first the anti malware log
Malwarebytes' Anti-Malware 1.34
Database version: 1815
Windows 6.0.6001 Service Pack 1
3/3/2009 11:00:40 AM
mbam-log-2009-03-03 (11-00-40).txt
Scan type: Full Scan (C:\|)
Objects scanned: 203140
Time elapsed: 54 minute(s), 36 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 13
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 11
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\seneka (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\seneka (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seneka (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fvekurediqata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fvekurediqata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\slulewe (Trojan.Agent) -> Delete on reboot.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Windows\Gcofaq.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Steve\AppData\Local\itikopib.dll (Trojan.Agent) -> Delete on reboot.
C:\Windows\System32\senekaxsxqtpvn.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\senekayuodieqq.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\senekadf.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\senekalog.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\seneka.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\senekalifdopgu.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\senekaslrpsxoq.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\TDSScrrx.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\TDSSnbcb.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
now the combofix log
ComboFix 09-03-02.03 - Steve 2009-03-03 11:07:44.2 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.3326.2430 [GMT -8:00]
Running from: c:\users\Steve\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2009-02-03 to 2009-03-03 )))))))))))))))))))))))))))))))
.
2009-03-03 11:11 . 2009-03-03 11:11 261,123,487 --a------ c:\windows\MEMORY.DMP
2009-03-03 10:05 . 2009-03-03 10:05 <DIR> d-------- c:\users\Steve\AppData\Roaming\Malwarebytes
2009-03-03 10:05 . 2009-03-03 10:05 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-03-03 10:05 . 2009-03-03 10:05 <DIR> d-------- c:\programdata\Malwarebytes
2009-03-03 10:05 . 2009-03-03 10:05 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-03 10:05 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-03-03 10:05 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-03-01 20:24 . 2009-03-01 20:24 <DIR> d-------- c:\users\Steve\AppData\Roaming\Smith Micro
2009-03-01 20:22 . 2009-03-01 20:22 <DIR> d-------- c:\program files\Samsung
2009-03-01 20:21 . 2009-03-01 20:21 <DIR> d-------- c:\users\All Users\Tarma Installer
2009-03-01 20:21 . 2009-03-01 20:21 <DIR> d-------- c:\programdata\Tarma Installer
2009-03-01 20:21 . 2009-03-02 18:30 <DIR> d-------- c:\program files\Sprint Instinct Applications
2009-03-01 20:21 . 2008-06-04 23:59 222,552 --a------ c:\windows\RM.exe
2009-02-26 07:43 . 2006-01-06 08:52 109,568 --------- c:\windows\System32\pxinsi64.exe
2009-02-26 07:43 . 2006-01-06 08:52 108,544 --------- c:\windows\System32\pxcpyi64.exe
2009-02-26 07:43 . 2006-01-06 08:52 20,640 --------- c:\windows\System32\drivers\PxHelp20.sys
2009-02-25 20:31 . 2009-02-25 20:31 <DIR> d-------- c:\users\Steve\AppData\Roaming\Auslogics
2009-02-25 20:31 . 2009-02-25 20:31 <DIR> d-------- c:\program files\Auslogics
2009-02-24 12:53 . 2009-02-24 12:53 <DIR> d-------- c:\program files\CCleaner
2009-02-24 07:15 . 2009-02-24 07:15 <DIR> d-------- c:\program files\MozBackup
2009-02-19 22:32 . 2009-02-19 22:32 <DIR> d-------- c:\program files\Microsoft Web Designer Tools
2009-02-19 22:32 . 2009-02-19 22:32 <DIR> dr-h----- C:\MSOCache
2009-02-17 18:07 . 2009-02-17 18:07 <DIR> d-------- c:\windows\System32\AGEIA
2009-02-17 18:07 . 2009-02-17 18:07 <DIR> d-------- c:\program files\AGEIA Technologies
2009-02-17 18:03 . 2009-02-17 18:03 <DIR> d-------- c:\users\Steve\AppData\Roaming\SystemRequirementsLab
2009-02-16 19:34 . 2009-02-16 19:34 <DIR> d-------- c:\program files\Recuva
2009-02-12 03:01 . 2009-02-12 03:01 118 --a------ c:\windows\System32\MRT.INI
2009-02-11 19:41 . 2009-01-14 19:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 19:41 . 2009-01-14 22:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-03 09:38 . 2009-02-03 09:38 <DIR> d-------- c:\program files\Common Files\Adobe AIR
2009-02-03 09:37 . 2009-02-03 09:37 <DIR> d-------- c:\users\Steve\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-03 19:01 --------- d-----w c:\users\Steve\AppData\Roaming\Skype
2009-03-03 17:37 --------- d-----w c:\users\Steve\AppData\Roaming\skypePM
2009-03-03 06:36 --------- d-----w c:\program files\Steam
2009-03-03 03:04 --------- d---a-w c:\programdata\TEMP
2009-03-03 02:30 --------- d-----w c:\users\Steve\AppData\Roaming\BitTorrent
2009-03-02 04:22 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-26 15:58 --------- d-----w c:\program files\Winamp
2009-02-26 15:55 --------- d-----w c:\programdata\avg8
2009-02-26 15:46 --------- d-----w c:\program files\DivX
2009-02-24 20:51 --------- d-----w c:\users\Steve\AppData\Roaming\vghd
2009-02-24 20:18 --------- d-----w c:\programdata\Microsoft Help
2009-02-24 20:18 --------- d-----w c:\program files\MSBuild
2009-02-24 20:18 --------- d-----w c:\program files\Microsoft.NET
2009-02-21 17:41 70,968 ----a-w c:\windows\System32\PnkBstrA.exe
2009-02-21 17:41 138,584 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-02-21 17:40 189,672 ----a-w c:\windows\System32\PnkBstrB.exe
2009-02-18 02:10 --------- d-----w c:\programdata\NVIDIA
2009-02-18 02:07 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-18 02:03 --------- d-----w c:\program files\SystemRequirementsLab
2009-02-16 08:33 --------- d-----w c:\program files\Veoh Networks
2009-02-12 11:00 --------- d-----w c:\program files\Windows Mail
2009-02-10 17:46 --------- d-----w c:\users\Steve\AppData\Roaming\DNA
2009-02-10 03:25 --------- d-----w c:\program files\Common Files\Steam
2009-02-05 19:12 --------- d-----w c:\users\Steve\AppData\Roaming\OpenOffice.org2
2009-02-02 05:25 --------- d-----w c:\program files\Trend Micro
2009-01-29 03:35 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-01-29 03:35 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-01-29 03:35 10,520 ----a-w c:\windows\System32\avgrsstx.dll
2009-01-26 01:38 --------- d-----w c:\program files\Bonjour
2009-01-16 12:34 40,448 ----a-w c:\windows\System32\chert7-303352.exe
2009-01-16 00:50 --------- d-----w c:\program files\Rainmeter
2009-01-16 00:31 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-16 00:31 --------- d-----w c:\program files\iTunes
2009-01-16 00:31 --------- d-----w c:\program files\iPod
2009-01-16 00:31 --------- d-----w c:\program files\Common Files\Apple
2009-01-15 23:53 --------- d-----w c:\program files\BACKUP MUSIC
2009-01-15 16:33 --------- d-----w c:\users\Steve\AppData\Roaming\mIRC
2009-01-07 19:28 453,152 ----a-w c:\windows\System32\NVUNINST.EXE
2009-01-07 04:44 --------- d-----w c:\program files\DNA
2009-01-07 04:44 --------- d-----w c:\program files\BitTorrent
2008-12-12 19:18 87,336 ----a-w c:\windows\System32\dns-sd.exe
2008-12-12 19:11 61,440 ----a-w c:\windows\System32\dnssd.dll
2008-12-10 17:45 70,936 ----a-w c:\windows\System32\PhysXLoader.dll
2008-12-10 05:28 107,888 ----a-w c:\windows\System32\CmdLineExt.dll
2008-12-04 17:28 24,344 ----a-w c:\windows\System32\PhysXDevice.dll
2008-08-28 02:00 22,328 ----a-w c:\users\Steve\AppData\Roaming\PnkBstrK.sys
2008-05-12 12:03 56 ---ha-w c:\users\All Users\ezsidmv.dat
2008-05-12 12:03 56 ---ha-w c:\programdata\ezsidmv.dat
2008-01-21 02:57 174 --sha-w c:\program files\desktop.ini
.
((((((((((((((((((((((((((((( SnapShot@2009-02-10_10.16.55.91 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-20 06:30:43 245,760 ----a-w c:\windows\assembly\GAC\EnvDTE\8.0.0.0__b03f5f7f11d50a3a\envdte.dll
+ 2009-02-20 06:30:43 135,168 ----a-w c:\windows\assembly\GAC\EnvDTE80\8.0.0.0__b03f5f7f11d50a3a\envdte80.dll
+ 2009-02-20 06:30:43 18,944 ----a-w c:\windows\assembly\GAC\EnvDTE90\9.0.0.0__b03f5f7f11d50a3a\envdte90.dll
+ 2009-02-20 06:30:47 6,656 ----a-w c:\windows\assembly\GAC\Microsoft.Internal.VisualStudio.Shell.Interop.9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Internal.VisualStudio.Shell.Interop.9.0.dll
+ 2009-02-20 06:30:45 176,128 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.Debugger.Interop\8.0.1.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Debugger.Interop.dll
+ 2009-02-20 06:30:45 126,976 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.Debugger.InteropA\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Debugger.InteropA.dll
+ 2009-02-20 06:30:45 118,784 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll
+ 2009-02-20 06:30:45 172,032 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.Shell.Interop.8.0\8.0.0.0__b03f5f7f11d50a3a\microsoft.visualstudio.shell.interop.8.0.dll
+ 2009-02-20 06:30:46 40,960 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.Shell.Interop.9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Shell.Interop.9.0.dll
+ 2009-02-20 06:30:46 249,856 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.Shell.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Shell.Interop.dll
+ 2009-02-20 06:30:46 57,344 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.TextManager.Interop.8.0\8.0.0.0__b03f5f7f11d50a3a\microsoft.visualstudio.textmanager.interop.8.0.dll
+ 2009-02-20 06:30:47 7,680 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.TextManager.Interop.9.0\9.0.0.0__b03f5f7f11d50a3a\microsoft.visualstudio.textmanager.interop.9.0.dll
+ 2009-02-20 06:30:46 114,688 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.TextManager.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.TextManager.Interop.dll
+ 2009-02-20 06:30:47 11,264 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.VSHelp\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.VSHelp.dll
+ 2009-02-20 06:30:47 8,704 ----a-w c:\windows\assembly\GAC\Microsoft.VisualStudio.VSHelp80\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.VSHelp80.dll
+ 2009-02-20 06:30:08 106,496 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2009-02-20 06:30:11 737,280 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-02-20 06:30:11 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-02-20 06:30:11 794,624 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-02-20 06:30:11 94,208 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-02-20 06:30:45 69,632 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.MSXML\8.0.0.0__b03f5f7f11d50a3a\microsoft.msxml.dll
+ 2009-02-20 06:30:10 41,984 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2009-02-20 06:30:45 671,744 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.CommonIDE\9.0.0.0__b03f5f7f11d50a3a\microsoft.visualstudio.commonide.dll
+ 2009-02-20 06:30:45 356,352 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Shell.9.0\2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Shell.9.0.dll
+ 2009-02-20 06:30:45 368,640 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Shell\2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Shell.dll
+ 2009-02-20 06:30:12 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-02-20 06:30:12 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2009-02-20 06:30:12 663,552 ----a-w c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-02-20 06:30:12 53,248 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-02-20 06:30:08 667,648 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-02-20 06:30:08 282,624 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-02-20 06:30:13 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-02-20 06:30:14 233,472 ----a-w c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2009-02-20 06:30:07 496,672 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2009-02-20 06:30:14 327,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-02-20 06:30:15 1,253,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-02-20 06:30:13 10,240 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-02-20 06:30:08 517,152 ----a-w c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-02-20 06:30:14 139,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-02-20 16:55:46 589,824 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\EnvDTE\78ca08c79036543c31b2089be2ca9377\EnvDTE.ni.dll
+ 2009-02-20 16:55:49 294,912 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\EnvDTE80\6b56af31a60770654633756b9d2db3fa\EnvDTE80.ni.dll
+ 2009-02-20 16:55:49 45,056 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\EnvDTE90\473bd872b1764c1f996db941776c6088\EnvDTE90.ni.dll
+ 2009-02-20 16:55:50 237,568 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\2867d6975dcacb6ca61bd76045e386cc\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-02-20 16:55:52 1,892,352 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\89b45a645222f9aef19baa9d9a1e5383\Microsoft.Build.Engine.ni.dll
+ 2009-02-20 16:55:52 94,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\497955c1d17648990c3a3bd7cf2ecaa3\Microsoft.Build.Framework.ni.dll
+ 2009-02-20 16:55:54 1,966,080 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9c5199d690fd60ed39e8f20730263169\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-02-20 16:55:55 196,608 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\bfdafec92f9d015d995d2f95fffff8bc\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-02-20 16:55:56 19,968 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Internal.#\a36df8369d4d31487f6c378677c92e27\Microsoft.Internal.VisualStudio.Shell.Interop.9.0.ni.dll
+ 2009-02-20 16:55:59 315,392 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\
0a95bedffee466d7abf572f5ec5bd2cf\Microsoft.VisualStudio.OLE.Interop.ni.dll
+ 2009-02-20 16:56:01 90,112 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1421f705014ec52a6865bd5d6e2a1237\Microsoft.VisualStudio.Shell.Interop.9.0.ni.dll
+ 2009-02-20 16:55:59 1,982,464 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\685e32b0a5a01e5baf136a084af62ea7\Microsoft.VisualStudio.CommonIDE.ni.dll
+ 2009-02-20 16:56:01 942,080 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\696343537bf08bb12a3bf591b77b1e97\Microsoft.VisualStudio.Shell.9.0.ni.dll
+ 2009-02-20 16:56:01 380,928 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\7b3152e2136a724438d3e7c559b89253\Microsoft.VisualStudio.Shell.Interop.8.0.ni.dll
+ 2009-02-20 16:56:00 901,120 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e9c14e394cf9b8a071b431d8618de9c0\Microsoft.VisualStudio.Shell.ni.dll
+ 2009-02-20 16:55:47 155,648 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\81d70fca7aaf82c2890bfc5e1e644d8a\MSBuild.ni.exe
+ 2009-02-20 16:56:06 102,400 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\26e397507b87251fea471bb217afbd0e\System.AddIn.Contract.ni.dll
+ 2009-02-20 16:56:05 696,320 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\9ccfb52d02fb0d9fa007a36904bf6ff0\System.AddIn.ni.dll
+ 2009-02-20 16:53:26 2,347,008 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\4c177c394027f9a0da85a3505b2652f7\System.Core.ni.dll
+ 2009-02-20 16:56:06 184,320 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\8d68b6b50f207e88987467417b230c53\System.Data.DataSetExtensions.ni.dll
+ 2009-02-20 16:53:30 2,588,672 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\b987c33b348d1679f01ef49efab94201\System.Data.Linq.ni.dll
+ 2009-02-20 16:56:07 937,984 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\329dfd8debde991c0ba2cd8cba7746d3\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-02-20 16:56:08 356,352 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\8577eda645bc10a0320a5c51167cc950\System.Management.Instrumentation.ni.dll
+ 2009-02-20 16:56:09 729,088 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\17df725c679fa1953ed2f4916589eca0\System.Net.ni.dll
+ 2009-02-20 16:56:12 1,556,480 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\336c3a204c86960730758874d4b8ba95\System.ServiceModel.Web.ni.dll
+ 2009-02-20 16:56:14 2,416,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\a8a98eb45853f2b3e88a7ae417718101\System.Web.Extensions.ni.dll
+ 2009-02-20 16:56:14 880,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\feb801113de4e3f679a6b38b256523db\System.Web.Extensions.Design.ni.dll
+ 2009-02-20 16:56:16 77,824 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\c79ee0048845878426bf6a48fa5d7708\System.Windows.Presentation.ni.dll
+ 2009-02-20 16:56:18 1,531,904 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\1141e73f795266e186d8305e760dac32\System.WorkflowServices.ni.dll
+ 2009-02-20 16:56:18 458,752 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\688bcbbcc735398955c9b8706780c955\System.Xml.Linq.ni.dll
+ 2009-02-20 16:47:14 962,560 ----a-w c:\windows\assembly\tmp\2HQ09IS1\Microsoft.Windows.Design.Developer.dll
+ 2009-02-20 16:42:28 135,168 ----a-w c:\windows\assembly\tmp\3IS2CMW6\Microsoft.CompactFramework.Design.Model.dll
+ 2009-02-20 16:47:14 188,416 ----a-w c:\windows\assembly\tmp\5FOX6GPY\Microsoft.VisualStudio.Xaml.LanguageService.dll
+ 2009-02-20 16:42:28 73,728 ----a-w c:\windows\assembly\tmp\6LU3DMV5\Microsoft.CompactFramework.Design.SmartPhone2004.dll
+ 2009-02-20 16:47:09 156,728 ----a-w c:\windows\assembly\tmp\6NX7IR2C\Microsoft.Workflow.DebugController.dll
+ 2009-02-20 16:42:43 61,440 ----a-w c:\windows\assembly\tmp\9IR0AJS1\Microsoft.Smartdevice.Connectivity.dll
+ 2009-02-20 16:42:43 323,584 ----a-w c:\windows\assembly\tmp\CS1AJT2B\Microsoft.VisualStudio.OfficeTools.Designer.dll
+ 2009-02-20 16:47:00 110,592 ----a-w c:\windows\assembly\tmp\DS1AKT2B\Microsoft.Windows.Design.Extensibility.dll
+ 2009-02-20 16:42:39 339,968 ----a-w c:\windows\assembly\tmp\DS1BKT2C\Microsoft.VisualStudio.Tools.Office.Designer.Office2007.dll
+ 2009-02-20 16:42:29 184,320 ----a-w c:\windows\assembly\tmp\DU3CLV4D\Microsoft.CompactFramework.Design.WindowsCE.dll
+ 2009-02-20 16:42:38 450,560 ----a-w c:\windows\assembly\tmp\ET2BLU3C\Microsoft.VisualStudio.Tools.Office.ProgrammingModel.dll
+ 2009-02-20 16:46:59 53,248 ----a-w c:\windows\assembly\tmp\ET2CLV5E\WebDev.WebHost.dll
+ 2009-02-20 16:47:13 14,400 ----a-w c:\windows\assembly\tmp\FW5EOX6F\Microsoft.Workflow.ExpressionEvaluation.dll
+ 2009-02-20 16:47:13 99,384 ----a-w c:\windows\assembly\tmp\GQZ8HR0A\Microsoft.VisualStudio.ServiceModel.dll
+ 2009-02-20 16:42:28 159,744 ----a-w c:\windows\assembly\tmp\GW5EOX6F\Microsoft.CompactFramework.Design.SmartPhone.dll
+ 2009-02-20 16:47:09 749,568 ----a-w c:\windows\assembly\tmp\HX6FPY8H\Microsoft.VisualStudio.QualityTools.Resource.dll
+ 2009-02-20 16:42:28 69,632 ----a-w c:\windows\assembly\tmp\IX7GPY7H\Microsoft.CompactFramework.Design.PocketPC2004.dll
+ 2009-02-20 16:42:40 475,136 ----a-w c:\windows\assembly\tmp\IZ8HQ09K\Microsoft.VisualStudio.Tools.Applications.Project.dll
+ 2009-02-20 16:42:39 49,152 ----a-w c:\windows\assembly\tmp\L3CLV5FO\Microsoft.VisualStudio.Tools.Applications.BuildTasks.dll
+ 2009-02-20 16:42:40 94,208 ----a-w c:\windows\assembly\tmp\M1AJT2BK\Microsoft.VisualStudio.Tools.Applications.DesignTime.v9.0.dll
+ 2009-02-20 16:47:13 541,744 ----a-w c:\windows\assembly\tmp\N2BKT3CL\Microsoft.Workflow.VSDesigner.dll
+ 2009-02-20 16:47:14 28,672 ----a-w c:\windows\assembly\tmp\N2BLU3CL\Microsoft.Windows.Design.Host.dll
+ 2009-02-20 16:46:56 73,728 ----a-w c:\windows\assembly\tmp\N7GPZ8HQ\Microsoft.VisualBasic.PowerPacks.Vs.dll
+ 2009-02-20 16:42:28 651,264 ----a-w c:\windows\assembly\tmp\O3CLV4DM\Microsoft.CompactFramework.Design.dll
+ 2009-02-20 16:47:00 159,744 ----a-w c:\windows\assembly\tmp\P3DMV4EN\Microsoft.Windows.Design.Interaction.dll
+ 2009-02-20 16:46:57 8,704 ----a-w c:\windows\assembly\tmp\P4DMV4EN\Microsoft.VisualBasic.PowerPacks.VsPackage.dll
+ 2009-02-20 16:42:39 372,736 ----a-w c:\windows\assembly\tmp\Q5FOX6FP\Microsoft.Office.Tools.Common.v9.0.dll
+ 2009-02-20 16:47:14 1,191,936 ----a-w c:\windows\assembly\tmp\Q5HR1BLV\Microsoft.VisualStudio.Xaml.dll
+ 2009-02-20 16:42:29 49,152 ----a-w c:\windows\assembly\tmp\R6GPY7HQ\Microsoft.VisualStudio.DeviceConnectivity.Interop.9.0.dll
+ 2009-02-20 16:47:12 77,824 ----a-w c:\windows\assembly\tmp\R7HQ1ALV\Microsoft.VisualStudio.QualityTools.UnitTestFramework.dll
+ 2009-02-20 16:42:43 12,800 ----a-w c:\windows\assembly\tmp\T8HR09JS\Microsoft.VisualStudio.Tools.Office.Project.Excel.dll
+ 2009-02-20 16:42:41 303,104 ----a-w c:\windows\assembly\tmp\T9IR09JS\Microsoft.VisualStudio.Tools.Office.Ribbon.dll
+ 2009-02-20 16:42:39 69,632 ----a-w c:\windows\assembly\tmp\TAJS1BKU\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll
+ 2009-02-20 16:42:39 106,496 ----a-w c:\windows\assembly\tmp\U9IR09JS\Microsoft.VisualStudio.Tools.Office.BuildTasks.dll
+ 2009-02-20 16:47:14 737,280 ----a-w c:\windows\assembly\tmp\U9IR0AJS\Microsoft.Windows.Design.Markup.dll
+ 2009-02-20 16:42:43 12,288 ----a-w c:\windows\assembly\tmp\VBKT2CLU\Microsoft.VisualStudio.Tools.Office.Project.Word.dll
+ 2009-02-20 16:42:38 143,360 ----a-w c:\windows\assembly\tmp\VCLV4DNW\Microsoft.VisualStudio.Tools.Applications.ProgrammingModel.dll
+ 2009-02-20 16:42:38 835,584 ----a-w c:\windows\assembly\tmp\WCMV4DNW\Microsoft.CompactFramework.Build.Tasks.dll
+ 2009-02-20 16:47:00 106,496 ----a-w c:\windows\assembly\tmp\Y8HQZ9IR\Microsoft.Windows.Design.dll
+ 2009-02-20 16:42:28 200,704 ----a-w c:\windows\assembly\tmp\ZFOX6GPY\Microsoft.CompactFramework.Design.PocketPC.dll
+ 2009-02-20 16:47:14 164,872 ----a-w c:\windows\assembly\tmp\ZFOY7GPZ\WcfSvcHost.exe
- 2008-11-11 19:00:38 51,200 ----a-w c:\windows\inf\infpub.dat
+ 2009-02-18 02:06:54 51,200 ----a-w c:\windows\inf\infpub.dat
- 2008-11-11 19:00:38 86,016 ----a-w c:\windows\inf\infstor.dat
+ 2009-02-18 02:06:53 86,016 ----a-w c:\windows\inf\infstor.dat
- 2008-11-11 19:00:38 86,016 ----a-w c:\windows\inf\infstrng.dat
+ 2009-02-18 02:06:54 86,016 ----a-w c:\windows\inf\infstrng.dat
+ 2009-02-20 06:32:42 217,864 ----a-r c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2007-11-08 03:02:38 168,448 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2007-11-08 03:02:38 233,976 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2007-11-08 03:02:38 41,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2007-11-08 03:02:38 41,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2007-11-08 03:02:38 28,672 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2007-11-08 03:02:38 1,545,720 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2007-11-08 03:00:02 210,834 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\baseline.dat
+ 2007-11-08 00:26:34 97,280 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\DeleteTemp.exe
+ 2007-11-08 00:26:34 276,472 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\dlmgr.dll
+ 2007-11-08 00:26:34 1,059,328 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\gencomp.dll
+ 2007-11-08 00:26:34 177,152 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\HtmlLite.dll
+ 2007-11-08 00:26:34 269,304 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
+ 2007-11-08 00:26:34 112,128 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1025.dll
+ 2007-11-08 00:26:34 84,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1028.dll
+ 2007-11-08 00:26:34 124,416 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1029.dll
+ 2007-11-08 00:26:34 125,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1030.dll
+ 2007-11-08 00:26:34 129,536 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1031.dll
+ 2007-11-08 00:26:34 136,192 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1032.dll
+ 2007-11-08 00:26:34 120,832 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1035.dll
+ 2007-11-08 00:26:34 132,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1036.dll
+ 2007-11-08 00:26:34 110,080 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1037.dll
+ 2007-11-08 00:26:34 131,072 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1038.dll
+ 2007-11-08 00:26:34 127,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1040.dll
+ 2007-11-08 00:26:34 96,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1041.dll
+ 2007-11-08 00:26:34 93,696 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1042.dll
+ 2007-11-08 00:26:34 127,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1043.dll
+ 2007-11-08 00:26:34 120,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1044.dll
+ 2007-11-08 00:26:34 126,976 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1045.dll
+ 2007-11-08 00:26:34 121,856 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1046.dll
+ 2007-11-08 00:26:34 122,368 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1049.dll
+ 2007-11-08 00:26:34 120,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1053.dll
+ 2007-11-08 00:26:34 119,808 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1055.dll
+ 2007-11-08 00:26:34 83,456 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.2052.dll
+ 2007-11-08 00:26:34 130,048 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.2070.dll
+ 2007-11-08 00:26:34 130,560 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.3082.dll
+ 2007-11-08 00:26:34 109,568 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.dll
+ 2007-11-08 00:26:34 1,361,920 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\SITSetup.dll
+ 2007-11-08 00:26:34 1,045,504 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\vs_setup.dll
+ 2007-11-08 00:26:34 627,712 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\vs70uimgr.dll
+ 2007-11-08 00:26:34 411,136 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\vsbasereqs.dll
+ 2007-11-08 00:26:34 687,104 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\vsscenario.dll
+ 2007-11-08 00:26:34 102,904 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1025.dll
+ 2007-11-08 00:26:34 90,104 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1028.dll
+ 2007-11-08 00:26:34 108,536 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1029.dll
+ 2007-11-08 00:26:34 108,536 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1030.dll
+ 2007-11-08 00:26:34 111,608 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1031.dll
+ 2007-11-08 00:26:34 113,656 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1032.dll
+ 2007-11-08 00:26:34 106,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1035.dll
+ 2007-11-08 00:26:34 112,120 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1036.dll
+ 2007-11-08 00:26:34 101,368 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1037.dll
+ 2007-11-08 00:26:34 111,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1038.dll
+ 2007-11-08 00:26:34 110,072 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1040.dll
+ 2007-11-08 00:26:34 95,736 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1041.dll
+ 2007-11-08 00:26:34 92,664 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1042.dll
+ 2007-11-08 00:26:34 108,536 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1043.dll
+ 2007-11-08 00:26:34 106,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1044.dll
+ 2007-11-08 00:26:34 109,048 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1045.dll
+ 2007-11-08 00:26:34 107,512 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1046.dll
+ 2007-11-08 00:26:34 107,000 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1049.dll
+ 2007-11-08 00:26:34 105,976 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1053.dll
+ 2007-11-08 00:26:34 106,488 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1055.dll
+ 2007-11-08 00:26:34 89,080 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.2052.dll
+ 2007-11-08 00:26:34 110,072 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.2070.dll
+ 2007-11-08 00:26:34 111,096 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.3082.dll
+ 2007-11-08 00:26:34 107,512 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.dll
+ 2007-11-08 00:26:34 982,008 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapUI.dll
+ 2007-11-08 03:02:38 794,624 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2007-11-08 03:02:38 41,984 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2007-11-08 03:02:38 91,136 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2007-11-08 03:02:38 1,710,584 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2007-10-19 10:58:38 182,288 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2007-11-08 03:02:38 71,160 ----a-w c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2009-03-03 19:11:34 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-03-03 19:11:34 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-02-10 18:14:25 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-03-03 19:13:41 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2009-02-10 18:14:25 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-03-03 19:13:41 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-10-07 17:13:20 58,648 ----a-w c:\windows\System32\AgCPanelFrench.dll
+ 2008-10-07 17:13:20 58,648 ----a-w c:\windows\System32\AgCPanelGerman.dll
+ 2008-10-07 17:13:20 58,648 ----a-w c:\windows\System32\AgCPanelJapanese.dll
+ 2008-10-07 17:13:20 58,648 ----a-w c:\windows\System32\AgCPanelKorean.dll
+ 2008-10-07 17:13:20 58,648 ----a-w c:\windows\System32\AgCPanelPortugese.dll
+ 2008-10-07 17:13:20 58,648 ----a-w c:\windows\System32\AgCPanelSimplifiedChinese.dll
+ 2008-10-07 17:13:20 58,648 ----a-w c:\windows\System32\AgCPanelSpanish.dll
+ 2008-10-07 17:13:20 58,648 ----a-w c:\windows\System32\AgCPanelSwedish.dll
+ 2008-10-07 17:13:22 58,648 ----a-w c:\windows\System32\AgCPanelTraditionalChinese.dll
+ 2008-10-07 17:13:18 199,885 ----a-w c:\windows\System32\AGEIA\AG1011\app.bin
+ 2008-10-07 17:13:20 119,473 ----a-w c:\windows\System32\AGEIA\AG1011\diag.bin
+ 2008-10-07 17:13:20 214,629 ----a-w c:\windows\System32\AGEIA\AG1021\app.bin
+ 2008-10-07 17:13:20 116,977 ----a-w c:\windows\System32\AGEIA\AG1021\diag.bin
- 2009-02-10 16:05:40 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-03-02 04:23:21 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-10 16:05:40 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-02 04:23:21 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-10 16:05:40 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-03-02 04:23:21 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-02-10 18:02:11 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2009-03-03 19:07:27 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2006-01-06 17:06:33 573,952 ----a-w c:\windows\System32\DivX.dll
+ 2006-01-06 17:05:30 679,936 ----a-w c:\windows\System32\divx_xx07.dll
+ 2006-01-06 17:05:29 679,936 ----a-w c:\windows\System32\divx_xx0c.dll
+ 2006-01-06 17:05:29 663,552 ----a-w c:\windows\System32\divx_xx11.dll
+ 2006-01-06 17:06:34 778,240 ----a-w c:\windows\System32\DivXsm.exe
+ 2006-01-06 16:34:58 86,016 ----a-w c:\windows\System32\dpl100.dll
+ 2006-01-06 16:34:57 294,912 ----a-w c:\windows\System32\dpu10.dll
+ 2006-01-06 16:34:57 294,912 ----a-w c:\windows\System32\dpu11.dll
+ 2006-01-06 16:34:58 53,248 ----a-w c:\windows\System32\dpuGUI10.dll
+ 2006-01-06 16:34:58 593,920 ----a-w c:\windows\System32\dpuGUI11.dll
+ 2006-01-06 16:34:57 339,968 ----a-w c:\windows\System32\dpus11.dll
+ 2006-01-06 16:34:57 57,344 ----a-w c:\windows\System32\dpv11.dll
- 2008-03-25 02:52:00 7,438,848 ----a-w c:\windows\System32\drivers\nvlddmkm.sys
+ 2009-01-15 16:19:00 7,740,320 ----a-w c:\windows\System32\drivers\nvlddmkm.sys
+ 2009-01-15 16:19:00 795,104 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\dpinst.exe
+ 2009-01-15 16:19:00 663,552 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvapi.dll
+ 2009-01-15 16:19:00 135,168 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvcod.dll
+ 2009-01-15 16:19:00 13,683,232 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvcpl.dll
+ 2009-01-15 16:19:00 801,312 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvcplui.exe
+ 2009-01-15 16:19:00 1,560,576 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvcuda.dll
+ 2009-01-15 16:19:00 6,070,272 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvd3dum.dll
+ 2009-01-15 16:19:00 4,717,088 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvdisps.dll
+ 2009-01-15 16:19:00 3,496,480 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvgames.dll
+ 2009-01-15 16:19:00 7,740,320 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvlddmkm.sys
+ 2009-01-15 16:19:00 236,064 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvmccs.dll
+ 2009-01-15 16:19:00 45,056 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvmccsrs.dll
+ 2009-01-15 16:19:00 195,104 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvmccss.dll
+ 2009-01-15 16:19:00 92,704 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvmctray.dll
+ 2009-01-15 16:19:00 1,292,832 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvmobls.dll
+ 2009-01-15 16:19:00 9,617,408 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvoglv32.dll
+ 2009-01-15 16:19:00 641,568 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvsvc.dll
+ 2009-01-15 16:19:00 1,286,144 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvsvs.dll
+ 2009-01-15 16:19:00 453,152 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvudisp.exe
+ 2009-01-15 16:19:00 3,803,680 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvvitvs.dll
+ 2009-01-15 16:19:00 207,392 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvvsvc.exe
+ 2009-01-15 16:19:00 2,731,008 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvwgf2um.dll
+ 2009-01-15 16:19:00 2,751,008 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_2e303a96\nvwss.dll
+ 2006-01-06 16:34:58 200,704 ----a-w c:\windows\System32\dtu100.dll
- 2006-10-26 22:10:08 1,190,688 ----a-w c:\windows\System32\FM20.DLL
+ 2007-10-08 13:38:36 1,195,888 ----a-w c:\windows\System32\FM20.DLL
- 2008-12-02 18:11:58 380,832 ----a-w c:\windows\System32\FNTCACHE.DAT
+ 2009-02-20 16:50:43 381,632 ----a-w c:\windows\System32\FNTCACHE.DAT
- 2008-10-16 04:47:29 6,068,736 ----a-w c:\windows\System32\ieframe.dll
+ 2009-01-15 06:07:53 6,069,248 ----a-w c:\windows\System32\ieframe.dll
- 2008-10-16 04:47:29 270,336 ----a-w c:\windows\System32\iertutil.dll
+ 2009-01-15 06:07:53 270,336 ----a-w c:\windows\System32\iertutil.dll
- 2008-10-16 04:47:30 28,160 ----a-w c:\windows\System32\jsproxy.dll
+ 2009-01-15 06:08:05 28,160 ----a-w c:\windows\System32\jsproxy.dll
+ 2006-01-06 16:17:35 1,044,480 ----a-w c:\windows\System32\libdivx.dll
- 2009-01-10 01:35:28 20,853,704 ----a-w c:\windows\System32\mrt.exe
+ 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\System32\mrt.exe
- 2008-01-21 02:33:42 458,240 ----a-w c:\windows\System32\msfeeds.dll
+ 2009-01-15 06:08:34 458,240 ----a-w c:\windows\System32\msfeeds.dll
- 2008-12-12 05:52:52 3,578,880 ----a-w c:\windows\System32\mshtml.dll
+ 2009-01-15 06:08:35 3,580,416 ----a-w c:\windows\System32\mshtml.dll
- 2008-10-16 04:47:32 671,232 ----a-w c:\windows\System32\mstime.dll
+ 2009-01-15 06:08:50 671,232 ----a-w c:\windows\System32\mstime.dll
- 2008-03-25 02:52:00 425,984 ----a-w c:\windows\System32\nvapi.dll
+ 2009-01-15 16:19:00 663,552 ----a-w c:\windows\System32\nvapi.dll
- 2008-03-25 02:52:00 35,840 ----a-w c:\windows\System32\nvcod.dll
+ 2009-01-15 16:19:00 135,168 ----a-w c:\windows\System32\nvcod.dll
+ 2009-01-15 16:19:00 135,168 ----a-w c:\windows\System32\nvcod137.dll
- 2008-03-25 02:52:00 13,531,680 ----a-w c:\windows\System32\nvcpl.dll
+ 2009-01-15 16:19:00 13,683,232 ----a-w c:\windows\System32\nvcpl.dll
- 2008-03-25 02:52:00 764,448 ----a-w c:\windows\System32\nvcplui.exe
+ 2009-01-15 16:19:00 801,312 ----a-w c:\windows\System32\nvcplui.exe
+ 2009-01-15 16:19:00 1,560,576 ----a-w c:\windows\System32\nvcuda.dll
- 2008-03-25 02:52:00 5,537,792 ----a-w c:\windows\System32\nvd3dum.dll
+ 2009-01-15 16:19:00 6,070,272 ----a-w c:\windows\System32\nvd3dum.dll
- 2008-03-25 02:52:00 6,588,960 ----a-w c:\windows\System32\nvdisps.dll
+ 2009-01-15 16:19:00 4,717,088 ----a-w c:\windows\System32\nvdisps.dll
- 2008-03-25 02:52:00 3,476,000 ----a-w c:\windows\System32\nvgames.dll
+ 2009-01-15 16:19:00 3,496,480 ----a-w c:\windows\System32\nvgames.dll
- 2008-03-25 02:52:00 236,064 ----a-w c:\windows\System32\nvmccs.dll
+ 2009-01-15 16:19:00 236,064 ----a-w c:\windows\System32\nvmccs.dll
- 2008-03-25 02:52:00 45,056 ----a-w c:\windows\System32\nvmccsrs.dll
+ 2009-01-15 16:19:00 45,056 ----a-w c:\windows\System32\nvmccsrs.dll
- 2008-03-25 02:52:00 195,104 ----a-w c:\windows\System32\nvmccss.dll
+ 2009-01-15 16:19:00 195,104 ----a-w c:\windows\System32\nvmccss.dll
- 2008-03-25 02:52:00 92,704 ----a-w c:\windows\System32\nvmctray.dll
+ 2009-01-15 16:19:00 92,704 ----a-w c:\windows\System32\nvmctray.dll
- 2008-03-25 02:52:00 1,264,160 ----a-w c:\windows\System32\nvmobls.dll
+ 2009-01-15 16:19:00 1,292,832 ----a-w c:\windows\System32\nvmobls.dll
- 2008-03-25 02:52:00 8,949,760 ----a-w c:\windows\System32\nvoglv32.dll
+ 2009-01-15 16:19:00 9,617,408 ----a-w c:\windows\System32\nvoglv32.dll
- 2008-03-25 02:52:00 219,680 ----a-w c:\windows\System32\nvsvc.dll
+ 2009-01-15 16:19:00 641,568 ----a-w c:\windows\System32\nvsvc.dll
+ 2009-01-15 16:19:00 1,286,144 ----a-w c:\windows\System32\nvsvs.dll
- 2008-03-25 02:52:00 442,368 ----a-w c:\windows\System32\nvudisp.exe
+ 2009-01-15 16:19:00 453,152 ----a-w c:\windows\System32\nvudisp.exe
- 2008-03-25 02:52:00 3,783,200 ----a-w c:\windows\System32\nvvitvs.dll
+ 2009-01-15 16:19:00 3,803,680 ----a-w c:\windows\System32\nvvitvs.dll
- 2008-03-25 02:52:00 118,784 ----a-w c:\windows\System32\nvvsvc.exe
+ 2009-01-15 16:19:00 207,392 ----a-w c:\windows\System32\nvvsvc.exe
- 2008-03-25 02:52:00 2,213,888 ----a-w c:\windows\System32\nvwgf2um.dll
+ 2009-01-15 16:19:00 2,731,008 ----a-w c:\windows\System32\nvwgf2um.dll
- 2008-03-25 02:52:00 2,636,320 ----a-w c:\windows\System32\nvwss.dll
+ 2009-01-15 16:19:00 2,751,008 ----a-w c:\windows\System32\nvwss.dll
- 2009-02-10 18:12:23 105,170 ----a-w c:\windows\System32\perfc009.dat
+ 2009-02-28 12:34:39 105,170 ----a-w c:\windows\System32\perfc009.dat
- 2009-02-10 18:12:23 604,214 ----a-w c:\windows\System32\perfh009.dat
+ 2009-02-28 12:34:39 604,214 ----a-w c:\windows\System32\perfh009.dat
+ 2008-11-25 16:38:10 288,024 ----a-w c:\windows\System32\PhysXCompatCplUI.exe
+ 2008-11-26 16:55:02 288,024 ----a-w c:\windows\System32\PhysXCplUI.exe
+ 2008-10-07 17:13:30 197,912 ----a-w c:\windows\System32\physxcudart_20.dll
+ 2006-01-06 16:52:42 372,736 ------w c:\windows\System32\px.dll
+ 2006-01-06 16:52:42 56,832 ------w c:\windows\System32\pxcpya64.exe
+ 2006-01-06 16:52:43 421,888 ------w c:\windows\System32\pxdrv.dll
+ 2006-01-06 16:52:42 61,440 ------w c:\windows\System32\pxhpinst.exe
+ 2006-01-06 16:52:42 56,320 ------w c:\windows\System32\pxinsa64.exe
+ 2006-01-06 16:52:43 172,032 ------w c:\windows\System32\pxmas.dll
+ 2006-01-06 16:52:42 339,968 ------w c:\windows\System32\pxwave.dll
+ 2006-01-06 16:34:58 3,596,288 ----a-w c:\windows\System32\qt-dx331.dll
- 2009-01-16 00:03:29 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-02-24 20:19:39 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-02-24 20:19:39 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\schema.dat_previous
+ 2006-01-06 16:17:35 200,704 ----a-w c:\windows\System32\ssldivx.dll
- 2004-12-07 17:11:34 258,352 ----a-w c:\windows\System32\unicows.dll
+ 2006-01-06 05:48:01 245,408 ----a-w c:\windows\System32\unicows.dll
- 2008-10-16 04:47:34 1,166,336 ----a-w c:\windows\System32\urlmon.dll
+ 2009-01-15 06:11:05 1,166,336 ----a-w c:\windows\System32\urlmon.dll
+ 2006-01-06 16:52:42 28,672 ------w c:\windows\System32\vxblock.dll
- 2009-02-10 18:09:20 11,140 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-987608043-2537006508-763268719-1000_UserData.bin
+ 2009-03-03 19:05:53 12,466 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-987608043-2537006508-763268719-1000_UserData.bin
- 2009-02-10 18:09:20 81,568 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-03-03 19:05:53 82,524 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-10 18:12:28 4,078 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-02-26 04:41:46 4,078 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2009-02-10 18:09:19 55,318 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-03-03 19:05:52 56,864 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-11-11 02:42:32 255,794 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-02-26 04:39:03 260,680 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-02-20 16:42:23 2,372,088 ----a-w c:\windows\winsxs\InstallTemp\20090220084217593.0\mfc90d.dll
+ 2009-02-20 16:42:24 2,399,744 ----a-w c:\windows\winsxs\InstallTemp\20090220084217593.0\mfc90ud.dll
+ 2009-02-20 16:42:24 80,896 ----a-w c:\windows\winsxs\InstallTemp\20090220084217593.0\mfcm90d.dll
+ 2009-02-20 16:42:24 80,896 ----a-w c:\windows\winsxs\InstallTemp\20090220084217593.0\mfcm90ud.dll
+ 2009-02-20 16:42:19 1,156,600 ----a-w c:\windows\winsxs\InstallTemp\20090220084217943.0\mfc90.dll
+ 2009-02-20 16:42:19 1,162,744 ----a-w c:\windows\winsxs\InstallTemp\20090220084217943.0\mfc90u.dll
+ 2009-02-20 16:42:19 59,904 ----a-w c:\windows\winsxs\InstallTemp\20090220084217943.0\mfcm90.dll
+ 2009-02-20 16:42:19 59,904 ----a-w c:\windows\winsxs\InstallTemp\20090220084217943.0\mfcm90u.dll
+ 2009-02-20 16:42:22 41,472 ----a-w c:\windows\winsxs\InstallTemp\20090220084222001.0\mfc90chs.dll
+ 2009-02-20 16:42:23 41,984 ----a-w c:\windows\winsxs\InstallTemp\20090220084222001.0\mfc90cht.dll
+ 2009-02-20 16:42:23 60,928 ----a-w c:\windows\winsxs\InstallTemp\20090220084222001.0\mfc90deu.dll
+ 2009-02-20 16:42:23 54,272 ----a-w c:\windows\winsxs\InstallTemp\20090220084222001.0\mfc90enu.dll
+ 2009-02-20 16:42:23 59,392 ----a-w c:\windows\winsxs\InstallTemp\20090220084222001.0\mfc90esn.dll
+ 2009-02-20 16:42:24 59,392 ----a-w c:\windows\winsxs\InstallTemp\20090220084222001.0\mfc90esp.dll
+ 2009-02-20 16:42:24 60,416 ----a-w c:\windows\winsxs\InstallTemp\20090220084222001.0\mfc90fra.dll
+ 2009-02-20 16:42:24 59,392 ----a-w c:\windows\winsxs\InstallTemp\20090220084222001.0\mfc90ita.dll
+ 2009-02-20 16:42:24 47,104 ----a-w c:\windows\winsxs\InstallTemp\20090220084222001.0\mfc90jpn.dll
+ 2009-02-20 16:42:24 46,592 ----a-w c:\windows\winsxs\InstallTemp\20090220084222001.0\mfc90kor.dll
+ 2009-02-20 16:43:24 91,648 ----a-w c:\windows\winsxs\InstallTemp\20090220084320684.0\vcomp90d.dll
+ 2009-02-20 16:43:24 54,272 ----a-w c:\windows\winsxs\InstallTemp\20090220084320871.0\vcomp90.dll
+ 2009-02-20 16:45:32 179,704 ----a-w c:\windows\winsxs\InstallTemp\20090220084532829.0\atl90.dll
+ 2009-02-20 16:45:41 245,248 ----a-w c:\windows\winsxs\InstallTemp\20090220084533349.0\msvcm90.dll
+ 2009-02-20 16:45:41 851,456 ----a-w c:\windows\winsxs\InstallTemp\20090220084533349.0\msvcp90.dll
+ 2009-02-20 16:45:42 627,200 ----a-w c:\windows\winsxs\InstallTemp\20090220084533349.0\msvcr90.dll
+ 2009-02-20 16:45:41 332,800 ----a-w c:\windows\winsxs\InstallTemp\20090220084533458.0\msvcm90d.dll
+ 2009-02-20 16:45:42 1,117,184 ----a-w c:\windows\winsxs\InstallTemp\20090220084533458.0\msvcp90d.dll
+ 2009-02-20 16:45:42 1,352,704 ----a-w c:\windows\winsxs\InstallTemp\20090220084533458.0\msvcr90d.dll
+ 2009-02-20 16:45:38 2,946,552 ----a-w c:\windows\winsxs\InstallTemp\20090220084533565.0\mfc90d.dll
+ 2009-02-20 16:45:40 2,973,696 ----a-w c:\windows\winsxs\InstallTemp\20090220084533565.0\mfc90ud.dll
+ 2009-02-20 16:45:40 93,184 ----a-w c:\windows\winsxs\InstallTemp\20090220084533565.0\mfcm90d.dll
+ 2009-02-20 16:45:41 93,696 ----a-w c:\windows\winsxs\InstallTemp\20090220084533565.0\mfcm90ud.dll
+ 2009-02-20 16:45:43 108,032 ----a-w c:\windows\winsxs\InstallTemp\20090220084533674.0\vcomp90d.dll
+ 2009-02-20 16:45:38 1,671,160 ----a-w c:\windows\winsxs\InstallTemp\20090220084533789.0\mfc90.dll
+ 2009-02-20 16:45:40 1,679,864 ----a-w c:\windows\winsxs\InstallTemp\20090220084533789.0\mfc90u.dll
+ 2009-02-20 16:45:40 67,072 ----a-w c:\windows\winsxs\InstallTemp\20090220084533789.0\mfcm90.dll
+ 2009-02-20 16:45:40 67,072 ----a-w c:\windows\winsxs\InstallTemp\20090220084533789.0\mfcm90u.dll
+ 2009-02-20 16:45:38 41,472 ----a-w c:\windows\winsxs\InstallTemp\20090220084535549.0\mfc90chs.dll
+ 2009-02-20 16:45:38 41,984 ----a-w c:\windows\winsxs\InstallTemp\20090220084535549.0\mfc90cht.dll
+ 2009-02-20 16:45:39 60,928 ----a-w c:\windows\winsxs\InstallTemp\20090220084535549.0\mfc90deu.dll
+ 2009-02-20 16:45:39 54,272 ----a-w c:\windows\winsxs\InstallTemp\20090220084535549.0\mfc90enu.dll
+ 2009-02-20 16:45:39 59,392 ----a-w c:\windows\winsxs\InstallTemp\20090220084535549.0\mfc90esn.dll
+ 2009-02-20 16:45:39 59,392 ----a-w c:\windows\winsxs\InstallTemp\20090220084535549.0\mfc90esp.dll
+ 2009-02-20 16:45:39 60,416 ----a-w c:\windows\winsxs\InstallTemp\20090220084535549.0\mfc90fra.dll
+ 2009-02-20 16:45:39 59,392 ----a-w c:\windows\winsxs\InstallTemp\20090220084535549.0\mfc90ita.dll
+ 2009-02-20 16:45:39 47,104 ----a-w c:\windows\winsxs\InstallTemp\20090220084535549.0\mfc90jpn.dll
+ 2009-02-20 16:45:39 46,592 ----a-w c:\windows\winsxs\InstallTemp\20090220084535549.0\mfc90kor.dll
+ 2009-02-20 16:45:43 59,904 ----a-w c:\windows\winsxs\InstallTemp\20090220084535652.0\vcomp90.dll
+ 2009-02-20 16:46:32 3,624,440 ----a-w c:\windows\winsxs\InstallTemp\20090220084630988.0\mfc90.dll
+ 2009-02-20 16:46:34 3,631,096 ----a-w c:\windows\winsxs\InstallTemp\20090220084630988.0\mfc90u.dll
+ 2009-02-20 16:46:34 93,184 ----a-w c:\windows\winsxs\InstallTemp\20090220084630988.0\mfcm90.dll
+ 2009-02-20 16:46:35 93,184 ----a-w c:\windows\winsxs\InstallTemp\20090220084630988.0\mfcm90u.dll
+ 2009-02-20 16:46:32 41,472 ----a-w c:\windows\winsxs\InstallTemp\20090220084631512.0\mfc90chs.dll
+ 2009-02-20 16:46:33 41,984 ----a-w c:\windows\winsxs\InstallTemp\20090220084631512.0\mfc90cht.dll
+ 2009-02-20 16:46:33 60,928 ----a-w c:\windows\winsxs\InstallTemp\20090220084631512.0\mfc90deu.dll
+ 2009-02-20 16:46:33 54,272 ----a-w c:\windows\winsxs\InstallTemp\20090220084631512.0\mfc90enu.dll
+ 2009-02-20 16:46:33 59,392 ----a-w c:\windows\winsxs\InstallTemp\20090220084631512.0\mfc90esn.dll
+ 2009-02-20 16:46:33 59,392 ----a-w c:\windows\winsxs\InstallTemp\20090220084631512.0\mfc90esp.dll
+ 2009-02-20 16:46:33 60,416 ----a-w c:\windows\winsxs\InstallTemp\20090220084631512.0\mfc90fra.dll
+ 2009-02-20 16:46:34 59,392 ----a-w c:\windows\winsxs\InstallTemp\20090220084631512.0\mfc90ita.dll
+ 2009-02-20 16:46:34 47,104 ----a-w c:\windows\winsxs\InstallTemp\20090220084631512.0\mfc90jpn.dll
+ 2009-02-20 16:46:34 46,592 ----a-w c:\windows\winsxs\InstallTemp\20090220084631512.0\mfc90kor.dll
- 2009-01-14 16:39:43 113,580,431 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2009-02-24 20:19:06 121,120,488 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2009-01-15 04:15:58 124,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16809_none_a9ee2d39f5a1db5c\advpack.dll
+ 2009-01-15 04:14:44 124,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20996_none_aa1379db0f0b2a9a\advpack.dll
+ 2009-01-15 04:16:02 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16809_none_ebe936e9163ac15b\pngfilt.dll
+ 2009-01-15 04:18:35 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20996_none_ec0e838a2fa41099\pngfilt.dll
+ 2009-01-15 04:16:03 1,160,192 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16809_none_b305df9bd99b38bf\urlmon.dll
+ 2009-01-15 04:19:06 1,163,264 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20996_none_b32b2c3cf30487fd\urlmon.dll
+ 2009-01-15 06:11:05 1,166,336 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18203_none_b4e61c85d6c731a6\urlmon.dll
+ 2009-01-16 04:59:50 1,166,848 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22355_none_b53baa48f00b8fd3\urlmon.dll
+ 2009-01-15 04:16:01 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16809_none_dee86e647f43f82e\mstime.dll
+ 2009-01-15 04:17:12 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.20996_none_df0dbb0598ad476c\mstime.dll
+ 2009-01-15 06:08:50 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18203_none_e0c8ab4e7c6ff115\mstime.dll
+ 2009-01-16 04:57:07 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22355_none_e11e391195b44f42\mstime.dll
+ 2009-01-15 04:16:00 27,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\jsproxy.dll
+ 2009-01-15 04:16:03 826,368 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll
+ 2009-01-15 04:16:03 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\WininetPlugin.dll
+ 2009-01-15 04:16:04 27,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\jsproxy.dll
+ 2009-01-15 04:19:13 827,904 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
+ 2009-01-15 04:19:13 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\WininetPlugin.dll
+ 2009-01-15 06:08:05 28,160 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\jsproxy.dll
+ 2009-01-15 06:11:16 827,392 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
+ 2008-02-22 05:01:41 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\WininetPlugin.dll
+ 2009-01-16 04:56:01 28,160 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\jsproxy.dll
+ 2009-01-16 05:00:04 827,904 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
+ 2009-01-16 05:00:04 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\WininetPlugin.dll
+ 2008-01-21 02:34:01 2,455,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16809_none_f9b4de176e8fd9a5\ieapfltr.dat
+ 2009-01-15 04:16:00 383,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16809_none_f9b4de176e8fd9a5\ieapfltr.dll
+ 2008-01-21 02:34:01 2,455,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20996_none_f9da2ab887f928e3\ieapfltr.dat
+ 2009-01-15 04:15:42 380,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20996_none_f9da2ab887f928e3\ieapfltr.dll
+ 2009-01-15 04:15:59 347,136 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16809_none_95e916cf84755fd3\dxtmsft.dll
+ 2009-01-15 04:15:59 214,528 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16809_none_95e916cf84755fd3\dxtrans.dll
+ 2009-01-15 04:15:22 347,136 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20996_none_960e63709ddeaf11\dxtmsft.dll
+ 2009-01-15 04:15:22 214,528 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20996_none_960e63709ddeaf11\dxtrans.dll
+ 2009-01-15 04:16:00 459,264 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.16809_none_5e09520c3d47b20a\msfeeds.dll
+ 2009-01-15 04:16:41 459,264 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.20996_none_5e2e9ead56b10148\msfeeds.dll
+ 2009-01-15 06:08:34 458,240 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.18203_none_5fe98ef63a73aaf1\msfeeds.dll
+ 2009-01-16 04:56:39 458,240 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.22355_none_603f1cb953b8091e\msfeeds.dll
+ 2009-01-15 04:16:00 477,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16809_none_464bb12746361260\mshtmled.dll
+ 2009-01-15 04:16:46 477,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20996_none_4670fdc85f9f619e\mshtmled.dll
+ 2009-01-15 04:16:00 3,594,752 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16809_none_1165da5c24fac888\mshtml.dll
+ 2009-01-15 04:16:45 3,596,288 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20996_none_118b26fd3e6417c6\mshtml.dll
+ 2009-01-15 06:08:35 3,580,416 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18203_none_134617462226c16f\mshtml.dll
+ 2009-01-16 04:56:43 3,580,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22355_none_139ba5093b6b1f9c\mshtml.dll
+ 2009-01-15 04:16:00 63,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.16809_none_58be4726670f5491\icardie.dll
+ 2009-01-15 04:15:42 63,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.20996_none_58e393c78078a3cf\icardie.dll
+ 2009-01-15 04:15:30 26,624 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\ieUnatt.exe
+ 2009-01-15 04:14:36 634,024 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\iexplore.exe
+ 2009-01-15 02:05:46 26,624 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\ieUnatt.exe
+ 2009-01-15 04:18:47 634,024 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\iexplore.exe
+ 2009-01-15 04:16:00 267,776 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16809_none_45c672198f557daf\iertutil.dll
+ 2009-01-15 04:16:02 134,144 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16809_none_45c672198f557daf\sqmapi.dll
+ 2009-01-15 04:15:44 267,776 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.20996_none_45ebbebaa8becced\iertutil.dll
+ 2009-01-15 04:18:57 134,144 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.20996_none_45ebbebaa8becced\sqmapi.dll
+ 2009-01-15 06:07:53 270,336 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18203_none_47a6af038c817696\iertutil.dll
+ 2008-01-21 02:34:16 129,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18203_none_47a6af038c817696\sqmapi.dll
+ 2009-01-16 04:55:51 270,848 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22355_none_47fc3cc6a5c5d4c3\iertutil.dll
+ 2009-01-16 04:59:31 129,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22355_none_47fc3cc6a5c5d4c3\sqmapi.dll
+ 2009-01-15 04:15:30 70,656 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16809_none_c3f37ce4614a96da\ie4uinit.exe
+ 2009-01-15 04:16:00 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16809_none_c3f37ce4614a96da\iernonce.dll
+ 2009-01-15 04:16:00 56,320 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16809_none_c3f37ce4614a96da\iesetup.dll
+ 2009-01-15 02:05:40 70,656 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20996_none_c418c9857ab3e618\ie4uinit.exe
+ 2009-01-15 04:15:44 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20996_none_c418c9857ab3e618\iernonce.dll
+ 2009-01-15 04:15:44 56,320 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20996_none_c418c9857ab3e618\iesetup.dll
+ 2009-01-15 04:16:00 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16809_none_2a18935467fa6c37\iebrshim.dll
+ 2009-01-15 04:15:42 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20996_none_2a3ddff58163bb75\iebrshim.dll
+ 2009-01-15 04:16:00 6,066,688 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16809_none_62c5345fb0f056b5\ieframe.dll
+ 2009-01-15 04:16:00 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16809_none_62c5345fb0f056b5\ieui.dll
+ 2009-01-15 04:15:44 6,068,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20996_none_62ea8100ca59a5f3\ieframe.dll
+ 2009-01-15 04:15:44 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20996_none_62ea8100ca59a5f3\ieui.dll
+ 2009-01-15 06:07:53 6,069,248 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18203_none_64a57149ae1c4f9c\ieframe.dll
+ 2008-01-21 02:34:25 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18203_none_64a57149ae1c4f9c\ieui.dll
+ 2009-01-16 04:55:51 6,070,784 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22355_none_64faff0cc760adc9\ieframe.dll
+ 2009-01-16 04:55:51 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22355_none_64faff0cc760adc9\ieui.dll
+ 2009-01-15 04:15:30 263,168 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16809_none_e6bea0de9473aaed\ieinstal.exe
+ 2009-01-15 02:05:59 263,168 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20996_none_e6e3ed7faddcfa2b\ieinstal.exe
+ 2009-01-15 04:15:30 301,568 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16809_none_0b66d5fad6ee6a9f\ieuser.exe
+ 2009-01-15 02:06:01 301,568 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20996_none_0b8c229bf057b9dd\ieuser.exe
+ 2009-01-09 23:21:31 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16808_none_f0a9e19a6e4c873c\OESpamFilter.dat
+ 2009-01-08 23:21:51 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.20995_none_f0cf2e3b87b5d67a\OESpamFilter.dat
+ 2009-01-08 23:21:09 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18202_none_f28a1e846b788023\OESpamFilter.dat
+ 2009-01-08 23:21:04 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22353_none_f2deabfd84bdc4f9\OESpamFilter.dat
+ 2009-02-20 06:29:32 161,784 ----a-w c:\windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_bdf22a22ab9e15d5\ATL90.dll
+ 2009-02-20 06:29:36 224,768 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcm90.dll
+ 2009-02-20 06:29:36 568,832 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll
+ 2009-02-20 06:29:35 655,872 ----a-w c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll
+ 2009-02-20 16:48:33 311,808 ----a-w c:\windows\winsxs\x86_microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.21022.8_none_96748342450f6aa2\msvcm90d.dll
+ 2009-02-20 16:48:33 868,864 ----a-w c:\windows\winsxs\x86_microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.21022.8_none_96748342450f6aa2\msvcp90d.dll
+ 2009-02-20 16:48:33 1,180,672 ----a-w c:\windows\winsxs\x86_microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.21022.8_none_96748342450f6aa2\msvcr90d.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-20 202240]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-02-06 3572984]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-20 c:\windows\System32\oobefldr.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-06-05 1261568]
"SoundTray"="c:\program files\Analog Devices\SoundMAX\SoundTray.exe" [2007-05-21 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 144784]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-28 1601304]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"MRT"="c:\windows\system32\MRT.exe" [2009-02-03 21244864]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13683232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 92704]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{6EDD6F1D-0FA5-49EB-9C2C-D52E1E8490EC}c:\\program files\\steam\\steamapps\\dosdaplace7\\team fortress 2\\hl2.exe"= UDP:c:\program files\steam\steamapps\dosdaplace7\team fortress 2\hl2.exe:hl2
"UDP Query User{11CD9327-8474-43BC-8B1F-4ED5E78550A7}c:\\program files\\steam\\steamapps\\dosdaplace7\\team fortress 2\\hl2.exe"= TCP:c:\program files\steam\steamapps\dosdaplace7\team fortress 2\hl2.exe:hl2
"TCP Query User{35D82BD2-91E8-4232-A1BF-9DB64615797F}c:\\program files\\steam\\steamapps\\dosdaplace7\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\dosdaplace7\counter-strike source\hl2.exe:hl2
"UDP Query User{81DDCA83-2EB8-4C92-8149-1B260114B28F}c:\\program files\\steam\\steamapps\\dosdaplace7\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\dosdaplace7\counter-strike source\hl2.exe:hl2
"TCP Query User{F69B3EA3-824F-4D6D-88AE-6D2D738AC959}c:\\program files\\steam\\steamapps\\dosdaplace7\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\dosdaplace7\counter-strike source\hl2.exe:hl2
"UDP Query User{34AC868B-A8D4-4BCE-9B56-4C4415176075}c:\\program files\\steam\\steamapps\\dosdaplace7\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\dosdaplace7\counter-strike source\hl2.exe:hl2
"TCP Query User{88BEF903-650C-4590-921D-A878C0EAEE97}c:\\program files\\steam\\steamapps\\dosdaplace7\\team fortress 2\\hl2.exe"= UDP:c:\program files\steam\steamapps\dosdaplace7\team fortress 2\hl2.exe:hl2
"UDP Query User{7D3008DB-F6FD-4E7E-A242-4F8A6F0482C1}c:\\program files\\steam\\steamapps\\dosdaplace7\\team fortress 2\\hl2.exe"= TCP:c:\program files\steam\steamapps\dosdaplace7\team fortress 2\hl2.exe:hl2
"TCP Query User{D65C0AA8-AFC3-479A-B418-C30DEBB715FE}c:\\program files\\steam\\steamapps\\dosdaplace7\\source sdk base\\hl2.exe"= UDP:c:\program files\steam\steamapps\dosdaplace7\source sdk base\hl2.exe:hl2
"UDP Query User{47DD9967-D18A-4989-95AC-EAA73588016A}c:\\program files\\steam\\steamapps\\dosdaplace7\\source sdk base\\hl2.exe"= TCP:c:\program files\steam\steamapps\dosdaplace7\source sdk base\hl2.exe:hl2
"TCP Query User{237FCCD5-284A-4A6D-902A-B78A012BB1E9}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{4EDC86F7-62B0-43B1-B5AE-9000F8E16494}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{337A4B1F-1BBC-4A5C-846C-128A665F6198}c:\\program files\\thq\\company of heroes\\reliccoh.exe"= UDP:c:\program files\thq\company of heroes\reliccoh.exe:RelicCOH
"UDP Query User{8D17CD53-2DD5-4462-BC99-A3CD0E34A8EE}c:\\program files\\thq\\company of heroes\\reliccoh.exe"= TCP:c:\program files\thq\company of heroes\reliccoh.exe:RelicCOH
"{943779FC-2B86-4BA5-954A-CC028376B627}"= UDP:c:\program files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{970F7159-4780-491A-92FF-C79BF5BA2768}"= TCP:c:\program files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{5E5387F0-A44C-4030-98E1-6B8B1494C20F}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{830B74C2-B1B5-4928-A96B-DEE303737C91}"= TCP:c:\program files\DNA\btdna.exe:DNA
"{F9703490-5F72-480B-BBCC-39A939621B9E}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{2C4135D2-65BA-4F18-BC7A-22DDF72F5F7F}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{0D90456C-918A-46D8-97B8-89F68D9E9979}c:\\users\\steve\\program files\\dna\\btdna.exe"= UDP:c:\users\steve\program files\dna\btdna.exe:btdna.exe
"UDP Query User{F550A65B-ECA3-42A3-8971-F7052D0682B1}c:\\users\\steve\\program files\\dna\\btdna.exe"= TCP:c:\users\steve\program files\dna\btdna.exe:btdna.exe
"TCP Query User{7C59B802-33CF-4B02-A769-D7E8180040EF}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{7050C388-3242-4349-AA7B-D3C03E472A0C}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{960D9F87-D4A4-4540-AE14-5F1F940B3752}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{D47C7A14-9905-49BB-B870-CB9BA65987EB}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{CE3DCF33-1CB7-4682-8185-18D0FD8EA477}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"{1E257C38-61A9-40D4-A39E-4B5F2B7A0A14}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{C7018113-09C2-43E6-8703-A8274232B62C}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{730379EA-027C-4D59-8D18-64D82638DA75}"= UDP:c:\program files\AIM6\aim6.exe:AIM
"{25E28ADC-2209-4539-8150-D738ECBE0E05}"= TCP:c:\program files\AIM6\aim6.exe:AIM
"TCP Query User{FBB1921C-D7D9-4636-998E-76FA7D5C1850}c:\\program files\\ccp\\eve\\bin\\exefile.exe"= UDP:c:\program files\ccp\eve\bin\exefile.exe:CCP ExeFile
"UDP Query User{E9E5EB39-49EE-410A-9B62-1E2497FDB48D}c:\\program files\\ccp\\eve\\bin\\exefile.exe"= TCP:c:\program files\ccp\eve\bin\exefile.exe:CCP ExeFile
"TCP Query User{D8717E91-76FD-4DD9-B70B-2343BC54A8DE}c:\\users\\steve\\desktop\\wotlk_intro_en.avi-downloader.exe"= UDP:c:\users\steve\desktop\wotlk_intro_en.avi-downloader.exe:wotlk_intro_en.avi-downloader.exe
"UDP Query User{D77F6B49-D8DC-40BD-B97B-37804BD4E1B5}c:\\users\\steve\\desktop\\wotlk_intro_en.avi-downloader.exe"= TCP:c:\users\steve\desktop\wotlk_intro_en.avi-downloader.exe:wotlk_intro_en.avi-downloader.exe
"TCP Query User{48A33046-E630-4EF9-BAC2-65039A898141}c:\\program files\\steam\\steamapps\\dosdaplace7\\day of defeat source\\hl2.exe"= UDP:c:\program files\steam\steamapps\dosdaplace7\day of defeat source\hl2.exe:hl2
"UDP Query User{D73BA953-6510-4E3B-8B25-0D448CF75A92}c:\\program files\\steam\\steamapps\\dosdaplace7\\day of defeat source\\hl2.exe"= TCP:c:\program files\steam\steamapps\dosdaplace7\day of defeat source\hl2.exe:hl2
"{033119F5-E3B9-4A4A-8C9F-7593F1E91FB3}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{70AFA893-8AC7-4052-84C6-403F52BC0576}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{B925D189-C21F-49B6-B69F-29EC09D14B0F}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{CB60A031-02C8-450E-BDA4-D85F1972FE6B}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{5338A1AD-9FFA-4668-BBAE-5B9C0753424C}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{0B9783E9-36DA-48CC-B2A8-E2BBFB7CD77C}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{2483366D-1FE5-4622-B9F6-8354F5888495}c:\\program files\\steam\\steamapps\\coganatior\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\coganatior\counter-strike source\hl2.exe:hl2
"UDP Query User{7B7B883C-8F33-42BA-B0BC-D0FDB85CE2EC}c:\\program files\\steam\\steamapps\\coganatior\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\coganatior\counter-strike source\hl2.exe:hl2
"TCP Query User{EAAB3D0E-B212-4908-9017-4B7867AFAB7F}c:\\users\\steve\\desktop\\wow-2.4.2.8278-to-0.4.3.8478-enus-downloader.exe"= UDP:c:\users\steve\desktop\wow-2.4.2.8278-to-0.4.3.8478-enus-downloader.exe:wow-2.4.2.8278-to-0.4.3.8478-enus-downloader.exe
"UDP Query User{9C462AD0-7211-4B1C-BC39-B286C50FA8E3}c:\\users\\steve\\desktop\\wow-2.4.2.8278-to-0.4.3.8478-enus-downloader.exe"= TCP:c:\users\steve\desktop\wow-2.4.2.8278-to-0.4.3.8478-enus-downloader.exe:wow-2.4.2.8278-to-0.4.3.8478-enus-downloader.exe
"{0D5C9414-695B-4471-8454-FB52C817BBE7}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{E6646362-1533-4BEA-9A51-AE69D0CFE5D1}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"TCP Query User{742DDCF5-B4E0-4299-93FD-460C84C86E6E}c:\\program files\\world of warcraft\\backgrounddownloader.exe"= UDP:c:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{D4EA8730-866A-45A4-8E5B-0703BA15414B}c:\\program files\\world of warcraft\\backgrounddownloader.exe"= TCP:c:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{68B42BD2-9B31-4CED-B906-8083EA640FB0}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{F84225C7-1373-4BD7-8DF3-2706EE5E8A9E}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"{57F5BCC4-373E-4A97-8607-8E2737E6A597}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{9B53E8E1-803A-4572-98EC-E3DF50DFF440}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{BC1F4FD7-B60F-4651-8897-0F323B368D78}"= UDP:990:LocalSubnet:LocalSubnet|IF={FB1AEB9C-A9F1-4D18-B8C9-F4061648343F}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
"{67BD2016-C1EA-4837-8D2B-69FF62309176}"= UDP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (TCP-In)
"{69531F1D-7C08-493E-944E-C833D2B5AD77}"= TCP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (UDP-In)
"TCP Query User{2923EAF7-F3C0-4F57-8C1E-068B231CBC1F}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{30E234F9-528F-4B01-B700-C2B80AA6FB75}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"{2471588F-18CF-4DBB-899B-6F27069CBB08}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{68D170E1-B16D-4DA1-A21D-132910673221}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{36EE3443-E750-425F-8979-AE1F5F89F0E0}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{0484C1B5-B341-4E24-8D14-97A69710171B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{F4F99A92-15A7-404A-BEF1-F633B33C155C}c:\\users\\steve\\appdata\\local\\temp\\blizzard launcher temporary - 5100f810\\launcher.exe"= UDP:c:\users\steve\appdata\local\temp\blizzard launcher temporary - 5100f810\launcher.exe:launcher.exe
"UDP Query User{8BD01338-D9E6-4D28-A6E2-6E184AC7836E}c:\\users\\steve\\appdata\\local\\temp\\blizzard launcher temporary - 5100f810\\launcher.exe"= TCP:c:\users\steve\appdata\local\temp\blizzard launcher temporary - 5100f810\launcher.exe:launcher.exe
"{C81CFFE8-D3E9-4005-926A-CF426C136476}"= UDP:c:\program files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:Peggle Extreme
"{EAA4ABDB-4656-400C-8F05-2D21B62728E7}"= TCP:c:\program files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:Peggle Extreme
"TCP Query User{B2C8274E-70EC-429D-AE12-0D3AE4C03F63}c:\\users\\steve\\appdata\\local\\temp\\blizzard launcher temporary - 54e064c0\\launcher.exe"= UDP:c:\users\steve\appdata\local\temp\blizzard launcher temporary - 54e064c0\launcher.exe:launcher.exe
"UDP Query User{1B9542FA-DC7D-4843-93BA-F7A4EDDE8538}c:\\users\\steve\\appdata\\local\\temp\\blizzard launcher temporary - 54e064c0\\launcher.exe"= TCP:c:\users\steve\appdata\local\temp\blizzard launcher temporary - 54e064c0\launcher.exe:launcher.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R0 mv61xx;mv61xx;c:\windows\System32\drivers\mv61xx.sys [2007-06-14 143256]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2008-09-09 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2009-01-28 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-09-09 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-09-09 298264]
R2 Cepstral License Server;Cepstral License Server;c:\program files\Cepstral\bin\CepstralLicSrv.exe [2008-06-24 57344]
R3 PAC7302;PAC7302 VGA USB Camera;c:\windows\System32\drivers\PAC7302.SYS [2008-10-14 457856]
S2 MRUWebService;MRU Web Service;"c:\program files\Marvell\61xx\Apache2\bin\Apache.exe" -k runservice --> c:\program files\Marvell\61xx\Apache2\bin\Apache.exe [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19a6e400-53d1-11dd-91da-001e8c72009b}]
\shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{41c425c4-fe85-11d5-b863-806e6f6e6963}]
\shell\AutoRun\command - D:\BSAutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8725a7c3-2015-11dd-82d4-806e6f6e6963}]
\shell\AutoRun\command - D:\launcher.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8d94761-1fa1-11dd-a76d-806e6f6e6963}]
\shell\AutoRun\command - d:\bin\Assetup.exe
.
Contents of the 'Scheduled Tasks' folder
2009-02-25 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe []
2009-03-03 c:\windows\Tasks\User_Feed_Synchronization-{6871C9F5-9450-44AF-A7C4-13F6667379BD}.job
- c:\windows\system32\msfeedssync.exe [2008-01-20 18:34]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p5jn85h6.default\
1 file(s) moved.
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p5jn85h6.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\users\Steve\Program Files\DNA\plugins\npbtdna.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-03-03 11:13:44
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
c:\windows\TEMP\TMP0000003DF4FA60558488CB80 524288 bytes executable
scan completed successfully
hidden files: 1
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\AEADISRV.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\microsoft shared\VS7Debug\mdm.exe
c:\windows\System32\PnkBstrA.exe
c:\windows\System32\PnkBstrB.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\System32\WUDFHost.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\windows\System32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2009-03-03 11:16:03 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-03 19:16:01
ComboFix2.txt 2009-02-10 18:18:17
Pre-Run: 428,178,046,976 bytes free
Post-Run: 428,640,538,624 bytes free
813 --- E O F --- 2009-03-03 02:37:27
Things are running better now, havent had a crash yet but when i was running the malware program things got EXTREMELY laggy. Other than that, it seems better. One thing i have noticed though is that recently upon start up my computer has been prompting for me to start a windows defender program, what seems fishy about this is that when i dont let it run there is allready that process running but when i let it run there are two of them. If this is something to be concerned about i noticed that even on startup after running the malware and combo fix it popped up again.
Thnx for the help.