Hello Carolyn!
Thank you for the reply, I followed your instructions, disabled Autorun (thank for the articles you posted, quite interesting. since i have XP home, I disabled it from the cdrom folder in the reg like instructed in the article, that applies to USB drives as well right?)
The Flash_Disinfector ran, however it was literally instant. Everything went as you explained it, but I'm wondering if the scan is really supposed to be instant (considering my external hdd had at least 250 gb filled up)?
Panda's interface was slightly different, but I registered an acount and performed a full scan which should be the equivalent of a MyComputer scan.
Windows Update has been on overdrive (due to the Reinstall), everything is running smoothly, but then again so it was before. I just want to say again that I do plan on reinstalling my computer (again) once my externall hdd is clean.
Thanks a lot for helping me out!
I'll be waiting for your response
Here are the logs:
ComboFix Log:ComboFix 08-11-29.02 - Shorty 2008-11-30 21:14:13.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.291 [GMT 1:00]
Running from: c:\documents and settings\Shorty\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Shorty\Desktop\CFScript.txt
* Created a new restore point
FILE ::
C:\ij.bat
D:\Setup.exe
F:\ij.bat
f:\programs\Programs\SciTE4AutoIt3.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Shorty\Application Data\google\runhh6110411.exe
F:\Autorun.inf
f:\games\Diablo Stuff\mm.BOT
f:\games\Diablo Stuff\mm.BOT\Config\KeySet-1\amblxbow.cof
f:\games\Diablo Stuff\mm.BOT\Config\KeySet-1\curindx.wav
f:\games\Diablo Stuff\mm.BOT\Config\KeySet-1\wavindx.wav
f:\games\Diablo Stuff\mm.BOT\Config\KeySet-2\amblxbow.cof
f:\games\Diablo Stuff\mm.BOT\Config\KeySet-2\curindx.wav
f:\games\Diablo Stuff\mm.BOT\Config\KeySet-2\wavindx.wav
f:\games\Diablo Stuff\mm.BOT\Config\KeySet-3\amblxbow.cof
f:\games\Diablo Stuff\mm.BOT\Config\KeySet-3\curindx.wav
f:\games\Diablo Stuff\mm.BOT\Config\KeySet-3\wavindx.wav
f:\games\Diablo Stuff\mm.BOT\Config\mm.BOT.ini
f:\games\Diablo Stuff\mm.BOT\Config\mm.BOT.Sequences.ini
f:\games\Diablo Stuff\mm.BOT\Config\mm.BotState.ini
f:\games\Diablo Stuff\mm.BOT\Config\mm.MultiKeys.ini
f:\games\Diablo Stuff\mm.BOT\Config\mm.PKID.ini
f:\games\Diablo Stuff\mm.BOT\Config\mm.PKIDORIGINAL.ini
f:\games\Diablo Stuff\mm.BOT\Config\mm.PlayKeys.ini
f:\games\Diablo Stuff\mm.BOT\Config\mmcl.PKID.Compiler.exe
f:\games\Diablo Stuff\mm.BOT\Config\System\d2-cdkey.exe
f:\games\Diablo Stuff\mm.BOT\Config\System\listfile.dat
f:\games\Diablo Stuff\mm.BOT\Config\System\LMPQAPI.DLL
f:\games\Diablo Stuff\mm.BOT\Config\System\mm.Boxes.Ref.ini
f:\games\Diablo Stuff\mm.BOT\Config\System\mm.PKID.Ref
f:\games\Diablo Stuff\mm.BOT\Config\System\mm.PKID.Usr.CH
f:\games\Diablo Stuff\mm.BOT\Config\System\mm.PKID.Usr.ID
f:\games\Diablo Stuff\mm.BOT\Config\System\mm.PKID.Usr.PK
f:\games\Diablo Stuff\mm.BOT\Config\System\MPQ2K.exe
f:\games\Diablo Stuff\mm.BOT\Config\System\Process.exe
f:\games\Diablo Stuff\mm.BOT\Config\System\SFmpq.dll
f:\games\Diablo Stuff\mm.BOT\Config\System\staredit.exe
f:\games\Diablo Stuff\mm.BOT\Config\System\Storm.dll
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\CharTut.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\FAQ.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\automap.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\bar.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\coldskills.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\controls1.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\controls2.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\controls3.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\controls4.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Desktop.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\favicon.ico
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\fireskills.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\lightskills.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\merc_main.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\mmbotlogo.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Notepad.ico
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Pindle.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Program.ico
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Screenshot054.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Screenshot065.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Screenshot072.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Screenshot090.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Screenshot101.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Screenshot169.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\skillskeys.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\SoulSpawn.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\stats_ctaswitch.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Thumbs.db
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\Update.ico
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\img\video.jpg
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\Installation.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\KeysSwapping.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\LMenu.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\MainPage.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\MercTut.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\MySorce.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\PKID.ByGroups.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\PKID.ByItems.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\PkIdListing.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\PkIdSamples.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\PkIdSyntax.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\SeqCommands.htm
f:\games\Diablo Stuff\mm.BOT\Documents\Htm\SeqExamples.htm
f:\games\Diablo Stuff\mm.BOT\Documents\img\favicon.ico
f:\games\Diablo Stuff\mm.BOT\Documents\img\Home.ico
f:\games\Diablo Stuff\mm.BOT\Documents\img\Notepad.ico
f:\games\Diablo Stuff\mm.BOT\Documents\img\Program.ico
f:\games\Diablo Stuff\mm.BOT\Documents\img\Update.ico
f:\games\Diablo Stuff\mm.BOT\Documents\mm.BOT.History.txt
f:\games\Diablo Stuff\mm.BOT\IpRefresh.exe
f:\games\Diablo Stuff\mm.BOT\Logs\_STATS.ini
f:\games\Diablo Stuff\mm.BOT\Logs\ArchiveCurrent.exe
f:\games\Diablo Stuff\mm.BOT\Logs\Compiler.txt
f:\games\Diablo Stuff\mm.BOT\Logs\DeleteCurrent.exe
f:\games\Diablo Stuff\mm.BOT\Logs\Events_Bot.txt
f:\games\Diablo Stuff\mm.BOT\Logs\Good_Items.txt
f:\games\Diablo Stuff\mm.BOT\Logs\Picked_Items.txt
f:\games\Diablo Stuff\mm.BOT\Logs\ScanDrop_Items.txt
f:\games\Diablo Stuff\mm.BOT\Logs\SearchInLogs.exe
f:\games\Diablo Stuff\mm.BOT\Logs\Sold_Items.txt
f:\games\Diablo Stuff\mm.BOT\MacReset.exe
f:\games\Diablo Stuff\mm.BOT\mm.BOT.546.exe
f:\games\Diablo Stuff\mm.BOT\mm.Bot.chm
f:\games\Diablo Stuff\mm.BOT\mm.BOT.MANUAL.htm
f:\games\Diablo Stuff\mm.BOT\Scripts\Example.au3
f:\games\Diablo Stuff\mm.BOT\Scripts\mm.BOT.Include.au3
f:\games\Diablo Stuff\mm.BOT\Tools\ImportantRead.txt
f:\games\Diablo Stuff\mm.BOT\Tools\mm.FList\mm.FList.exe
f:\games\Diablo Stuff\mm.BOT\Tools\mm.FList\mm.FList.ini
f:\games\Diablo Stuff\mm.BOT\Tools\mm.ItemReader\mm.ItemReader.exe
f:\games\Diablo Stuff\mm.BOT\Tools\mm.ItemReader\mm.ItemReader.ini
f:\games\Diablo Stuff\mm.BOT\Tools\mm.RBlocks\mm.RBlocks.exe
f:\programs\Programs\SciTE4AutoIt3.exe
.
((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-30 )))))))))))))))))))))))))))))))
.
2008-11-30 11:42 . 2008-11-30 11:52 <DIR> d-------- c:\documents and settings\Shorty\Application Data\dvdcss
2008-11-29 01:55 . 2008-10-03 18:41 6,066,176 -----c--- c:\windows\system32\dllcache\ieframe.dll
2008-11-29 01:55 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2008-11-29 01:55 . 2007-03-08 06:10 991,232 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-29 01:55 . 2008-08-26 08:24 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2008-11-29 01:55 . 2008-08-26 08:24 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2008-11-29 01:55 . 2008-08-26 08:24 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2008-11-29 01:55 . 2008-08-26 08:24 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2008-11-29 01:55 . 2008-08-26 08:24 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-29 01:55 . 2008-08-25 09:38 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2008-11-27 19:24 . 2008-07-18 22:07 270,880 --a------ c:\windows\system32\mucltui.dll
2008-11-27 19:24 . 2008-07-18 22:07 210,976 --a------ c:\windows\system32\muweb.dll
2008-11-27 19:24 . 2008-07-18 22:07 29,728 --a------ c:\windows\system32\mucltui.dll.mui
2008-11-27 18:55 . 2004-08-04 00:56 159,232 --a------ c:\windows\system32\ptpusd.dll
2008-11-27 18:55 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2008-11-27 18:55 . 2004-08-03 22:58 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2008-11-27 18:55 . 2001-08-17 22:36 5,632 --a------ c:\windows\system32\ptpusb.dll
2008-11-27 18:04 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2008-11-27 18:03 . 2008-11-27 18:03 <DIR> d-------- c:\program files\MSBuild
2008-11-27 18:03 . 2008-11-27 18:03 <DIR> d-------- c:\program files\Microsoft Works
2008-11-27 18:02 . 2008-11-27 18:02 <DIR> d-------- c:\program files\Microsoft.NET
2008-11-27 17:59 . 2008-11-27 18:02 <DIR> d-------- c:\windows\SHELLNEW
2008-11-27 17:59 . 2008-11-29 03:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-27 17:58 . 2008-11-27 17:58 <DIR> dr-h----- C:\MSOCache
2008-11-27 15:30 . 2008-11-27 15:30 <DIR> d-------- c:\program files\uTorrent
2008-11-27 15:27 . 2008-11-30 10:27 <DIR> d-------- c:\documents and settings\Shorty\Application Data\uTorrent
2008-11-27 14:55 . 2008-11-27 14:55 <DIR> d-------- c:\program files\VideoLAN
2008-11-27 14:55 . 2008-11-27 14:56 <DIR> d-------- c:\documents and settings\Shorty\Application Data\vlc
2008-11-27 12:21 . 2008-11-27 12:21 <DIR> d-------- c:\documents and settings\Shorty\Application Data\AdobeUM
2008-11-27 12:20 . 2008-11-27 12:20 <DIR> d-------- c:\program files\Common Files\Adobe
2008-11-27 01:40 . 2008-11-27 01:40 0 --a------ c:\windows\ativpsrm.bin
2008-11-25 23:29 . 2008-11-25 23:29 <DIR> d-------- c:\program files\Trend Micro
2008-11-25 19:05 . 2008-11-25 19:05 <DIR> d-------- c:\documents and settings\Shorty\Application Data\Malwarebytes
2008-11-25 19:05 . 2008-10-22 16:27 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-25 19:04 . 2008-11-25 19:05 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-25 19:04 . 2008-11-25 19:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-25 19:04 . 2008-10-22 16:27 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-25 18:49 . 2008-11-25 23:23 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-11-25 18:49 . 2008-11-25 19:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-25 18:44 . 2008-11-25 18:44 <DIR> d-------- c:\documents and settings\Shorty\Application Data\Uniblue
2008-11-25 18:39 . 2008-11-30 03:00 1,393 --a------ c:\windows\imsins.BAK
2008-11-25 18:32 . 2008-11-25 18:32 <DIR> d-------- c:\program files\CCleaner
2008-11-25 17:58 . 2008-11-25 17:58 <DIR> d-------- c:\windows\ERUNT
2008-11-25 17:15 . 2008-11-28 09:50 <DIR> d-------- c:\windows\system32\CatRoot_bak
2008-11-25 17:15 . 2008-11-25 17:15 <DIR> d-------- c:\windows\Sun
2008-11-25 17:13 . 2008-08-14 11:00 2,180,352 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-25 17:13 . 2008-08-14 10:58 2,136,064 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-25 17:13 . 2008-08-14 10:22 2,057,728 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-25 17:13 . 2008-08-14 10:22 2,015,744 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-25 17:13 . 2008-10-24 12:10 453,632 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-25 17:13 . 2008-06-13 14:10 272,128 --------- c:\windows\system32\drivers\bthport.sys
2008-11-25 17:13 . 2008-06-13 14:10 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2008-11-25 17:10 . 2008-11-25 17:10 <DIR> d-------- c:\windows\Cache
2008-11-25 17:10 . 2008-11-25 17:10 <DIR> d-------- C:\Online documentation
2008-11-25 17:10 . 2008-11-25 17:10 836 --a------ C:\tmpFile.dat
2008-11-25 17:09 . 2008-11-25 17:09 <DIR> d-------- C:\$CTJTMP
2008-11-25 17:09 . 2004-08-03 23:08 26,496 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2008-11-25 17:02 . 2008-11-25 17:02 <DIR> d--h----- c:\program files\InstallShield Installation Information
2008-11-25 17:02 . 2008-11-25 17:04 <DIR> d-------- C:\ATI-CPanel
2008-11-25 17:01 . 2008-06-10 02:32 73,728 --a------ c:\windows\system32\javacpl.cpl
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-25 16:09 659 ----a-w C:\pnpID.dat
2008-11-25 16:02 808 ----a-w c:\windows\system32\drivers\alcxinit.dat
2008-11-25 16:01 --------- d-----w c:\program files\Java
2008-11-25 15:58 --------- d-----w c:\program files\CONEXANT
2008-11-25 15:57 --------- d-----w c:\program files\Common Files\InstallShield
2008-11-25 15:47 --------- d-----w c:\program files\microsoft frontpage
2008-11-25 15:46 --------- d-----w c:\program files\Common Files\Java
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
.
((((((((((((((((((((((((((((( snapshot@2008-11-26_23.49.14.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-12 23:28:55 765,952 ----a-w c:\windows\$hf_mig$\KB938127-IE7\SP2QFE\vgx.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB938127-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB938127-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB938127-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB938127-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB938127-IE7\update\updspapi.dll
+ 2008-11-27 17:03:25 110,592 ----a-w c:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2008-11-27 17:03:23 65,536 ----a-w c:\windows\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL
+ 2008-11-27 17:03:26 4,608 ----a-w c:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2008-11-27 17:03:23 1,215,328 ----a-w c:\windows\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\IACore.dll
+ 2008-11-27 17:03:23 82,784 ----a-w c:\windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
+ 2008-11-27 17:03:19 31,560 ----a-w c:\windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL
+ 2008-11-27 17:03:24 8,007,680 ----a-w c:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2008-11-27 17:03:19 16,712 ----a-w c:\windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll
+ 2008-11-27 17:02:22 80,696 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2008-11-27 17:02:53 1,612,592 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
+ 2008-11-27 17:02:53 1,276,720 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2008-11-27 17:02:53 150,320 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2008-11-27 17:03:19 404,296 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll
+ 2008-11-27 17:02:54 88,896 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2008-11-27 17:02:54 146,232 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2008-11-27 17:03:12 17,208 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll
+ 2008-11-27 17:02:53 920,376 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
+ 2008-11-27 17:02:54 35,648 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2008-11-29 02:08:08 250,928 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-11-27 17:02:54 232,248 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll
+ 2008-11-27 17:02:53 20,280 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2008-11-29 02:04:58 783,744 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-11-27 17:03:23 13,312 ----a-w c:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2008-11-27 17:02:53 371,496 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2008-11-27 17:02:54 64,288 ----a-w c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-11-27 17:03:23 229,376 ----a-w c:\windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
+ 2008-11-27 17:03:25 4,096 ----a-w c:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2008-11-27 17:02:53 416,544 ----a-w c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-11-27 17:02:20 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2008-11-27 17:02:22 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2008-11-27 17:03:02 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2008-11-27 17:03:19 12,616 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2008-11-27 17:03:19 12,616 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll
+ 2008-11-27 17:03:13 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll
+ 2008-11-27 17:03:12 12,632 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2008-11-27 17:03:13 12,112 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2008-11-27 17:03:15 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll
+ 2008-11-27 17:03:08 12,104 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2008-11-27 17:03:17 12,096 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2008-11-27 17:03:09 12,080 ----a-w c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2008-11-27 17:03:09 11,544 ----a-w c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2008-11-27 17:03:23 16,384 ----a-w c:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
- 2008-11-26 22:45:39 1,257,472 ----a-w c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-11-27 10:58:36 1,265,664 ----a-w c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-11-26 22:45:41 1,224,704 ----a-w c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-11-27 10:58:36 1,232,896 ----a-w c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-11-27 10:58:44 61,440 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_31e06061\CustomMarshalers.dll
+ 2008-11-27 11:00:15 3,391,488 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b6faae64\mscorlib.dll
+ 2008-11-27 11:00:11 1,470,464 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_cd75d77a\System.Design.dll
+ 2008-11-27 10:58:52 90,112 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_1921c7b8\System.Drawing.Design.dll
+ 2008-11-27 11:00:12 835,584 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_72122d36\System.Drawing.dll
+ 2008-11-27 11:00:02 3,018,752 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_c9709ce8\System.Windows.Forms.dll
+ 2008-11-27 11:00:06 2,088,960 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_9c53c4a4\System.Xml.dll
+ 2008-11-27 10:58:43 1,966,080 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_c124b753\System.dll
+ 2008-10-04 19:16:46 1,887,080 ----a-w c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
- 2008-11-25 16:58:44 610,304 ----a-w c:\windows\ERUNT\SDFIX\Users\
00000001\NTUSER.DAT
+ 2008-11-27 01:30:58 749,568 ----a-w c:\windows\ERUNT\SDFIX\Users\
00000001\NTUSER.DAT
- 2008-11-25 16:58:44 151,552 ----a-w c:\windows\ERUNT\SDFIX\Users\
00000002\UsrClass.dat
+ 2008-11-27 01:30:58 151,552 ----a-w c:\windows\ERUNT\SDFIX\Users\
00000002\UsrClass.dat
+ 2004-08-04 12:00:00 61,440 -c--a-w c:\windows\ie7\admparse.dll
+ 2004-08-04 12:00:00 99,840 -c--a-w c:\windows\ie7\advpack.dll
+ 2004-08-04 12:00:00 35,328 -c--a-w c:\windows\ie7\corpol.dll
+ 2006-06-03 11:40:49 33,792 -c--a-w c:\windows\ie7\custsat.dll
+ 2008-08-20 05:38:40 357,888 -c--a-w c:\windows\ie7\dxtmsft.dll
+ 2008-08-20 05:38:40 205,312 -c--a-w c:\windows\ie7\dxtrans.dll
+ 2008-08-20 05:38:40 55,808 -c--a-w c:\windows\ie7\extmgr.dll
+ 2004-08-04 12:00:00 38,912 -c--a-w c:\windows\ie7\hmmapi.dll
+ 2004-08-04 12:00:00 34,304 -c--a-w c:\windows\ie7\ie4uinit.exe
+ 2004-08-04 12:00:00 139,264 -c--a-w c:\windows\ie7\ieakeng.dll
+ 2004-08-04 12:00:00 216,576 -c--a-w c:\windows\ie7\ieaksie.dll
+ 2004-08-04 12:00:00 221,184 -c--a-w c:\windows\ie7\ieakui.dll
+ 2004-08-04 12:00:00 323,584 -c--a-w c:\windows\ie7\iedkcs32.dll
+ 2008-08-19 09:30:39 18,432 -c--a-w c:\windows\ie7\iedw.exe
+ 2004-08-04 12:00:00 81,920 -c--a-w c:\windows\ie7\ieencode.dll
+ 2008-08-20 05:38:41 251,392 -c--a-w c:\windows\ie7\iepeers.dll
+ 2004-08-04 12:00:00 48,640 -c--a-w c:\windows\ie7\iernonce.dll
+ 2004-08-04 12:00:00 62,976 -c--a-w c:\windows\ie7\iesetup.dll
+ 2004-08-04 12:00:00 93,184 -c--a-w c:\windows\ie7\iexplore.exe
+ 2004-08-04 12:00:00 35,840 -c--a-w c:\windows\ie7\imgutil.dll
+ 2008-08-20 05:38:41 96,256 -c--a-w c:\windows\ie7\inseng.dll
+ 2007-12-18 14:40:58 450,560 -c--a-w c:\windows\ie7\jscript.dll
+ 2008-08-20 05:38:44 16,384 -c--a-w c:\windows\ie7\jsproxy.dll
+ 2004-08-04 12:00:00 22,016 -c--a-w c:\windows\ie7\licmgr10.dll
+ 2004-08-04 12:00:00 29,184 -c--a-w c:\windows\ie7\mshta.exe
+ 2008-08-20 05:38:47 3,060,224 -c--a-w c:\windows\ie7\mshtml.dll
+ 2008-08-20 05:38:43 449,024 -c--a-w c:\windows\ie7\mshtmled.dll
+ 2004-08-04 12:00:00 56,832 -c--a-w c:\windows\ie7\mshtmler.dll
+ 2004-08-04 12:00:00 146,432 -c--a-w c:\windows\ie7\msls31.dll
+ 2008-08-20 05:38:41 146,432 -c--a-w c:\windows\ie7\msrating.dll
+ 2008-08-20 05:38:41 532,480 -c--a-w c:\windows\ie7\mstime.dll
+ 2004-08-04 12:00:00 96,256 -c--a-w c:\windows\ie7\occache.dll
+ 2008-08-20 05:38:41 39,424 -c--a-w c:\windows\ie7\pngfilt.dll
+ 2007-08-13 17:54:42 32,960 -c--a-w c:\windows\ie7\spuninst\iecustom.dll
+ 2007-08-13 17:52:06 66,048 -c--a-w c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 16:43:16 213,216 -c--a-w c:\windows\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:18 371,424 -c--a-w c:\windows\ie7\spuninst\updspapi.dll
+ 2004-08-04 12:00:00 37,888 -c--a-w c:\windows\ie7\url.dll
+ 2008-08-20 05:38:45 615,936 -c--a-w c:\windows\ie7\urlmon.dll
+ 2007-12-18 14:40:58 417,792 -c--a-w c:\windows\ie7\vbscript.dll
+ 2004-08-04 12:00:00 848,384 -c--a-w c:\windows\ie7\vgx.dll
+ 2004-08-04 12:00:00 276,480 -c--a-w c:\windows\ie7\webcheck.dll
+ 2008-08-20 05:38:43 659,456 -c--a-w c:\windows\ie7\wininet.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:54:10 765,952 -c----w c:\windows\ie7updates\KB938127-IE7\vgx.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w c:\windows\ie7updates\KB938127-v2-IE7\spuninst\updspapi.dll
+ 2007-07-12 23:31:54 765,952 -c----w c:\windows\ie7updates\KB938127-v2-IE7\vgx.dll
+ 2007-08-13 17:39:00 123,904 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2007-08-13 17:35:46 346,624 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2007-08-13 17:35:38 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2007-08-13 17:54:10 131,584 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2007-08-13 17:36:26 61,952 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2007-08-13 17:39:06 54,784 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2007-08-13 17:39:26 152,064 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2007-08-13 17:39:54 229,376 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2007-08-13 16:56:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2007-02-12 15:10:12 2,451,312 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dat
+ 2007-07-11 11:27:48 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2007-08-13 17:39:50 382,976 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2007-08-13 17:54:10 6,049,280 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2007-08-13 17:39:10 43,008 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2007-08-13 17:34:04 266,752 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2007-08-13 17:39:10 13,312 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2007-08-13 17:43:56 622,080 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2007-08-13 17:54:10 27,136 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2007-08-13 17:54:10 458,752 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2007-08-13 17:54:10 50,688 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2007-08-13 17:54:10 475,648 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2007-08-13 17:44:26 192,000 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2007-08-13 17:54:10 670,720 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2007-08-13 17:44:06 101,376 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2007-08-13 17:36:12 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:44:30 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2007-08-13 17:54:10 1,162,240 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2007-08-13 17:54:10 231,424 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2007-08-13 17:54:10 818,688 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2006-10-26 18:49:48 1,011,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109010090400000000000F01FEC\12.0.4518\MSDAIPP.DLL
+ 2006-10-26 18:49:46 970,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109010090400000000000F01FEC\12.0.4518\MSONSEXT.DLL
+ 2006-10-27 14:00:10 576,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACACEDAO.DLL
+ 2006-10-26 20:18:12 162,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACCWIZ.DLL
+ 2006-10-27 14:00:12 1,751,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2006-10-27 14:00:10 576,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-27 14:00:06 47,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-27 14:00:08 191,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-26 19:13:34 338,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-26 19:13:44 629,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-26 19:13:28 207,736 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-26 19:13:32 279,352 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-26 19:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-26 19:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-26 19:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-26 19:13:12 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-27 14:00:06 387,960 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-26 19:13:38 392,048 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-26 19:13:30 260,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-26 19:13:32 289,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-26 19:13:20 56,120 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-26 19:13:38 551,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-26 19:13:30 224,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-27 14:40:34 208,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-26 19:13:34 371,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 14:41:04 399,640 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-26 18:59:24 205,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-26 20:30:42 65,312 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\COLLIMP.DLL
+ 2006-10-27 14:16:36 133,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\CONTAB32.DLL
+ 2006-10-26 19:12:52 189,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL
+ 2006-10-26 19:55:32 87,344 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\DLGSETP.DLL
+ 2006-10-26 23:48:08 234,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\DRAT.EXE
+ 2006-10-26 18:48:14 439,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\DWDCW20.DLL
+ 2006-10-26 18:48:14 434,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\DWTRIG20.EXE
+ 2006-10-27 14:07:36 17,891,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2006-10-26 13:10:08 1,190,688 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\FM20.DLL
+ 2006-10-26 13:04:58 75,576 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\FORM.DLL
+ 2006-10-26 18:21:24 1,682,232 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-27 14:09:36 983,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-26 19:02:12 2,526,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GRAPH.EXE
+ 2006-10-27 14:37:44 338,216 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVE.EXE
+ 2006-10-27 14:38:02 6,191,400 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEACCOUNTMGR.DLL
+ 2006-10-27 14:37:44 284,448 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEAUDIO.DLL
+ 2006-10-26 23:47:54 65,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEAUDITSERVICE.EXE
+ 2006-10-27 14:37:40 34,088 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEAUTOPROXY.DLL
+ 2006-10-27 14:37:44 300,336 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECALENDARTOOL.DLL
+ 2006-10-26 23:47:44 33,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECLEAN.EXE
+ 2006-10-27 14:37:56 2,689,336 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMONCOMPONENTS.DLL
+ 2006-10-27 14:38:00 3,508,544 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSERVICES.DLL
+ 2006-10-27 14:37:40 117,584 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSTATUSANDCONTROL.DLL
+ 2006-10-27 14:37:50 768,304 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECOMPONENTMGR.DLL
+ 2006-10-27 14:37:52 1,359,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECRYPTO.DLL
+ 2006-10-26 23:48:24 377,136 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEDATAVIEWERTOOL.DLL
+ 2006-10-27 14:37:58 3,071,288 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEDOCUMENTSHARETOOL.DLL
+ 2006-10-27 14:37:44 284,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEFETCHSERVICES.DLL
+ 2006-10-26 23:48:00 197,920 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEGAMES.DLL
+ 2006-10-26 23:48:18 317,736 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEMIGRATOR.EXE
+ 2006-10-26 23:48:40 1,555,232 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEMISC.DLL
+ 2006-10-26 23:47:42 31,016 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEMONITOR.EXE
+ 2006-10-26 23:47:40 22,808 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVENEW.DLL
+ 2006-10-26 23:48:02 224,048 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEPROJECTTOOLSET.DLL
+ 2006-10-27 14:38:04 7,053,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVERESOURCE.DLL
+ 2006-10-26 23:48:42 2,210,608 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESHELLEXTENSIONS.DLL
+ 2006-10-26 23:48:18 363,304 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESKETCHTOOL.DLL
+ 2006-10-26 23:47:40 16,688 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESTDURLLAUNCHER.EXE
+ 2006-10-27 14:37:56 2,738,472 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESTORAGEMGR.DLL
+ 2006-10-27 14:37:38 35,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESYSTEMMODE.DLL
+ 2006-10-26 23:48:02 222,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESYSTEMSERVICES.DLL
+ 2006-10-27 14:37:50 1,163,048 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVETEXTTOOLS.DLL
+ 2006-10-27 14:38:00 4,746,536 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVETRANSCEIVER.DLL
+ 2006-10-27 14:37:54 1,396,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEUIFRAMEWORK.DLL
+ 2006-10-26 23:48:34 955,680 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEUTIL.DLL
+ 2006-10-27 14:37:40 268,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBBROWSERTOOL2.DLL
+ 2006-10-26 23:48:26 572,216 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBPLATFORMSERVICES.DLL
+ 2006-10-27 14:37:48 631,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBSERVICES.DLL
+ 2006-10-26 19:12:52 173,328 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-26 19:55:38 138,024 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IMPMAIL.DLL
+ 2006-10-27 14:10:08 1,439,032 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\INFOPATH.EXE
+ 2006-10-27 14:10:10 5,456,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IPDESIGN.DLL
+ 2006-10-27 14:10:10 5,281,592 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-26 20:42:00 176,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IPOLK.DLL
+ 2006-10-26 18:55:10 828,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-26 19:55:48 340,248 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MIMEDIR.DLL
+ 2006-10-27 14:04:08 497,504 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-27 14:01:34 10,371,880 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2006-10-26 20:18:06 66,880 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSAEXP30.DLL
+ 2006-10-26 12:58:14 117,552 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-27 14:26:40 16,870,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-27 13:59:06 161,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 18:48:12 14,664 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 19:12:58 428,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-26 20:13:36 26,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 19:00:08 6,635,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-26 12:56:36 436,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-27 14:04:10 9,581,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2006-10-26 18:50:04 672,024 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 12:56:40 505,136 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 18:55:12 832,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 18:55:06 538,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 19:12:30 65,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-27 14:14:34 14,151,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-26 19:42:36 8,423,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-26 19:06:54 232,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 19:14:06 7,033,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-27 14:18:36 1,658,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-26 19:00:08 274,744 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-26 19:00:12 998,208 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-26 19:00:10 285,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-27 14:16:46 2,939,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OLMAPI32.DLL
+ 2006-10-26 19:34:12 660,792 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OMSMAIN.DLL
+ 2006-10-26 19:34:10 192,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OMSXP32.DLL
+ 2006-10-26 19:32:42 604,000 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONBTTNIE.DLL
+ 2006-10-27 14:39:36 687,432 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONBTTNOL.DLL
+ 2006-10-27 14:03:04 1,018,664 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONENOTE.EXE
+ 2006-10-26 19:24:54 98,632 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONENOTEM.EXE
+ 2006-10-26 19:24:50 72,504 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONFILTER.DLL
+ 2006-10-26 19:24:58 1,165,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONLIBS.DLL
+ 2006-10-27 14:03:06 6,579,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONMAIN.DLL
+ 2006-10-26 19:23:00 782,720 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONSYNCPC.DLL
+ 2006-10-26 19:07:04 6,536,992 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-09-15 15:25:18 3,611,416 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DAT
+ 2006-07-26 17:53:56 459,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-27 14:16:44 594,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLMIME.DLL
+ 2006-10-27 14:16:48 12,813,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLOOK.EXE
+ 2006-10-27 14:16:40 176,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLPH.DLL
+ 2006-10-27 14:16:36 46,864 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLRPC.DLL
+ 2006-10-26 20:30:44 482,088 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-10-27 14:04:06 465,200 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 14:04:06 7,980,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2008-11-27 17:02:54 248,632 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-26 18:52:10 2,012,480 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PPTVIEW.EXE
+ 2006-10-26 19:09:36 136,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2006-10-26 13:05:00 77,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PSOM.DLL
+ 2006-10-26 19:55:54 413,472 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PSTPRX32.DLL
+ 2006-10-27 14:04:06 624,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-26 19:09:44 590,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-26 20:13:38 38,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 20:42:12 744,808 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\REGFORM.EXE
+ 2006-10-26 13:04:44 19,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\REVERSE.DLL
+ 2006-10-26 19:55:44 263,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SCNPST32.DLL
+ 2006-10-26 19:55:44 272,744 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SCNPST64.DLL
+ 2006-10-26 19:13:00 503,624 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-26 19:06:58 439,600 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-26 20:18:16 502,608 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SOA.DLL
+ 2006-07-28 14:21:58 277,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SSGEN.DLL
+ 2006-10-27 13:57:08 2,330,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-26 13:04:48 29,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\THOCRAPI.DLL
+ 2006-10-26 13:05:04 126,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWCUTCHR.DLL
+ 2006-10-26 13:05:02 86,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWCUTLIN.DLL
+ 2006-10-26 13:04:56 58,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWLAY32.DLL
+ 2006-10-26 13:04:48 27,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWORIENT.DLL
+ 2006-10-26 13:04:54 51,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWRECE.DLL
+ 2006-10-26 13:04:44 19,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWRECS.DLL
+ 2006-10-26 13:04:58 76,624 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWSTRUCT.DLL
+ 2006-09-29 23:42:56 2,583,344 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-26 22:00:12 1,841,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\VVIEWDWG.DLL
+ 2006-10-26 21:58:38 3,732,792 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2006-10-27 14:23:04 347,432 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2008-11-27 17:02:54 781,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WORDPIA.DLL
+ 2006-10-27 14:11:38 4,235,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WRD12CNV.DLL
+ 2006-10-27 14:11:36 21,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WRD12EXE.EXE
+ 2006-10-27 14:23:08 17,483,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-26 13:05:08 1,181,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\XIMAGE3B.DLL
+ 2006-10-26 20:13:08 14,674,216 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\XL12CNV.EXE
+ 2006-10-26 20:17:08 11,072 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2006-10-26 13:05:08 530,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\XPAGE3C.DLL
+ 2007-08-28 22:38:10 500,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\MORPH9.DLL
+ 2007-09-14 20:45:58 16,901,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-28 22:38:46 9,584,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\MSPUB.EXE
+ 2007-08-28 23:19:24 1,654,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-28 22:06:16 467,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\POWERPNT.EXE
+ 2007-08-28 22:06:44 7,990,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\PPCORE.DLL
+ 2008-11-29 02:05:36 251,272 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\PPTPIA.DLL
+ 2007-08-24 02:43:28 138,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\PRTF9.DLL
+ 2007-08-28 22:39:14 625,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\PTXT9.DLL
+ 2007-08-24 02:43:36 593,296 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\PUBCONV.DLL
+ 2007-08-28 22:16:00 350,064 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\WINWORD.EXE
+ 2007-09-06 16:56:32 17,490,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\WWLIB.DLL
+ 2007-10-02 19:00:06 14,708,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\XL12CNV.EXE
+ 2008-11-29 02:11:51 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-11-29 02:11:51 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-11-29 02:11:51 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-11-29 02:11:51 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-11-29 02:11:51 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-11-29 02:11:51 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-11-29 02:11:51 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-11-29 02:11:51 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-11-29 02:11:51 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-11-29 02:11:51 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-11-29 02:11:51 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-11-29 02:11:51 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-11-29 02:07:38 217,864 ----a-r c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2004-07-15 00:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-04-13 20:30:52 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2004-07-15 00:49:22 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-04-13 20:30:52 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2004-07-14 23:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2007-04-13 19:57:52 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-20 18:09:14 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2007-04-13 19:57:58 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2004-07-14 23:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2007-04-13 19:56:30 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2004-07-14 23:33:04 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2007-04-13 19:58:00 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2004-07-15 13:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-04-13 19:50:46 2,142,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 18:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2007-04-13 19:58:02 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2004-07-14 23:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2007-04-13 19:57:00 2,523,136 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2004-07-14 23:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-04-13 19:57:28 2,514,944 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2004-08-10 15:20:00 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2007-01-15 15:11:26 73,728 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2004-07-15 00:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1468\_aspnet_isapi.dll
+ 2004-07-14 23:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1468\_CORPerfMonExt.dll
+ 2004-07-14 23:24:30 282,624 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1468\_fusion.dll
+ 2004-07-14 23:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1468\_mscorjit.dll
+ 2004-07-15 13:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1468\_mscorlib.dll
+ 2003-02-20 18:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1468\_mscorsn.dll
+ 2004-07-14 23:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1468\_mscorsvr.dll
+ 2004-07-14 23:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1468\_mscorwks.dll
+ 2003-02-21 03:42:22 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1468\_msvcr71.dll
+ 2004-07-14 23:34:50 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1468\_PerfCounter.dll
- 2004-07-15 13:31:16 1,224,704 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2007-04-13 20:35:38 1,232,896 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2004-07-15 13:29:00 1,257,472 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-04-13 20:35:46 1,265,664 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2006-06-03 11:40:49 33,792 ------w c:\windows\network diagnostic\custsat.dll
+ 2006-10-10 12:44:50 557,568 ------w c:\windows\network diagnostic\xpnetdiag.exe
- 2004-08-04 12:00:00 61,440 ----a-w c:\windows\system32\admparse.dll
+ 2007-08-13 17:39:20 71,680 ----a-w c:\windows\system32\admparse.dll
- 2004-08-04 12:00:00 99,840 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-26 07:24:28 124,928 ----a-w c:\windows\system32\advpack.dll
- 2004-08-04 12:00:00 61,440 -c--a-w c:\windows\system32\dllcache\admparse.dll
+ 2007-08-13 17:39:20 71,680 -c--a-w c:\windows\system32\dllcache\admparse.dll
- 2004-08-04 12:00:00 99,840 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-26 07:24:28 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
- 2004-08-04 12:00:00 28,672 -c--a-w c:\windows\system32\dllcache\custsat.dll
+ 2007-08-13 17:54:10 33,792 -c--a-w c:\windows\system32\dllcache\custsat.dll
- 2008-08-20 05:38:40 357,888 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-20 05:38:40 205,312 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-20 05:38:40 55,808 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-26 07:24:28 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
- 2004-08-04 12:00:00 38,912 -c--a-w c:\windows\system32\dllcache\hmmapi.dll
+ 2007-08-13 17:18:02 60,416 -c--a-w c:\windows\system32\dllcache\hmmapi.dll
- 2004-08-04 12:00:00 34,304 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-25 08:37:59 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-04 12:00:00 139,264 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-04 12:00:00 216,576 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-04 12:00:00 221,184 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
- 2004-08-04 12:00:00 323,584 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-08-19 09:30:39 18,432 -c--a-w c:\windows\system32\dllcache\iedw.exe
+ 2007-08-13 17:44:02 69,120 -c--a-w c:\windows\system32\dllcache\iedw.exe
- 2004-08-04 12:00:00 81,920 -c--a-w c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-13 17:45:18 78,336 -c--a-w c:\windows\system32\dllcache\ieencode.dll
- 2008-08-20 05:38:41 251,392 -c--a-w c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 17:54:10 191,488 -c--a-w c:\windows\system32\dllcache\iepeers.dll
- 2004-08-04 12:00:00 48,640 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-08-26 07:24:29 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
- 2004-08-04 12:00:00 62,976 -c--a-w c:\windows\system32\dllcache\iesetup.dll
+ 2007-08-13 17:39:12 55,296 -c--a-w c:\windows\system32\dllcache\iesetup.dll
- 2004-08-04 12:00:00 93,184 -c--a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\system32\dllcache\iexplore.exe
- 2004-08-04 12:00:00 35,840 -c--a-w c:\windows\system32\dllcache\imgutil.dll
+ 2007-08-13 17:36:06 36,352 -c--a-w c:\windows\system32\dllcache\imgutil.dll
- 2008-08-20 05:38:41 96,256 -c--a-w c:\windows\system32\dllcache\inseng.dll
+ 2007-08-13 17:39:02 92,672 -c--a-w c:\windows\system32\dllcache\inseng.dll
- 2007-12-18 14:40:58 450,560 -c--a-w c:\windows\system32\dllcache\jscript.dll
+ 2007-08-13 17:38:04 491,520 -c--a-w c:\windows\system32\dllcache\jscript.dll
- 2008-08-20 05:38:44 16,384 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-04 12:00:00 22,016 -c--a-w c:\windows\system32\dllcache\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 -c--a-w c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-04 12:00:00 29,184 -c--a-w c:\windows\system32\dllcache\mshta.exe
+ 2007-08-13 17:32:30 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe
- 2008-08-20 05:38:47 3,060,224 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-27 12:54:32 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll
- 2008-08-20 05:38:43 449,024 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
- 2004-08-04 12:00:00 56,832 -c--a-w c:\windows\system32\dllcache\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll
- 2004-08-04 12:00:00 146,432 -c--a-w c:\windows\system32\dllcache\msls31.dll
+ 2007-08-13 17:54:10 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll
- 2008-08-20 05:38:41 146,432 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-26 07:24:30 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
- 2008-08-20 05:38:41 532,480 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-26 07:24:30 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
- 2004-08-04 12:00:00 96,256 -c--a-w c:\windows\system32\dllcache\occache.dll
+ 2008-08-26 07:24:30 102,912 -c----w c:\windows\system32\dllcache\occache.dll
- 2008-08-20 05:38:41 39,424 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
- 2004-08-04 12:00:00 37,888 -c--a-w c:\windows\system32\dllcache\url.dll
+ 2008-08-26 07:24:30 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-08-20 05:38:45 615,936 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\system32\dllcache\urlmon.dll
- 2007-12-18 14:40:58 417,792 -c--a-w c:\windows\system32\dllcache\vbscript.dll
+ 2007-08-13 17:54:10 413,696 -c--a-w c:\windows\system32\dllcache\vbscript.dll
- 2004-08-04 12:00:00 848,384 -c--a-w c:\windows\system32\dllcache\vgx.dll
+ 2008-05-27 17:23:58 765,952 -c--a-w c:\windows\system32\dllcache\vgx.dll
- 2004-08-04 12:00:00 49,152 -c--a-w c:\windows\system32\dllcache\wdigest.dll
+ 2006-03-24 04:37:50 49,152 -c--a-w c:\windows\system32\dllcache\wdigest.dll
- 2004-08-04 12:00:00 276,480 -c--a-w c:\windows\system32\dllcache\webcheck.dll
+ 2008-08-26 07:24:31 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-20 05:38:43 659,456 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-26 07:24:31 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
- 2008-08-20 05:38:40 357,888 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-26 07:24:28 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-20 05:38:40 205,312 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-26 07:24:28 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-20 05:38:40 55,808 ----a-w c:\windows\system32\extmgr.dll
+ 2008-08-26 07:24:28 133,120 ------w c:\windows\system32\extmgr.dll
+ 2007-08-23 00:03:38 1,195,888 ----a-w c:\windows\system32\FM20.DLL
+ 2006-10-26 13:10:06 33,088 ----a-w c:\windows\system32\FM20ENU.DLL
- 2008-11-26 22:48:10 90,296 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-11-27 23:05:49 263,024 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-08-26 07:24:28 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2006-06-29 07:05:44 26,112 ------w c:\windows\system32\idndl.dll
- 2004-08-04 12:00:00 34,304 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-08-25 08:37:59 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2004-08-04 12:00:00 139,264 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-08-26 07:24:28 153,088 ------w c:\windows\system32\ieakeng.dll
- 2004-08-04 12:00:00 216,576 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-08-26 07:24:28 230,400 ------w c:\windows\system32\ieaksie.dll
- 2004-08-04 12:00:00 221,184 ----a-w c:\windows\system32\ieakui.dll
+ 2008-08-23 05:54:51 161,792 ------w c:\windows\system32\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\system32\ieapfltr.dat
+ 2008-08-26 07:24:28 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2004-08-04 12:00:00 323,584 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-08-26 07:24:29 384,512 ------w c:\windows\system32\iedkcs32.dll
- 2004-08-04 12:00:00 81,920 ----a-w c:\windows\system32\ieencode.dll
+ 2007-08-13 17:45:18 78,336 ----a-w c:\windows\system32\ieencode.dll
+ 2008-10-03 17:41:15 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-08-20 05:38:41 251,392 ----a-w c:\windows\system32\iepeers.dll
+ 2007-08-13 17:54:10 191,488 ----a-w c:\windows\system32\iepeers.dll
- 2004-08-04 12:00:00 48,640 ----a-w c:\windows\system32\iernonce.dll
+ 2008-08-26 07:24:29 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-08-26 07:24:29 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2004-08-04 12:00:00 62,976 ----a-w c:\windows\system32\iesetup.dll
+ 2007-08-13 17:39:12 55,296 ----a-w c:\windows\system32\iesetup.dll
+ 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2007-08-13 17:54:10 180,736 ------w c:\windows\system32\ieui.dll
- 2004-08-04 12:00:00 35,840 ----a-w c:\windows\system32\imgutil.dll
+ 2007-08-13 17:36:06 36,352 ----a-w c:\windows\system32\imgutil.dll
+ 2006-10-26 12:45:04 207,360 ----a-w c:\windows\system32\INKED.DLL
- 2008-08-20 05:38:41 96,256 ----a-w c:\windows\system32\inseng.dll
+ 2007-08-13 17:39:02 92,672 ----a-w c:\windows\system32\inseng.dll
- 2007-12-18 14:40:58 450,560 ----a-w c:\windows\system32\jscript.dll
+ 2007-08-13 17:38:04 491,520 ----a-w c:\windows\system32\jscript.dll
- 2008-08-20 05:38:44 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-08-26 07:24:30 27,648 ------w c:\windows\system32\jsproxy.dll
- 2004-08-04 12:00:00 22,016 ----a-w c:\windows\system32\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 ----a-w c:\windows\system32\licmgr10.dll
+ 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe
+ 2008-11-28 14:13:56 89,102 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-11-03 15:10:26 17,318,336 ----a-w c:\windows\system32\MRT.exe
- 2004-07-14 23:24:50 155,648 ----a-w c:\windows\system32\mscoree.dll
+ 2006-12-22 11:28:14 271,360 ----a-w c:\windows\system32\mscoree.dll
+ 2008-08-26 07:24:30 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-08-26 07:24:30 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 17:36:40 12,288 ------w c:\windows\system32\msfeedssync.exe
- 2004-08-04 12:00:00 29,184 ----a-w c:\windows\system32\mshta.exe
+ 2007-08-13 17:32:30 45,568 ----a-w c:\windows\system32\mshta.exe
- 2008-08-20 05:38:47 3,060,224 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-27 12:54:32 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-20 05:38:43 449,024 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-26 07:24:30 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2004-08-04 12:00:00 56,832 ----a-w c:\windows\system32\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 ----a-w c:\windows\system32\mshtmler.dll
- 2004-08-04 12:00:00 146,432 ----a-w c:\windows\system32\msls31.dll
+ 2007-08-13 17:54:10 156,160 ----a-w c:\windows\system32\msls31.dll
- 2008-08-20 05:38:41 146,432 ----a-w c:\windows\system32\msrating.dll
+ 2008-08-26 07:24:30 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2006-07-24 09:50:38 125,744 ----a-w c:\windows\system32\MSSTDFMT.DLL
- 2008-08-20 05:38:41 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2008-08-26 07:24:30 671,232 ------w c:\windows\system32\mstime.dll
+ 2006-12-22 12:02:36 6,144 ----a-w c:\windows\system32\mui\
0409\mscorees.dll
+ 2006-06-28 16:59:26 24,576 ------w c:\windows\system32\nlsdl.dll
+ 2006-06-29 07:05:44 23,552 ------w c:\windows\system32\normaliz.dll
- 2004-08-04 12:00:00 96,256 ----a-w c:\windows\system32\occache.dll
+ 2008-08-26 07:24:30 102,912 ------w c:\windows\system32\occache.dll
- 2008-11-26 22:45:27 52,764 ----a-w c:\windows\system32\perfc009.dat
+ 2008-11-30 11:42:44 53,608 ----a-w c:\windows\system32\perfc009.dat
- 2008-11-26 22:45:27 380,350 ----a-w c:\windows\system32\perfh009.dat
+ 2008-11-30 11:42:44 383,254 ----a-w c:\windows\system32\perfh009.dat
- 2008-08-20 05:38:41 39,424 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-26 07:24:30 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2006-07-24 09:50:40 39,728 ----a-w c:\windows\system32\SCP32.DLL
- 2007-11-30 11:18:51 17,272 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:22 17,272 ------w c:\windows\system32\spmsg.dll
+ 2006-10-26 18:56:16 864,080 ----a-w c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll
+ 2006-10-26 18:56:14 67,408 ----a-w c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll
+ 2006-10-26 18:56:16 864,080 ----a-w c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll
+ 2006-10-26 18:56:14 67,408 ----a-w c:\windows\system32\spool\drivers\w32x86\msonpui.dll
+ 2006-10-26 18:56:12 33,104 ----a-w c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
- 2005-02-25 03:35:05 22,752 ----a-w c:\windows\system32\spupdsvc.exe
+ 2006-09-06 16:43:16 22,752 ----a-w c:\windows\system32\spupdsvc.exe
- 2004-08-04 12:00:00 37,888 ----a-w c:\windows\system32\url.dll
+ 2008-08-26 07:24:30 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-20 05:38:45 615,936 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-26 07:24:31 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2006-07-24 09:50:40 47,920 ----a-w c:\windows\system32\VBAME.DLL
- 2007-12-18 14:40:58 417,792 ----a-w c:\windows\system32\vbscript.dll
+ 2007-08-13 17:54:10 413,696 ----a-w c:\windows\system32\vbscript.dll
- 2004-08-04 12:00:00 49,152 ----a-w c:\windows\system32\wdigest.dll
+ 2006-03-24 04:37:50 49,152 ----a-w c:\windows\system32\wdigest.dll
- 2004-08-04 12:00:00 276,480 ----a-w c:\windows\system32\webcheck.dll
+ 2008-08-26 07:24:31 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2007-08-13 17:45:16 206,336 ------w c:\windows\system32\WinFXDocObj.exe
- 2008-08-20 05:38:43 659,456 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-26 07:24:31 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2006-10-26 12:45:04 293,376 ----a-w c:\windows\system32\WISPTIS.EXE
+ 2006-07-14 15:51:52 121,856 ------w c:\windows\system32\xmllite.dll
+ 2006-10-26 12:40:34 95,744 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2007-08-22 23:18:08 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-10-26 12:40:36 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2006-10-26 12:40:36 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2006-10-26 12:40:36 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2007-08-22 23:18:08 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2007-08-22 23:18:08 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2007-08-22 23:18:08 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-10-26 12:40:36 1,093,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2006-10-26 12:40:36 1,079,808 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 12:40:36 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 12:40:36 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2007-08-22 23:18:08 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2007-08-22 23:18:08 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2007-08-22 23:18:08 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2007-08-22 23:18:08 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-10-26 12:40:36 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2006-10-26 12:40:36 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 12:40:36 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 12:40:36 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 12:40:36 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 12:40:36 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 12:40:36 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 12:40:36 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 12:40:36 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2007-08-22 23:18:08 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2007-08-22 23:18:08 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2007-08-22 23:18:08 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2007-08-22 23:18:08 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2007-08-22 23:18:08 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2007-08-22 23:18:08 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2007-08-22 23:18:08 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2007-08-22 23:18:08 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2007-08-22 23:18:08 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ATIPTA"="c:\ati-cpanel\atiptaxx.exe" [2003-10-21 335872]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"SoundMan"="SOUNDMAN.EXE" [2003-08-05 c:\windows\SOUNDMAN.EXE]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;c:\windows\system32\DRIVERS\AN983.sys [2008-11-25 36224]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-11-30 21:17:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(532)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-11-30 21:19:58 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-30 20:19:21
ComboFix2.txt 2008-11-27 01:22:02
ComboFix3.txt 2008-11-27 01:17:01
ComboFix4.txt 2008-11-26 23:33:47
ComboFix5.txt 2008-11-30 20:12:43
Pre-Run: 144,700,727,296 bytes free
Post-Run: 145,043,853,312 bytes free
850 --- E O F --- 2008-11-30 02:00:48
Panda Report:;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-11-30 22:14:47
PROTECTIONS: 0
MALWARE: 27
SUSPECTS: 2
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@trafficmp[1].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@casalemedia[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@atdmt[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@tradedoubler[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@tribalfusion[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@mediaplex[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@com[2].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@statcounter[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@ad.yieldmanager[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@apmebf[1].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@burstnet[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@weborama[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@adtech[1].txt
00168113 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@fe.lea.lycos[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@advertising[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@ads.pointroll[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@overture[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@zedo[2].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Shorty\Cookies\shorty@go[1].txt
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\Shorty\Desktop\Flash_Disinfector.exe[C:\Documents and Settings\Shorty\Desktop\Flash_Disinfector.exe][nircmd.exe]
00366244 Application/NirCmd.A HackTools No 0 No No F:\Flash_Disinfector.exe[F:\Flash_Disinfector.exe][nircmd.exe]
00463484 W32/Autorun.AMZ.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP6\A0000541.inf
00463484 W32/Autorun.AMZ.worm Virus/Worm No 0 Yes No C:\Qoobox\Quarantine\C\autorun.inf.vir
00463484 W32/Autorun.AMZ.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP5\A0000534.inf
00463484 W32/Autorun.AMZ.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP5\A0000488.inf
00463484 W32/Autorun.AMZ.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP5\A0000439.inf
00463484 W32/Autorun.AMZ.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP4\A0000337.inf
00463484 W32/Autorun.AMZ.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP4\A0000376.inf
00463484 W32/Autorun.AMZ.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP4\A0000391.inf
00463484 W32/Autorun.AMZ.worm Virus/Worm No 0 Yes No C:\Documents and Settings\Shorty\Desktop\SDFix\backups_old\backups.zip[backups/autorun.inf]
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP7\A0000897.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP21\A0002244.EXE
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP7\snapshot\MFEX-3.DAT
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP21\A0002228.sys
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP7\A0000844.sys
03738686 Generic Malware Virus/Trojan No 0 Yes No F:\Programs\Programs\SDFix\CATCHME.EXE
03738686 Generic Malware Virus/Trojan No 0 No No F:\Programs\Programs\SDFix.exe[F:\Programs\Programs\SDFix.exe][SDFix\catchme.exe]
03738686 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Shorty\Desktop\SDFix\catchme.exe
03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP5\A0000518.sys
04174935 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{4104F517-5725-495C-9080-1D09874F0D07}\RP20\A0002143.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location 2
;===================================================================================================================================================================================
No C:\Documents and Settings\Shorty\Desktop\ComboFix.exe[32788R22FWJFW\psexec.cfexe] 2
No F:\Programs\Programs\Warkeys-1.7.0.1b.exe[Warkeys Update.exe] 2
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description 2
;===================================================================================================================================================================================
184380 MEDIUM MS08-002 2
184379 MEDIUM MS08-001 2
182048 HIGH MS07-069 2
182046 HIGH MS07-067 2
182043 HIGH MS07-064 2
179553 HIGH MS07-061 2
176382 HIGH MS07-057 2
176383 HIGH MS07-058 2
170907 HIGH MS07-046 2
170906 HIGH MS07-045 2
170904 HIGH MS07-043 2
164915 HIGH MS07-035 2
164913 HIGH MS07-033 2
164911 HIGH MS07-031 2
160623 HIGH MS07-027 2
157262 HIGH MS07-022 2
157261 HIGH MS07-021 2
157260 HIGH MS07-020 2
157259 HIGH MS07-019 2
156477 HIGH MS07-017 2
150253 HIGH MS07-016 2
150249 HIGH MS07-013 2
150248 HIGH MS07-012 2
150247 HIGH MS07-011 2
150243 HIGH MS07-008 2
150242 HIGH MS07-007 2
150241 MEDIUM MS07-006 2
141034 HIGH MS06-076 2
141033 MEDIUM MS06-075 2
137571 HIGH MS06-070 2
133387 MEDIUM MS06-065 2
133386 MEDIUM MS06-064 2
133385 MEDIUM MS06-063 2
133379 HIGH MS06-057 2
129977 MEDIUM MS06-053 2
129976 MEDIUM MS06-052 2
126093 HIGH MS06-051 2
126092 MEDIUM MS06-050 2
126087 HIGH MS06-046 2
126086 MEDIUM MS06-045 2
126082 HIGH MS06-041 2
126081 HIGH MS06-040 2
123421 HIGH MS06-036 2
123420 HIGH MS06-035 2
120825 MEDIUM MS06-032 2
120823 MEDIUM MS06-030 2
120818 HIGH MS06-025 2
120815 HIGH MS06-022 2
117384 MEDIUM MS06-018 2
114666 HIGH MS06-015 2
108744 MEDIUM MS06-008 2
108743 MEDIUM MS06-007 2
108742 MEDIUM MS06-006 2
104567 HIGH MS06-002 2
104237 HIGH MS06-001 2
96574 HIGH MS05-053 2
93395 HIGH MS05-051 2
93394 HIGH MS05-050 2
93454 MEDIUM MS05-049 2
;===================================================================================================================================================================================
New HJT Log:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:36:04 PM, on 11/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\ATI-CPanel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoftware.com/activescan ... stubie.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
--
End of file - 3868 bytes