 28,672 ----a-w c:\windows\winsxs\x86_installutil_b03f5f7f11d50a3a_6.0.6001.18111_none_7b7882b9212027b6\InstallUtil.exe
+ 2008-07-27 17:58:32 28,672 ----a-w c:\windows\winsxs\x86_installutil_b03f5f7f11d50a3a_6.0.6001.22230_none_64acf3553ac5a0c9\InstallUtil.exe
+ 2008-07-27 18:00:24 72,192 ----a-w c:\windows\winsxs\x86_isymwrapper_b03f5f7f11d50a3a_6.0.6000.16720_none_0881a09d12cd922d\ISymWrapper.dll
+ 2008-07-27 17:55:52 72,192 ----a-w c:\windows\winsxs\x86_isymwrapper_b03f5f7f11d50a3a_6.0.6000.20883_none_f1b9b7412c6fd720\ISymWrapper.dll
+ 2008-07-27 18:03:12 72,192 ----a-w c:\windows\winsxs\x86_isymwrapper_b03f5f7f11d50a3a_6.0.6001.18111_none_085c8553131f9ece\ISymWrapper.dll
+ 2008-07-27 17:58:32 72,192 ----a-w c:\windows\winsxs\x86_isymwrapper_b03f5f7f11d50a3a_6.0.6001.22230_none_f190f5ef2cc517e1\ISymWrapper.dll
+ 2008-06-20 01:17:50 163,840 ----a-w c:\windows\winsxs\x86_microsoft.transactions.bridge.dtc_b03f5f7f11d50a3a_6.0.6000.16708_none_ef4812419297c719\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-06-20 01:12:45 163,840 ----a-w c:\windows\winsxs\x86_microsoft.transactions.bridge.dtc_b03f5f7f11d50a3a_6.0.6000.20864_none_d880c85dac3958a5\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-06-20 01:14:31 163,840 ----a-w c:\windows\winsxs\x86_microsoft.transactions.bridge.dtc_b03f5f7f11d50a3a_6.0.6001.18096_none_ef2d3e5792e083ec\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-06-20 01:13:19 163,840 ----a-w c:\windows\winsxs\x86_microsoft.transactions.bridge.dtc_b03f5f7f11d50a3a_6.0.6001.22208_none_d8566749ac903376\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-27 18:03:14 479,232 ----a-w c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\msvcm80.dll
+ 2008-07-27 18:03:14 558,080 ----a-w c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\msvcp80.dll
+ 2008-07-27 18:03:14 635,904 ----a-w c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\msvcr80.dll
+ 2009-02-05 13:07:21 224,768 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcm90.dll
+ 2009-02-05 13:07:20 568,832 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll
+ 2009-02-05 13:07:20 655,872 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll
+ 2008-07-27 18:00:24 69,632 ----a-w c:\windows\winsxs\x86_msbuild_b03f5f7f11d50a3a_6.0.6000.16720_none_81591d45b0e55432\MSBuild.exe
+ 2008-07-27 17:55:52 69,632 ----a-w c:\windows\winsxs\x86_msbuild_b03f5f7f11d50a3a_6.0.6000.20883_none_6a9133e9ca879925\MSBuild.exe
+ 2008-07-27 18:03:12 69,632 ----a-w c:\windows\winsxs\x86_msbuild_b03f5f7f11d50a3a_6.0.6001.18111_none_813401fbb13760d3\MSBuild.exe
+ 2008-07-27 17:58:32 69,632 ----a-w c:\windows\winsxs\x86_msbuild_b03f5f7f11d50a3a_6.0.6001.22230_none_6a687297cadcd9e6\MSBuild.exe
+ 2008-07-27 18:00:24 4,546,560 ----a-w c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6000.16720_none_c7dc8a0ec1089f13\mscorlib.dll
+ 2008-10-13 22:23:37 4,546,560 ----a-w c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6000.16762_none_c7e05da6c10537b1\mscorlib.dll
+ 2008-07-27 17:55:52 4,546,560 ----a-w c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6000.20883_none_b114a0b2daaae406\mscorlib.dll
+ 2008-10-13 22:25:10 4,546,560 ----a-w c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6000.20935_none_b10f718cdaaf98e6\mscorlib.dll
+ 2008-07-27 18:03:13 4,546,560 ----a-w c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6001.18111_none_c7b76ec4c15aabb4\mscorlib.dll
+ 2008-10-13 22:26:54 4,546,560 ----a-w c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6001.18155_none_c7bb14ccc1577794\mscorlib.dll
+ 2008-07-27 17:58:33 4,546,560 ----a-w c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6001.22230_none_b0ebdf60db0024c7\mscorlib.dll
+ 2008-10-13 22:23:22 4,546,560 ----a-w c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6001.22286_none_b0f05822dafc3d40\mscorlib.dll
+ 2008-07-27 18:00:22 98,808 ----a-w c:\windows\winsxs\x86_netfx-_vc_assembly_linker_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_3921f539eb3d8e34\alink.dll
+ 2008-07-27 17:55:49 98,808 ----a-w c:\windows\winsxs\x86_netfx-_vc_assembly_linker_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_225a0bde04dfd327\alink.dll
+ 2008-07-27 18:03:10 98,808 ----a-w c:\windows\winsxs\x86_netfx-_vc_assembly_linker_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_38fcd9efeb8f9ad5\alink.dll
+ 2008-07-27 17:58:31 98,808 ----a-w c:\windows\winsxs\x86_netfx-_vc_assembly_linker_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_22314a8c053513e8\alink.dll
+ 2008-07-27 18:00:22 28,672 ----a-w c:\windows\winsxs\x86_netfx-_vc_assembly_linker_messages_b03f5f7f11d50a3a_6.0.6000.16720_none_6556da40a4b1aa70\alinkui.dll
+ 2008-07-27 17:55:49 28,672 ----a-w c:\windows\winsxs\x86_netfx-_vc_assembly_linker_messages_b03f5f7f11d50a3a_6.0.6000.20883_none_4e8ef0e4be53ef63\alinkui.dll
+ 2008-07-27 18:03:10 28,672 ----a-w c:\windows\winsxs\x86_netfx-_vc_assembly_linker_messages_b03f5f7f11d50a3a_6.0.6001.18111_none_6531bef6a503b711\alinkui.dll
+ 2008-07-27 17:58:31 28,672 ----a-w c:\windows\winsxs\x86_netfx-_vc_assembly_linker_messages_b03f5f7f11d50a3a_6.0.6001.22230_none_4e662f92bea93024\alinkui.dll
+ 2008-07-27 18:00:28 1,344,000 ----a-w c:\windows\winsxs\x86_netfx-_vsavb7rt_b03f5f7f11d50a3a_6.0.6000.16720_none_7f3638c1b8807636\VsaVb7rt.dll
+ 2008-07-27 17:55:56 1,344,000 ----a-w c:\windows\winsxs\x86_netfx-_vsavb7rt_b03f5f7f11d50a3a_6.0.6000.20883_none_686e4f65d222bb29\VsaVb7rt.dll
+ 2008-07-27 18:03:16 1,344,000 ----a-w c:\windows\winsxs\x86_netfx-_vsavb7rt_b03f5f7f11d50a3a_6.0.6001.18111_none_7f111d77b8d282d7\VsaVb7rt.dll
+ 2008-07-27 17:58:36 1,344,000 ----a-w c:\windows\winsxs\x86_netfx-_vsavb7rt_b03f5f7f11d50a3a_6.0.6001.22230_none_68458e13d277fbea\VsaVb7rt.dll
+ 2008-07-27 18:00:22 218,112 ----a-w c:\windows\winsxs\x86_netfx-_vsavb7rtui_b03f5f7f11d50a3a_6.0.6000.16720_none_50855fce2ae6758a\Vsavb7rtUI.dll
+ 2008-07-27 17:55:49 218,112 ----a-w c:\windows\winsxs\x86_netfx-_vsavb7rtui_b03f5f7f11d50a3a_6.0.6000.20883_none_39bd76724488ba7d\Vsavb7rtUI.dll
+ 2008-07-27 18:03:10 218,112 ----a-w c:\windows\winsxs\x86_netfx-_vsavb7rtui_b03f5f7f11d50a3a_6.0.6001.18111_none_506044842b38822b\Vsavb7rtUI.dll
+ 2008-07-27 17:58:31 218,112 ----a-w c:\windows\winsxs\x86_netfx-_vsavb7rtui_b03f5f7f11d50a3a_6.0.6001.22230_none_3994b52044ddfb3e\Vsavb7rtUI.dll
+ 2008-07-27 18:00:22 147,968 ----a-w c:\windows\winsxs\x86_netfx-ado_net_diag_b03f5f7f11d50a3a_6.0.6000.16720_none_6d811f76e797ee4e\AdoNetDiag.dll
+ 2008-07-27 17:55:49 147,968 ----a-w c:\windows\winsxs\x86_netfx-ado_net_diag_b03f5f7f11d50a3a_6.0.6000.20883_none_56b9361b013a3341\AdoNetDiag.dll
+ 2008-07-27 18:03:10 147,968 ----a-w c:\windows\winsxs\x86_netfx-ado_net_diag_b03f5f7f11d50a3a_6.0.6001.18111_none_6d5c042ce7e9faef\AdoNetDiag.dll
+ 2008-07-27 17:58:31 147,968 ----a-w c:\windows\winsxs\x86_netfx-ado_net_diag_b03f5f7f11d50a3a_6.0.6001.22230_none_569074c9018f7402\AdoNetDiag.dll
+ 2008-07-27 18:00:22 58,880 ----a-w c:\windows\winsxs\x86_netfx-applaunch_exe_b03f5f7f11d50a3a_6.0.6000.16720_none_c55cc3986aa0f96b\AppLaunch.exe
+ 2008-07-27 17:55:49 58,880 ----a-w c:\windows\winsxs\x86_netfx-applaunch_exe_b03f5f7f11d50a3a_6.0.6000.20883_none_ae94da3c84433e5e\AppLaunch.exe
+ 2008-07-27 18:03:11 58,880 ----a-w c:\windows\winsxs\x86_netfx-applaunch_exe_b03f5f7f11d50a3a_6.0.6001.18111_none_c537a84e6af3060c\AppLaunch.exe
+ 2008-07-27 17:58:31 58,880 ----a-w c:\windows\winsxs\x86_netfx-applaunch_exe_b03f5f7f11d50a3a_6.0.6001.22230_none_ae6c18ea84987f1f\AppLaunch.exe
+ 2008-07-27 18:00:22 22,024 ----a-w c:\windows\winsxs\x86_netfx-aspnet_filter_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_d5762fdb578fde3d\aspnet_filter.dll
+ 2008-07-27 17:55:49 22,024 ----a-w c:\windows\winsxs\x86_netfx-aspnet_filter_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_beae467f71322330\aspnet_filter.dll
+ 2008-07-27 18:03:11 22,024 ----a-w c:\windows\winsxs\x86_netfx-aspnet_filter_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_d551149157e1eade\aspnet_filter.dll
+ 2008-07-27 17:58:31 22,024 ----a-w c:\windows\winsxs\x86_netfx-aspnet_filter_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_be85852d718763f1\aspnet_filter.dll
+ 2008-07-27 18:00:22 17,416 ----a-w c:\windows\winsxs\x86_netfx-aspnet_isapi_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_dda3740568b14f3b\aspnet_isapi.dll
+ 2008-07-27 17:55:49 17,416 ----a-w c:\windows\winsxs\x86_netfx-aspnet_isapi_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_c6db8aa98253942e\aspnet_isapi.dll
+ 2008-07-27 18:03:11 17,416 ----a-w c:\windows\winsxs\x86_netfx-aspnet_isapi_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_dd7e58bb69035bdc\aspnet_isapi.dll
+ 2008-07-27 17:58:31 17,416 ----a-w c:\windows\winsxs\x86_netfx-aspnet_isapi_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_c6b2c95782a8d4ef\aspnet_isapi.dll
+ 2008-07-27 18:00:24 97,792 ----a-w c:\windows\winsxs\x86_netfx-aspnet_mmc_asp_ext_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_90e8a24fd2d12b2d\MmcAspExt.dll
+ 2008-07-27 17:55:52 97,792 ----a-w c:\windows\winsxs\x86_netfx-aspnet_mmc_asp_ext_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_7a20b8f3ec737020\MmcAspExt.dll
+ 2008-07-27 18:03:12 97,792 ----a-w c:\windows\winsxs\x86_netfx-aspnet_mmc_asp_ext_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_90c38705d32337ce\MmcAspExt.dll
+ 2008-07-27 17:58:32 97,792 ----a-w c:\windows\winsxs\x86_netfx-aspnet_mmc_asp_ext_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_79f7f7a1ecc8b0e1\MmcAspExt.dll
+ 2008-07-27 18:00:22 33,800 ----a-w c:\windows\winsxs\x86_netfx-aspnet_perf_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_ddd04c5afc661a12\Aspnet_perf.dll
+ 2008-07-27 17:55:49 33,800 ----a-w c:\windows\winsxs\x86_netfx-aspnet_perf_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_c70862ff16085f05\Aspnet_perf.dll
+ 2008-07-27 18:03:11 33,800 ----a-w c:\windows\winsxs\x86_netfx-aspnet_perf_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_ddab3110fcb826b3\Aspnet_perf.dll
+ 2008-07-27 17:58:31 33,800 ----a-w c:\windows\winsxs\x86_netfx-aspnet_perf_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_c6dfa1ad165d9fc6\Aspnet_perf.dll
+ 2008-07-27 18:00:22 84,480 ----a-w c:\windows\winsxs\x86_netfx-aspnet_rc_dll_res_b03f5f7f11d50a3a_6.0.6000.16720_none_303fe2adfd729d2f\aspnet_rc.dll
+ 2008-07-27 17:55:49 84,480 ----a-w c:\windows\winsxs\x86_netfx-aspnet_rc_dll_res_b03f5f7f11d50a3a_6.0.6000.20883_none_1977f9521714e222\aspnet_rc.dll
+ 2008-07-27 18:03:11 84,480 ----a-w c:\windows\winsxs\x86_netfx-aspnet_rc_dll_res_b03f5f7f11d50a3a_6.0.6001.18111_none_301ac763fdc4a9d0\aspnet_rc.dll
+ 2008-07-27 17:58:31 84,480 ----a-w c:\windows\winsxs\x86_netfx-aspnet_rc_dll_res_b03f5f7f11d50a3a_6.0.6001.22230_none_194f3800176a22e3\aspnet_rc.dll
+ 2008-07-27 18:00:22 33,288 ----a-w c:\windows\winsxs\x86_netfx-aspnet_regiis_exe_b03f5f7f11d50a3a_6.0.6000.16720_none_124dc10f21a7964c\aspnet_regiis.exe
+ 2008-07-27 17:55:49 33,288 ----a-w c:\windows\winsxs\x86_netfx-aspnet_regiis_exe_b03f5f7f11d50a3a_6.0.6000.20883_none_fb85d7b33b49db3f\aspnet_regiis.exe
+ 2008-07-27 18:03:11 33,288 ----a-w c:\windows\winsxs\x86_netfx-aspnet_regiis_exe_b03f5f7f11d50a3a_6.0.6001.18111_none_1228a5c521f9a2ed\aspnet_regiis.exe
+ 2008-07-27 17:58:31 33,288 ----a-w c:\windows\winsxs\x86_netfx-aspnet_regiis_exe_b03f5f7f11d50a3a_6.0.6001.22230_none_fb5d16613b9f1c00\aspnet_regiis.exe
+ 2008-07-27 18:00:22 34,312 ----a-w c:\windows\winsxs\x86_netfx-aspnet_state_exe_b03f5f7f11d50a3a_6.0.6000.16720_none_8142f10dc28972ea\aspnet_state.exe
+ 2008-07-27 17:55:49 34,312 ----a-w c:\windows\winsxs\x86_netfx-aspnet_state_exe_b03f5f7f11d50a3a_6.0.6000.20883_none_6a7b07b1dc2bb7dd\aspnet_state.exe
+ 2008-07-27 18:03:11 34,312 ----a-w c:\windows\winsxs\x86_netfx-aspnet_state_exe_b03f5f7f11d50a3a_6.0.6001.18111_none_811dd5c3c2db7f8b\aspnet_state.exe
+ 2008-07-27 17:58:31 34,312 ----a-w c:\windows\winsxs\x86_netfx-aspnet_state_exe_b03f5f7f11d50a3a_6.0.6001.22230_none_6a52465fdc80f89e\aspnet_state.exe
+ 2008-07-27 18:00:23 33,792 ----a-w c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6000.16720_none_c50edb888bf66284\aspnet_wp.exe
+ 2008-10-13 22:23:34 31,560 ----a-w c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6000.16762_none_c512af208bf2fb22\aspnet_wp.exe
+ 2008-07-27 17:55:49 33,792 ----a-w c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6000.20883_none_ae46f22ca598a777\aspnet_wp.exe
+ 2008-10-13 22:25:08 31,560 ----a-w c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6000.20935_none_ae41c306a59d5c57\aspnet_wp.exe
+ 2008-07-27 18:03:11 33,792 ----a-w c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6001.18111_none_c4e9c03e8c486f25\aspnet_wp.exe
+ 2008-10-13 22:26:50 31,560 ----a-w c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6001.18155_none_c4ed66468c453b05\aspnet_wp.exe
+ 2008-07-27 17:58:31 33,792 ----a-w c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6001.22230_none_ae1e30daa5ede838\aspnet_wp.exe
+ 2008-10-13 22:23:19 31,560 ----a-w c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6001.22286_none_ae22a99ca5ea00b1\aspnet_wp.exe
+ 2008-07-27 18:00:23 230,904 ----a-w c:\windows\winsxs\x86_netfx-clr_ilasm_exe_b03f5f7f11d50a3a_6.0.6000.16720_none_03362a9d8d7b9753\ilasm.exe
+ 2008-07-27 17:55:52 230,904 ----a-w c:\windows\winsxs\x86_netfx-clr_ilasm_exe_b03f5f7f11d50a3a_6.0.6000.20883_none_ec6e4141a71ddc46\ilasm.exe
+ 2008-07-27 18:03:12 230,904 ----a-w c:\windows\winsxs\x86_netfx-clr_ilasm_exe_b03f5f7f11d50a3a_6.0.6001.18111_none_03110f538dcda3f4\ilasm.exe
+ 2008-07-27 17:58:32 230,904 ----a-w c:\windows\winsxs\x86_netfx-clr_ilasm_exe_b03f5f7f11d50a3a_6.0.6001.22230_none_ec457fefa7731d07\ilasm.exe
+ 2008-07-27 18:00:27 57,392 ----a-w c:\windows\winsxs\x86_netfx-clr_sys_entservcs_thunk_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_52860d14b787880b\System.EnterpriseServices.Thunk.dll
+ 2008-07-27 17:55:55 57,392 ----a-w c:\windows\winsxs\x86_netfx-clr_sys_entservcs_thunk_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_3bbe23b8d129ccfe\System.EnterpriseServices.Thunk.dll
+ 2008-07-27 18:03:15 57,392 ----a-w c:\windows\winsxs\x86_netfx-clr_sys_entservcs_thunk_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_5260f1cab7d994ac\System.EnterpriseServices.Thunk.dll
+ 2008-07-27 17:58:35 57,392 ----a-w c:\windows\winsxs\x86_netfx-clr_sys_entservcs_thunk_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_3b956266d17f0dbf\System.EnterpriseServices.Thunk.dll
+ 2008-07-27 18:00:23 105,464 ----a-w c:\windows\winsxs\x86_netfx-clrgc_b03f5f7f11d50a3a_6.0.6000.16720_none_20f118a5f8b7c691\clrgc.exe
+ 2008-07-27 17:55:50 105,464 ----a-w c:\windows\winsxs\x86_netfx-clrgc_b03f5f7f11d50a3a_6.0.6000.20883_none_0a292f4a125a0b84\clrgc.exe
+ 2008-07-27 18:03:11 105,464 ----a-w c:\windows\winsxs\x86_netfx-clrgc_b03f5f7f11d50a3a_6.0.6001.18111_none_20cbfd5bf909d332\clrgc.exe
+ 2008-07-27 17:58:31 105,464 ----a-w c:\windows\winsxs\x86_netfx-clrgc_b03f5f7f11d50a3a_6.0.6001.22230_none_0a006df812af4c45\clrgc.exe
+ 2008-07-27 18:00:23 89,608 ----a-w c:\windows\winsxs\x86_netfx-corperfmonext_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_b30d9713c2a13a95\CORPerfMonExt.dll
+ 2008-07-27 17:55:50 89,608 ----a-w c:\windows\winsxs\x86_netfx-corperfmonext_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_9c45adb7dc437f88\CORPerfMonExt.dll
+ 2008-07-27 18:03:11 89,608 ----a-w c:\windows\winsxs\x86_netfx-corperfmonext_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_b2e87bc9c2f34736\CORPerfMonExt.dll
+ 2008-07-27 17:58:31 89,608 ----a-w c:\windows\winsxs\x86_netfx-corperfmonext_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_9c1cec65dc98c049\CORPerfMonExt.dll
+ 2008-07-27 18:00:23 80,376 ----a-w c:\windows\winsxs\x86_netfx-csharp_compiler_csc_b03f5f7f11d50a3a_6.0.6000.16720_none_fe9ea81e2cc7a10d\csc.exe
+ 2008-07-27 17:55:50 80,376 ----a-w c:\windows\winsxs\x86_netfx-csharp_compiler_csc_b03f5f7f11d50a3a_6.0.6000.20883_none_e7d6bec24669e600\csc.exe
+ 2008-07-27 18:03:11 80,376 ----a-w c:\windows\winsxs\x86_netfx-csharp_compiler_csc_b03f5f7f11d50a3a_6.0.6001.18111_none_fe798cd42d19adae\csc.exe
+ 2008-07-27 17:58:31 80,376 ----a-w c:\windows\winsxs\x86_netfx-csharp_compiler_csc_b03f5f7f11d50a3a_6.0.6001.22230_none_e7adfd7046bf26c1\csc.exe
+ 2008-07-27 18:00:23 1,163,768 ----a-w c:\windows\winsxs\x86_netfx-csharp_compiler_cscomp_b03f5f7f11d50a3a_6.0.6000.16720_none_299326f9d18fcbcd\cscomp.dll
+ 2008-07-27 17:55:51 1,163,768 ----a-w c:\windows\winsxs\x86_netfx-csharp_compiler_cscomp_b03f5f7f11d50a3a_6.0.6000.20883_none_12cb3d9deb3210c0\cscomp.dll
+ 2008-07-27 18:03:11 1,163,768 ----a-w c:\windows\winsxs\x86_netfx-csharp_compiler_cscomp_b03f5f7f11d50a3a_6.0.6001.18111_none_296e0bafd1e1d86e\cscomp.dll
+ 2008-07-27 17:58:31 1,163,768 ----a-w c:\windows\winsxs\x86_netfx-csharp_compiler_cscomp_b03f5f7f11d50a3a_6.0.6001.22230_none_12a27c4beb875181\cscomp.dll
+ 2008-07-27 18:00:22 145,408 ----a-w c:\windows\winsxs\x86_netfx-csharpcompilermsg_b03f5f7f11d50a3a_6.0.6000.16720_none_70fa2f2bea847d65\cscompui.dll
+ 2008-07-27 17:55:49 145,408 ----a-w c:\windows\winsxs\x86_netfx-csharpcompilermsg_b03f5f7f11d50a3a_6.0.6000.20883_none_5a3245d00426c258\cscompui.dll
+ 2008-07-27 18:03:10 145,408 ----a-w c:\windows\winsxs\x86_netfx-csharpcompilermsg_b03f5f7f11d50a3a_6.0.6001.18111_none_70d513e1ead68a06\cscompui.dll
+ 2008-07-27 17:58:31 145,408 ----a-w c:\windows\winsxs\x86_netfx-csharpcompilermsg_b03f5f7f11d50a3a_6.0.6001.22230_none_5a09847e047c0319\cscompui.dll
+ 2008-07-27 18:00:23 27,136 ----a-w c:\windows\winsxs\x86_netfx-culture_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_dad3d84a4fe9cf2d\Culture.dll
+ 2008-07-27 17:55:51 27,136 ----a-w c:\windows\winsxs\x86_netfx-culture_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_c40beeee698c1420\Culture.dll
+ 2008-07-27 18:03:11 27,136 ----a-w c:\windows\winsxs\x86_netfx-culture_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_daaebd00503bdbce\Culture.dll
+ 2008-07-27 17:58:31 27,136 ----a-w c:\windows\winsxs\x86_netfx-culture_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_c3e32d9c69e154e1\Culture.dll
+ 2008-07-27 18:00:23 35,320 ----a-w c:\windows\winsxs\x86_netfx-cvtres_for_vc_and_vb_b03f5f7f11d50a3a_6.0.6000.16720_none_e5e61fca33bbd736\cvtres.exe
+ 2008-07-27 17:55:51 35,320 ----a-w c:\windows\winsxs\x86_netfx-cvtres_for_vc_and_vb_b03f5f7f11d50a3a_6.0.6000.20883_none_cf1e366e4d5e1c29\cvtres.exe
+ 2008-07-27 18:03:11 35,320 ----a-w c:\windows\winsxs\x86_netfx-cvtres_for_vc_and_vb_b03f5f7f11d50a3a_6.0.6001.18111_none_e5c10480340de3d7\cvtres.exe
+ 2008-07-27 17:58:31 35,320 ----a-w c:\windows\winsxs\x86_netfx-cvtres_for_vc_and_vb_b03f5f7f11d50a3a_6.0.6001.22230_none_cef5751c4db35cea\cvtres.exe
+ 2008-07-27 18:00:22 13,824 ----a-w c:\windows\winsxs\x86_netfx-cvtresui_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_d1bdbba018204fce\CvtResUI.dll
+ 2008-07-27 17:55:49 13,824 ----a-w c:\windows\winsxs\x86_netfx-cvtresui_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_baf5d24431c294c1\CvtResUI.dll
+ 2008-07-27 18:03:10 13,824 ----a-w c:\windows\winsxs\x86_netfx-cvtresui_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_d198a05618725c6f\CvtResUI.dll
+ 2008-07-27 17:58:31 13,824 ----a-w c:\windows\winsxs\x86_netfx-cvtresui_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_bacd10f23217d582\CvtResUI.dll
+ 2008-07-27 18:00:23 575,496 ----a-w c:\windows\winsxs\x86_netfx-debugging_msdia70_b03f5f7f11d50a3a_6.0.6000.16720_none_d10442cb1462cc84\diasymreader.dll
+ 2008-07-27 17:55:51 575,496 ----a-w c:\windows\winsxs\x86_netfx-debugging_msdia70_b03f5f7f11d50a3a_6.0.6000.20883_none_ba3c596f2e051177\diasymreader.dll
+ 2008-07-27 18:03:11 575,496 ----a-w c:\windows\winsxs\x86_netfx-debugging_msdia70_b03f5f7f11d50a3a_6.0.6001.18111_none_d0df278114b4d925\diasymreader.dll
+ 2008-07-27 17:58:32 575,496 ----a-w c:\windows\winsxs\x86_netfx-debugging_msdia70_b03f5f7f11d50a3a_6.0.6001.22230_none_ba13981d2e5a5238\diasymreader.dll
+ 2008-07-27 18:00:23 62,968 ----a-w c:\windows\winsxs\x86_netfx-dfdll_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_887641f8543b58cd\dfdll.dll
+ 2008-07-27 17:55:51 62,968 ----a-w c:\windows\winsxs\x86_netfx-dfdll_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_71ae589c6ddd9dc0\dfdll.dll
+ 2008-07-27 18:03:11 62,968 ----a-w c:\windows\winsxs\x86_netfx-dfdll_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_885126ae548d656e\dfdll.dll
+ 2008-07-27 17:58:31 62,968 ----a-w c:\windows\winsxs\x86_netfx-dfdll_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_7185974a6e32de81\dfdll.dll
+ 2008-07-27 18:00:28 96,760 ----a-w c:\windows\winsxs\x86_netfx-dfshim_dll_31bf3856ad364e35_6.0.6000.16720_none_768419d85fe38f05\dfshim.dll
+ 2008-07-27 17:55:56 96,760 ----a-w c:\windows\winsxs\x86_netfx-dfshim_dll_31bf3856ad364e35_6.0.6000.20883_none_76cfd7f9792f227a\dfshim.dll
+ 2008-07-27 18:03:16 96,760 ----a-w c:\windows\winsxs\x86_netfx-dfshim_dll_31bf3856ad364e35_6.0.6001.18111_none_787628b45d011d5c\dfshim.dll
+ 2008-07-27 17:58:36 96,760 ----a-w c:\windows\winsxs\x86_netfx-dfshim_dll_31bf3856ad364e35_6.0.6001.22230_none_78e9255d762fdbb1\dfshim.dll
+ 2008-07-27 18:00:23 36,344 ----a-w c:\windows\winsxs\x86_netfx-dw_b03f5f7f11d50a3a_6.0.6000.16720_none_cdc273811ae653eb\dw20.exe
+ 2008-07-27 17:55:51 36,344 ----a-w c:\windows\winsxs\x86_netfx-dw_b03f5f7f11d50a3a_6.0.6000.20883_none_b6fa8a25348898de\dw20.exe
+ 2008-07-27 18:03:11 36,344 ----a-w c:\windows\winsxs\x86_netfx-dw_b03f5f7f11d50a3a_6.0.6001.18111_none_cd9d58371b38608c\dw20.exe
+ 2008-07-27 17:58:32 36,344 ----a-w c:\windows\winsxs\x86_netfx-dw_b03f5f7f11d50a3a_6.0.6001.22230_none_b6d1c8d334ddd99f\dw20.exe
+ 2008-07-27 18:00:23 798,224 ----a-w c:\windows\winsxs\x86_netfx-eventlogmessages_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_cf8a616af2a68bf7\EventLogMessages.dll
+ 2008-07-27 17:55:51 798,224 ----a-w c:\windows\winsxs\x86_netfx-eventlogmessages_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_b8c2780f0c48d0ea\EventLogMessages.dll
+ 2008-07-27 18:03:11 798,224 ----a-w c:\windows\winsxs\x86_netfx-eventlogmessages_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_cf654620f2f89898\EventLogMessages.dll
+ 2008-07-27 17:58:32 798,224 ----a-w c:\windows\winsxs\x86_netfx-eventlogmessages_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_b899b6bd0c9e11ab\EventLogMessages.dll
+ 2008-07-27 18:00:23 18,936 ----a-w c:\windows\winsxs\x86_netfx-fusion_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_02f7688b0a477a67\fusion.dll
+ 2008-07-27 17:55:51 18,936 ----a-w c:\windows\winsxs\x86_netfx-fusion_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_ec2f7f2f23e9bf5a\fusion.dll
+ 2008-07-27 18:03:11 18,936 ----a-w c:\windows\winsxs\x86_netfx-fusion_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_02d24d410a998708\fusion.dll
+ 2008-07-27 17:58:32 18,936 ----a-w c:\windows\winsxs\x86_netfx-fusion_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_ec06bddd243f001b\fusion.dll
+ 2008-07-27 18:00:29 41,984 ----a-w c:\windows\winsxs\x86_netfx-fw_netfxperf_dll_31bf3856ad364e35_6.0.6000.16720_none_9297cbea7e22b2e8\netfxperf.dll
+ 2008-07-27 17:55:56 41,984 ----a-w c:\windows\winsxs\x86_netfx-fw_netfxperf_dll_31bf3856ad364e35_6.0.6000.20883_none_92e38a0b976e465d\netfxperf.dll
+ 2008-07-27 18:03:17 41,984 ----a-w c:\windows\winsxs\x86_netfx-fw_netfxperf_dll_31bf3856ad364e35_6.0.6001.18111_none_9489dac67b40413f\netfxperf.dll
+ 2008-07-27 17:58:37 41,984 ----a-w c:\windows\winsxs\x86_netfx-fw_netfxperf_dll_31bf3856ad364e35_6.0.6001.22230_none_94fcd76f946eff94\netfxperf.dll
+ 2008-07-27 18:00:24 65,032 ----a-w c:\windows\winsxs\x86_netfx-installutillib_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_b6dc6c95d82f7e23\InstallUtilLib.dll
+ 2008-07-27 17:55:52 65,032 ----a-w c:\windows\winsxs\x86_netfx-installutillib_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_a0148339f1d1c316\InstallUtilLib.dll
+ 2008-07-27 18:03:12 65,032 ----a-w c:\windows\winsxs\x86_netfx-installutillib_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_b6b7514bd8818ac4\InstallUtilLib.dll
+ 2008-07-27 17:58:32 65,032 ----a-w c:\windows\winsxs\x86_netfx-installutillib_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_9febc1e7f22703d7\InstallUtilLib.dll
+ 2008-07-27 18:00:24 998,408 ----a-w c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6000.16720_none_2b477be306910f6b\mscordacwks.dll
+ 2008-10-13 22:23:36 990,032 ----a-w c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6000.16762_none_2b4b4f7b068da809\mscordacwks.dll
+ 2008-07-27 17:55:52 998,408 ----a-w c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6000.20883_none_147f92872033545e\mscordacwks.dll
+ 2008-10-13 22:25:10 990,032 ----a-w c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6000.20935_none_147a63612038093e\mscordacwks.dll
+ 2008-07-27 18:03:12 998,408 ----a-w c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6001.18111_none_2b22609906e31c0c\mscordacwks.dll
+ 2008-10-13 22:26:53 990,032 ----a-w c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6001.18155_none_2b2606a106dfe7ec\mscordacwks.dll
+ 2008-07-27 17:58:32 998,408 ----a-w c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6001.22230_none_1456d1352088951f\mscordacwks.dll
+ 2008-10-13 22:23:21 990,032 ----a-w c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6001.22286_none_145b49f72084ad98\mscordacwks.dll
+ 2008-07-27 18:00:24 83,456 ----a-w c:\windows\winsxs\x86_netfx-mscordbc_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_6d15d8a7c565aae6\mscordbc.dll
+ 2008-07-27 17:55:52 83,456 ----a-w c:\windows\winsxs\x86_netfx-mscordbc_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_564def4bdf07efd9\mscordbc.dll
+ 2008-07-27 18:03:12 83,456 ----a-w c:\windows\winsxs\x86_netfx-mscordbc_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_6cf0bd5dc5b7b787\mscordbc.dll
+ 2008-07-27 17:58:32 83,456 ----a-w c:\windows\winsxs\x86_netfx-mscordbc_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_56252df9df5d309a\mscordbc.dll
+ 2008-07-27 18:00:24 308,224 ----a-w c:\windows\winsxs\x86_netfx-mscordbi_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_704c45e65c1b155c\mscordbi.dll
+ 2008-07-27 17:55:52 308,224 ----a-w c:\windows\winsxs\x86_netfx-mscordbi_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_59845c8a75bd5a4f\mscordbi.dll
+ 2008-07-27 18:03:12 308,224 ----a-w c:\windows\winsxs\x86_netfx-mscordbi_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_70272a9c5c6d21fd\mscordbi.dll
+ 2008-07-27 17:58:32 308,224 ----a-w c:\windows\winsxs\x86_netfx-mscordbi_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_595b9b3876129b10\mscordbi.dll
+ 2008-07-27 18:00:29 282,112 ----a-w c:\windows\winsxs\x86_netfx-mscoree_dll_31bf3856ad364e35_6.0.6000.16720_none_b3641f8d59134c1c\mscoree.dll
+ 2008-07-27 17:55:56 282,112 ----a-w c:\windows\winsxs\x86_netfx-mscoree_dll_31bf3856ad364e35_6.0.6000.20883_none_b3afddae725edf91\mscoree.dll
+ 2008-07-27 18:03:17 282,112 ----a-w c:\windows\winsxs\x86_netfx-mscoree_dll_31bf3856ad364e35_6.0.6001.18111_none_b5562e695630da73\mscoree.dll
+ 2008-07-27 17:58:36 282,112 ----a-w c:\windows\winsxs\x86_netfx-mscoree_dll_31bf3856ad364e35_6.0.6001.22230_none_b5c92b126f5f98c8\mscoree.dll
+ 2008-07-27 18:00:29 15,360 ----a-w c:\windows\winsxs\x86_netfx-mscorees_dll_31bf3856ad364e35_6.0.6000.16720_none_175dada98e1713c9\mscorees.dll
+ 2008-07-27 17:55:56 15,360 ----a-w c:\windows\winsxs\x86_netfx-mscorees_dll_31bf3856ad364e35_6.0.6000.20883_none_17a96bcaa762a73e\mscorees.dll
+ 2008-07-27 18:03:17 15,360 ----a-w c:\windows\winsxs\x86_netfx-mscorees_dll_31bf3856ad364e35_6.0.6001.18111_none_194fbc858b34a220\mscorees.dll
+ 2008-07-27 17:58:37 15,360 ----a-w c:\windows\winsxs\x86_netfx-mscorees_dll_31bf3856ad364e35_6.0.6001.22230_none_19c2b92ea4636075\mscorees.dll
+ 2008-07-27 18:00:24 46,592 ----a-w c:\windows\winsxs\x86_netfx-mscorie_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_eabc86bf6fd8fce5\mscorie.dll
+ 2008-07-27 17:55:52 46,592 ----a-w c:\windows\winsxs\x86_netfx-mscorie_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_d3f49d63897b41d8\mscorie.dll
+ 2008-07-27 18:03:12 46,592 ----a-w c:\windows\winsxs\x86_netfx-mscorie_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_ea976b75702b0986\mscorie.dll
+ 2008-07-27 17:58:32 46,592 ----a-w c:\windows\winsxs\x86_netfx-mscorie_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_d3cbdc1189d08299\mscorie.dll
+ 2008-07-27 18:00:29 158,720 ----a-w c:\windows\winsxs\x86_netfx-mscorier_dll_non_mui_31bf3856ad364e35_6.0.6000.16720_none_7a962ef9ddf8e5ca\mscorier.dll
+ 2008-07-27 17:55:56 158,720 ----a-w c:\windows\winsxs\x86_netfx-mscorier_dll_non_mui_31bf3856ad364e35_6.0.6000.20883_none_7ae1ed1af744793f\mscorier.dll
+ 2008-07-27 18:03:17 158,720 ----a-w c:\windows\winsxs\x86_netfx-mscorier_dll_non_mui_31bf3856ad364e35_6.0.6001.18111_none_7c883dd5db167421\mscorier.dll
+ 2008-07-27 17:58:37 158,720 ----a-w c:\windows\winsxs\x86_netfx-mscorier_dll_non_mui_31bf3856ad364e35_6.0.6001.22230_none_7cfb3a7ef4453276\mscorier.dll
+ 2008-07-27 18:00:29 83,968 ----a-w c:\windows\winsxs\x86_netfx-mscories_dll_31bf3856ad364e35_6.0.6000.16720_none_bc2740c9f4b44e45\mscories.dll
+ 2008-07-27 17:55:56 83,968 ----a-w c:\windows\winsxs\x86_netfx-mscories_dll_31bf3856ad364e35_6.0.6000.20883_none_bc72feeb0dffe1ba\mscories.dll
+ 2008-07-27 18:03:17 83,968 ----a-w c:\windows\winsxs\x86_netfx-mscories_dll_31bf3856ad364e35_6.0.6001.18111_none_be194fa5f1d1dc9c\mscories.dll
+ 2008-07-27 17:58:37 83,968 ----a-w c:\windows\winsxs\x86_netfx-mscories_dll_31bf3856ad364e35_6.0.6001.22230_none_be8c4c4f0b009af1\mscories.dll
+ 2008-07-27 18:00:24 367,104 ----a-w c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_bf82ae7730dc9b9e\mscorjit.dll
+ 2008-10-13 22:23:37 364,872 ----a-w c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6000.16762_none_bf86820f30d9343c\mscorjit.dll
+ 2008-07-27 17:55:52 367,104 ----a-w c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_a8bac51b4a7ee091\mscorjit.dll
+ 2008-10-13 22:25:10 364,872 ----a-w c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6000.20935_none_a8b595f54a839571\mscorjit.dll
+ 2008-07-27 18:03:12 367,104 ----a-w c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_bf5d932d312ea83f\mscorjit.dll
+ 2008-10-13 22:26:53 364,872 ----a-w c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6001.18155_none_bf613935312b741f\mscorjit.dll
+ 2008-07-27 17:58:33 367,104 ----a-w c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_a89203c94ad42152\mscorjit.dll
+ 2008-10-13 22:23:22 364,872 ----a-w c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6001.22286_none_a8967c8b4ad039cb\mscorjit.dll
+ 2008-07-27 18:00:24 94,208 ----a-w c:\windows\winsxs\x86_netfx-mscorld_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_c3051899495c0261\mscorld.dll
+ 2008-07-27 17:55:52 94,208 ----a-w c:\windows\winsxs\x86_netfx-mscorld_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_ac3d2f3d62fe4754\mscorld.dll
+ 2008-07-27 18:03:12 94,208 ----a-w c:\windows\winsxs\x86_netfx-mscorld_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_c2dffd4f49ae0f02\mscorld.dll
+ 2008-07-27 17:58:33 94,208 ----a-w c:\windows\winsxs\x86_netfx-mscorld_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_ac146deb63538815\mscorld.dll
+ 2008-07-27 18:00:28 96,768 ----a-w c:\windows\winsxs\x86_netfx-mscormmc_dll_rtm_31bf3856ad364e35_6.0.6000.16720_none_a586c87acc4ee451\mscormmc.dll
+ 2008-07-27 17:55:56 96,768 ----a-w c:\windows\winsxs\x86_netfx-mscormmc_dll_rtm_31bf3856ad364e35_6.0.6000.20883_none_a5d2869be59a77c6\mscormmc.dll
+ 2008-07-27 18:03:16 96,768 ----a-w c:\windows\winsxs\x86_netfx-mscormmc_dll_rtm_31bf3856ad364e35_6.0.6001.18111_none_a778d756c96c72a8\mscormmc.dll
+ 2008-07-27 17:58:36 96,768 ----a-w c:\windows\winsxs\x86_netfx-mscormmc_dll_rtm_31bf3856ad364e35_6.0.6001.22230_none_a7ebd3ffe29b30fd\mscormmc.dll
+ 2008-07-27 18:00:25 114,176 ----a-w c:\windows\winsxs\x86_netfx-mscorpe_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_f809cbf55be51514\mscorpe.dll
+ 2008-07-27 17:55:53 114,176 ----a-w c:\windows\winsxs\x86_netfx-mscorpe_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_e141e29975875a07\mscorpe.dll
+ 2008-07-27 18:03:13 114,176 ----a-w c:\windows\winsxs\x86_netfx-mscorpe_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_f7e4b0ab5c3721b5\mscorpe.dll
+ 2008-07-27 17:58:33 114,176 ----a-w c:\windows\winsxs\x86_netfx-mscorpe_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_e119214775dc9ac8\mscorpe.dll
+ 2008-07-27 18:00:25 345,600 ----a-w c:\windows\winsxs\x86_netfx-mscorrc_res_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_f04d2f859bf6b755\mscorrc.dll
+ 2008-07-27 17:55:53 345,600 ----a-w c:\windows\winsxs\x86_netfx-mscorrc_res_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_d9854629b598fc48\mscorrc.dll
+ 2008-07-27 18:03:13 345,600 ----a-w c:\windows\winsxs\x86_netfx-mscorrc_res_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_f028143b9c48c3f6\mscorrc.dll
+ 2008-07-27 17:58:33 345,600 ----a-w c:\windows\winsxs\x86_netfx-mscorrc_res_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_d95c84d7b5ee3d09\mscorrc.dll
+ 2008-07-27 18:00:25 77,312 ----a-w c:\windows\winsxs\x86_netfx-mscorsec_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_11d75989f473c8ca\mscorsec.dll
+ 2008-07-27 17:55:53 77,312 ----a-w c:\windows\winsxs\x86_netfx-mscorsec_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_fb0f702e0e160dbd\mscorsec.dll
+ 2008-07-27 18:03:13 77,312 ----a-w c:\windows\winsxs\x86_netfx-mscorsec_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_11b23e3ff4c5d56b\mscorsec.dll
+ 2008-07-27 17:58:33 77,312 ----a-w c:\windows\winsxs\x86_netfx-mscorsec_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_fae6aedc0e6b4e7e\mscorsec.dll
+ 2008-07-27 18:00:26 31,744 ----a-w c:\windows\winsxs\x86_netfx-mscorsecr_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_a5bb7e77ee33a16c\mscorsecr.dll
+ 2008-07-27 17:55:54 31,744 ----a-w c:\windows\winsxs\x86_netfx-mscorsecr_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_8ef3951c07d5e65f\mscorsecr.dll
+ 2008-07-27 18:03:14 31,744 ----a-w c:\windows\winsxs\x86_netfx-mscorsecr_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_a596632dee85ae0d\mscorsecr.dll
+ 2008-07-27 17:58:34 31,744 ----a-w c:\windows\winsxs\x86_netfx-mscorsecr_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_8ecad3ca082b2720\mscorsecr.dll
+ 2008-07-27 18:00:25 18,944 ----a-w c:\windows\winsxs\x86_netfx-mscorsn_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_967eaf5860c6dda6\mscorsn.dll
+ 2008-07-27 17:55:53 18,944 ----a-w c:\windows\winsxs\x86_netfx-mscorsn_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_7fb6c5fc7a692299\mscorsn.dll
+ 2008-07-27 18:03:13 18,944 ----a-w c:\windows\winsxs\x86_netfx-mscorsn_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_9659940e6118ea47\mscorsn.dll
+ 2008-07-27 17:58:33 18,944 ----a-w c:\windows\winsxs\x86_netfx-mscorsn_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_7f8e04aa7abe635a\mscorsn.dll
+ 2008-07-27 18:00:25 230,912 ----a-w c:\windows\winsxs\x86_netfx-mscorsvc__dll_b03f5f7f11d50a3a_6.0.6000.16720_none_5b1627d403b6b0de\mscorsvc.dll
+ 2008-07-27 17:55:53 230,912 ----a-w c:\windows\winsxs\x86_netfx-mscorsvc__dll_b03f5f7f11d50a3a_6.0.6000.20883_none_444e3e781d58f5d1\mscorsvc.dll
+ 2008-07-27 18:03:13 230,912 ----a-w c:\windows\winsxs\x86_netfx-mscorsvc__dll_b03f5f7f11d50a3a_6.0.6001.18111_none_5af10c8a0408bd7f\mscorsvc.dll
+ 2008-07-27 17:58:33 230,912 ----a-w c:\windows\winsxs\x86_netfx-mscorsvc__dll_b03f5f7f11d50a3a_6.0.6001.22230_none_44257d261dae3692\mscorsvc.dll
+ 2008-07-27 18:00:25 69,632 ----a-w c:\windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6000.16720_none_201c2ab5e826014f\mscorsvw.exe
+ 2008-07-27 17:55:53 69,632 ----a-w c:\windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6000.20883_none_0954415a01c84642\mscorsvw.exe
+ 2008-07-27 18:03:13 69,632 ----a-w c:\windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6001.18111_none_1ff70f6be8780df0\mscorsvw.exe
+ 2008-07-27 17:58:33 69,632 ----a-w c:\windows\winsxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6001.22230_none_092b8008021d8703\mscorsvw.exe
+ 2008-07-27 18:00:25 19,456 ----a-w c:\windows\winsxs\x86_netfx-mscortim_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_cec3db076487f2b9\mscortim.dll
+ 2008-07-27 17:55:53 19,456 ----a-w c:\windows\winsxs\x86_netfx-mscortim_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_b7fbf1ab7e2a37ac\mscortim.dll
+ 2008-07-27 18:03:13 19,456 ----a-w c:\windows\winsxs\x86_netfx-mscortim_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_ce9ebfbd64d9ff5a\mscortim.dll
+ 2008-07-27 17:58:33 19,456 ----a-w c:\windows\winsxs\x86_netfx-mscortim_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_b7d330597e7f786d\mscortim.dll
+ 2008-07-27 18:00:25 5,815,296 ----a-w c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_328358fc2e900398\mscorwks.dll
+ 2008-10-13 22:23:38 5,813,576 ----a-w c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6000.16762_none_32872c942e8c9c36\mscorwks.dll
+ 2008-07-27 17:55:53 5,815,296 ----a-w c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_1bbb6fa04832488b\mscorwks.dll
+ 2008-10-13 22:25:11 5,813,576 ----a-w c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6000.20935_none_1bb6407a4836fd6b\mscorwks.dll
+ 2008-07-27 18:03:13 5,815,296 ----a-w c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_325e3db22ee21039\mscorwks.dll
+ 2008-10-13 22:26:55 5,813,576 ----a-w c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6001.18155_none_3261e3ba2ededc19\mscorwks.dll
+ 2008-07-27 17:58:33 5,815,296 ----a-w c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_1b92ae4e4887894c\mscorwks.dll
+ 2008-10-13 22:23:23 5,813,576 ----a-w c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6001.22286_none_1b9727104883a1c5\mscorwks.dll
+ 2008-07-27 18:00:22 82,944 ----a-w c:\windows\winsxs\x86_netfx-netfxsbs10_exe_31bf3856ad364e35_6.0.6000.16720_none_399312dcb0de0ef0\NETFXSBS10.exe
+ 2008-07-27 17:55:49 82,944 ----a-w c:\windows\winsxs\x86_netfx-netfxsbs10_exe_31bf3856ad364e35_6.0.6000.20883_none_39ded0fdca29a265\NETFXSBS10.exe
+ 2008-07-27 18:03:10 82,944 ----a-w c:\windows\winsxs\x86_netfx-netfxsbs10_exe_31bf3856ad364e35_6.0.6001.18111_none_3b8521b8adfb9d47\NETFXSBS10.exe
+ 2008-07-27 17:58:30 82,944 ----a-w c:\windows\winsxs\x86_netfx-netfxsbs10_exe_31bf3856ad364e35_6.0.6001.22230_none_3bf81e61c72a5b9c\NETFXSBS10.exe
+ 2008-07-27 18:00:26 100,856 ----a-w c:\windows\winsxs\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.0.6000.16720_none_77e2e7244a50f2f9\ngen.exe
+ 2008-07-27 17:55:54 100,856 ----a-w c:\windows\winsxs\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.0.6000.20883_none_611afdc863f337ec\ngen.exe
+ 2008-07-27 18:03:14 100,856 ----a-w c:\windows\winsxs\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.0.6001.18111_none_77bdcbda4aa2ff9a\ngen.exe
+ 2008-07-27 17:58:34 100,856 ----a-w c:\windows\winsxs\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.0.6001.22230_none_60f23c76644878ad\ngen.exe
+ 2008-07-27 18:00:26 24,584 ----a-w c:\windows\winsxs\x86_netfx-normalization_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_dc5677122d543f36\normalization.dll
+ 2008-07-27 17:55:54 24,584 ----a-w c:\windows\winsxs\x86_netfx-normalization_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_c58e8db646f68429\normalization.dll
+ 2008-07-27 18:03:14 24,584 ----a-w c:\windows\winsxs\x86_netfx-normalization_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_dc315bc82da64bd7\normalization.dll
+ 2008-07-27 17:58:34 24,584 ----a-w c:\windows\winsxs\x86_netfx-normalization_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_c565cc64474bc4ea\normalization.dll
+ 2008-07-27 18:00:26 88,584 ----a-w c:\windows\winsxs\x86_netfx-perfcounter_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_29fcfd8eff55da0a\PerfCounter.dll
+ 2008-07-27 17:55:54 88,584 ----a-w c:\windows\winsxs\x86_netfx-perfcounter_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_1335143318f81efd\PerfCounter.dll
+ 2008-07-27 18:03:14 88,584 ----a-w c:\windows\winsxs\x86_netfx-perfcounter_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_29d7e244ffa7e6ab\PerfCounter.dll
+ 2008-07-27 17:58:34 88,584 ----a-w c:\windows\winsxs\x86_netfx-perfcounter_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_130c52e1194d5fbe\PerfCounter.dll
+ 2008-07-27 18:00:26 143,360 ----a-w c:\windows\winsxs\x86_netfx-peverify_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_9cbc7d3e49842763\peverify.dll
+ 2008-07-27 17:55:54 143,360 ----a-w c:\windows\winsxs\x86_netfx-peverify_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_85f493e263266c56\peverify.dll
+ 2008-07-27 18:03:14 143,360 ----a-w c:\windows\winsxs\x86_netfx-peverify_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_9c9761f449d63404\peverify.dll
+ 2008-07-27 17:58:34 143,360 ----a-w c:\windows\winsxs\x86_netfx-peverify_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_85cbd290637bad17\peverify.dll
+ 2008-07-27 18:00:22 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_diasymreader_dll_31bf3856ad364e35_6.0.6000.16720_none_a4b3513de20981cb\sbs_diasymreader.dll
+ 2008-07-27 17:55:49 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_diasymreader_dll_31bf3856ad364e35_6.0.6000.20883_none_a4ff0f5efb551540\sbs_diasymreader.dll
+ 2008-07-27 18:03:10 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_diasymreader_dll_31bf3856ad364e35_6.0.6001.18111_none_a6a56019df271022\sbs_diasymreader.dll
+ 2008-07-27 17:58:30 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_diasymreader_dll_31bf3856ad364e35_6.0.6001.22230_none_a7185cc2f855ce77\sbs_diasymreader.dll

clubECGR · 2009/02/05

Last two post

+ 2008-07-27 18:00:22 14,336 ----a-w c:\windows\winsxs\x86_netfx-sbs_iehost_dll_31bf3856ad364e35_6.0.6000.16720_none_15bc4e0a4553cb65\sbs_iehost.dll
+ 2008-07-27 17:55:49 14,336 ----a-w c:\windows\winsxs\x86_netfx-sbs_iehost_dll_31bf3856ad364e35_6.0.6000.20883_none_16080c2b5e9f5eda\sbs_iehost.dll
+ 2008-07-27 18:03:10 14,336 ----a-w c:\windows\winsxs\x86_netfx-sbs_iehost_dll_31bf3856ad364e35_6.0.6001.18111_none_17ae5ce6427159bc\sbs_iehost.dll
+ 2008-07-27 17:58:30 14,336 ----a-w c:\windows\winsxs\x86_netfx-sbs_iehost_dll_31bf3856ad364e35_6.0.6001.22230_none_1821598f5ba01811\sbs_iehost.dll
+ 2008-07-27 18:00:22 14,360 ----a-w c:\windows\winsxs\x86_netfx-sbs_microsoft_jscript_dll_31bf3856ad364e35_6.0.6000.16720_none_fadb1f7894625625\sbs_microsoft.jscript.dll
+ 2008-07-27 17:55:49 14,360 ----a-w c:\windows\winsxs\x86_netfx-sbs_microsoft_jscript_dll_31bf3856ad364e35_6.0.6000.20883_none_fb26dd99adade99a\sbs_microsoft.jscript.dll
+ 2008-07-27 18:03:10 14,360 ----a-w c:\windows\winsxs\x86_netfx-sbs_microsoft_jscript_dll_31bf3856ad364e35_6.0.6001.18111_none_fccd2e54917fe47c\sbs_microsoft.jscript.dll
+ 2008-07-27 17:58:30 14,360 ----a-w c:\windows\winsxs\x86_netfx-sbs_microsoft_jscript_dll_31bf3856ad364e35_6.0.6001.22230_none_fd402afdaaaea2d1\sbs_microsoft.jscript.dll
+ 2008-07-27 18:00:22 14,904 ----a-w c:\windows\winsxs\x86_netfx-sbs_ms_vsa_vb_codedomproc_31bf3856ad364e35_6.0.6000.16720_none_f5ad60ba98e5129e\sbs_microsoft.vsa.vb.codedomprocessor.dll
+ 2008-07-27 17:55:49 14,904 ----a-w c:\windows\winsxs\x86_netfx-sbs_ms_vsa_vb_codedomproc_31bf3856ad364e35_6.0.6000.20883_none_f5f91edbb230a613\sbs_microsoft.vsa.vb.codedomprocessor.dll
+ 2008-07-27 18:03:10 14,904 ----a-w c:\windows\winsxs\x86_netfx-sbs_ms_vsa_vb_codedomproc_31bf3856ad364e35_6.0.6001.18111_none_f79f6f969602a0f5\sbs_microsoft.vsa.vb.codedomprocessor.dll
+ 2008-07-27 17:58:30 14,904 ----a-w c:\windows\winsxs\x86_netfx-sbs_ms_vsa_vb_codedomproc_31bf3856ad364e35_6.0.6001.22230_none_f8126c3faf315f4a\sbs_microsoft.vsa.vb.codedomprocessor.dll
+ 2008-07-27 18:00:22 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscordbi_dll_31bf3856ad364e35_6.0.6000.16720_none_61341d4d3a39619e\sbs_mscordbi.dll
+ 2008-07-27 17:55:49 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscordbi_dll_31bf3856ad364e35_6.0.6000.20883_none_617fdb6e5384f513\sbs_mscordbi.dll
+ 2008-07-27 18:03:10 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscordbi_dll_31bf3856ad364e35_6.0.6001.18111_none_63262c293756eff5\sbs_mscordbi.dll
+ 2008-07-27 17:58:30 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscordbi_dll_31bf3856ad364e35_6.0.6001.22230_none_639928d25085ae4a\sbs_mscordbi.dll
+ 2008-07-27 18:00:22 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscorrc_dll_31bf3856ad364e35_6.0.6000.16720_none_9f5dffc77038aef0\sbs_mscorrc.dll
+ 2008-07-27 17:55:49 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscorrc_dll_31bf3856ad364e35_6.0.6000.20883_none_9fa9bde889844265\sbs_mscorrc.dll
+ 2008-07-27 18:03:10 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscorrc_dll_31bf3856ad364e35_6.0.6001.18111_none_a1500ea36d563d47\sbs_mscorrc.dll
+ 2008-07-27 17:58:30 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscorrc_dll_31bf3856ad364e35_6.0.6001.22230_none_a1c30b4c8684fb9c\sbs_mscorrc.dll
+ 2008-07-27 18:00:22 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscorsec_dll_31bf3856ad364e35_6.0.6000.16720_none_e401d368df1b12c0\sbs_mscorsec.dll
+ 2008-07-27 17:55:49 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscorsec_dll_31bf3856ad364e35_6.0.6000.20883_none_e44d9189f866a635\sbs_mscorsec.dll
+ 2008-07-27 18:03:10 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscorsec_dll_31bf3856ad364e35_6.0.6001.18111_none_e5f3e244dc38a117\sbs_mscorsec.dll
+ 2008-07-27 17:58:30 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_mscorsec_dll_31bf3856ad364e35_6.0.6001.22230_none_e666deedf5675f6c\sbs_mscorsec.dll
+ 2008-07-27 18:00:22 14,384 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_config_install_dll_31bf3856ad364e35_6.0.6000.16720_none_bd4e76fe38514ab5\sbs_system.configuration.install.dll
+ 2008-07-27 17:55:49 14,384 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_config_install_dll_31bf3856ad364e35_6.0.6000.20883_none_bd9a351f519cde2a\sbs_system.configuration.install.dll
+ 2008-07-27 18:03:10 14,384 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_config_install_dll_31bf3856ad364e35_6.0.6001.18111_none_bf4085da356ed90c\sbs_system.configuration.install.dll
+ 2008-07-27 17:58:30 14,384 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_config_install_dll_31bf3856ad364e35_6.0.6001.22230_none_bfb382834e9d9761\sbs_system.configuration.install.dll
+ 2008-07-27 18:00:22 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_data_dll_31bf3856ad364e35_6.0.6000.16720_none_fc8de474efb056bd\sbs_system.data.dll
+ 2008-07-27 17:55:49 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_data_dll_31bf3856ad364e35_6.0.6000.20883_none_fcd9a29608fbea32\sbs_system.data.dll
+ 2008-07-27 18:03:10 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_data_dll_31bf3856ad364e35_6.0.6001.18111_none_fe7ff350eccde514\sbs_system.data.dll
+ 2008-07-27 17:58:30 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_data_dll_31bf3856ad364e35_6.0.6001.22230_none_fef2effa05fca369\sbs_system.data.dll
+ 2008-07-27 18:00:22 14,376 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_enterprisesvc_dll_31bf3856ad364e35_6.0.6000.16720_none_5f2d7cf328bb48aa\sbs_system.enterpriseservices.dll
+ 2008-07-27 17:55:49 14,376 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_enterprisesvc_dll_31bf3856ad364e35_6.0.6000.20883_none_5f793b144206dc1f\sbs_system.enterpriseservices.dll
+ 2008-07-27 18:03:10 14,376 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_enterprisesvc_dll_31bf3856ad364e35_6.0.6001.18111_none_611f8bcf25d8d701\sbs_system.enterpriseservices.dll
+ 2008-07-27 17:58:30 14,376 ----a-w c:\windows\winsxs\x86_netfx-sbs_sys_enterprisesvc_dll_31bf3856ad364e35_6.0.6001.22230_none_619288783f079556\sbs_system.enterpriseservices.dll
+ 2008-07-27 18:00:22 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_vsavb7rt_dll_31bf3856ad364e35_6.0.6000.16720_none_91b3897b707a12a8\sbs_VsaVb7rt.dll
+ 2008-07-27 17:55:49 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_vsavb7rt_dll_31bf3856ad364e35_6.0.6000.20883_none_91ff479c89c5a61d\sbs_VsaVb7rt.dll
+ 2008-07-27 18:03:10 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_vsavb7rt_dll_31bf3856ad364e35_6.0.6001.18111_none_93a598576d97a0ff\sbs_VsaVb7rt.dll
+ 2008-07-27 17:58:30 14,344 ----a-w c:\windows\winsxs\x86_netfx-sbs_vsavb7rt_dll_31bf3856ad364e35_6.0.6001.22230_none_9418950086c65f54\sbs_VsaVb7rt.dll
+ 2008-07-27 18:00:22 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_wminet_utils_dll_31bf3856ad364e35_6.0.6000.16720_none_fe9f152188a71eb9\sbs_wminet_utils.dll
+ 2008-07-27 17:55:49 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_wminet_utils_dll_31bf3856ad364e35_6.0.6000.20883_none_feead342a1f2b22e\sbs_wminet_utils.dll
+ 2008-07-27 18:03:10 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_wminet_utils_dll_31bf3856ad364e35_6.0.6001.18111_none_009123fd85c4ad10\sbs_wminet_utils.dll
+ 2008-07-27 17:58:30 14,352 ----a-w c:\windows\winsxs\x86_netfx-sbs_wminet_utils_dll_31bf3856ad364e35_6.0.6001.22230_none_010420a69ef36b65\sbs_wminet_utils.dll
+ 2008-07-27 18:00:22 16,896 ----a-w c:\windows\winsxs\x86_netfx-sbscmp10_dll_31bf3856ad364e35_6.0.6000.16720_none_730a240a07e5914d\sbscmp10.dll
+ 2008-07-27 17:55:49 16,896 ----a-w c:\windows\winsxs\x86_netfx-sbscmp10_dll_31bf3856ad364e35_6.0.6000.20883_none_7355e22b213124c2\sbscmp10.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\winsxs\x86_netfx-sbscmp10_dll_31bf3856ad364e35_6.0.6001.18111_none_74fc32e605031fa4\sbscmp10.dll
+ 2008-07-27 17:58:30 16,896 ----a-w c:\windows\winsxs\x86_netfx-sbscmp10_dll_31bf3856ad364e35_6.0.6001.22230_none_756f2f8f1e31ddf9\sbscmp10.dll
+ 2008-07-27 18:00:26 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.0.6000.16720_none_54f78ae6608fe120\sbscmp20_mscorlib.dll
+ 2008-07-27 17:55:55 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.0.6000.20883_none_3e2fa18a7a322613\sbscmp20_mscorlib.dll
+ 2008-07-27 18:03:14 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.0.6001.18111_none_54d26f9c60e1edc1\sbscmp20_mscorlib.dll
+ 2008-07-27 17:58:34 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.0.6001.22230_none_3e06e0387a8766d4\sbscmp20_mscorlib.dll
+ 2008-07-27 18:00:22 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.0.6000.16720_none_7db29add493b7e7f\sbscmp20_mscorwks.dll
+ 2008-07-27 17:55:49 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.0.6000.20883_none_7dfe58fe628711f4\sbscmp20_mscorwks.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.0.6001.18111_none_7fa4a9b946590cd6\sbscmp20_mscorwks.dll
+ 2008-07-27 17:58:31 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.0.6001.22230_none_8017a6625f87cb2b\sbscmp20_mscorwks.dll
+ 2008-07-27 18:00:22 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.0.6000.16720_none_4b551485ea019eb3\sbscmp20_perfcounter.dll
+ 2008-07-27 17:55:49 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.0.6000.20883_none_4ba0d2a7034d3228\sbscmp20_perfcounter.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.0.6001.18111_none_4d472361e71f2d0a\sbscmp20_perfcounter.dll
+ 2008-07-27 17:58:31 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.0.6001.22230_none_4dba200b004deb5f\sbscmp20_perfcounter.dll
+ 2008-07-27 18:00:22 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_registry_whidbey_31bf3856ad364e35_6.0.6000.16720_none_647b8d4369ff4ca5\SharedReg12.dll
+ 2008-07-27 17:55:49 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_registry_whidbey_31bf3856ad364e35_6.0.6000.20883_none_64c74b64834ae01a\SharedReg12.dll
+ 2008-07-27 18:03:10 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_registry_whidbey_31bf3856ad364e35_6.0.6001.18111_none_666d9c1f671cdafc\SharedReg12.dll
+ 2008-07-27 17:58:31 16,896 ----a-w c:\windows\winsxs\x86_netfx-shared_registry_whidbey_31bf3856ad364e35_6.0.6001.22230_none_66e098c8804b9951\SharedReg12.dll
+ 2008-07-27 18:00:26 118,784 ----a-w c:\windows\winsxs\x86_netfx-shfusion_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_5afe5731cbebfefe\shfusion.dll
+ 2008-07-27 17:55:55 118,784 ----a-w c:\windows\winsxs\x86_netfx-shfusion_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_44366dd5e58e43f1\shfusion.dll
+ 2008-07-27 18:03:14 118,784 ----a-w c:\windows\winsxs\x86_netfx-shfusion_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_5ad93be7cc3e0b9f\shfusion.dll
+ 2008-07-27 17:58:34 118,784 ----a-w c:\windows\winsxs\x86_netfx-shfusion_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_440dac83e5e384b2\shfusion.dll
+ 2008-07-27 18:00:26 95,232 ----a-w c:\windows\winsxs\x86_netfx-shfusion_res_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_a636a70dcbde39f5\ShFusRes.dll
+ 2008-07-27 17:55:55 95,232 ----a-w c:\windows\winsxs\x86_netfx-shfusion_res_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_8f6ebdb1e5807ee8\ShFusRes.dll
+ 2008-07-27 18:03:14 95,232 ----a-w c:\windows\winsxs\x86_netfx-shfusion_res_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_a6118bc3cc304696\ShFusRes.dll
+ 2008-07-27 17:58:34 95,232 ----a-w c:\windows\winsxs\x86_netfx-shfusion_res_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_8f45fc5fe5d5bfa9\ShFusRes.dll
+ 2008-07-27 18:00:26 392,184 ----a-w c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_1415c3a3fa85eb80\SOS.dll
+ 2008-07-27 17:55:55 392,184 ----a-w c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_fd4dda4814283073\SOS.dll
+ 2008-07-27 18:03:14 392,184 ----a-w c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_13f0a859fad7f821\SOS.dll
+ 2008-07-27 17:58:34 392,184 ----a-w c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_fd2518f6147d7134\SOS.dll
+ 2008-07-27 18:00:28 81,400 ----a-w c:\windows\winsxs\x86_netfx-tlbref_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_61378f49539876ca\TLBREF.DLL
+ 2008-07-27 17:55:56 81,400 ----a-w c:\windows\winsxs\x86_netfx-tlbref_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_4a6fa5ed6d3abbbd\TLBREF.DLL
+ 2008-07-27 18:03:16 81,400 ----a-w c:\windows\winsxs\x86_netfx-tlbref_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_611273ff53ea836b\TLBREF.DLL
+ 2008-07-27 17:58:36 81,400 ----a-w c:\windows\winsxs\x86_netfx-tlbref_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_4a46e49b6d8ffc7e\TLBREF.DLL
+ 2008-07-27 18:00:28 1,172,472 ----a-w c:\windows\winsxs\x86_netfx-vb_compiler_b03f5f7f11d50a3a_6.0.6000.16720_none_40151493a5ee7836\vbc.exe
+ 2008-07-27 17:55:56 1,172,472 ----a-w c:\windows\winsxs\x86_netfx-vb_compiler_b03f5f7f11d50a3a_6.0.6000.20883_none_294d2b37bf90bd29\vbc.exe
+ 2008-07-27 18:03:16 1,172,472 ----a-w c:\windows\winsxs\x86_netfx-vb_compiler_b03f5f7f11d50a3a_6.0.6001.18111_none_3feff949a64084d7\vbc.exe
+ 2008-07-27 17:58:36 1,172,472 ----a-w c:\windows\winsxs\x86_netfx-vb_compiler_b03f5f7f11d50a3a_6.0.6001.22230_none_292469e5bfe5fdea\vbc.exe
+ 2008-07-27 18:00:22 193,016 ----a-w c:\windows\winsxs\x86_netfx-vb_compiler_ui_b03f5f7f11d50a3a_6.0.6000.16720_none_9b66959baa339139\vbc7ui.dll
+ 2008-07-27 17:55:49 193,016 ----a-w c:\windows\winsxs\x86_netfx-vb_compiler_ui_b03f5f7f11d50a3a_6.0.6000.20883_none_849eac3fc3d5d62c\vbc7ui.dll
+ 2008-07-27 18:03:10 193,016 ----a-w c:\windows\winsxs\x86_netfx-vb_compiler_ui_b03f5f7f11d50a3a_6.0.6001.18111_none_9b417a51aa859dda\vbc7ui.dll
+ 2008-07-27 17:58:31 193,016 ----a-w c:\windows\winsxs\x86_netfx-vb_compiler_ui_b03f5f7f11d50a3a_6.0.6001.22230_none_8475eaedc42b16ed\vbc7ui.dll
+ 2008-07-27 18:00:28 438,272 ----a-w c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_36c546033798e90a\webengine.dll
+ 2008-10-13 22:23:41 436,040 ----a-w c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6000.16762_none_36c9199b379581a8\webengine.dll
+ 2008-07-27 17:55:56 438,272 ----a-w c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_1ffd5ca7513b2dfd\webengine.dll
+ 2008-10-13 22:25:15 436,040 ----a-w c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6000.20935_none_1ff82d81513fe2dd\webengine.dll
+ 2008-07-27 18:03:16 438,272 ----a-w c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_36a02ab937eaf5ab\webengine.dll
+ 2008-10-13 22:26:59 436,040 ----a-w c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6001.18155_none_36a3d0c137e7c18b\webengine.dll
+ 2008-07-27 17:58:36 438,272 ----a-w c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_1fd49b5551906ebe\webengine.dll
+ 2008-10-13 22:23:28 436,040 ----a-w c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6001.22286_none_1fd91417518c8737\webengine.dll
+ 2008-07-27 18:00:28 37,896 ----a-w c:\windows\winsxs\x86_netfx-wminet_utils_dll_b03f5f7f11d50a3a_6.0.6000.16720_none_7357fe437a1ad1ff\WMINet_Utils.dll
+ 2008-07-27 17:55:56 37,896 ----a-w c:\windows\winsxs\x86_netfx-wminet_utils_dll_b03f5f7f11d50a3a_6.0.6000.20883_none_5c9014e793bd16f2\WMINet_Utils.dll
+ 2008-07-27 18:03:16 37,896 ----a-w c:\windows\winsxs\x86_netfx-wminet_utils_dll_b03f5f7f11d50a3a_6.0.6001.18111_none_7332e2f97a6cdea0\WMINet_Utils.dll
+ 2008-07-27 17:58:36 37,896 ----a-w c:\windows\winsxs\x86_netfx-wminet_utils_dll_b03f5f7f11d50a3a_6.0.6001.22230_none_5c675395941257b3\WMINet_Utils.dll
+ 2008-06-20 01:18:02 4,210,688 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.16708_none_aa52d7cf92c6806a\PresentationCore.dll
+ 2008-06-20 01:18:04 1,738,760 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.16708_none_aa52d7cf92c6806a\wpfgfx_v0300.dll
+ 2008-11-24 23:44:26 4,210,688 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.16780_none_a9f4561f930e953a\PresentationCore.dll
+ 2008-11-24 23:44:28 1,736,528 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.16780_none_a9f4561f930e953a\wpfgfx_v0300.dll
+ 2008-06-20 01:12:56 4,210,688 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.20864_none_aa9793eaac18627e\PresentationCore.dll
+ 2008-06-20 01:12:58 1,738,760 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.20864_none_aa9793eaac18627e\wpfgfx_v0300.dll
+ 2008-11-24 23:43:38 4,210,688 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.20964_none_aa9795d0ac185fa5\PresentationCore.dll
+ 2008-11-24 23:43:39 1,736,528 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.20964_none_aa9795d0ac185fa5\wpfgfx_v0300.dll
+ 2008-06-20 01:14:43 4,210,688 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.18096_none_abd5c4af9037dcff\PresentationCore.dll
+ 2008-06-20 01:14:45 1,738,760 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.18096_none_abd5c4af9037dcff\wpfgfx_v0300.dll
+ 2008-11-24 23:34:46 4,210,688 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.18173_none_abe8658f902a563f\PresentationCore.dll
+ 2008-11-24 23:34:49 1,736,528 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.18173_none_abe8658f902a563f\wpfgfx_v0300.dll
+ 2008-06-20 01:13:31 4,210,688 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.22208_none_acc2b340a90ab125\PresentationCore.dll
+ 2008-06-20 01:13:33 1,738,760 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.22208_none_acc2b340a90ab125\wpfgfx_v0300.dll
+ 2008-11-24 23:57:18 4,210,688 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.22317_none_acb6e4f0a913b0e6\PresentationCore.dll
+ 2008-11-24 23:57:20 1,736,528 ----a-w c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.22317_none_acb6e4f0a913b0e6\wpfgfx_v0300.dll
+ 2008-07-27 18:00:26 53,248 ----a-w c:\windows\winsxs\x86_regasm_b03f5f7f11d50a3a_6.0.6000.16720_none_173a294b153205b9\RegAsm.exe
+ 2008-07-27 17:55:54 53,248 ----a-w c:\windows\winsxs\x86_regasm_b03f5f7f11d50a3a_6.0.6000.20883_none_00723fef2ed44aac\RegAsm.exe
+ 2008-07-27 18:03:14 53,248 ----a-w c:\windows\winsxs\x86_regasm_b03f5f7f11d50a3a_6.0.6001.18111_none_17150e011584125a\RegAsm.exe
+ 2008-07-27 17:58:34 53,248 ----a-w c:\windows\winsxs\x86_regasm_b03f5f7f11d50a3a_6.0.6001.22230_none_00497e9d2f298b6d\RegAsm.exe
+ 2008-07-27 18:00:26 32,768 ----a-w c:\windows\winsxs\x86_regsvcs_b03f5f7f11d50a3a_6.0.6000.16720_none_ea5553f167a4fe69\RegSvcs.exe
+ 2008-07-27 17:55:54 32,768 ----a-w c:\windows\winsxs\x86_regsvcs_b03f5f7f11d50a3a_6.0.6000.20883_none_d38d6a958147435c\RegSvcs.exe
+ 2008-07-27 18:03:14 32,768 ----a-w c:\windows\winsxs\x86_regsvcs_b03f5f7f11d50a3a_6.0.6001.18111_none_ea3038a767f70b0a\RegSvcs.exe
+ 2008-07-27 17:58:34 32,768 ----a-w c:\windows\winsxs\x86_regsvcs_b03f5f7f11d50a3a_6.0.6001.22230_none_d364a943819c841d\RegSvcs.exe
+ 2008-07-27 18:00:27 486,400 ----a-w c:\windows\winsxs\x86_system.data.oracleclient_b77a5c561934e089_6.0.6000.16720_none_f35be08bdcd55c80\System.Data.OracleClient.dll
+ 2008-10-13 22:23:40 486,400 ----a-w c:\windows\winsxs\x86_system.data.oracleclient_b77a5c561934e089_6.0.6000.16762_none_f35fb423dcd1f51e\System.Data.OracleClient.dll
+ 2008-07-27 17:55:55 486,400 ----a-w c:\windows\winsxs\x86_system.data.oracleclient_b77a5c561934e089_6.0.6000.20883_none_dc93f72ff677a173\System.Data.OracleClient.dll
+ 2008-10-13 22:25:13 486,400 ----a-w c:\windows\winsxs\x86_system.data.oracleclient_b77a5c561934e089_6.0.6000.20935_none_dc8ec809f67c5653\System.Data.OracleClient.dll
+ 2008-07-27 18:03:15 486,400 ----a-w c:\windows\winsxs\x86_system.data.oracleclient_b77a5c561934e089_6.0.6001.18111_none_f336c541dd276921\System.Data.OracleClient.dll
+ 2008-10-13 22:26:57 486,400 ----a-w c:\windows\winsxs\x86_system.data.oracleclient_b77a5c561934e089_6.0.6001.18155_none_f33a6b49dd243501\System.Data.OracleClient.dll
+ 2008-07-27 17:58:35 486,400 ----a-w c:\windows\winsxs\x86_system.data.oracleclient_b77a5c561934e089_6.0.6001.22230_none_dc6b35ddf6cce234\System.Data.OracleClient.dll
+ 2008-10-13 22:23:26 486,400 ----a-w c:\windows\winsxs\x86_system.data.oracleclient_b77a5c561934e089_6.0.6001.22286_none_dc6fae9ff6c8faad\System.Data.OracleClient.dll
+ 2008-07-27 18:00:26 2,933,248 ----a-w c:\windows\winsxs\x86_system.data_b77a5c561934e089_6.0.6000.16720_none_94bc651bb3dd8769\System.Data.dll
+ 2008-07-27 17:55:55 2,933,248 ----a-w c:\windows\winsxs\x86_system.data_b77a5c561934e089_6.0.6000.20883_none_7df47bbfcd7fcc5c\System.Data.dll
+ 2008-07-27 18:03:15 2,933,248 ----a-w c:\windows\winsxs\x86_system.data_b77a5c561934e089_6.0.6001.18111_none_949749d1b42f940a\System.Data.dll
+ 2008-07-27 17:58:35 2,933,248 ----a-w c:\windows\winsxs\x86_system.data_b77a5c561934e089_6.0.6001.22230_none_7dcbba6dcdd50d1d\System.Data.dll
+ 2008-07-27 18:00:27 258,048 ----a-w c:\windows\winsxs\x86_system.enterpriseservices_b03f5f7f11d50a3a_6.0.6000.16720_none_d5cca3cbadc4b6e8\System.EnterpriseServices.dll
+ 2008-07-27 18:19:30 113,664 ----a-w c:\windows\winsxs\x86_system.enterpriseservices_b03f5f7f11d50a3a_6.0.6000.16720_none_d5cca3cbadc4b6e8\System.EnterpriseServices.Wrapper.dll
+ 2008-07-27 17:55:55 258,048 ----a-w c:\windows\winsxs\x86_system.enterpriseservices_b03f5f7f11d50a3a_6.0.6000.20883_none_bf04ba6fc766fbdb\System.EnterpriseServices.dll
+ 2008-07-27 18:15:31 113,664 ----a-w c:\windows\winsxs\x86_system.enterpriseservices_b03f5f7f11d50a3a_6.0.6000.20883_none_bf04ba6fc766fbdb\System.EnterpriseServices.Wrapper.dll
+ 2008-07-27 18:03:15 258,048 ----a-w c:\windows\winsxs\x86_system.enterpriseservices_b03f5f7f11d50a3a_6.0.6001.18111_none_d5a78881ae16c389\System.EnterpriseServices.dll
+ 2008-07-27 18:22:54 113,664 ----a-w c:\windows\winsxs\x86_system.enterpriseservices_b03f5f7f11d50a3a_6.0.6001.18111_none_d5a78881ae16c389\System.EnterpriseServices.Wrapper.dll
+ 2008-07-27 17:58:35 258,048 ----a-w c:\windows\winsxs\x86_system.enterpriseservices_b03f5f7f11d50a3a_6.0.6001.22230_none_bedbf91dc7bc3c9c\System.EnterpriseServices.dll
+ 2008-07-27 18:19:59 113,664 ----a-w c:\windows\winsxs\x86_system.enterpriseservices_b03f5f7f11d50a3a_6.0.6001.22230_none_bedbf91dc7bc3c9c\System.EnterpriseServices.Wrapper.dll
+ 2008-06-20 01:18:03 368,640 ----a-w c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6000.16708_none_7162284d78ee8495\System.Printing.dll
+ 2008-06-20 01:12:56 368,640 ----a-w c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6000.20864_none_71a6e468924066a9\System.Printing.dll
+ 2008-06-20 01:14:43 368,640 ----a-w c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6001.18096_none_72e5152d765fe12a\System.Printing.dll
+ 2008-06-20 01:13:31 368,640 ----a-w c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6001.22208_none_73d203be8f32b550\System.Printing.dll
+ 2008-07-27 18:00:27 261,632 ----a-w c:\windows\winsxs\x86_system.transactions_b77a5c561934e089_6.0.6000.16720_none_13b0b874683b2e16\System.Transactions.dll
+ 2008-07-27 17:55:55 261,632 ----a-w c:\windows\winsxs\x86_system.transactions_b77a5c561934e089_6.0.6000.20883_none_fce8cf1881dd7309\System.Transactions.dll
+ 2008-07-27 18:03:15 261,632 ----a-w c:\windows\winsxs\x86_system.transactions_b77a5c561934e089_6.0.6001.18111_none_138b9d2a688d3ab7\System.Transactions.dll
+ 2008-07-27 17:58:35 261,632 ----a-w c:\windows\winsxs\x86_system.transactions_b77a5c561934e089_6.0.6001.22230_none_fcc00dc68232b3ca\System.Transactions.dll
+ 2008-07-27 18:00:27 5,238,784 ----a-w c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6000.16720_none_f74db0bb1630f0b7\System.Web.dll
+ 2008-10-13 22:23:40 5,242,880 ----a-w c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6000.16762_none_f7518453162d8955\System.Web.dll
+ 2008-07-27 17:55:55 5,238,784 ----a-w c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6000.20883_none_e085c75f2fd335aa\System.Web.dll
+ 2008-10-13 22:25:14 5,242,880 ----a-w c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6000.20935_none_e08098392fd7ea8a\System.Web.dll
+ 2008-07-27 18:03:15 5,238,784 ----a-w c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6001.18111_none_f72895711682fd58\System.Web.dll
+ 2008-10-13 22:26:58 5,242,880 ----a-w c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6001.18155_none_f72c3b79167fc938\System.Web.dll
+ 2008-07-27 17:58:35 5,238,784 ----a-w c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6001.22230_none_e05d060d3028766b\System.Web.dll
+ 2008-10-13 22:23:27 5,242,880 ----a-w c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6001.22286_none_e0617ecf30248ee4\System.Web.dll
+ 2008-06-20 01:17:52 622,080 ----a-w c:\windows\winsxs\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6000.16708_none_2ff970587479d632\icardagt.exe
+ 2008-06-20 01:12:47 622,080 ----a-w c:\windows\winsxs\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6000.20864_none_303e2c738dcbb846\icardagt.exe
+ 2008-06-20 01:14:33 622,080 ----a-w c:\windows\winsxs\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6001.18096_none_317c5d3871eb32c7\icardagt.exe
+ 2008-06-20 01:13:21 622,080 ----a-w c:\windows\winsxs\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6001.22208_none_32694bc98abe06ed\icardagt.exe
+ 2008-06-20 01:17:52 11,264 ----a-w c:\windows\winsxs\x86_wcf-icardres_dll_vista_31bf3856ad364e35_6.0.6000.16708_none_0f2f11926daa5c1a\icardres.dll
+ 2008-06-20 01:12:47 11,264 ----a-w c:\windows\winsxs\x86_wcf-icardres_dll_vista_31bf3856ad364e35_6.0.6000.20864_none_0f73cdad86fc3e2e\icardres.dll
+ 2008-06-20 01:14:34 11,264 ----a-w c:\windows\winsxs\x86_wcf-icardres_dll_vista_31bf3856ad364e35_6.0.6001.18096_none_10b1fe726b1bb8af\icardres.dll
+ 2008-06-20 01:13:21 11,264 ----a-w c:\windows\winsxs\x86_wcf-icardres_dll_vista_31bf3856ad364e35_6.0.6001.22208_none_119eed0383ee8cd5\icardres.dll
+ 2008-06-20 01:17:52 97,800 ----a-w c:\windows\winsxs\x86_wcf-infocard_api_dll_31bf3856ad364e35_6.0.6000.16708_none_a208c058b2726d70\infocardapi.dll
+ 2008-06-20 01:12:47 97,800 ----a-w c:\windows\winsxs\x86_wcf-infocard_api_dll_31bf3856ad364e35_6.0.6000.20864_none_a24d7c73cbc44f84\infocardapi.dll
+ 2008-06-20 01:14:34 97,800 ----a-w c:\windows\winsxs\x86_wcf-infocard_api_dll_31bf3856ad364e35_6.0.6001.18096_none_a38bad38afe3ca05\infocardapi.dll
+ 2008-06-20 01:13:21 97,800 ----a-w c:\windows\winsxs\x86_wcf-infocard_api_dll_31bf3856ad364e35_6.0.6001.22208_none_a4789bc9c8b69e2b\infocardapi.dll
+ 2008-06-20 01:17:50 181,264 ----a-w c:\windows\winsxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.0.6000.16708_none_fe4321a01ff82159\SMConfigInstaller.exe
+ 2008-06-20 01:12:45 181,264 ----a-w c:\windows\winsxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.0.6000.20864_none_fe87ddbb394a036d\SMConfigInstaller.exe
+ 2008-06-20 01:14:31 181,264 ----a-w c:\windows\winsxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.0.6001.18096_none_ffc60e801d697dee\SMConfigInstaller.exe
+ 2008-06-20 01:13:19 181,264 ----a-w c:\windows\winsxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.0.6001.22208_none_00b2fd11363c5214\SMConfigInstaller.exe
+ 2008-06-20 01:17:50 11,280 ----a-w c:\windows\winsxs\x86_wcf-m_sm_evt_dll_vista_31bf3856ad364e35_6.0.6000.16708_none_768bf6749b33d781\ServiceModelEvents.dll
+ 2008-06-20 01:12:45 11,280 ----a-w c:\windows\winsxs\x86_wcf-m_sm_evt_dll_vista_31bf3856ad364e35_6.0.6000.20864_none_76d0b28fb485b995\ServiceModelEvents.dll
+ 2008-06-20 01:14:31 11,280 ----a-w c:\windows\winsxs\x86_wcf-m_sm_evt_dll_vista_31bf3856ad364e35_6.0.6001.18096_none_780ee35498a53416\ServiceModelEvents.dll
+ 2008-06-20 01:13:19 11,280 ----a-w c:\windows\winsxs\x86_wcf-m_sm_evt_dll_vista_31bf3856ad364e35_6.0.6001.22208_none_78fbd1e5b178083c\ServiceModelEvents.dll
+ 2008-06-20 01:17:50 11,288 ----a-w c:\windows\winsxs\x86_wcf-m_sm_ins_rc_dll_31bf3856ad364e35_6.0.6000.16708_none_c71e0ae74c96da14\ServiceModelInstallRC.dll
+ 2008-06-20 01:12:45 11,288 ----a-w c:\windows\winsxs\x86_wcf-m_sm_ins_rc_dll_31bf3856ad364e35_6.0.6000.20864_none_c762c70265e8bc28\ServiceModelInstallRC.dll
+ 2008-06-20 01:14:31 11,288 ----a-w c:\windows\winsxs\x86_wcf-m_sm_ins_rc_dll_31bf3856ad364e35_6.0.6001.18096_none_c8a0f7c74a0836a9\ServiceModelInstallRC.dll
+ 2008-06-20 01:13:19 11,288 ----a-w c:\windows\winsxs\x86_wcf-m_sm_ins_rc_dll_31bf3856ad364e35_6.0.6001.22208_none_c98de65862db0acf\ServiceModelInstallRC.dll
+ 2008-06-20 01:17:50 20,504 ----a-w c:\windows\winsxs\x86_wcf-m_svc_mon_sup_dll_31bf3856ad364e35_6.0.6000.16708_none_a3ffcadd4e70a1cb\ServiceMonikerSupport.dll
+ 2008-06-20 01:12:45 20,504 ----a-w c:\windows\winsxs\x86_wcf-m_svc_mon_sup_dll_31bf3856ad364e35_6.0.6000.20864_none_a44486f867c283df\ServiceMonikerSupport.dll
+ 2008-06-20 01:14:31 20,504 ----a-w c:\windows\winsxs\x86_wcf-m_svc_mon_sup_dll_31bf3856ad364e35_6.0.6001.18096_none_a582b7bd4be1fe60\ServiceMonikerSupport.dll
+ 2008-06-20 01:13:19 20,504 ----a-w c:\windows\winsxs\x86_wcf-m_svc_mon_sup_dll_31bf3856ad364e35_6.0.6001.22208_none_a66fa64e64b4d286\ServiceMonikerSupport.dll
+ 2008-06-20 01:17:48 126,976 ----a-w c:\windows\winsxs\x86_wcf-system.identitymodel.selectors_b03f5f7f11d50a3a_6.0.6000.16708_none_63949d8530c1b03d\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:12:43 126,976 ----a-w c:\windows\winsxs\x86_wcf-system.identitymodel.selectors_b03f5f7f11d50a3a_6.0.6000.20864_none_4ccd53a14a6341c9\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:14:29 126,976 ----a-w c:\windows\winsxs\x86_wcf-system.identitymodel.selectors_b03f5f7f11d50a3a_6.0.6001.18096_none_6379c99b310a6d10\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:13:17 126,976 ----a-w c:\windows\winsxs\x86_wcf-system.identitymodel.selectors_b03f5f7f11d50a3a_6.0.6001.22208_none_4ca2f28d4aba1c9a\System.IdentityModel.Selectors.dll
+ 2008-06-20 01:17:48 430,080 ----a-w c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6000.16708_none_25cbae22402e02cf\System.IdentityModel.dll
+ 2008-06-20 01:12:43 430,080 ----a-w c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6000.20864_none_0f04643e59cf945b\System.IdentityModel.dll
+ 2008-06-20 01:14:29 430,080 ----a-w c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6001.18096_none_25b0da384076bfa2\System.IdentityModel.dll
+ 2008-06-20 01:13:17 430,080 ----a-w c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6001.22208_none_0eda032a5a266f2c\System.IdentityModel.dll
+ 2008-06-20 01:17:48 131,072 ----a-w c:\windows\winsxs\x86_wcf-system.io.log_b03f5f7f11d50a3a_6.0.6000.16708_none_da90e376bacdcee4\System.IO.Log.dll
+ 2008-06-20 01:12:43 131,072 ----a-w c:\windows\winsxs\x86_wcf-system.io.log_b03f5f7f11d50a3a_6.0.6000.20864_none_c3c99992d46f6070\System.IO.Log.dll
+ 2008-06-20 01:14:29 131,072 ----a-w c:\windows\winsxs\x86_wcf-system.io.log_b03f5f7f11d50a3a_6.0.6001.18096_none_da760f8cbb168bb7\System.IO.Log.dll
+ 2008-06-20 01:13:17 131,072 ----a-w c:\windows\winsxs\x86_wcf-system.io.log_b03f5f7f11d50a3a_6.0.6001.22208_none_c39f387ed4c63b41\System.IO.Log.dll
+ 2008-06-20 01:17:48 966,656 ----a-w c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936\System.Runtime.Serialization.dll
+ 2008-06-20 01:12:43 966,656 ----a-w c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2\System.Runtime.Serialization.dll
+ 2008-06-20 01:14:29 966,656 ----a-w c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609\System.Runtime.Serialization.dll
+ 2008-06-20 01:13:17 966,656 ----a-w c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593\System.Runtime.Serialization.dll
+ 2008-06-20 01:17:48 5,931,008 ----a-w c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6000.16708_none_151c0556eb2446e8\System.ServiceModel.dll
+ 2008-11-24 23:44:16 5,931,008 ----a-w c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6000.16780_none_1524bde6eb1c4498\System.ServiceModel.dll
+ 2008-06-20 01:12:44 5,931,008 ----a-w c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6000.20864_none_fe54bb7304c5d874\System.ServiceModel.dll
+ 2008-11-24 23:43:28 5,931,008 ----a-w c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6000.20964_none_fe54bb4f04c5d8c5\System.ServiceModel.dll
+ 2008-06-20 01:14:30 5,931,008 ----a-w c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6001.18096_none_1501316ceb6d03bb\System.ServiceModel.dll
+ 2008-11-24 23:34:36 5,931,008 ----a-w c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6001.18173_none_14ff750ceb6e847b\System.ServiceModel.dll
+ 2008-06-20 01:13:17 5,931,008 ----a-w c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6001.22208_none_fe2a5a5f051cb345\System.ServiceModel.dll
+ 2008-11-24 23:57:11 5,931,008 ----a-w c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6001.22317_none_fe2b714d051bb34c\System.ServiceModel.dll
+ 2008-06-20 01:18:04 71,160 ----a-w c:\windows\winsxs\x86_wpf-penimc_31bf3856ad364e35_6.0.6000.16708_none_a9d2d87807800ad7\PenIMC.dll
+ 2008-06-20 01:12:57 71,160 ----a-w c:\windows\winsxs\x86_wpf-penimc_31bf3856ad364e35_6.0.6000.20864_none_aa17949320d1eceb\PenIMC.dll
+ 2008-06-20 01:14:44 71,160 ----a-w c:\windows\winsxs\x86_wpf-penimc_31bf3856ad364e35_6.0.6001.18096_none_ab55c55804f1676c\PenIMC.dll
+ 2008-06-20 01:13:32 71,160 ----a-w c:\windows\winsxs\x86_wpf-penimc_31bf3856ad364e35_6.0.6001.22208_none_ac42b3e91dc43b92\PenIMC.dll
+ 2008-06-20 01:18:02 598,016 ----a-w c:\windows\winsxs\x86_wpf-presentationbuildtasks_31bf3856ad364e35_6.0.6000.16708_none_4e2f046e504dbf2f\PresentationBuildTasks.dll
+ 2008-06-20 01:12:56 598,016 ----a-w c:\windows\winsxs\x86_wpf-presentationbuildtasks_31bf3856ad364e35_6.0.6000.20864_none_4e73c089699fa143\PresentationBuildTasks.dll
+ 2008-06-20 01:14:42 598,016 ----a-w c:\windows\winsxs\x86_wpf-presentationbuildtasks_31bf3856ad364e35_6.0.6001.18096_none_4fb1f14e4dbf1bc4\PresentationBuildTasks.dll
+ 2008-06-20 01:13:30 598,016 ----a-w c:\windows\winsxs\x86_wpf-presentationbuildtasks_31bf3856ad364e35_6.0.6001.22208_none_509edfdf6691efea\PresentationBuildTasks.dll
+ 2008-06-20 01:18:05 105,016 ----a-w c:\windows\winsxs\x86_wpf-presentationcffrasterizernative_31bf3856ad364e35_6.0.6000.16708_none_c7b724ab9124a824\PresentationCFFRasterizerNative_v0300.dll
+ 2008-06-20 01:12:58 105,016 ----a-w c:\windows\winsxs\x86_wpf-presentationcffrasterizernative_31bf3856ad364e35_6.0.6000.20864_none_c7fbe0c6aa768a38\PresentationCFFRasterizerNative_v0300.dll
+ 2008-06-20 01:14:45 105,016 ----a-w c:\windows\winsxs\x86_wpf-presentationcffrasterizernative_31bf3856ad364e35_6.0.6001.18096_none_c93a118b8e9604b9\PresentationCFFRasterizerNative_v0300.dll
+ 2008-06-20 01:13:33 105,016 ----a-w c:\windows\winsxs\x86_wpf-presentationcffrasterizernative_31bf3856ad364e35_6.0.6001.22208_none_ca27001ca768d8df\PresentationCFFRasterizerNative_v0300.dll
+ 2008-06-20 01:18:04 46,104 ----a-w c:\windows\winsxs\x86_wpf-presentationfontcache_31bf3856ad364e35_6.0.6000.16708_none_03bb5c5f150048a8\PresentationFontCache.exe
+ 2008-06-20 01:12:57 46,104 ----a-w c:\windows\winsxs\x86_wpf-presentationfontcache_31bf3856ad364e35_6.0.6000.20864_none_0400187a2e522abc\PresentationFontCache.exe
+ 2008-06-20 01:14:44 46,104 ----a-w c:\windows\winsxs\x86_wpf-presentationfontcache_31bf3856ad364e35_6.0.6001.18096_none_053e493f1271a53d\PresentationFontCache.exe
+ 2008-06-20 01:13:32 46,104 ----a-w c:\windows\winsxs\x86_wpf-presentationfontcache_31bf3856ad364e35_6.0.6001.22208_none_062b37d02b447963\PresentationFontCache.exe
+ 2008-06-20 01:18:02 196,608 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.aero_31bf3856ad364e35_6.0.6000.16708_none_30a585270b6384ca\PresentationFramework.Aero.dll
+ 2008-06-20 01:12:56 196,608 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.aero_31bf3856ad364e35_6.0.6000.20864_none_30ea414224b566de\PresentationFramework.Aero.dll
+ 2008-06-20 01:14:43 196,608 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.aero_31bf3856ad364e35_6.0.6001.18096_none_3228720708d4e15f\PresentationFramework.Aero.dll
+ 2008-06-20 01:13:31 196,608 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.aero_31bf3856ad364e35_6.0.6001.22208_none_3315609821a7b585\PresentationFramework.Aero.dll
+ 2008-06-20 01:18:02 139,264 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.classic_31bf3856ad364e35_6.0.6000.16708_none_f28b0aca2c97e2a7\PresentationFramework.Classic.dll
+ 2008-06-20 01:12:56 139,264 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.classic_31bf3856ad364e35_6.0.6000.20864_none_f2cfc6e545e9c4bb\PresentationFramework.Classic.dll
+ 2008-06-20 01:14:43 139,264 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.classic_31bf3856ad364e35_6.0.6001.18096_none_f40df7aa2a093f3c\PresentationFramework.Classic.dll
+ 2008-06-20 01:13:31 139,264 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.classic_31bf3856ad364e35_6.0.6001.22208_none_f4fae63b42dc1362\PresentationFramework.Classic.dll
+ 2008-06-20 01:18:03 397,312 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.luna_31bf3856ad364e35_6.0.6000.16708_none_2f805e050c0d9c4d\PresentationFramework.Luna.dll
+ 2008-06-20 01:12:56 397,312 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.luna_31bf3856ad364e35_6.0.6000.20864_none_2fc51a20255f7e61\PresentationFramework.Luna.dll
+ 2008-06-20 01:14:43 397,312 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.luna_31bf3856ad364e35_6.0.6001.18096_none_31034ae5097ef8e2\PresentationFramework.Luna.dll
+ 2008-06-20 01:13:31 397,312 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.luna_31bf3856ad364e35_6.0.6001.22208_none_31f039762251cd08\PresentationFramework.Luna.dll
+ 2008-06-20 01:18:03 163,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.royale_31bf3856ad364e35_6.0.6000.16708_none_e8d6f689ad14b5dd\PresentationFramework.Royale.dll
+ 2008-06-20 01:12:56 163,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.royale_31bf3856ad364e35_6.0.6000.20864_none_e91bb2a4c66697f1\PresentationFramework.Royale.dll
+ 2008-06-20 01:14:43 163,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.royale_31bf3856ad364e35_6.0.6001.18096_none_ea59e369aa861272\PresentationFramework.Royale.dll
+ 2008-06-20 01:13:31 163,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework.royale_31bf3856ad364e35_6.0.6001.22208_none_eb46d1fac358e698\PresentationFramework.Royale.dll
+ 2008-06-20 01:18:03 5,283,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6000.16708_none_6ca8219658c89e97\PresentationFramework.dll
+ 2008-11-24 23:44:27 5,283,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6000.16780_none_6c499fe65910b367\PresentationFramework.dll
+ 2008-06-20 01:12:56 5,283,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6000.20864_none_6cecddb1721a80ab\PresentationFramework.dll
+ 2008-11-24 23:43:38 5,283,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6000.20964_none_6cecdf97721a7dd2\PresentationFramework.dll
+ 2008-06-20 01:14:43 5,283,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6001.18096_none_6e2b0e765639fb2c\PresentationFramework.dll
+ 2008-11-24 23:34:47 5,283,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6001.18173_none_6e3daf56562c746c\PresentationFramework.dll
+ 2008-06-20 01:13:31 5,283,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6001.22208_none_6f17fd076f0ccf52\PresentationFramework.dll
+ 2008-11-24 23:57:19 5,283,840 ----a-w c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6001.22317_none_6f0c2eb76f15cf13\PresentationFramework.dll
+ 2008-06-20 01:18:04 132,120 ----a-w c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6000.16708_none_6e2d32c922d172b5\PresentationHostDLL.dll
+ 2008-06-20 01:12:57 132,120 ----a-w c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6000.20864_none_6e71eee43c2354c9\PresentationHostDLL.dll
+ 2008-06-20 01:14:44 132,120 ----a-w c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6001.18096_none_6fb01fa92042cf4a\PresentationHostDLL.dll
+ 2008-06-20 01:13:32 132,120 ----a-w c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6001.22208_none_709d0e3a3915a370\PresentationHostDLL.dll
+ 2008-06-20 01:18:05 326,160 ----a-w c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6000.16708_none_6e15f8e122f01527\PresentationHost.exe
+ 2008-06-20 01:12:58 326,160 ----a-w c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6000.20864_none_6e5ab4fc3c41f73b\PresentationHost.exe
+ 2008-06-20 01:14:45 326,160 ----a-w c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6001.18096_none_6f98e5c1206171bc\PresentationHost.exe
+ 2008-06-20 01:13:33 326,160 ----a-w c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6001.22208_none_7085d452393445e2\PresentationHost.exe
+ 2008-06-20 01:18:05 43,544 ----a-w c:\windows\winsxs\x86_wpf-presentationhostproxy_31bf3856ad364e35_6.0.6000.16708_none_28acdc3c7ca15459\PresentationHostProxy.dll
+ 2008-06-20 01:12:58 43,544 ----a-w c:\windows\winsxs\x86_wpf-presentationhostproxy_31bf3856ad364e35_6.0.6000.20864_none_28f1985795f3366d\PresentationHostProxy.dll
+ 2008-06-20 01:14:45 43,544 ----a-w c:\windows\winsxs\x86_wpf-presentationhostproxy_31bf3856ad364e35_6.0.6001.18096_none_2a2fc91c7a12b0ee\PresentationHostProxy.dll
+ 2008-06-20 01:13:33 43,544 ----a-w c:\windows\winsxs\x86_wpf-presentationhostproxy_31bf3856ad364e35_6.0.6001.22208_none_2b1cb7ad92e58514\PresentationHostProxy.dll
+ 2008-06-20 01:18:05 781,344 ----a-w c:\windows\winsxs\x86_wpf-presentationnative_31bf3856ad364e35_6.0.6000.16708_none_54e7d16a49527fd6\PresentationNative_v0300.dll
+ 2008-06-20 01:12:58 781,344 ----a-w c:\windows\winsxs\x86_wpf-presentationnative_31bf3856ad364e35_6.0.6000.20864_none_552c8d8562a461ea\PresentationNative_v0300.dll
+ 2008-06-20 01:14:45 781,344 ----a-w c:\windows\winsxs\x86_wpf-presentationnative_31bf3856ad364e35_6.0.6001.18096_none_566abe4a46c3dc6b\PresentationNative_v0300.dll
+ 2008-06-20 01:13:33 781,344 ----a-w c:\windows\winsxs\x86_wpf-presentationnative_31bf3856ad364e35_6.0.6001.22208_none_5757acdb5f96b091\PresentationNative_v0300.dll
+ 2008-06-20 01:18:03 528,384 ----a-w c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6000.16708_none_fe4bf0c02b8bb752\ReachFramework.dll
+ 2008-06-20 01:12:56 528,384 ----a-w c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6000.20864_none_fe90acdb44dd9966\ReachFramework.dll
+ 2008-06-20 01:14:43 528,384 ----a-w c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6001.18096_none_ffcedda028fd13e7\ReachFramework.dll
+ 2008-06-20 01:13:31 528,384 ----a-w c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6001.22208_none_00bbcc3141cfe80d\ReachFramework.dll
+ 2008-01-21 02:35:12 688,128 ----a-w c:\windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6000.16708_none_7fdeb5cb1f6006f4\System.Speech.dll
+ 2008-01-21 02:35:12 688,128 ----a-w c:\windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6000.20864_none_802371e638b1e908\System.Speech.dll
+ 2008-01-21 02:35:12 688,128 ----a-w c:\windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6001.18096_none_8161a2ab1cd16389\System.Speech.dll
+ 2008-01-21 02:35:12 688,128 ----a-w c:\windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6001.22208_none_824e913c35a437af\System.Speech.dll
+ 2008-06-20 01:18:03 167,936 ----a-w c:\windows\winsxs\x86_wpf-uiautomationclient_31bf3856ad364e35_6.0.6000.16708_none_d89abdc0441aa5f7\UIAutomationClient.dll
+ 2008-06-20 01:12:57 167,936 ----a-w c:\windows\winsxs\x86_wpf-uiautomationclient_31bf3856ad364e35_6.0.6000.20864_none_d8df79db5d6c880b\UIAutomationClient.dll
+ 2008-06-20 01:14:43 167,936 ----a-w c:\windows\winsxs\x86_wpf-uiautomationclient_31bf3856ad364e35_6.0.6001.18096_none_da1daaa0418c028c\UIAutomationClient.dll
+ 2008-06-20 01:13:31 167,936 ----a-w c:\windows\winsxs\x86_wpf-uiautomationclient_31bf3856ad364e35_6.0.6001.22208_none_db0a99315a5ed6b2\UIAutomationClient.dll
+ 2008-06-20 01:18:03 385,024 ----a-w c:\windows\winsxs\x86_wpf-uiautomationclientsideproviders_31bf3856ad364e35_6.0.6000.16708_none_52ddd5f551389366\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:12:57 385,024 ----a-w c:\windows\winsxs\x86_wpf-uiautomationclientsideproviders_31bf3856ad364e35_6.0.6000.20864_none_532292106a8a757a\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:14:43 385,024 ----a-w c:\windows\winsxs\x86_wpf-uiautomationclientsideproviders_31bf3856ad364e35_6.0.6001.18096_none_5460c2d54ea9effb\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:13:31 385,024 ----a-w c:\windows\winsxs\x86_wpf-uiautomationclientsideproviders_31bf3856ad364e35_6.0.6001.22208_none_554db166677cc421\UIAutomationClientsideProviders.dll
+ 2008-06-20 01:18:03 40,960 ----a-w c:\windows\winsxs\x86_wpf-uiautomationprovider_31bf3856ad364e35_6.0.6000.16708_none_02be96e58dc41a05\UIAutomationProvider.dll
+ 2008-06-20 01:12:57 40,960 ----a-w c:\windows\winsxs\x86_wpf-uiautomationprovider_31bf3856ad364e35_6.0.6000.20864_none_03035300a715fc19\UIAutomationProvider.dll
+ 2008-06-20 01:14:43 40,960 ----a-w c:\windows\winsxs\x86_wpf-uiautomationprovider_31bf3856ad364e35_6.0.6001.18096_none_044183c58b35769a\UIAutomationProvider.dll
+ 2008-06-20 01:13:31 40,960 ----a-w c:\windows\winsxs\x86_wpf-uiautomationprovider_31bf3856ad364e35_6.0.6001.22208_none_052e7256a4084ac0\UIAutomationProvider.dll
+ 2008-06-20 01:18:03 98,304 ----a-w c:\windows\winsxs\x86_wpf-uiautomationtypes_31bf3856ad364e35_6.0.6000.16708_none_5b33e6fd9dc2c35f\UIAutomationTypes.dll
+ 2008-06-20 01:12:57 98,304 ----a-w c:\windows\winsxs\x86_wpf-uiautomationtypes_31bf3856ad364e35_6.0.6000.20864_none_5b78a318b714a573\UIAutomationTypes.dll
+ 2008-06-20 01:14:43 98,304 ----a-w c:\windows\winsxs\x86_wpf-uiautomationtypes_31bf3856ad364e35_6.0.6001.18096_none_5cb6d3dd9b341ff4\UIAutomationTypes.dll
+ 2008-06-20 01:13:31 98,304 ----a-w c:\windows\winsxs\x86_wpf-uiautomationtypes_31bf3856ad364e35_6.0.6001.22208_none_5da3c26eb406f41a\UIAutomationTypes.dll
+ 2008-06-20 01:18:03 1,245,184 ----a-w c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6000.16708_none_558ed2744a98566d\WindowsBase.dll
+ 2008-06-20 01:12:57 1,245,184 ----a-w c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6000.20864_none_55d38e8f63ea3881\WindowsBase.dll
+ 2008-06-20 01:14:44 1,245,184 ----a-w c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6001.18096_none_5711bf544809b302\WindowsBase.dll
+ 2008-06-20 01:13:32 1,245,184 ----a-w c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6001.22208_none_57feade560dc8728\WindowsBase.dll
+ 2008-06-20 01:18:03 94,208 ----a-w c:\windows\winsxs\x86_wpf-windowsformsintegration_31bf3856ad364e35_6.0.6000.16708_none_f83dd4f37ea24879\WindowsFormsIntegration.dll
+ 2008-06-20 01:12:57 94,208 ----a-w c:\windows\winsxs\x86_wpf-windowsformsintegration_31bf3856ad364e35_6.0.6000.20864_none_f882910e97f42a8d\WindowsFormsIntegration.dll
+ 2008-06-20 01:14:44 94,208 ----a-w c:\windows\winsxs\x86_wpf-windowsformsintegration_31bf3856ad364e35_6.0.6001.18096_none_f9c0c1d37c13a50e\WindowsFormsIntegration.dll
+ 2008-06-20 01:13:32 94,208 ----a-w c:\windows\winsxs\x86_wpf-windowsformsintegration_31bf3856ad364e35_6.0.6001.22208_none_faadb06494e67934\WindowsFormsIntegration.dll
+ 2008-06-20 01:18:04 25,616 ----a-w c:\windows\winsxs\x86_wpf-xamlviewer_31bf3856ad364e35_6.0.6000.16708_none_543012117fbf197d\XamlViewer_v0300.exe
+ 2008-06-20 01:12:58 25,616 ----a-w c:\windows\winsxs\x86_wpf-xamlviewer_31bf3856ad364e35_6.0.6000.20864_none_5474ce2c9910fb91\XamlViewer_v0300.exe
+ 2008-06-20 01:14:45 25,616 ----a-w c:\windows\winsxs\x86_wpf-xamlviewer_31bf3856ad364e35_6.0.6001.18096_none_55b2fef17d307612\XamlViewer_v0300.exe
+ 2008-06-20 01:13:33 25,616 ----a-w c:\windows\winsxs\x86_wpf-xamlviewer_31bf3856ad364e35_6.0.6001.22208_none_569fed8296034a38\XamlViewer_v0300.exe
+ 2008-06-20 01:18:05 301,568 ----a-w c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6000.16708_none_c75532110b61771a\XPSViewer.exe
+ 2008-06-20 01:12:59 301,568 ----a-w c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6000.20864_none_c799ee2c24b3592e\XPSViewer.exe
+ 2008-06-20 01:14:45 301,568 ----a-w c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6001.18096_none_c8d81ef108d2d3af\XPSViewer.exe

clubECGR · 2009/02/05

Finale

I didn't made this long post, it was ComboFix. The first one I posted was from another Combo Fix.

+ 2008-06-20 01:13:33 301,568 ----a-w c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6001.22208_none_c9c50d8221a5a7d5\XPSViewer.exe
+ 2008-06-20 01:18:06 1,138,688 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.activities_31bf3856ad364e35_6.0.6000.16708_none_3087b8727ad0e447\System.Workflow.Activities.dll
+ 2008-06-20 01:12:59 1,138,688 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.activities_31bf3856ad364e35_6.0.6000.20864_none_30cc748d9422c65b\System.Workflow.Activities.dll
+ 2008-06-20 01:14:46 1,138,688 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.activities_31bf3856ad364e35_6.0.6001.18096_none_320aa552784240dc\System.Workflow.Activities.dll
+ 2008-06-20 01:13:34 1,138,688 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.activities_31bf3856ad364e35_6.0.6001.22208_none_32f793e391151502\System.Workflow.Activities.dll
+ 2008-06-20 01:18:06 1,630,208 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.componentmodel_31bf3856ad364e35_6.0.6000.16708_none_8a05df0910e7dfb8\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:13:00 1,630,208 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.componentmodel_31bf3856ad364e35_6.0.6000.20864_none_8a4a9b242a39c1cc\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:14:47 1,630,208 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.componentmodel_31bf3856ad364e35_6.0.6001.18096_none_8b88cbe90e593c4d\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:13:35 1,630,208 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.componentmodel_31bf3856ad364e35_6.0.6001.22208_none_8c75ba7a272c1073\System.Workflow.ComponentModel.dll
+ 2008-06-20 01:18:07 540,672 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.runtime_31bf3856ad364e35_6.0.6000.16708_none_633ca329a2d930cc\System.Workflow.Runtime.dll
+ 2008-06-20 01:13:00 540,672 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.runtime_31bf3856ad364e35_6.0.6000.20864_none_63815f44bc2b12e0\System.Workflow.Runtime.dll
+ 2008-06-20 01:14:47 540,672 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.runtime_31bf3856ad364e35_6.0.6001.18096_none_64bf9009a04a8d61\System.Workflow.Runtime.dll
+ 2008-06-20 01:13:35 540,672 ----a-w c:\windows\winsxs\x86_wwf-system.workflow.runtime_31bf3856ad364e35_6.0.6001.22208_none_65ac7e9ab91d6187\System.Workflow.Runtime.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@= "{A8D448F4-0431-45AC-9F5E-E1B434AB2249} "
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 08:08 143360 --a------ c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel "= "c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-12-06 2387968]
"Messenger (Yahoo!) "= "c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-09-20 4347120]
"PC Suite Tray "= "c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"WMPNSCFG "= "c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration "= "c:\progra~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2006-10-27 32560]
"HControlUser "= "c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
"ATKOSD2 "= "c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-24 7766016]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2008-02-22 141848]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2008-02-22 166424]
"Persistence "= "c:\windows\system32\igfxpers.exe" [2008-02-22 133656]
"SynTPEnh "= "c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ASUS Camera ScreenSaver "= "c:\windows\ASScrProlog.exe" [2008-08-25 37232]
"ASUS Screen Saver Protector "= "c:\windows\ASScrPro.exe" [2008-08-25 33136]
"TkBellExe "= "c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-19 185896]
"Malwarebytes' Anti-Malware "= "c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-01-14 399504]
"AVG8_TRAY "= "c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-04 1601304]
"RtHDVCpl "= "RtHDVCpl.exe" [2007-11-23 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv "= "grpconv -o" [X]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-04-11 752168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA "= 0 (0x0)
"EnableUIADesktopToggle "= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs "=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp "= l3codecp.acm
"msacm.avis "= ff_acm.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\i:\0autocheck autochk /r \??\h:\0autocheck autochk /r \??\G:\0autocheck autochk *

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-12 13:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
-r------- 2007-11-17 11:20 91432 c:\program files\CyberLink\Shared Files\brs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
--a------ 2008-07-19 10:52 104936 c:\program files\CyberLink\Power2Go\CLMLSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2006-10-27 15:47 31016 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--------- 2007-10-11 12:06 62760 c:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
--a------ 2008-06-14 09:11 210216 c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2008-07-07 15:34 167936 c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2007-10-28 09:35 72736 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-10-18 16:24 136600 c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-10-19 17:34 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2006-09-08 01:19 15872 c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
--------- 2008-01-05 02:02 222504 c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2604780666-1855635130-1160332280-1000]
"EnableNotificationsRef "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E6D5117B-3B59-4AD3-8131-89637E355324} "= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{9CE88676-B457-421D-BB8B-94858452D8BF} "= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{ADD9768A-B85E-4F2F-9051-F04001D47C94} "= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{0F1526F2-698A-4EC8-AD75-A50D789FAC0E} "= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{7603A25D-882D-4C67-BBE9-E13B47081310} "= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{C223190F-67DF-44B6-843E-B814852C9E30} "= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{5DDFBBA9-2D8F-4FA6-A664-8693C3A7B7B0} "= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{EDF86280-60E8-4FD2-92CE-80673B1ABFF5} "= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3F1C817B-AAEF-42ED-B4C2-3F71D9750568} "= c:\program files\Cyberlink\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"TCP Query User{1D9CF969-4B70-41C0-A067-7BDC0C2DCAE1}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe "= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"UDP Query User{C0B8E7EF-B475-41EB-BA5A-18BCA13B6219}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe "= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"{3DDBCAB7-B44E-4CA5-9319-1567406E6C9B} "= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{E228A32D-5C8C-4C72-8282-B824569F0669} "= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{21AB7F65-718D-4B69-9468-03065D39B3B5} "= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{AEB28633-F226-4753-9CB4-056573A2BE9E} "= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{DA354452-5B8C-4700-8C0A-1470459F18AA} "= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{F5BCCFD2-9972-4A8F-AA07-A24DA725DB92} "= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"TCP Query User{4C0E4E2E-C1BC-4777-96B6-7612D3B95D22}c:\\program files\\mozilla firefox\\firefox.exe "= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{691488C3-E5A0-458C-97B7-D0FA59125057}c:\\program files\\mozilla firefox\\firefox.exe "= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{81AB6F39-85E8-4737-8D0A-95DB9D999745}c:\\program files\\mozilla firefox\\firefox.exe "= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{FB21594E-55DC-4C7B-A18A-7258EC7E0F73}c:\\program files\\mozilla firefox\\firefox.exe "= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions "= 0 (0x0)

R3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [2008-04-07 6656]
S0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [2009-02-03 28544]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2009-02-04 325128]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2009-02-04 107272]
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};c:\program files\CyberLink\PowerDVD\000.fcl [2007-11-03 00:12:32 41456]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-04 298264]
S2 gupdate1c96116a681bcde;Google Update Service (gupdate1c96116a681bcde);c:\program files\Google\Update\GoogleUpdate.exe [2008-12-18 133104]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2008-10-23 170640]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-01-17 603904]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2008-08-25 29736]
S3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [2008-10-23 15504]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ECACHE

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a856c20-cd85-11dd-8d1d-0022159e66e6}]
\shell\AutoRun\command - G:\bar311.exe %1
\shell\Explore\command - G:\bar311.exe %1
\shell\Open\command - G:\bar311.exe %1

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f3ea8dfd-9e9d-11dd-87d1-002243a02cfb}]
\shell\AutoRun\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\SYS32.exe
\shell\open\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\SYS32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe "
.
Contents of the 'Scheduled Tasks' folder

2009-02-05 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 16:28]

2009-02-05 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-18 21:43]

2009-02-02 c:\windows\Tasks\Malwarebytes' Scheduled Update for Chris.job
- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-01-14 16:11]

2009-02-05 c:\windows\Tasks\User_Feed_Synchronization-{CC929265-66CD-41B1-8FA6-F9C1E6663B87}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 10:34]
.
- - - - ORPHANS REMOVED - - - -

HKLM-RunOnce-<NO NAME> - (no file)

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\lwk7zeyx.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "ui.allow_platform_file_picker ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.cookie.p3plevel ", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.enablePad ", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.remember_cert_checkbox_default_setting ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.urlbar.hideGoButton ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.search.param.Google.1.default ", "chrome://branding/content/searchconfig.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.search.param.Google.1.custom ", "chrome://branding/content/searchconfig.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "signon.prefillForms ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.enabled ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.remoteLookups ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.updateURL ", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}& ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.lookupURL ", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}& ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.reportURL ", "http://sb.google.com/safebrowsing/report? ");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-05 23:22:03
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\ADSM_PData_0150

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1336)
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
Completion time: 2009-02-05 23:23:59
ComboFix-quarantined-files.txt 2009-02-05 15:23:57
ComboFix2.txt 2009-02-05 06:00:33
ComboFix3.txt 2009-02-04 00:34:26

Pre-Run: The system cannot find message text for message number 0x2379 in the message file for Application.
Post-Run: 6,605,479,936 bytes free

2003 --- E O F --- 2009-02-05 13:08:36

noahdfear · 2009/02/10

You have a flash drive infection. Please download Flash_Disinfector by sUBs and save it to your desktop:

NOTE: In the event you already have Flash_Disinfector, this is a new version that I need you to download.

Plug in your USB flash drive.

Double-click Flash_Disinfector.exe to run it.

Follow any prompts that may appear.

Your desktop will vanish for a while, and then reappear. This is normal.

Wait until the program has finished scanning, then please exit the program. If you use more than 1 flash drive, run the tool with each plugged in.

Now, highlight and copy the contents of the code box below.
Code:
reg delete HKCU\software\microsoft\windows\currentversion\explorer\mountpoints2 /f
exit
cls
Click Start>Run and type cmd then hit enter to open a command window. Right click in the command window and select paste. The command window will close on it's own.

Restart the machine then run DDS again and post only the DDS.txt log here. Let me know if any problems persist.

clubECGR · 2009/02/10

What's DDS? I searched the internet and came up with DDS.scr. Is that it?

I deleted the said code and it was succesful. didn't typed the cls one as it exited. rebooted the laptop.

Here's the DDS.txt. No problems here.

DDS (Version 1.1.0) - NTFSx86
Run by Chris at 19:43:28.64 on 02/10/2009 Tue
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_10

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\asus\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\agrsmsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\ACEngSvr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Windows\system32\PSIService.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\asus\NB Probe\SPM\spmgr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\TUProgSt.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Chris\Desktop\dds.scr
C:\Windows\system32\conime.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program files\google\google gears\internet explorer\0.5.4.2\gears.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Microsoft Pinyin IME Migration] c:\progra~1\common~1\micros~1\ime12\imesc\IMSCMIG.EXE /INSTALL
mRun: [HControlUser] "c:\program files\atk hotkey\HcontrolUser.exe "
mRun: [ATKOSD2] "c:\program files\atkosd2\ATKOSD2.exe "
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ASUS Camera ScreenSaver] c:\windows\ASScrProlog.exe
mRun: [ASUS Screen Saver Protector] c:\windows\ASScrPro.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
dRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.4.2\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: avgrsstx.dll
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\lwk7zeyx.default\
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbarff\components\vmAVGConnector.dll

ATTENTION: FIREFOX POLICES IS IN FORCE
c:\program files\mozilla firefox\greprefs\all.js - pref( "general.useragent.contentlocale ", "chrome://navigator-region/locale/region.properties ");
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.tabs.warnOnCloseOther ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.tabs.loadGroup ", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.tabs.loadOnNewTab ", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.windows.loadOnNewWindow ", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.allow_platform_file_picker ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "capability.policy.default.HTMLDocument.open.get ", "allAccess ");
c:\program files\mozilla firefox\greprefs\all.js - pref( "capability.policy.default.Window.Components ", "allAccess ");
c:\program files\mozilla firefox\greprefs\all.js - pref( "capability.policy.default.Window.document.get ", "allAccess ");
c:\program files\mozilla firefox\greprefs\all.js - pref( "dom.disable_window_open_feature.resizable ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.http.max-connections ", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.http.max-connections-per-server ", 8);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.http.max-persistent-connections-per-server ", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.http.max-persistent-connections-per-proxy ", 4);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.http.accept.default ", "text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 ");
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.dns.ipv4OnlyDomains ", ".doubleclick.net ");
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.standard-url.encode-utf8 ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.image.warnAboutImages ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.cookie.p3p ", "ffffaaaa ");
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.cookie.p3plevel ", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.enablePad ", false); // Allow client to do proxy autodiscovery
c:\program files\mozilla firefox\greprefs\all.js - pref( "ime.password.onFocus.dontCare ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ime.password.onBlur.dontCare ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.remember_cert_checkbox_default_setting ", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.warn_entering_secure ", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.warn_leaving_secure ", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.warn_submit_insecure ", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.OCSP.enabled ", 0);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ui.enable ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "app.update.nagTimer.download ", 86400);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "app.update.nagTimer.restart ", 1800);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.update.url ", "chrome://mozapps/locale/extensions/extensions.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.getMoreExtensionsURL ", "http://%LOCALE%.add-ons.mozilla.com/%LOCALE%/%APP%/%VERSION%/extensions/ ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.getMoreThemesURL ", "http://%LOCALE%.add-ons.mozilla.com/%LOCALE%/%APP%/%VERSION%/themes/ ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.urlbar.hideGoButton ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.search.param.Google.1.default ", "chrome://branding/content/searchconfig.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.search.param.Google.1.custom ", "chrome://branding/content/searchconfig.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.search.order.Yahoo.1 ", "chrome://branding/content/searchconfig.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.search.order.Yahoo.2 ", "chrome://branding/content/searchconfig.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.search.order.Yahoo ", "chrome://branding/content/searchconfig.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.disable_window_open_feature.location ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "privacy.item.history ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "privacy.item.formdata ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "privacy.item.passwords ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "privacy.item.downloads ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "privacy.item.cookies ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "privacy.item.cache ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "privacy.item.siteprefs ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "privacy.item.sessions ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "network.cookie.enableForCurrentSessionOnly ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "alerts.height ", 50);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "signon.prefillForms ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "security.warn_entering_secure.show_once ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "security.warn_leaving_secure.show_once ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "security.warn_submit_insecure.show_once ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.enabled ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.remoteLookups ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.updateURL ", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}& ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.lookupURL ", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}& ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.safebrowsing.provider.0.reportURL ", "http://sb.google.com/safebrowsing/report? ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.EULA.2.accepted ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.EULA.version ", 2);

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-2-3 28544]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-4 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-4 107272]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};\??\c:\program files\cyberlink\powerdvd\000.fcl [2007-11-3 41456]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-4 298264]
R2 MBAMService;MBAMService; "c:\program files\malwarebytes' anti-malware\mbamservice.exe" [2008-10-23 170640]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-1-17 603904]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\drivers\CRFILTER.sys [2008-4-7 6656]
R3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys [2008-10-23 15504]
S2 gupdate1c96116a681bcde;Google Update Service (gupdate1c96116a681bcde); "c:\program files\google\update\GoogleUpdate.exe" /svc [2008-12-18 133104]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-8-25 29736]

=============== Created Last 30 ================

2009-02-09 19:19 5,174 a------- c:\windows\system32\nppt9x.vxd
2009-02-09 19:19 4,682 a------- c:\windows\system32\npptNT2.sys
2009-02-09 19:18 <DIR> --d----- c:\program files\common files\INCA Shared
2009-02-08 11:42 45,056 a------- c:\windows\system32\acovcnt.exe
2009-02-07 23:04 86,016 a------- c:\windows\unvise32.exe
2009-02-07 23:04 <DIR> --d----- c:\program files\DivXLand
2009-02-07 17:25 318,976 a------- c:\windows\system32\cmd.execf
2009-02-07 17:23 <DIR> --d----- C:\ComboFix
2009-02-07 17:23 318,976 a------- c:\windows\system32\CF8909.exe
2009-02-05 21:00 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-02-05 21:00 97,800 a------- c:\windows\system32\infocardapi.dll
2009-02-05 21:00 622,080 a------- c:\windows\system32\icardagt.exe
2009-02-05 21:00 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-02-05 21:00 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-02-05 21:00 11,264 a------- c:\windows\system32\icardres.dll
2009-02-05 21:00 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-02-05 21:00 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-02-05 20:50 96,760 a------- c:\windows\system32\dfshim.dll
2009-02-05 20:50 282,112 a------- c:\windows\system32\mscoree.dll
2009-02-05 20:50 41,984 a------- c:\windows\system32\netfxperf.dll
2009-02-05 20:50 158,720 a------- c:\windows\system32\mscorier.dll
2009-02-05 20:50 83,968 a------- c:\windows\system32\mscories.dll
2009-02-04 21:05 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-02-04 09:59 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-04 09:59 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-02-04 09:59 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-02-04 09:59 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-02-04 08:07 <DIR> --dsh--- C:\found.000
2009-02-04 07:39 161,792 a------- c:\windows\SWREG.exe
2009-02-04 07:39 98,816 a------- c:\windows\sed.exe
2009-02-03 21:39 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2009-02-03 21:35 <DIR> --d----- c:\program files\Panda Security
2009-02-03 21:11 <DIR> --d----- c:\program files\Trend Micro
2009-02-01 15:27 <DIR> --d----- c:\program files\Opera 10 Preview
2009-01-30 14:53 19,170,816 a------- c:\windows\system32\imageres.dll
2009-01-27 19:44 <DIR> --d----- C:\My Recordings
2009-01-27 19:43 1,355,776 a------- c:\windows\system32\msvbvm50.dll
2009-01-27 19:43 <DIR> --d----- c:\program files\FREE Hi-Q Recorder
2009-01-25 11:43 36,864 a------- c:\windows\system32\SDDEVMGR.dll
2009-01-23 20:51 <DIR> --d----- c:\program files\common files\PCSuite
2009-01-23 20:49 18,816 a------- c:\windows\system32\drivers\pccsmcfd.sys
2009-01-23 20:49 <DIR> --d----- c:\program files\PC Connectivity Solution
2009-01-19 22:29 <DIR> --d----- c:\program files\Direct MIDI to MP3 Converter
2009-01-19 21:26 <DIR> --d----- c:\program files\feng
2009-01-17 22:58 <DIR> --d----- c:\windows\Replay Video Capture
2009-01-17 20:42 642,048 a------- c:\windows\system32\calc.exe
2009-01-17 20:39 1,152,000 a------- c:\windows\system32\themecpl.dll
2009-01-17 14:36 <DIR> --d----- c:\programdata\Stardock
2009-01-17 14:36 <DIR> --d----- c:\progra~2\Stardock
2009-01-17 14:36 567,040 a------- c:\windows\system32\wbocx.ocx
2009-01-17 14:36 56,496 a------- c:\windows\system32\wbhelp2.dll
2009-01-17 14:36 <DIR> --d----- c:\program files\Stardock
2009-01-17 14:24 603,904 a------- c:\windows\system32\TUProgSt.exe
2009-01-17 14:24 27,904 a------- c:\windows\system32\uxtuneup.dll
2009-01-17 14:24 17,152 a------- c:\windows\system32\authuitu.dll
2009-01-17 14:24 362,240 a------- c:\windows\system32\TuneUpDefragService.exe
2009-01-17 14:24 <DIR> --d----- c:\users\chris\appdata\roaming\TuneUp Software
2009-01-17 14:23 <DIR> --d----- c:\programdata\TuneUp Software
2009-01-17 14:23 <DIR> --d----- c:\program files\TuneUp Utilities 2009
2009-01-17 14:23 <DIR> --d----- c:\progra~2\TuneUp Software
2009-01-17 14:23 <DIR> --dsh--- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-17 14:23 <DIR> --dsh--- c:\progra~2\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-17 13:34 201,048,984 a------- c:\windows\MEMORY.DMP
2009-01-17 10:58 <DIR> --d----- c:\program files\PowerISO
2009-01-15 12:39 <DIR> --d----- c:\program files\AskBarDis
2009-01-15 12:36 <DIR> --d----- c:\programdata\avg8
2009-01-15 12:36 <DIR> --d----- c:\program files\AVG
2009-01-15 12:36 <DIR> --d----- c:\progra~2\avg8
2009-01-15 12:31 <DIR> --d----- c:\windows\E80F62FF5D3C4A1984099721F2928206.TMP
2009-01-14 21:28 288,768 a------- c:\windows\system32\drivers\srv.sys

==================== Find3M ====================

2009-02-02 18:35 143,360 a------- c:\windows\inf\infstrng.dat
2009-02-02 18:35 51,200 a------- c:\windows\inf\infpub.dat
2009-01-23 20:52 86,016 a------- c:\windows\inf\infstor.dat
2009-01-18 13:21 319,456 a------- c:\windows\DIFxAPI.dll
2009-01-14 16:11 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 16:11 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-12 11:18 87,336 a------- c:\windows\system32\dns-sd.exe
2008-12-12 11:11 61,440 a------- c:\windows\system32\dnssd.dll
2008-11-25 10:35 84 a---h--- c:\programdata\aspg.dat
2008-11-25 10:35 84 a---h--- c:\progra~2\aspg.dat
2008-10-19 19:05 456,272 a------- c:\programdata\pswi_preloaded.exe
2008-10-19 19:05 456,272 a------- c:\progra~2\pswi_preloaded.exe
2008-10-18 15:34 81,920 a------- c:\users\chris\appdata\roaming\ezpinst.exe
2008-10-18 15:34 47,360 a------- c:\users\chris\appdata\roaming\pcouffin.sys
2008-08-25 07:32 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-21 10:57 174 a--sh--- c:\program files\desktop.ini
2006-11-02 20:39 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 20:39 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 20:39 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 20:39 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 17:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 17:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 17:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 17:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2007-06-10 15:04 108 a--shr-- c:\windows\neoqaz2.dll
2009-02-10 19:44 262,144 a--sh--- c:\windows\serviceprofiles\networkservice\NTUSER.DAT
2008-10-20 13:54 88 a--shr-- c:\windows\system32\7A81B36C98.sys
2008-10-20 13:55 2,828 a--sh--- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 19:45:57.48 ===============

noahdfear · 2009/02/10

Sorry about the vague instructions regarding DDS ..... you did get the right thing. Log looks good too. Lets get an online scan now to see if anything's been missed.

Please do an online scan with Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

Click Run at the Security prompt.

The program will then begin downloading and installing and will also update the database.

Please be patient as this can take several minutes.

Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.

Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.

Click View scan report at the bottom.

Click the Save Report As... button.

Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

Close any open programs.

Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Post the Kaspersky log here.

clubECGR · 2009/02/11

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, February 11, 2009
Operating System: Microsoft Windows Vista Home Basic Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, February 11, 2009 05:22:02
Records in database: 1780916
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 195220
Threat name: 2
Infected objects: 2
Suspicious objects: 0
Duration of the scan: 04:22:59

File name / Threat name / Threats count
C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\components\iamfamous.dll.vir Infected: Rootkit.Win32.TDSS.eyj 1
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TD98J79G\downloader[1].vbs Infected: Trojan-Downloader.JS.Psyme.amv 1

The selected area was scanned.

I manually deleted them. One file in System32 keeps on appearing, it's av-something. but it's not being detected but it was detected before it was quarantined. I'll reboot the laptop for the windows update to work

noahdfear · 2009/02/12

Please let me know if the file in system32 you refer to returns, and what it's name is. Otherwise everything looks good and we can begin the process of cleaning up our tools.

clubECGR · 2009/02/13

acovcnt.exe, keeps on appearing. It was detected before but not anymore. it's 44kb and an application. It gives me suspicious.

Other files on top of the sytem32 folder are:

CF8909.exe, cmd.execf, dslider.ocx, msflxgrd.ocx, nppt9x.vxd, npptNT2.sys, vbalIml6.ocx, comdlg32.ocx, msvbvm50.dll, SDDEVMGR.dll

I think these files are safe but it's weird that there were inserted on top of the system32 folder instead on below the list.

Log in or Sign up

Inactive PC being Monitored? Can't update anti virus

clubECGR Inactive Thread Starter

noahdfear Inactive

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

noahdfear Inactive

clubECGR Inactive Thread Starter

noahdfear Inactive

clubECGR Inactive Thread Starter

noahdfear Inactive

clubECGR Inactive Thread Starter

Share This Page

Log in or Sign up

Inactive PC being Monitored? Can't update anti virus

clubECGR Inactive Thread Starter

noahdfear Inactive

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

clubECGR Inactive Thread Starter

noahdfear Inactive

clubECGR Inactive Thread Starter

noahdfear Inactive

clubECGR Inactive Thread Starter

noahdfear Inactive

clubECGR Inactive Thread Starter

Share This Page

Useful Searches