[LØST]Trenger hjelp, HJT og Combofix logger lagt ved

mjsol · 25. april 2008

Endret 25. april 2008 av mjsol

norbat · 25. april 2008

Kopier loggene og lim de direkte inn i posten

Når du skal legge til en ny post (svare på et innlegg), så klikker du på knappen SVAR og ikke NYTT EMNE.

Og, om du skal forandre på en post du allerede har skrevet, velger du knappen REDIGER.

Endret 25. april 2008 av norbat

mjsol · 25. april 2008

Kopier loggene og lim de direkte inn i posten

Når du skal legge til en ny post (svare på et innlegg), så klikker du på knappen SVAR og ikke NYTT EMNE.

Klikk for å se/fjerne spoilerteksten nedenfor

ComboFix 08-04-22.5 - Stine 2008-04-25 19:18:40.3 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.47.1044.18.510 [GMT 2:00]

Running from: C:\Documents and Settings\Stine\Skrivebord\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((( Files Created from 2008-03-25 to 2008-04-25 )))))))))))))))))))))))))))))))

.

2008-04-25 18:51 . 2008-04-25 18:51 <DIR> d-------- C:\WINDOWS\LastGood

2008-04-25 18:23 . 2008-04-25 18:23 <DIR> d-------- C:\Programfiler\MSXML 6.0

2008-04-25 18:21 . 2008-04-25 18:21 <DIR> d-------- C:\Programfiler\MSBuild

2008-04-25 18:18 . 2008-04-25 18:18 <DIR> d-------- C:\WINDOWS\system32\XPSViewer

2008-04-25 18:17 . 2008-04-25 18:17 <DIR> d-------- C:\Programfiler\Reference Assemblies

2008-04-25 18:17 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll

2008-04-25 17:35 . 2008-04-25 17:35 9,722,720 --a------ C:\Programfiler\spybotsd152.exe

2008-04-25 17:05 . 2008-04-25 17:05 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard

2008-04-25 17:04 . 2008-04-25 17:04 20,597,104 --a------ C:\Programfiler\aaw2007.exe

2008-04-25 05:16 . 2008-04-25 05:16 <DIR> d-------- C:\Programfiler\Trend Micro

2008-04-25 04:36 . 2008-04-25 04:36 <DIR> d-------- C:\Programfiler\Lavasoft

2008-04-25 04:36 . 2008-04-25 04:36 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Lavasoft

2008-04-25 04:02 . 2008-04-25 04:02 <DIR> d--hs---- C:\FOUND.001

2008-04-25 02:58 . 2008-04-25 02:58 <DIR> d--hs---- C:\FOUND.000

2008-04-25 02:30 . 2008-04-25 02:30 <DIR> d-------- C:\Programfiler\Spybot - Search & Destroy

2008-04-25 02:15 . 2008-04-25 02:14 691,545 --a------ C:\WINDOWS\unins000.exe

2008-04-25 02:15 . 2008-04-25 02:15 2,552 --a------ C:\WINDOWS\unins000.dat

2008-04-25 01:38 . 2008-04-25 01:38 <DIR> d-------- C:\WINDOWS\ERUNT

2008-04-25 01:32 . 2008-04-24 04:05 <DIR> d-------- C:\SDFix

2008-04-24 17:18 . 2008-04-24 17:18 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\nmjclapq

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-04-24 21:18 4,096 ----a-w C:\WINDOWS\system32\winlogonpc.exe

2008-04-24 21:18 4,096 ----a-w C:\WINDOWS\system32\hoproxy.dll

2008-03-20 08:11 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-20 08:11 1,845,248 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys

2008-03-01 16:35 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll

2008-02-29 08:58 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe

2008-02-29 08:58 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe

2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe

2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll

2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll

2008-02-20 05:39 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll

2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll

2006-08-15 21:26 3,889,824 ----a-w C:\Programfiler\SweetImSetup.exe

2006-07-24 22:48 737,554 ----a-w C:\Programfiler\xvidcore-1.1.0.tar.gz

2006-07-23 23:54 22,083,376 ----a-w C:\Programfiler\QuickTimeInstaller.exe

2006-07-21 16:56 15,253,376 ----a-w C:\Programfiler\DivXInstaller.exe

.

((((((((((((((((((((((((((((( snapshot@2008-04-25_14.46.10.29 )))))))))))))))))))))))))))))))))))))))))

.

+ 2006-10-11 16:37:48 153,088 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2p.dll

+ 2006-10-11 16:37:48 104,960 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2pgasvc.dll

+ 2006-10-11 16:37:48 313,344 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2pgraph.dll

+ 2006-10-11 16:37:48 115,712 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2pnetsh.dll

+ 2006-10-11 16:37:48 553,984 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2psvc.dll

+ 2006-10-11 16:37:48 58,880 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\pnrpnsp.dll

+ 2006-09-26 09:15:06 215,552 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\spru0414.dll

+ 2005-10-12 23:20:56 14,560 ------w C:\WINDOWS\$hf_mig$\KB920342\spmsg.dll

+ 2005-10-12 23:20:56 214,752 ------w C:\WINDOWS\$hf_mig$\KB920342\spuninst.exe

+ 2005-10-12 23:20:56 22,752 ------w C:\WINDOWS\$hf_mig$\KB920342\update\spcustom.dll

+ 2005-10-12 23:20:58 721,120 ------w C:\WINDOWS\$hf_mig$\KB920342\update\update.exe

+ 2005-10-12 23:21:02 374,496 ------w C:\WINDOWS\$hf_mig$\KB920342\update\updspapi.dll

+ 2006-10-04 14:06:24 72,704 ------w C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\magnify.exe

+ 2006-10-04 14:06:22 54,272 ------w C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\narrator.exe

+ 2006-10-04 14:06:24 215,552 ------w C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\osk.exe

+ 2006-10-04 14:11:32 36,352 ------w C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\umandlg.dll

+ 2006-10-04 14:06:22 50,176 ------w C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\utilman.exe

+ 2005-10-12 23:26:30 14,560 ------w C:\WINDOWS\$hf_mig$\KB925720\spmsg.dll

+ 2005-10-12 23:26:30 214,752 ------w C:\WINDOWS\$hf_mig$\KB925720\spuninst.exe

+ 2005-10-12 23:26:30 22,752 ------w C:\WINDOWS\$hf_mig$\KB925720\update\spcustom.dll

+ 2005-10-12 23:26:32 721,120 ------w C:\WINDOWS\$hf_mig$\KB925720\update\update.exe

+ 2005-10-12 23:27:00 374,496 ------w C:\WINDOWS\$hf_mig$\KB925720\update\updspapi.dll

+ 2008-04-25 16:45:14 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2008-04-25 16:45:18 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2008-04-25 16:46:40 151,552 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

+ 2008-04-25 16:44:58 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2008-04-25 16:46:44 4,174,336 ----a-w C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2008-04-25 16:45:20 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2008-04-25 16:45:08 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2008-04-25 16:45:22 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2008-04-25 16:45:22 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2008-04-25 16:46:44 346,624 ----a-w C:\WINDOWS\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2008-04-25 16:45:18 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2008-04-25 16:45:06 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2008-04-25 16:45:12 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2008-04-25 16:16:38 311,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_no_b03f5f7f11d50a3a\aspnetmmcext.resources.dll

+ 2008-04-25 16:45:06 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

+ 2008-04-25 16:45:14 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2008-04-25 16:45:16 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2008-04-25 16:45:16 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2008-04-25 16:45:18 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2008-04-25 16:16:40 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_no_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll

+ 2008-04-25 16:45:22 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2008-04-25 16:45:24 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2008-04-25 16:16:40 135,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_no_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll

+ 2008-04-25 16:45:24 655,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2008-04-25 16:16:40 9,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_no_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll

+ 2008-04-25 16:45:24 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2008-04-25 16:16:38 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_no_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll

+ 2008-04-25 16:45:18 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2008-04-25 16:23:04 5,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_no_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll

+ 2008-04-25 16:23:04 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_no_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll

+ 2008-04-25 16:46:40 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

+ 2008-04-25 16:16:46 8,704 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_no_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll

+ 2008-04-25 16:45:16 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2008-04-25 16:16:44 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_no_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll

+ 2008-04-25 16:45:16 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2008-04-25 16:16:44 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_no_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll

+ 2008-04-25 16:45:20 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2008-04-25 16:45:16 671,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2008-04-25 16:45:02 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2008-04-25 16:45:22 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2008-04-25 16:45:14 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2008-04-25 16:45:14 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2008-04-25 16:16:40 286,720 ----a-w C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_no_b77a5c561934e089\mscorlib.resources.dll

+ 2008-04-25 16:23:00 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_no_31bf3856ad364e35\PresentationBuildTasks.resources.dll

+ 2008-04-25 16:46:36 602,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll

+ 2008-04-25 16:46:44 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll

+ 2008-04-25 16:23:00 102,400 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_no_31bf3856ad364e35\PresentationCore.resources.dll

+ 2008-04-25 16:46:42 184,320 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

+ 2008-04-25 16:46:42 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

+ 2008-04-25 16:46:42 376,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

+ 2008-04-25 16:23:00 233,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_no_31bf3856ad364e35\PresentationFramework.resources.dll

+ 2008-04-25 16:46:42 151,552 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

+ 2008-04-25 16:46:42 5,210,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll

+ 2008-04-25 16:23:00 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_no_31bf3856ad364e35\PresentationUI.resources.dll

+ 2008-04-25 16:46:40 897,024 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll

+ 2008-04-25 16:23:00 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_no_31bf3856ad364e35\ReachFramework.resources.dll

+ 2008-04-25 16:46:44 528,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll

+ 2008-04-25 16:23:04 5,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_no_b77a5c561934e089\SMDiagnostics.resources.dll

+ 2008-04-25 16:46:40 102,400 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll

+ 2008-04-25 16:16:42 10,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_no_b03f5f7f11d50a3a\sysglobl.resources.dll

+ 2008-04-25 16:45:18 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2008-04-25 16:16:40 16,896 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll

+ 2008-04-25 16:45:18 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2008-04-25 16:16:44 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Configuration.resources.dll

+ 2008-04-25 16:45:08 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2008-04-25 16:16:40 106,496 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_no_b77a5c561934e089\System.Data.OracleClient.resources.dll

+ 2008-04-25 16:16:44 319,488 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_no_b77a5c561934e089\System.Data.resources.dll

+ 2008-04-25 16:16:42 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_no_b77a5c561934e089\system.data.sqlxml.resources.dll

+ 2008-04-25 16:45:08 741,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2008-04-25 16:16:38 376,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Deployment.resources.dll

+ 2008-04-25 16:45:10 933,888 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2008-04-25 16:16:44 528,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Design.resources.dll

+ 2008-04-25 16:45:24 5,070,848 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2008-04-25 16:16:38 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll

+ 2008-04-25 16:45:24 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2008-04-25 16:16:38 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll

+ 2008-04-25 16:45:12 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2008-04-25 16:16:42 6,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll

+ 2008-04-25 16:45:22 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2008-04-25 16:16:44 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Drawing.resources.dll

+ 2008-04-25 16:45:04 630,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2008-04-25 16:16:42 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll

+ 2008-04-25 16:23:06 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_no_b77a5c561934e089\System.IdentityModel.Resources.dll

+ 2008-04-25 16:23:04 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_no_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll

+ 2008-04-25 16:46:46 126,976 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

+ 2008-04-25 16:46:46 430,080 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll

+ 2008-04-25 16:23:04 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_no_b03f5f7f11d50a3a\System.IO.Log.Resources.dll

+ 2008-04-25 16:46:40 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

+ 2008-04-25 16:16:42 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\system.management.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Management.resources.dll

+ 2008-04-25 16:45:22 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2008-04-25 16:16:44 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Messaging.resources.dll

+ 2008-04-25 16:45:20 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2008-04-25 16:23:00 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_no_31bf3856ad364e35\System.Printing.resources.dll

+ 2008-04-25 16:16:44 192,512 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_no_b77a5c561934e089\system.resources.dll

+ 2008-04-25 16:16:42 19,456 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_no_b77a5c561934e089\System.Runtime.Remoting.resources.dll

+ 2008-04-25 16:45:20 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2008-04-25 16:16:42 11,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll

+ 2008-04-25 16:45:20 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2008-04-25 16:23:06 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_no_b77a5c561934e089\System.RunTime.Serialization.Resources.dll

+ 2008-04-25 16:46:38 929,792 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

+ 2008-04-25 16:16:38 16,896 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Security.resources.dll

+ 2008-04-25 16:45:04 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2008-04-25 16:23:06 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_no_b77a5c561934e089\System.ServiceModel.Install.Resources.dll

+ 2008-04-25 16:46:36 159,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll

+ 2008-04-25 16:23:06 417,792 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_no_b77a5c561934e089\System.ServiceModel.Resources.dll

+ 2008-04-25 16:46:36 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

+ 2008-04-25 16:46:38 5,971,968 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll

+ 2008-04-25 16:16:42 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll

+ 2008-04-25 16:45:04 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2008-04-25 16:23:00 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_no_31bf3856ad364e35\System.Speech.resources.dll

+ 2008-04-25 16:46:36 688,128 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll

+ 2008-04-25 16:16:42 15,872 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_no_b77a5c561934e089\System.Transactions.resources.dll

+ 2008-04-25 16:16:44 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll

+ 2008-04-25 16:45:12 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2008-04-25 16:45:12 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2008-04-25 16:16:40 569,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Web.resources.dll

+ 2008-04-25 16:16:40 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Web.Services.resources.dll

+ 2008-04-25 16:45:10 839,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2008-04-25 16:16:42 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_no_b77a5c561934e089\System.Windows.Forms.resources.dll

+ 2008-04-25 16:45:14 5,013,504 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2008-04-25 16:23:10 183,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_no_31bf3856ad364e35\System.Workflow.Activities.resources.dll

+ 2008-04-25 16:46:44 1,152,040 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll

+ 2008-04-25 16:23:10 310,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_no_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll

+ 2008-04-25 16:46:44 1,635,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll

+ 2008-04-25 16:23:10 39,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_no_31bf3856ad364e35\System.Workflow.Runtime.resources.dll

+ 2008-04-25 16:46:44 578,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll

+ 2008-04-25 16:16:40 151,552 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_no_b77a5c561934e089\System.xml.resources.dll

+ 2008-04-25 16:45:04 2,068,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2008-04-25 16:45:10 3,076,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2008-04-25 16:23:00 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_no_31bf3856ad364e35\UIAutomationClient.resources.dll

+ 2008-04-25 16:46:36 163,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

+ 2008-04-25 16:23:00 9,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_no_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll

+ 2008-04-25 16:46:36 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

+ 2008-04-25 16:23:00 4,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_no_31bf3856ad364e35\UIAutomationProvider.resources.dll

+ 2008-04-25 16:46:44 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

+ 2008-04-25 16:23:00 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_no_31bf3856ad364e35\UIAutomationTypes.resources.dll

+ 2008-04-25 16:46:44 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

+ 2008-04-25 16:23:00 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_no_31bf3856ad364e35\WindowsBase.resources.dll

+ 2008-04-25 16:46:42 1,204,224 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll

+ 2008-04-25 16:23:00 4,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_no_31bf3856ad364e35\WindowsFormsIntegration.resources.dll

+ 2008-04-25 16:46:36 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

+ 2008-04-25 16:51:38 27,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll

+ 2008-04-25 16:51:42 17,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\cd0730694ba5927a6efd32129783e1b4\Microsoft.VisualC.ni.dll

+ 2008-04-25 16:47:52 11,722,752 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll

+ 2008-04-25 16:52:18 40,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3df824565150953afd560ca20237b881\PresentationCFFRasterizer.ni.dll

+ 2008-04-25 16:52:18 12,570,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\011f8e31d197b4ccb6a61c2267a38e5c\PresentationCore.ni.dll

+ 2008-04-25 16:50:34 48,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\4ce7fd62d4107fbe996ab305eb21ee6a\PresentationFontCache.ni.exe

+ 2008-04-25 16:54:04 393,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\36c6cfd5d4e80d5c548f823b2bbf5457\PresentationFramework.Aero.ni.dll

+ 2008-04-25 16:54:08 552,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3f18bff5107c9a8accae6c248fdf3c2e\PresentationFramework.Luna.ni.dll

+ 2008-04-25 16:53:02 15,036,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\60421dda88800b14dc101ed9dca422fe\PresentationFramework.ni.dll

+ 2008-04-25 16:54:08 274,432 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\81d2540bc1c18190d0431d9a61bee65b\PresentationFramework.Royale.ni.dll

+ 2008-04-25 16:54:06 245,760 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9df61ec7aad39fe0bac82139cd84e5e5\PresentationFramework.Classic.ni.dll

+ 2008-04-25 16:53:10 2,035,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationUI\6d2716a55eb8ce6fc4cbf83f3ab329e3\PresentationUI.ni.dll

+ 2008-04-25 16:53:14 2,416,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ReachFramework\840c64bba900a6ed333ca39e63a9ca3b\ReachFramework.ni.dll

+ 2008-04-25 16:51:06 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\c46625ea87db53ccf6194fe17ee05c19\System.Configuration.Install.ni.dll

+ 2008-04-25 16:50:44 1,011,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll

+ 2008-04-25 16:54:02 1,183,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1abdb47765d0696a2fc0a1095bac0249\System.Data.OracleClient.ni.dll

+ 2008-04-25 16:51:00 2,756,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e59504af41afab5e04681af951d9b302\System.Data.SqlXml.ni.dll

+ 2008-04-25 16:53:26 7,049,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll

+ 2008-04-25 16:51:40 1,798,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll

+ 2008-04-25 16:53:58 10,969,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll

+ 2008-04-25 16:53:18 1,224,704 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll

+ 2008-04-25 16:54:02 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll

+ 2008-04-25 16:54:00 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll

+ 2008-04-25 16:51:08 1,667,072 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll

+ 2008-04-25 16:53:30 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll

+ 2008-04-25 16:53:30 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll

+ 2008-04-25 16:53:16 1,134,592 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Printing\f94fbbe7d7c6e76d02cd9fb94ee8d910\System.Printing.ni.dll

+ 2008-04-25 16:53:30 815,104 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0898f6c1de8cb89413d206e3d6a3ce1d\System.Runtime.Remoting.ni.dll

+ 2008-04-25 16:51:06 339,968 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1f5cf8178029f5b959a9af75cb8cfedb\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2008-04-25 16:51:04 733,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll

+ 2008-04-25 16:50:40 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll

+ 2008-04-25 16:53:28 679,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll

+ 2008-04-25 16:54:02 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll

+ 2008-04-25 16:53:48 1,986,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll

+ 2008-04-25 16:53:46 12,509,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll

+ 2008-04-25 16:51:36 13,193,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll

+ 2008-04-25 16:50:54 5,771,264 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll

+ 2008-04-25 16:50:30 8,265,728 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll

+ 2008-04-25 16:52:18 50,688 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\9e249f5c0ef3e391c5aec1f9da805519\UIAutomationProvider.ni.dll

+ 2008-04-25 16:52:18 196,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\46e3ec015dd7b25d5ddc185534458122\UIAutomationTypes.ni.dll

+ 2008-04-25 16:51:48 3,395,584 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\0703021437c2ec71213a6b701771be86\WindowsBase.ni.dll

- 2008-04-25 12:43:26 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-04-25 16:48:56 2,048 --s-a-w C:\WINDOWS\bootstat.dat

- 2008-04-25 02:37:06 1,038,336 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC.exe

+ 2008-04-25 15:07:12 1,038,336 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC.exe

- 2008-04-25 02:37:06 178,688 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC1.exe

+ 2008-04-25 15:07:12 178,688 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC1.exe

- 2008-04-25 02:37:06 171,008 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B.exe

+ 2008-04-25 15:07:12 171,008 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B.exe

- 2008-04-25 02:37:06 8,704 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B1.exe

+ 2008-04-25 15:07:12 8,704 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B1.exe

- 2003-02-20 18:09:46 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe

+ 2007-10-23 23:47:38 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe

- 2003-02-20 18:09:32 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll

+ 2007-10-23 23:47:38 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll

+ 2007-10-23 23:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll

+ 2007-10-23 23:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll

+ 2007-10-23 23:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll

- 2003-02-20 17:43:50 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll

+ 2007-10-23 23:47:38 97,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll

+ 2007-10-23 23:47:26 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll

+ 2007-10-23 23:47:30 145,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll

+ 2007-10-23 23:47:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll

+ 2007-10-23 23:47:48 193,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll

+ 2007-10-23 23:47:20 218,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll

+ 2005-12-20 16:12:08 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1044\alinkui.dll

+ 2005-12-20 16:12:10 140,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1044\cscompui.dll

+ 2005-12-20 16:12:12 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1044\CvtResUI.dll

+ 2005-12-20 16:12:16 185,856 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1044\vbc7ui.dll

+ 2005-12-20 16:12:06 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1044\Vsavb7rtUI.dll

+ 2007-10-23 23:47:40 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll

+ 2007-10-23 23:47:42 147,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll

+ 2007-10-23 23:47:26 99,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll

+ 2007-10-23 23:47:42 59,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe

+ 2007-10-23 23:47:22 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe

+ 2007-10-23 23:47:22 22,024 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll

+ 2007-10-23 23:47:22 17,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll

+ 2007-10-23 23:47:22 33,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll

+ 2007-10-23 23:47:22 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll

+ 2007-10-23 23:47:22 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe

+ 2007-10-23 23:47:22 32,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe

+ 2007-10-23 23:47:22 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe

+ 2007-10-23 23:47:22 33,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

+ 2007-10-23 23:47:22 33,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe

+ 2007-10-23 23:47:22 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll

+ 2007-10-23 23:47:40 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe

+ 2007-10-23 23:47:40 101,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll

+ 2007-10-23 23:47:30 80,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe

+ 2007-10-23 23:47:30 1,162,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll

+ 2007-10-23 23:47:30 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll

+ 2007-10-23 23:47:42 27,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll

+ 2007-10-23 23:47:40 69,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll

+ 2007-10-23 23:47:30 35,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

+ 2007-10-23 23:47:28 66,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll

+ 2007-10-23 23:47:28 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe

+ 2007-10-23 23:47:54 572,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

+ 2007-10-23 23:47:40 798,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll

+ 2007-10-23 23:47:36 18,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll

+ 2005-12-20 16:12:18 8,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\NO\Microsoft.VisualBasic.Compatibility.Data.resources.dll

+ 2005-12-20 16:12:18 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\NO\Microsoft.VisualBasic.Compatibility.resources.dll

+ 2007-10-23 23:47:40 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe

+ 2007-10-23 23:47:40 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll

+ 2007-10-23 23:47:40 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll

+ 2007-10-23 23:47:40 6,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll

+ 2007-10-23 23:47:40 230,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe

+ 2007-10-23 23:47:40 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe

+ 2007-10-23 23:47:40 65,032 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll

+ 2007-10-23 23:47:40 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll

+ 2007-10-23 23:47:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe

+ 2005-12-09 08:45:40 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - NOR\install.exe

+ 2005-12-09 08:45:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - NOR\install.res.1044.dll

+ 2005-12-09 10:26:10 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - NOR\unicows.dll

+ 2007-10-23 23:47:36 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll

+ 2007-10-23 23:47:36 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll

+ 2007-10-23 23:47:36 655,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll

+ 2007-10-23 23:47:36 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll

+ 2007-10-23 23:47:34 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll

+ 2007-10-23 23:47:52 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2007-10-23 23:47:52 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll

+ 2007-10-23 23:47:50 671,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll

+ 2007-10-23 23:47:20 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll

+ 2007-10-23 23:47:52 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll

+ 2007-10-23 23:47:20 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll

+ 2007-10-23 23:47:20 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2007-10-23 23:47:20 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll

+ 2007-10-23 23:47:22 97,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll

+ 2007-10-23 23:47:36 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe

+ 2007-10-23 23:47:40 822,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2007-10-23 23:47:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll

+ 2007-10-23 23:47:40 308,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll

+ 2007-10-23 23:47:40 47,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll

+ 2007-10-23 23:47:40 348,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

+ 2007-10-23 23:47:40 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll

+ 2007-10-23 23:47:40 4,444,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

+ 2007-10-23 23:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll

+ 2007-10-23 23:47:44 340,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll

+ 2007-10-23 23:47:40 77,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

+ 2007-10-23 23:47:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll

+ 2007-10-23 23:47:40 242,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll

+ 2007-10-23 23:47:40 70,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

+ 2007-10-23 23:47:40 19,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll

+ 2007-10-23 23:47:36 5,814,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

+ 2007-10-23 23:47:44 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll

+ 2005-12-20 16:12:14 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0414\mscorsecr.dll

+ 2007-10-23 23:47:40 101,880 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe

+ 2005-12-20 16:12:08 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\aspnet_compiler.resources.dll

+ 2005-12-20 16:12:08 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\aspnet_rc.dll

+ 2005-12-20 16:12:08 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\aspnet_regbrowsers.resources.dll

+ 2005-12-20 16:12:08 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\aspnet_regsql.resources.dll

+ 2005-12-20 16:12:08 311,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\aspnetmmcext.resources.dll

+ 2005-12-20 16:12:14 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\caspol.resources.dll

+ 2005-12-20 16:12:14 4,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\InstallUtil.resources.dll

+ 2005-12-20 16:12:12 6,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\JSC.resources.dll

+ 2005-12-20 16:12:14 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Microsoft.Build.Engine.resources.dll

+ 2005-12-20 16:12:14 135,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Microsoft.Build.Tasks.resources.dll

+ 2005-12-20 16:12:14 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Microsoft.Build.Utilities.Resources.dll

+ 2005-12-20 16:12:12 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Microsoft.JScript.resources.dll

+ 2005-12-20 16:12:18 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Microsoft.VisualBasic.resources.dll

+ 2005-12-20 16:12:14 12,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\MSBuild.resources.dll

+ 2005-12-20 16:12:14 286,720 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\mscorlib.resources.dll

+ 2005-12-20 16:12:14 346,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\mscorrc.dll

+ 2005-12-20 16:12:14 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Regasm.Resources.dll

+ 2005-12-20 16:12:14 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\ShFusRes.dll

+ 2005-12-20 16:12:14 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\sysglobl.resources.dll

+ 2005-12-20 16:12:14 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Configuration.Install.resources.dll

+ 2005-12-20 16:12:14 45,056 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Configuration.resources.dll

+ 2005-12-20 16:12:14 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Data.OracleClient.resources.dll

+ 2005-12-20 16:12:14 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Data.resources.dll

+ 2005-12-20 16:12:14 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\system.data.sqlxml.resources.dll

+ 2005-12-20 16:12:10 376,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Deployment.resources.dll

+ 2005-12-20 16:12:14 528,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Design.resources.dll

+ 2005-12-20 16:12:14 16,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.DirectoryServices.Protocols.resources.dll

+ 2005-12-20 16:12:14 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.DirectoryServices.resources.dll

+ 2005-12-20 16:12:14 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Drawing.Design.resources.dll

+ 2005-12-20 16:12:14 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Drawing.resources.dll

+ 2005-12-20 16:12:14 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.EnterpriseServices.resources.dll

+ 2005-12-20 16:12:14 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Management.resources.dll

+ 2005-12-20 16:12:14 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Messaging.resources.dll

+ 2005-12-20 16:12:14 192,512 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\system.resources.dll

+ 2005-12-20 16:12:14 19,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Runtime.Remoting.resources.dll

+ 2005-12-20 16:12:14 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Runtime.Serialization.Formatters.Soap.resources.dll

+ 2005-12-20 16:12:14 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Security.resources.dll

+ 2005-12-20 16:12:14 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.ServiceProcess.resources.dll

+ 2005-12-20 16:12:14 15,872 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Transactions.resources.dll

+ 2005-12-20 16:12:14 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Web.Mobile.resources.dll

+ 2005-12-20 16:12:14 569,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Web.resources.dll

+ 2005-12-20 16:12:14 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Web.Services.resources.dll

+ 2005-12-20 16:12:14 401,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Windows.Forms.resources.dll

+ 2005-12-20 16:12:14 151,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.xml.resources.dll

+ 2007-10-23 23:47:40 24,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll

+ 2007-10-23 23:47:40 89,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll

+ 2007-10-23 23:47:36 144,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll

+ 2007-10-23 23:47:40 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe

+ 2007-10-23 23:47:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe

+ 2007-10-23 23:47:46 61,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe

+ 2007-10-23 23:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll

+ 2007-10-23 23:47:40 119,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll

+ 2007-10-23 23:47:44 95,232 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll

+ 2007-10-23 23:47:40 392,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll

+ 2007-10-23 23:47:40 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll

+ 2007-10-23 23:47:42 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll

+ 2007-10-23 23:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll

+ 2007-10-23 23:47:40 3,036,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll

+ 2007-10-23 23:47:40 483,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll

+ 2007-10-23 23:47:40 741,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll

+ 2007-10-23 23:47:28 933,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll

+ 2007-10-23 23:47:40 5,070,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll

+ 2007-10-23 23:47:40 401,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll

+ 2007-10-23 23:47:40 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll

+ 2007-10-23 23:47:40 3,076,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll

+ 2007-10-23 23:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll

+ 2007-10-23 23:47:40 630,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll

+ 2007-10-23 23:47:40 57,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll

+ 2007-10-23 23:47:40 113,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll

+ 2007-10-23 23:47:40 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll

+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll

+ 2007-10-23 23:47:40 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll

+ 2007-10-23 23:47:40 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll

+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

+ 2007-10-23 23:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll

+ 2007-10-23 23:47:40 261,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll

+ 2007-10-23 23:47:40 5,431,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll

+ 2007-10-23 23:47:40 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll

+ 2007-10-23 23:47:40 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll

+ 2007-10-23 23:47:40 839,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll

+ 2007-10-23 23:47:40 5,013,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll

+ 2007-10-23 23:47:40 2,068,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll

+ 2007-10-23 23:47:40 81,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL

+ 2007-10-23 23:47:48 1,172,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe

+ 2007-10-23 23:47:20 1,344,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll

+ 2007-10-23 23:47:22 434,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll

+ 2007-10-23 23:47:40 37,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll

+ 2006-10-31 08:15:14 14,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\baseline.dat

+ 2006-10-20 15:57:16 99,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\DeleteTemp.exe

+ 2006-10-20 13:17:16 220,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\dlmgr.dll

+ 2006-10-20 13:19:18 1,054,720 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\gencomp.dll

+ 2006-10-20 13:16:24 163,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\HtmlLite.dll

+ 2006-10-20 15:57:16 194,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\RebootStub.exe

+ 2006-10-20 15:57:16 167,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\runmsi.exe

+ 2006-10-20 15:57:16 365,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\setup.exe

+ 2006-10-20 15:46:04 83,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\setupres.1044.dll

+ 2006-10-20 13:17:20 80,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\setupres.dll

+ 2006-10-20 13:17:26 1,621,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\SITSetup.dll

+ 2006-10-20 13:18:26 1,139,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\vs_setup.dll

+ 2006-10-20 13:19:44 590,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\vs70uimgr.dll

+ 2006-10-20 13:22:20 541,184 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\vsbasereqs.dll

+ 2006-10-20 13:19:48 816,128 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\vsscenario.dll

+ 2006-10-20 15:46:04 98,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\WapRes.1044.dll

+ 2006-10-20 13:19:50 98,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\WapRes.dll

+ 2006-10-20 13:21:22 1,103,872 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\WapUI.dll

+ 2008-04-25 16:23:04 626,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation Language Pack - NOR\install.exe

+ 2008-04-25 16:23:04 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation Language Pack - NOR\install.res.1044.dll

+ 2007-10-11 07:55:14 159,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe

+ 2007-10-11 07:55:10 864,256 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

+ 2007-10-11 07:55:12 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll

+ 2007-10-11 07:55:12 151,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll

+ 2006-10-31 03:10:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\no\ComSvcConfig.resources.dll

+ 2006-10-31 03:10:22 741,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\no\infocard.resources.dll

+ 2006-10-31 03:10:22 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\no\ServiceModelReg.resources.dll

+ 2006-10-31 03:10:22 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\no\SMSvcHost.resources.dll

+ 2006-10-31 03:10:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\no\WsatConfig.resources.dll

+ 2007-10-11 07:55:14 2,560 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll

+ 2007-10-11 07:55:14 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe

+ 2007-10-11 07:55:14 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll

+ 2007-10-11 07:55:14 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMDiagnostics.dll

+ 2007-10-11 07:55:14 122,880 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

+ 2007-10-11 07:55:14 929,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll

+ 2007-10-11 07:55:14 5,971,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll

+ 2007-10-11 07:55:14 159,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll

+ 2007-10-11 07:55:14 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll

+ 2007-10-11 07:55:14 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe

+ 2007-10-06 01:18:12 16,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe

+ 2006-10-20 14:08:52 797,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll

+ 2006-10-20 14:09:02 4,874,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll

+ 2006-10-20 12:03:40 2,628,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll

+ 2006-10-25 03:37:08 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\no\PresentationUI.resources.dll

+ 2007-10-09 11:03:00 76,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll

+ 2007-10-09 10:58:12 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll

+ 2007-10-09 10:58:12 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

+ 2007-10-09 11:03:08 121,368 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll

+ 2007-10-09 10:58:14 897,024 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll

+ 2007-10-09 10:58:20 14,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe

+ 2005-10-28 22:25:12 133,120 ------w C:\WINDOWS\system32\axaltocm.dll

+ 2005-10-28 14:40:16 96,792 ------w C:\WINDOWS\system32\basecsp.dll

+ 2005-10-28 22:25:50 26,112 ------w C:\WINDOWS\system32\bcsprsrc.dll

+ 2007-10-23 23:47:28 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll

+ 2007-03-22 18:24:58 28,160 ------w C:\WINDOWS\system32\dllcache\FilterPipelinePrintProc.dll

- 2004-08-04 18:00:00 72,704 ----a-w C:\WINDOWS\system32\dllcache\magnify.exe

+ 2006-10-04 13:34:52 72,704 ----a-w C:\WINDOWS\system32\dllcache\magnify.exe

- 2004-08-04 18:00:00 54,272 ----a-w C:\WINDOWS\system32\dllcache\narrator.exe

+ 2006-10-04 13:34:50 54,272 ----a-w C:\WINDOWS\system32\dllcache\narrator.exe

- 2004-08-04 18:00:00 215,552 ----a-w C:\WINDOWS\system32\dllcache\osk.exe

+ 2006-10-04 13:34:54 215,552 ----a-w C:\WINDOWS\system32\dllcache\osk.exe

- 2004-08-04 18:00:00 116,224 ----a-w C:\WINDOWS\system32\dllcache\p2p.dll

+ 2006-10-11 16:26:32 153,088 ----a-w C:\WINDOWS\system32\dllcache\p2p.dll

- 2004-08-04 18:00:00 86,016 ----a-w C:\WINDOWS\system32\dllcache\p2pgasvc.dll

+ 2006-10-11 16:26:32 104,960 ----a-w C:\WINDOWS\system32\dllcache\p2pgasvc.dll

- 2004-08-04 18:00:00 312,320 ----a-w C:\WINDOWS\system32\dllcache\p2pgraph.dll

+ 2006-10-11 16:26:32 313,344 ----a-w C:\WINDOWS\system32\dllcache\p2pgraph.dll

- 2004-08-04 18:00:00 88,064 ----a-w C:\WINDOWS\system32\dllcache\p2pnetsh.dll

+ 2006-10-11 16:26:32 116,224 ----a-w C:\WINDOWS\system32\dllcache\p2pnetsh.dll

- 2004-08-04 18:00:00 526,848 ----a-w C:\WINDOWS\system32\dllcache\p2psvc.dll

+ 2006-10-11 16:26:32 553,984 ----a-w C:\WINDOWS\system32\dllcache\p2psvc.dll

- 2004-08-04 18:00:00 48,640 ----a-w C:\WINDOWS\system32\dllcache\pnrpnsp.dll

+ 2006-10-11 16:26:32 58,880 ----a-w C:\WINDOWS\system32\dllcache\pnrpnsp.dll

+ 2007-03-22 18:25:42 677,376 ------w C:\WINDOWS\system32\dllcache\PrintFilterPipelineSvc.exe

- 2004-08-04 18:00:00 36,352 ----a-w C:\WINDOWS\system32\dllcache\umandlg.dll

+ 2006-10-04 13:39:42 36,352 ----a-w C:\WINDOWS\system32\dllcache\umandlg.dll

- 2004-08-04 18:00:00 50,176 ----a-w C:\WINDOWS\system32\dllcache\utilman.exe

+ 2006-10-04 13:34:52 50,176 ----a-w C:\WINDOWS\system32\dllcache\utilman.exe

+ 2007-03-23 04:07:54 583,504 ------w C:\WINDOWS\system32\dllcache\XPSSHHDR.dll

+ 2007-03-23 04:07:56 1,683,280 ------w C:\WINDOWS\system32\dllcache\XpsSvcs.dll

+ 2007-10-09 11:03:00 73,752 ----a-w C:\WINDOWS\system32\dxva2.dll

+ 2007-10-09 11:03:12 493,080 ----a-w C:\WINDOWS\system32\evr.dll

- 2008-04-23 13:13:06 184,224 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT

+ 2008-04-25 16:48:48 187,408 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT

+ 2007-10-11 07:55:10 579,584 ----a-w C:\WINDOWS\system32\icardagt.exe

+ 2007-10-11 07:55:10 11,776 ----a-w C:\WINDOWS\system32\icardres.dll

+ 2005-10-28 22:25:12 151,552 ------w C:\WINDOWS\system32\ifxcardm.dll

+ 2007-10-11 07:55:10 88,576 ----a-w C:\WINDOWS\system32\infocardapi.dll

- 2004-08-04 18:00:00 72,704 ----a-w C:\WINDOWS\system32\magnify.exe

+ 2006-10-04 13:34:52 72,704 ----a-w C:\WINDOWS\system32\magnify.exe

+ 2007-10-09 11:03:14 1,986,072 ----a-w C:\WINDOWS\system32\milcore.dll

- 2006-12-22 10:28:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll

+ 2007-10-23 23:47:38 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll

- 2004-07-14 21:34:06 16,896 ----a-w C:\WINDOWS\system32\mscorier.dll

+ 2007-10-23 23:47:38 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll

- 2003-02-20 18:09:14 106,496 ----a-w C:\WINDOWS\system32\mscories.dll

+ 2007-10-23 23:47:38 84,480 ----a-w C:\WINDOWS\system32\mscories.dll

+ 2007-05-15 13:43:10 1,320,800 ----a-w C:\WINDOWS\system32\msxml6.dll

+ 2006-10-19 11:33:20 86,728 ----a-w C:\WINDOWS\system32\msxml6r.dll

- 2006-12-22 11:02:36 6,144 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll

+ 2007-10-23 23:47:44 15,360 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll

+ 2005-12-20 16:12:14 6,144 ----a-w C:\WINDOWS\system32\mui\0414\mscorees.dll

- 2004-08-04 18:00:00 54,272 ----a-w C:\WINDOWS\system32\narrator.exe

+ 2006-10-04 13:34:50 54,272 ----a-w C:\WINDOWS\system32\narrator.exe

- 2004-08-04 18:00:00 215,552 ----a-w C:\WINDOWS\system32\osk.exe

+ 2006-10-04 13:34:54 215,552 ----a-w C:\WINDOWS\system32\osk.exe

- 2004-08-04 18:00:00 116,224 ----a-w C:\WINDOWS\system32\p2p.dll

+ 2006-10-11 16:26:32 153,088 ----a-w C:\WINDOWS\system32\p2p.dll

- 2004-08-04 18:00:00 86,016 ----a-w C:\WINDOWS\system32\p2pgasvc.dll

+ 2006-10-11 16:26:32 104,960 ----a-w C:\WINDOWS\system32\p2pgasvc.dll

- 2004-08-04 18:00:00 312,320 ----a-w C:\WINDOWS\system32\p2pgraph.dll

+ 2006-10-11 16:26:32 313,344 ----a-w C:\WINDOWS\system32\p2pgraph.dll

- 2004-08-04 18:00:00 88,064 ----a-w C:\WINDOWS\system32\p2pnetsh.dll

+ 2006-10-11 16:26:32 116,224 ----a-w C:\WINDOWS\system32\p2pnetsh.dll

- 2004-08-04 18:00:00 526,848 ----a-w C:\WINDOWS\system32\p2psvc.dll

+ 2006-10-11 16:26:32 553,984 ----a-w C:\WINDOWS\system32\p2psvc.dll

- 2006-08-29 21:02:16 53,770 ----a-w C:\WINDOWS\system32\perfc009.dat

+ 2008-04-25 16:45:30 72,314 ----a-w C:\WINDOWS\system32\perfc009.dat

- 2006-08-29 21:02:16 61,546 ----a-w C:\WINDOWS\system32\perfc014.dat

+ 2008-04-25 16:45:30 81,104 ----a-w C:\WINDOWS\system32\perfc014.dat

- 2006-08-29 21:02:16 382,026 ----a-w C:\WINDOWS\system32\perfh009.dat

+ 2008-04-25 16:45:30 443,300 ----a-w C:\WINDOWS\system32\perfh009.dat

- 2006-08-29 21:02:16 386,592 ----a-w C:\WINDOWS\system32\perfh014.dat

+ 2008-04-25 16:45:30 446,292 ----a-w C:\WINDOWS\system32\perfh014.dat

+ 2006-10-24 10:30:20 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll

+ 2005-10-28 22:25:50 84,480 ------w C:\WINDOWS\system32\pintool.exe

- 2004-08-04 18:00:00 48,640 ----a-w C:\WINDOWS\system32\pnrpnsp.dll

+ 2006-10-11 16:26:32 58,880 ----a-w C:\WINDOWS\system32\pnrpnsp.dll

+ 2007-10-09 11:03:04 106,520 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

+ 2007-10-09 11:03:08 350,744 ----a-w C:\WINDOWS\system32\PresentationHost.exe

+ 2007-10-09 11:03:02 33,304 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll

+ 2007-10-09 11:03:12 779,800 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll

+ 2007-03-22 18:25:02 124,928 ------w C:\WINDOWS\system32\prntvpt.dll

+ 2006-08-24 14:15:06 150,808 ----a-w C:\WINDOWS\system32\rgb9rast_2.dll

- 2008-03-20 12:41:20 14,640 ------w C:\WINDOWS\system32\spmsg.dll

+ 2006-10-16 14:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll

+ 2007-03-22 18:24:50 762,880 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdrv.dll

+ 2007-03-22 18:24:34 131,584 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdui.dll

+ 2007-03-22 18:24:06 376,832 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrv.dll

+ 2007-03-22 19:03:54 749,568 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrvui.dll

+ 2007-03-22 19:03:58 761,344 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unires.dll

+ 2007-03-23 04:07:56 1,683,280 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\XpsSvcs.dll

+ 2006-10-14 14:43:18 27,648 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

+ 2007-03-22 18:25:42 677,376 ------w C:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe

+ 2006-10-14 15:13:02 34,304 ----a-w C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

+ 2007-03-22 18:53:16 746,496 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll

+ 2007-03-22 18:59:24 2,932,224 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll

+ 2007-03-22 18:53:16 746,496 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\mxdwdrv.dll

+ 2007-03-22 18:59:24 2,932,224 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\xpssvcs.dll

+ 2007-03-22 18:24:50 762,880 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\i386\mxdwdrv.dll

+ 2007-03-23 04:07:56 1,683,280 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\i386\xpssvcs.dll

+ 2007-03-22 18:24:50 762,880 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\mxdwdrv.dll

+ 2007-03-23 04:07:56 1,683,280 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\xpssvcs.dll

- 2006-09-25 15:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe

+ 2006-10-16 14:10:58 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe

+ 2007-10-09 10:58:20 16,896 ----a-w C:\WINDOWS\system32\tswpfwrp.exe

+ 2007-10-09 11:03:08 161,304 ----a-w C:\WINDOWS\system32\UIAutomationCore.dll

- 2004-08-04 18:00:00 36,352 ----a-w C:\WINDOWS\system32\umandlg.dll

+ 2006-10-04 13:39:42 36,352 ----a-w C:\WINDOWS\system32\umandlg.dll

- 2004-08-04 18:00:00 50,176 ----a-w C:\WINDOWS\system32\utilman.exe

+ 2006-10-04 13:34:52 50,176 ----a-w C:\WINDOWS\system32\utilman.exe

+ 2006-10-24 10:30:06 716,288 ------w C:\WINDOWS\system32\WindowsCodecs.dll

+ 2006-10-24 10:29:50 352,256 ------w C:\WINDOWS\system32\WindowsCodecsExt.dll

+ 2006-10-24 10:30:00 276,992 ------w C:\WINDOWS\system32\WMPhoto.dll

+ 2007-03-23 04:07:54 583,504 ------w C:\WINDOWS\system32\XPSSHHDR.dll

+ 2007-03-23 04:07:56 1,683,280 ------w C:\WINDOWS\system32\XpsSvcs.dll

+ 2007-10-09 11:03:08 308,760 ----a-w C:\WINDOWS\system32\XPSViewer\XPSViewer.exe

+ 2008-04-25 16:49:02 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_698.dat

+ 2007-10-23 23:47:56 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll

+ 2007-10-23 23:47:56 558,080 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll

+ 2007-10-23 23:47:56 635,904 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll

+ 2005-09-23 05:29:16 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll

+ 2005-09-23 05:29:16 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll

+ 2005-09-23 05:29:16 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SweetIM"="C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe" [2006-06-06 10:07 40960]

"Skype"="C:\Programfiler\Skype\Phone\Skype.exe" [2006-10-13 17:20 20058152]

"updateMgr"="C:\Programfiler\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

"ErrorSafeFree"="C:\Programfiler\ErrorSafe Free\uers.exe" [ ]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 20:00 15360]

"wffccvbv"="C:\WINDOWS\system32\rsrqhmzy.exe" [ ]

"tegyspio"="C:\WINDOWS\system32\sfwfwlgz.exe" [2008-04-24 23:17 106496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2005-12-19 14:52 15797248 C:\WINDOWS\RTHDCPL.exe]

"AzMixerSel"="C:\Programfiler\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 15:02 53248]

"SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-07-20 15:05 729177]

"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 20:00 208952]

"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 20:00 59392]

"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00 455168]

"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00 455168]

"PCMService"="C:\Programfiler\Acer\Acer Arcade\PCMService.exe" [2005-12-13 21:31 151552]

"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-11-28 13:55 98304]

"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-11-28 13:52 77824]

"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-11-28 13:55 118784]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-01-04 09:28 7393280]

"nwiz"="nwiz.exe" [2006-01-04 09:28 1519616 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-01-04 09:28 86016]

"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-10-19 09:30 69632]

"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-01-17 18:28 344064]

"Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-01-16 11:58 3080192]

"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-01-09 18:23 589824]

"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 18:00 397312]

"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 16:45 2462208]

"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

"SweetIM"="C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe" [2006-06-06 10:07 40960]

"Adobe Photo Downloader"="C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712]

"QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-12-11 10:56 286720]

"iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 20:00 15360]

C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\

Microsoft Office.lnk - C:\Programfiler\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]

Bluetooth Manager.lnk - C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-21 20:42:36 45056]

Adobe Reader Speed Launch.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.mkdmp3enc"= C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Programfiler\\Acer\\Acer Arcade\\PCMService.exe"=

"C:\\Programfiler\\Messenger\\msmsgs.exe"=

"C:\\Programfiler\\LimeWire\\LimeWire.exe"=

"C:\\Programfiler\\Java\\jre1.5.0_10\\BIN\\javaw.exe"=

"C:\\Programfiler\\Azureus\\Azureus.exe"=

"C:\\Programfiler\\MSN Messenger\\msnmsgr.exe"=

"C:\\Programfiler\\MSN Messenger\\livecall.exe"=

"C:\\Programfiler\\Internet Explorer\\iexplore.exe"=

"C:\\Programfiler\\SmartFTP Client\\SmartFTP.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Programfiler\\iTunes\\iTunes.exe"=

"C:\\Programfiler\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]

R1 OsaFsLoc;OsaFsLoc;C:\WINDOWS\system32\drivers\OsaFsLoc.sys [2005-10-15 18:20]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2005-04-22 16:57]

R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-22 16:57]

R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]

R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]

R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]

R3 NdisFilt;OSA NdisFilter Protocol;C:\WINDOWS\system32\Drivers\NdisFilt.sys [2005-09-13 15:34]

*Newly Created Service* - INT15.SYS

.

Contents of the 'Scheduled Tasks' folder

"2008-01-04 09:04:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Programfiler\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-25 19:20:26

Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-04-25 19:20:46

ComboFix-quarantined-files.txt 2008-04-25 17:20:44

ComboFix3.txt 2008-04-25 12:46:28

ComboFix2.txt 2008-04-25 14:36:00

Pre-Run: 13,939,834,880 byte ledig

Post-Run: 13,991,411,712 byte ledig

717 --- E O F --- 2008-04-25 16:51:43[\spoiler]

Endret 25. april 2008 av mjsol

mjsol · 25. april 2008

Kopier loggene og lim de direkte inn i posten

Når du skal legge til en ny post (svare på et innlegg), så klikker du på knappen SVAR og ikke NYTT EMNE.

ComboFix 08-04-22.5 - Stine 2008-04-25 19:18:40.3 -

FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.47.1044.18.510 [GMT 2:00]

Running from: C:\Documents and Settings\Stine\Skrivebord\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((( Files Created from 2008-03-25 to 2008-04-25 )))))))))))))))))))))))))))))))

.

2008-04-25 18:51 . 2008-04-25 18:51 <DIR> d-------- C:\WINDOWS\LastGood

2008-04-25 18:23 . 2008-04-25 18:23 <DIR> d-------- C:\Programfiler\MSXML 6.0

2008-04-25 18:21 . 2008-04-25 18:21 <DIR> d-------- C:\Programfiler\MSBuild

2008-04-25 18:18 . 2008-04-25 18:18 <DIR> d-------- C:\WINDOWS\system32\XPSViewer

2008-04-25 18:17 . 2008-04-25 18:17 <DIR> d-------- C:\Programfiler\Reference Assemblies

2008-04-25 18:17 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll

2008-04-25 17:35 . 2008-04-25 17:35 9,722,720 --a------ C:\Programfiler\spybotsd152.exe

2008-04-25 17:05 . 2008-04-25 17:05 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard

2008-04-25 17:04 . 2008-04-25 17:04 20,597,104 --a------ C:\Programfiler\aaw2007.exe

2008-04-25 05:16 . 2008-04-25 05:16 <DIR> d-------- C:\Programfiler\Trend Micro

2008-04-25 04:36 . 2008-04-25 04:36 <DIR> d-------- C:\Programfiler\Lavasoft

2008-04-25 04:36 . 2008-04-25 04:36 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Lavasoft

2008-04-25 04:02 . 2008-04-25 04:02 <DIR> d--hs---- C:\FOUND.001

2008-04-25 02:58 . 2008-04-25 02:58 <DIR> d--hs---- C:\FOUND.000

2008-04-25 02:30 . 2008-04-25 02:30 <DIR> d-------- C:\Programfiler\Spybot - Search & Destroy

2008-04-25 02:15 . 2008-04-25 02:14 691,545 --a------ C:\WINDOWS\unins000.exe

2008-04-25 02:15 . 2008-04-25 02:15 2,552 --a------ C:\WINDOWS\unins000.dat

2008-04-25 01:38 . 2008-04-25 01:38 <DIR> d-------- C:\WINDOWS\ERUNT

2008-04-25 01:32 . 2008-04-24 04:05 <DIR> d-------- C:\SDFix

2008-04-24 17:18 . 2008-04-24 17:18 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\nmjclapq

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-04-24 21:18 4,096 ----a-w C:\WINDOWS\system32\winlogonpc.exe

2008-04-24 21:18 4,096 ----a-w C:\WINDOWS\system32\hoproxy.dll

2008-03-20 08:11 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-20 08:11 1,845,248 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys

2008-03-01 16:35 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll

2008-02-29 08:58 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe

2008-02-29 08:58 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe

2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe

2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll

2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll

2008-02-20 05:39 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll

2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll

2006-08-15 21:26 3,889,824 ----a-w C:\Programfiler\SweetImSetup.exe

2006-07-24 22:48 737,554 ----a-w C:\Programfiler\xvidcore-1.1.0.tar.gz

2006-07-23 23:54 22,083,376 ----a-w C:\Programfiler\QuickTimeInstaller.exe

2006-07-21 16:56 15,253,376 ----a-w C:\Programfiler\DivXInstaller.exe

.

((((((((((((((((((((((((((((( snapshot@2008-04-25_14.46.10.29 )))))))))))))))))))))))))))))))))))))))))

.

+ 2006-10-11 16:37:48 153,088 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2p.dll

+ 2006-10-11 16:37:48 104,960 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2pgasvc.dll

+ 2006-10-11 16:37:48 313,344 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2pgraph.dll

+ 2006-10-11 16:37:48 115,712 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2pnetsh.dll

+ 2006-10-11 16:37:48 553,984 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\p2psvc.dll

+ 2006-10-11 16:37:48 58,880 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\pnrpnsp.dll

+ 2006-09-26 09:15:06 215,552 ------w C:\WINDOWS\$hf_mig$\KB920342\SP2QFE\spru0414.dll

+ 2005-10-12 23:20:56 14,560 ------w C:\WINDOWS\$hf_mig$\KB920342\spmsg.dll

+ 2005-10-12 23:20:56 214,752 ------w C:\WINDOWS\$hf_mig$\KB920342\spuninst.exe

+ 2005-10-12 23:20:56 22,752 ------w C:\WINDOWS\$hf_mig$\KB920342\update\spcustom.dll

+ 2005-10-12 23:20:58 721,120 ------w C:\WINDOWS\$hf_mig$\KB920342\update\update.exe

+ 2005-10-12 23:21:02 374,496 ------w C:\WINDOWS\$hf_mig$\KB920342\update\updspapi.dll

+ 2006-10-04 14:06:24 72,704 ------w C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\magnify.exe

+ 2006-10-04 14:06:22 54,272 ------w C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\narrator.exe

+ 2006-10-04 14:06:24 215,552 ------w C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\osk.exe

+ 2006-10-04 14:11:32 36,352 ------w C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\umandlg.dll

+ 2006-10-04 14:06:22 50,176 ------w C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\utilman.exe

+ 2005-10-12 23:26:30 14,560 ------w C:\WINDOWS\$hf_mig$\KB925720\spmsg.dll

+ 2005-10-12 23:26:30 214,752 ------w C:\WINDOWS\$hf_mig$\KB925720\spuninst.exe

+ 2005-10-12 23:26:30 22,752 ------w C:\WINDOWS\$hf_mig$\KB925720\update\spcustom.dll

+ 2005-10-12 23:26:32 721,120 ------w C:\WINDOWS\$hf_mig$\KB925720\update\update.exe

+ 2005-10-12 23:27:00 374,496 ------w C:\WINDOWS\$hf_mig$\KB925720\update\updspapi.dll

+ 2008-04-25 16:45:14 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2008-04-25 16:45:18 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2008-04-25 16:46:40 151,552 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

+ 2008-04-25 16:44:58 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2008-04-25 16:46:44 4,174,336 ----a-w C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2008-04-25 16:45:20 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2008-04-25 16:45:08 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2008-04-25 16:45:22 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2008-04-25 16:45:22 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2008-04-25 16:46:44 346,624 ----a-w C:\WINDOWS\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2008-04-25 16:45:18 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2008-04-25 16:45:06 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2008-04-25 16:45:12 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2008-04-25 16:16:38 311,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_no_b03f5f7f11d50a3a\aspnetmmcext.resources.dll

+ 2008-04-25 16:45:06 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

+ 2008-04-25 16:45:14 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2008-04-25 16:45:16 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2008-04-25 16:45:16 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2008-04-25 16:45:18 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2008-04-25 16:16:40 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_no_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll

+ 2008-04-25 16:45:22 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2008-04-25 16:45:24 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2008-04-25 16:16:40 135,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_no_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll

+ 2008-04-25 16:45:24 655,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2008-04-25 16:16:40 9,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_no_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll

+ 2008-04-25 16:45:24 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2008-04-25 16:16:38 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_no_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll

+ 2008-04-25 16:45:18 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2008-04-25 16:23:04 5,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_no_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll

+ 2008-04-25 16:23:04 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_no_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll

+ 2008-04-25 16:46:40 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

+ 2008-04-25 16:16:46 8,704 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_no_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll

+ 2008-04-25 16:45:16 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2008-04-25 16:16:44 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_no_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll

+ 2008-04-25 16:45:16 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2008-04-25 16:16:44 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_no_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll

+ 2008-04-25 16:45:20 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2008-04-25 16:45:16 671,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2008-04-25 16:45:02 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2008-04-25 16:45:22 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2008-04-25 16:45:14 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2008-04-25 16:45:14 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2008-04-25 16:16:40 286,720 ----a-w C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_no_b77a5c561934e089\mscorlib.resources.dll

+ 2008-04-25 16:23:00 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_no_31bf3856ad364e35\PresentationBuildTasks.resources.dll

+ 2008-04-25 16:46:36 602,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll

+ 2008-04-25 16:46:44 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll

+ 2008-04-25 16:23:00 102,400 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_no_31bf3856ad364e35\PresentationCore.resources.dll

+ 2008-04-25 16:46:42 184,320 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

+ 2008-04-25 16:46:42 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

+ 2008-04-25 16:46:42 376,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

+ 2008-04-25 16:23:00 233,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_no_31bf3856ad364e35\PresentationFramework.resources.dll

+ 2008-04-25 16:46:42 151,552 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

+ 2008-04-25 16:46:42 5,210,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll

+ 2008-04-25 16:23:00 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_no_31bf3856ad364e35\PresentationUI.resources.dll

+ 2008-04-25 16:46:40 897,024 ----a-w C:\WINDOWS\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll

+ 2008-04-25 16:23:00 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_no_31bf3856ad364e35\ReachFramework.resources.dll

+ 2008-04-25 16:46:44 528,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll

+ 2008-04-25 16:23:04 5,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_no_b77a5c561934e089\SMDiagnostics.resources.dll

+ 2008-04-25 16:46:40 102,400 ----a-w C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll

+ 2008-04-25 16:16:42 10,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_no_b03f5f7f11d50a3a\sysglobl.resources.dll

+ 2008-04-25 16:45:18 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2008-04-25 16:16:40 16,896 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll

+ 2008-04-25 16:45:18 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2008-04-25 16:16:44 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Configuration.resources.dll

+ 2008-04-25 16:45:08 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2008-04-25 16:16:40 106,496 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_no_b77a5c561934e089\System.Data.OracleClient.resources.dll

+ 2008-04-25 16:16:44 319,488 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_no_b77a5c561934e089\System.Data.resources.dll

+ 2008-04-25 16:16:42 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_no_b77a5c561934e089\system.data.sqlxml.resources.dll

+ 2008-04-25 16:45:08 741,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2008-04-25 16:16:38 376,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Deployment.resources.dll

+ 2008-04-25 16:45:10 933,888 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2008-04-25 16:16:44 528,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Design.resources.dll

+ 2008-04-25 16:45:24 5,070,848 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2008-04-25 16:16:38 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll

+ 2008-04-25 16:45:24 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2008-04-25 16:16:38 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll

+ 2008-04-25 16:45:12 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2008-04-25 16:16:42 6,144 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll

+ 2008-04-25 16:45:22 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2008-04-25 16:16:44 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Drawing.resources.dll

+ 2008-04-25 16:45:04 630,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2008-04-25 16:16:42 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll

+ 2008-04-25 16:23:06 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_no_b77a5c561934e089\System.IdentityModel.Resources.dll

+ 2008-04-25 16:23:04 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_no_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll

+ 2008-04-25 16:46:46 126,976 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

+ 2008-04-25 16:46:46 430,080 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll

+ 2008-04-25 16:23:04 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_no_b03f5f7f11d50a3a\System.IO.Log.Resources.dll

+ 2008-04-25 16:46:40 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

+ 2008-04-25 16:16:42 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\system.management.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Management.resources.dll

+ 2008-04-25 16:45:22 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2008-04-25 16:16:44 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Messaging.resources.dll

+ 2008-04-25 16:45:20 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2008-04-25 16:23:00 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_no_31bf3856ad364e35\System.Printing.resources.dll

+ 2008-04-25 16:16:44 192,512 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_no_b77a5c561934e089\system.resources.dll

+ 2008-04-25 16:16:42 19,456 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_no_b77a5c561934e089\System.Runtime.Remoting.resources.dll

+ 2008-04-25 16:45:20 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2008-04-25 16:16:42 11,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll

+ 2008-04-25 16:45:20 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2008-04-25 16:23:06 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_no_b77a5c561934e089\System.RunTime.Serialization.Resources.dll

+ 2008-04-25 16:46:38 929,792 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

+ 2008-04-25 16:16:38 16,896 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Security.resources.dll

+ 2008-04-25 16:45:04 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2008-04-25 16:23:06 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_no_b77a5c561934e089\System.ServiceModel.Install.Resources.dll

+ 2008-04-25 16:46:36 159,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll

+ 2008-04-25 16:23:06 417,792 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_no_b77a5c561934e089\System.ServiceModel.Resources.dll

+ 2008-04-25 16:46:36 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

+ 2008-04-25 16:46:38 5,971,968 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll

+ 2008-04-25 16:16:42 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll

+ 2008-04-25 16:45:04 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2008-04-25 16:23:00 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_no_31bf3856ad364e35\System.Speech.resources.dll

+ 2008-04-25 16:46:36 688,128 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll

+ 2008-04-25 16:16:42 15,872 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_no_b77a5c561934e089\System.Transactions.resources.dll

+ 2008-04-25 16:16:44 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll

+ 2008-04-25 16:45:12 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2008-04-25 16:45:12 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2008-04-25 16:16:40 569,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Web.resources.dll

+ 2008-04-25 16:16:40 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_no_b03f5f7f11d50a3a\System.Web.Services.resources.dll

+ 2008-04-25 16:45:10 839,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2008-04-25 16:16:42 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_no_b77a5c561934e089\System.Windows.Forms.resources.dll

+ 2008-04-25 16:45:14 5,013,504 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2008-04-25 16:23:10 183,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_no_31bf3856ad364e35\System.Workflow.Activities.resources.dll

+ 2008-04-25 16:46:44 1,152,040 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll

+ 2008-04-25 16:23:10 310,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_no_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll

+ 2008-04-25 16:46:44 1,635,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll

+ 2008-04-25 16:23:10 39,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_no_31bf3856ad364e35\System.Workflow.Runtime.resources.dll

+ 2008-04-25 16:46:44 578,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll

+ 2008-04-25 16:16:40 151,552 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_no_b77a5c561934e089\System.xml.resources.dll

+ 2008-04-25 16:45:04 2,068,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2008-04-25 16:45:10 3,076,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2008-04-25 16:23:00 9,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_no_31bf3856ad364e35\UIAutomationClient.resources.dll

+ 2008-04-25 16:46:36 163,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

+ 2008-04-25 16:23:00 9,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_no_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll

+ 2008-04-25 16:46:36 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

+ 2008-04-25 16:23:00 4,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_no_31bf3856ad364e35\UIAutomationProvider.resources.dll

+ 2008-04-25 16:46:44 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

+ 2008-04-25 16:23:00 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_no_31bf3856ad364e35\UIAutomationTypes.resources.dll

+ 2008-04-25 16:46:44 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

+ 2008-04-25 16:23:00 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_no_31bf3856ad364e35\WindowsBase.resources.dll

+ 2008-04-25 16:46:42 1,204,224 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll

+ 2008-04-25 16:23:00 4,608 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_no_31bf3856ad364e35\WindowsFormsIntegration.resources.dll

+ 2008-04-25 16:46:36 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

+ 2008-04-25 16:51:38 27,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll

+ 2008-04-25 16:51:42 17,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\cd0730694ba5927a6efd32129783e1b4\Microsoft.VisualC.ni.dll

+ 2008-04-25 16:47:52 11,722,752 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll

+ 2008-04-25 16:52:18 40,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3df824565150953afd560ca20237b881\PresentationCFFRasterizer.ni.dll

+ 2008-04-25 16:52:18 12,570,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\011f8e31d197b4ccb6a61c2267a38e5c\PresentationCore.ni.dll

+ 2008-04-25 16:50:34 48,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\4ce7fd62d4107fbe996ab305eb21ee6a\PresentationFontCache.ni.exe

+ 2008-04-25 16:54:04 393,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\36c6cfd5d4e80d5c548f823b2bbf5457\PresentationFramework.Aero.ni.dll

+ 2008-04-25 16:54:08 552,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3f18bff5107c9a8accae6c248fdf3c2e\PresentationFramework.Luna.ni.dll

+ 2008-04-25 16:53:02 15,036,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\60421dda88800b14dc101ed9dca422fe\PresentationFramework.ni.dll

+ 2008-04-25 16:54:08 274,432 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\81d2540bc1c18190d0431d9a61bee65b\PresentationFramework.Royale.ni.dll

+ 2008-04-25 16:54:06 245,760 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9df61ec7aad39fe0bac82139cd84e5e5\PresentationFramework.Classic.ni.dll

+ 2008-04-25 16:53:10 2,035,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationUI\6d2716a55eb8ce6fc4cbf83f3ab329e3\PresentationUI.ni.dll

+ 2008-04-25 16:53:14 2,416,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ReachFramework\840c64bba900a6ed333ca39e63a9ca3b\ReachFramework.ni.dll

+ 2008-04-25 16:51:06 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\c46625ea87db53ccf6194fe17ee05c19\System.Configuration.Install.ni.dll

+ 2008-04-25 16:50:44 1,011,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll

+ 2008-04-25 16:54:02 1,183,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1abdb47765d0696a2fc0a1095bac0249\System.Data.OracleClient.ni.dll

+ 2008-04-25 16:51:00 2,756,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e59504af41afab5e04681af951d9b302\System.Data.SqlXml.ni.dll

+ 2008-04-25 16:53:26 7,049,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll

+ 2008-04-25 16:51:40 1,798,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll

+ 2008-04-25 16:53:58 10,969,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll

+ 2008-04-25 16:53:18 1,224,704 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll

+ 2008-04-25 16:54:02 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll

+ 2008-04-25 16:54:00 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll

+ 2008-04-25 16:51:08 1,667,072 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll

+ 2008-04-25 16:53:30 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll

+ 2008-04-25 16:53:30 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll

+ 2008-04-25 16:53:16 1,134,592 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Printing\f94fbbe7d7c6e76d02cd9fb94ee8d910\System.Printing.ni.dll

+ 2008-04-25 16:53:30 815,104 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0898f6c1de8cb89413d206e3d6a3ce1d\System.Runtime.Remoting.ni.dll

+ 2008-04-25 16:51:06 339,968 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1f5cf8178029f5b959a9af75cb8cfedb\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2008-04-25 16:51:04 733,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll

+ 2008-04-25 16:50:40 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll

+ 2008-04-25 16:53:28 679,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll

+ 2008-04-25 16:54:02 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll

+ 2008-04-25 16:53:48 1,986,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll

+ 2008-04-25 16:53:46 12,509,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll

+ 2008-04-25 16:51:36 13,193,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll

+ 2008-04-25 16:50:54 5,771,264 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll

+ 2008-04-25 16:50:30 8,265,728 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll

+ 2008-04-25 16:52:18 50,688 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\9e249f5c0ef3e391c5aec1f9da805519\UIAutomationProvider.ni.dll

+ 2008-04-25 16:52:18 196,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\46e3ec015dd7b25d5ddc185534458122\UIAutomationTypes.ni.dll

+ 2008-04-25 16:51:48 3,395,584 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\0703021437c2ec71213a6b701771be86\WindowsBase.ni.dll

- 2008-04-25 12:43:26 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-04-25 16:48:56 2,048 --s-a-w C:\WINDOWS\bootstat.dat

- 2008-04-25 02:37:06 1,038,336 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC.exe

+ 2008-04-25 15:07:12 1,038,336 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC.exe

- 2008-04-25 02:37:06 178,688 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC1.exe

+ 2008-04-25 15:07:12 178,688 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC1.exe

- 2008-04-25 02:37:06 171,008 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B.exe

+ 2008-04-25 15:07:12 171,008 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B.exe

- 2008-04-25 02:37:06 8,704 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B1.exe

+ 2008-04-25 15:07:12 8,704 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B1.exe

- 2003-02-20 18:09:46 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe

+ 2007-10-23 23:47:38 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe

- 2003-02-20 18:09:32 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll

+ 2007-10-23 23:47:38 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll

+ 2007-10-23 23:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll

+ 2007-10-23 23:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll

+ 2007-10-23 23:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll

- 2003-02-20 17:43:50 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll

+ 2007-10-23 23:47:38 97,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll

+ 2007-10-23 23:47:26 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll

+ 2007-10-23 23:47:30 145,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll

+ 2007-10-23 23:47:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll

+ 2007-10-23 23:47:48 193,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll

+ 2007-10-23 23:47:20 218,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll

+ 2005-12-20 16:12:08 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1044\alinkui.dll

+ 2005-12-20 16:12:10 140,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1044\cscompui.dll

+ 2005-12-20 16:12:12 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1044\CvtResUI.dll

+ 2005-12-20 16:12:16 185,856 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1044\vbc7ui.dll

+ 2005-12-20 16:12:06 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1044\Vsavb7rtUI.dll

+ 2007-10-23 23:47:40 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll

+ 2007-10-23 23:47:42 147,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll

+ 2007-10-23 23:47:26 99,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll

+ 2007-10-23 23:47:42 59,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe

+ 2007-10-23 23:47:22 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe

+ 2007-10-23 23:47:22 22,024 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll

+ 2007-10-23 23:47:22 17,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll

+ 2007-10-23 23:47:22 33,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll

+ 2007-10-23 23:47:22 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll

+ 2007-10-23 23:47:22 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe

+ 2007-10-23 23:47:22 32,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe

+ 2007-10-23 23:47:22 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe

+ 2007-10-23 23:47:22 33,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

+ 2007-10-23 23:47:22 33,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe

+ 2007-10-23 23:47:22 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll

+ 2007-10-23 23:47:40 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe

+ 2007-10-23 23:47:40 101,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll

+ 2007-10-23 23:47:30 80,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe

+ 2007-10-23 23:47:30 1,162,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll

+ 2007-10-23 23:47:30 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll

+ 2007-10-23 23:47:42 27,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll

+ 2007-10-23 23:47:40 69,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll

+ 2007-10-23 23:47:30 35,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

+ 2007-10-23 23:47:28 66,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll

+ 2007-10-23 23:47:28 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe

+ 2007-10-23 23:47:54 572,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

+ 2007-10-23 23:47:40 798,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll

+ 2007-10-23 23:47:36 18,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll

+ 2005-12-20 16:12:18 8,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\NO\Microsoft.VisualBasic.Compatibility.Data.resources.dll

+ 2005-12-20 16:12:18 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC\NO\Microsoft.VisualBasic.Compatibility.resources.dll

+ 2007-10-23 23:47:40 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe

+ 2007-10-23 23:47:40 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll

+ 2007-10-23 23:47:40 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll

+ 2007-10-23 23:47:40 6,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll

+ 2007-10-23 23:47:40 230,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe

+ 2007-10-23 23:47:40 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe

+ 2007-10-23 23:47:40 65,032 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll

+ 2007-10-23 23:47:40 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll

+ 2007-10-23 23:47:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe

+ 2005-12-09 08:45:40 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - NOR\install.exe

+ 2005-12-09 08:45:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - NOR\install.res.1044.dll

+ 2005-12-09 10:26:10 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - NOR\unicows.dll

+ 2007-10-23 23:47:36 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll

+ 2007-10-23 23:47:36 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll

+ 2007-10-23 23:47:36 655,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll

+ 2007-10-23 23:47:36 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll

+ 2007-10-23 23:47:34 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll

+ 2007-10-23 23:47:52 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2007-10-23 23:47:52 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll

+ 2007-10-23 23:47:50 671,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll

+ 2007-10-23 23:47:20 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll

+ 2007-10-23 23:47:52 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll

+ 2007-10-23 23:47:20 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll

+ 2007-10-23 23:47:20 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2007-10-23 23:47:20 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll

+ 2007-10-23 23:47:22 97,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll

+ 2007-10-23 23:47:36 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe

+ 2007-10-23 23:47:40 822,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2007-10-23 23:47:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll

+ 2007-10-23 23:47:40 308,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll

+ 2007-10-23 23:47:40 47,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll

+ 2007-10-23 23:47:40 348,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

+ 2007-10-23 23:47:40 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll

+ 2007-10-23 23:47:40 4,444,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

+ 2007-10-23 23:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll

+ 2007-10-23 23:47:44 340,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll

+ 2007-10-23 23:47:40 77,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

+ 2007-10-23 23:47:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll

+ 2007-10-23 23:47:40 242,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll

+ 2007-10-23 23:47:40 70,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

+ 2007-10-23 23:47:40 19,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll

+ 2007-10-23 23:47:36 5,814,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

+ 2007-10-23 23:47:44 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll

+ 2005-12-20 16:12:14 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0414\mscorsecr.dll

+ 2007-10-23 23:47:40 101,880 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe

+ 2005-12-20 16:12:08 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\aspnet_compiler.resources.dll

+ 2005-12-20 16:12:08 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\aspnet_rc.dll

+ 2005-12-20 16:12:08 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\aspnet_regbrowsers.resources.dll

+ 2005-12-20 16:12:08 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\aspnet_regsql.resources.dll

+ 2005-12-20 16:12:08 311,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\aspnetmmcext.resources.dll

+ 2005-12-20 16:12:14 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\caspol.resources.dll

+ 2005-12-20 16:12:14 4,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\InstallUtil.resources.dll

+ 2005-12-20 16:12:12 6,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\JSC.resources.dll

+ 2005-12-20 16:12:14 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Microsoft.Build.Engine.resources.dll

+ 2005-12-20 16:12:14 135,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Microsoft.Build.Tasks.resources.dll

+ 2005-12-20 16:12:14 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Microsoft.Build.Utilities.Resources.dll

+ 2005-12-20 16:12:12 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Microsoft.JScript.resources.dll

+ 2005-12-20 16:12:18 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Microsoft.VisualBasic.resources.dll

+ 2005-12-20 16:12:14 12,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\MSBuild.resources.dll

+ 2005-12-20 16:12:14 286,720 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\mscorlib.resources.dll

+ 2005-12-20 16:12:14 346,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\mscorrc.dll

+ 2005-12-20 16:12:14 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\Regasm.Resources.dll

+ 2005-12-20 16:12:14 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\ShFusRes.dll

+ 2005-12-20 16:12:14 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\sysglobl.resources.dll

+ 2005-12-20 16:12:14 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Configuration.Install.resources.dll

+ 2005-12-20 16:12:14 45,056 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Configuration.resources.dll

+ 2005-12-20 16:12:14 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Data.OracleClient.resources.dll

+ 2005-12-20 16:12:14 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Data.resources.dll

+ 2005-12-20 16:12:14 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\system.data.sqlxml.resources.dll

+ 2005-12-20 16:12:10 376,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Deployment.resources.dll

+ 2005-12-20 16:12:14 528,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Design.resources.dll

+ 2005-12-20 16:12:14 16,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.DirectoryServices.Protocols.resources.dll

+ 2005-12-20 16:12:14 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.DirectoryServices.resources.dll

+ 2005-12-20 16:12:14 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Drawing.Design.resources.dll

+ 2005-12-20 16:12:14 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Drawing.resources.dll

+ 2005-12-20 16:12:14 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.EnterpriseServices.resources.dll

+ 2005-12-20 16:12:14 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Management.resources.dll

+ 2005-12-20 16:12:14 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Messaging.resources.dll

+ 2005-12-20 16:12:14 192,512 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\system.resources.dll

+ 2005-12-20 16:12:14 19,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Runtime.Remoting.resources.dll

+ 2005-12-20 16:12:14 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Runtime.Serialization.Formatters.Soap.resources.dll

+ 2005-12-20 16:12:14 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Security.resources.dll

+ 2005-12-20 16:12:14 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.ServiceProcess.resources.dll

+ 2005-12-20 16:12:14 15,872 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Transactions.resources.dll

+ 2005-12-20 16:12:14 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Web.Mobile.resources.dll

+ 2005-12-20 16:12:14 569,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Web.resources.dll

+ 2005-12-20 16:12:14 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Web.Services.resources.dll

+ 2005-12-20 16:12:14 401,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.Windows.Forms.resources.dll

+ 2005-12-20 16:12:14 151,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\no\System.xml.resources.dll

+ 2007-10-23 23:47:40 24,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll

+ 2007-10-23 23:47:40 89,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll

+ 2007-10-23 23:47:36 144,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll

+ 2007-10-23 23:47:40 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe

+ 2007-10-23 23:47:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe

+ 2007-10-23 23:47:46 61,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe

+ 2007-10-23 23:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll

+ 2007-10-23 23:47:40 119,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll

+ 2007-10-23 23:47:44 95,232 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll

+ 2007-10-23 23:47:40 392,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll

+ 2007-10-23 23:47:40 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll

+ 2007-10-23 23:47:42 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll

+ 2007-10-23 23:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll

+ 2007-10-23 23:47:40 3,036,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll

+ 2007-10-23 23:47:40 483,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll

+ 2007-10-23 23:47:40 741,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll

+ 2007-10-23 23:47:28 933,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll

+ 2007-10-23 23:47:40 5,070,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll

+ 2007-10-23 23:47:40 401,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll

+ 2007-10-23 23:47:40 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll

+ 2007-10-23 23:47:40 3,076,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll

+ 2007-10-23 23:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll

+ 2007-10-23 23:47:40 630,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll

+ 2007-10-23 23:47:40 57,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll

+ 2007-10-23 23:47:40 113,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll

+ 2007-10-23 23:47:40 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll

+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll

+ 2007-10-23 23:47:40 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll

+ 2007-10-23 23:47:40 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll

+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

+ 2007-10-23 23:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll

+ 2007-10-23 23:47:40 261,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll

+ 2007-10-23 23:47:40 5,431,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll

+ 2007-10-23 23:47:40 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll

+ 2007-10-23 23:47:40 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll

+ 2007-10-23 23:47:40 839,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll

+ 2007-10-23 23:47:40 5,013,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll

+ 2007-10-23 23:47:40 2,068,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll

+ 2007-10-23 23:47:40 81,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL

+ 2007-10-23 23:47:48 1,172,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe

+ 2007-10-23 23:47:20 1,344,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll

+ 2007-10-23 23:47:22 434,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll

+ 2007-10-23 23:47:40 37,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll

+ 2006-10-31 08:15:14 14,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\baseline.dat

+ 2006-10-20 15:57:16 99,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\DeleteTemp.exe

+ 2006-10-20 13:17:16 220,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\dlmgr.dll

+ 2006-10-20 13:19:18 1,054,720 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\gencomp.dll

+ 2006-10-20 13:16:24 163,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\HtmlLite.dll

+ 2006-10-20 15:57:16 194,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\RebootStub.exe

+ 2006-10-20 15:57:16 167,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\runmsi.exe

+ 2006-10-20 15:57:16 365,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\setup.exe

+ 2006-10-20 15:46:04 83,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\setupres.1044.dll

+ 2006-10-20 13:17:20 80,384 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\setupres.dll

+ 2006-10-20 13:17:26 1,621,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\SITSetup.dll

+ 2006-10-20 13:18:26 1,139,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\vs_setup.dll

+ 2006-10-20 13:19:44 590,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\vs70uimgr.dll

+ 2006-10-20 13:22:20 541,184 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\vsbasereqs.dll

+ 2006-10-20 13:19:48 816,128 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\vsscenario.dll

+ 2006-10-20 15:46:04 98,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\WapRes.1044.dll

+ 2006-10-20 13:19:50 98,816 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\WapRes.dll

+ 2006-10-20 13:21:22 1,103,872 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack\WapUI.dll

+ 2008-04-25 16:23:04 626,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation Language Pack - NOR\install.exe

+ 2008-04-25 16:23:04 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation Language Pack - NOR\install.res.1044.dll

+ 2007-10-11 07:55:14 159,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe

+ 2007-10-11 07:55:10 864,256 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

+ 2007-10-11 07:55:12 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll

+ 2007-10-11 07:55:12 151,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll

+ 2006-10-31 03:10:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\no\ComSvcConfig.resources.dll

+ 2006-10-31 03:10:22 741,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\no\infocard.resources.dll

+ 2006-10-31 03:10:22 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\no\ServiceModelReg.resources.dll

+ 2006-10-31 03:10:22 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\no\SMSvcHost.resources.dll

+ 2006-10-31 03:10:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\no\WsatConfig.resources.dll

+ 2007-10-11 07:55:14 2,560 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll

+ 2007-10-11 07:55:14 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe

+ 2007-10-11 07:55:14 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll

+ 2007-10-11 07:55:14 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMDiagnostics.dll

+ 2007-10-11 07:55:14 122,880 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

+ 2007-10-11 07:55:14 929,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll

+ 2007-10-11 07:55:14 5,971,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll

+ 2007-10-11 07:55:14 159,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll

+ 2007-10-11 07:55:14 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll

+ 2007-10-11 07:55:14 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe

+ 2007-10-06 01:18:12 16,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe

+ 2006-10-20 14:08:52 797,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll

+ 2006-10-20 14:09:02 4,874,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll

+ 2006-10-20 12:03:40 2,628,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll

+ 2006-10-25 03:37:08 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\no\PresentationUI.resources.dll

+ 2007-10-09 11:03:00 76,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll

+ 2007-10-09 10:58:12 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll

+ 2007-10-09 10:58:12 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

+ 2007-10-09 11:03:08 121,368 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll

+ 2007-10-09 10:58:14 897,024 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll

+ 2007-10-09 10:58:20 14,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe

+ 2005-10-28 22:25:12 133,120 ------w C:\WINDOWS\system32\axaltocm.dll

+ 2005-10-28 14:40:16 96,792 ------w C:\WINDOWS\system32\basecsp.dll

+ 2005-10-28 22:25:50 26,112 ------w C:\WINDOWS\system32\bcsprsrc.dll

+ 2007-10-23 23:47:28 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll

+ 2007-03-22 18:24:58 28,160 ------w C:\WINDOWS\system32\dllcache\FilterPipelinePrintProc.dll

- 2004-08-04 18:00:00 72,704 ----a-w C:\WINDOWS\system32\dllcache\magnify.exe

+ 2006-10-04 13:34:52 72,704 ----a-w C:\WINDOWS\system32\dllcache\magnify.exe

- 2004-08-04 18:00:00 54,272 ----a-w C:\WINDOWS\system32\dllcache\narrator.exe

+ 2006-10-04 13:34:50 54,272 ----a-w C:\WINDOWS\system32\dllcache\narrator.exe

- 2004-08-04 18:00:00 215,552 ----a-w C:\WINDOWS\system32\dllcache\osk.exe

+ 2006-10-04 13:34:54 215,552 ----a-w C:\WINDOWS\system32\dllcache\osk.exe

- 2004-08-04 18:00:00 116,224 ----a-w C:\WINDOWS\system32\dllcache\p2p.dll

+ 2006-10-11 16:26:32 153,088 ----a-w C:\WINDOWS\system32\dllcache\p2p.dll

- 2004-08-04 18:00:00 86,016 ----a-w C:\WINDOWS\system32\dllcache\p2pgasvc.dll

+ 2006-10-11 16:26:32 104,960 ----a-w C:\WINDOWS\system32\dllcache\p2pgasvc.dll

- 2004-08-04 18:00:00 312,320 ----a-w C:\WINDOWS\system32\dllcache\p2pgraph.dll

+ 2006-10-11 16:26:32 313,344 ----a-w C:\WINDOWS\system32\dllcache\p2pgraph.dll

- 2004-08-04 18:00:00 88,064 ----a-w C:\WINDOWS\system32\dllcache\p2pnetsh.dll

+ 2006-10-11 16:26:32 116,224 ----a-w C:\WINDOWS\system32\dllcache\p2pnetsh.dll

- 2004-08-04 18:00:00 526,848 ----a-w C:\WINDOWS\system32\dllcache\p2psvc.dll

+ 2006-10-11 16:26:32 553,984 ----a-w C:\WINDOWS\system32\dllcache\p2psvc.dll

- 2004-08-04 18:00:00 48,640 ----a-w C:\WINDOWS\system32\dllcache\pnrpnsp.dll

+ 2006-10-11 16:26:32 58,880 ----a-w C:\WINDOWS\system32\dllcache\pnrpnsp.dll

+ 2007-03-22 18:25:42 677,376 ------w C:\WINDOWS\system32\dllcache\PrintFilterPipelineSvc.exe

- 2004-08-04 18:00:00 36,352 ----a-w C:\WINDOWS\system32\dllcache\umandlg.dll

+ 2006-10-04 13:39:42 36,352 ----a-w C:\WINDOWS\system32\dllcache\umandlg.dll

- 2004-08-04 18:00:00 50,176 ----a-w C:\WINDOWS\system32\dllcache\utilman.exe

+ 2006-10-04 13:34:52 50,176 ----a-w C:\WINDOWS\system32\dllcache\utilman.exe

+ 2007-03-23 04:07:54 583,504 ------w C:\WINDOWS\system32\dllcache\XPSSHHDR.dll

+ 2007-03-23 04:07:56 1,683,280 ------w C:\WINDOWS\system32\dllcache\XpsSvcs.dll

+ 2007-10-09 11:03:00 73,752 ----a-w C:\WINDOWS\system32\dxva2.dll

+ 2007-10-09 11:03:12 493,080 ----a-w C:\WINDOWS\system32\evr.dll

- 2008-04-23 13:13:06 184,224 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT

+ 2008-04-25 16:48:48 187,408 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT

+ 2007-10-11 07:55:10 579,584 ----a-w C:\WINDOWS\system32\icardagt.exe

+ 2007-10-11 07:55:10 11,776 ----a-w C:\WINDOWS\system32\icardres.dll

+ 2005-10-28 22:25:12 151,552 ------w C:\WINDOWS\system32\ifxcardm.dll

+ 2007-10-11 07:55:10 88,576 ----a-w C:\WINDOWS\system32\infocardapi.dll

- 2004-08-04 18:00:00 72,704 ----a-w C:\WINDOWS\system32\magnify.exe

+ 2006-10-04 13:34:52 72,704 ----a-w C:\WINDOWS\system32\magnify.exe

+ 2007-10-09 11:03:14 1,986,072 ----a-w C:\WINDOWS\system32\milcore.dll

- 2006-12-22 10:28:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll

+ 2007-10-23 23:47:38 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll

- 2004-07-14 21:34:06 16,896 ----a-w C:\WINDOWS\system32\mscorier.dll

+ 2007-10-23 23:47:38 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll

- 2003-02-20 18:09:14 106,496 ----a-w C:\WINDOWS\system32\mscories.dll

+ 2007-10-23 23:47:38 84,480 ----a-w C:\WINDOWS\system32\mscories.dll

+ 2007-05-15 13:43:10 1,320,800 ----a-w C:\WINDOWS\system32\msxml6.dll

+ 2006-10-19 11:33:20 86,728 ----a-w C:\WINDOWS\system32\msxml6r.dll

- 2006-12-22 11:02:36 6,144 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll

+ 2007-10-23 23:47:44 15,360 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll

+ 2005-12-20 16:12:14 6,144 ----a-w C:\WINDOWS\system32\mui\0414\mscorees.dll

- 2004-08-04 18:00:00 54,272 ----a-w C:\WINDOWS\system32\narrator.exe

+ 2006-10-04 13:34:50 54,272 ----a-w C:\WINDOWS\system32\narrator.exe

- 2004-08-04 18:00:00 215,552 ----a-w C:\WINDOWS\system32\osk.exe

+ 2006-10-04 13:34:54 215,552 ----a-w C:\WINDOWS\system32\osk.exe

- 2004-08-04 18:00:00 116,224 ----a-w C:\WINDOWS\system32\p2p.dll

+ 2006-10-11 16:26:32 153,088 ----a-w C:\WINDOWS\system32\p2p.dll

- 2004-08-04 18:00:00 86,016 ----a-w C:\WINDOWS\system32\p2pgasvc.dll

+ 2006-10-11 16:26:32 104,960 ----a-w C:\WINDOWS\system32\p2pgasvc.dll

- 2004-08-04 18:00:00 312,320 ----a-w C:\WINDOWS\system32\p2pgraph.dll

+ 2006-10-11 16:26:32 313,344 ----a-w C:\WINDOWS\system32\p2pgraph.dll

- 2004-08-04 18:00:00 88,064 ----a-w C:\WINDOWS\system32\p2pnetsh.dll

+ 2006-10-11 16:26:32 116,224 ----a-w C:\WINDOWS\system32\p2pnetsh.dll

- 2004-08-04 18:00:00 526,848 ----a-w C:\WINDOWS\system32\p2psvc.dll

+ 2006-10-11 16:26:32 553,984 ----a-w C:\WINDOWS\system32\p2psvc.dll

- 2006-08-29 21:02:16 53,770 ----a-w C:\WINDOWS\system32\perfc009.dat

+ 2008-04-25 16:45:30 72,314 ----a-w C:\WINDOWS\system32\perfc009.dat

- 2006-08-29 21:02:16 61,546 ----a-w C:\WINDOWS\system32\perfc014.dat

+ 2008-04-25 16:45:30 81,104 ----a-w C:\WINDOWS\system32\perfc014.dat

- 2006-08-29 21:02:16 382,026 ----a-w C:\WINDOWS\system32\perfh009.dat

+ 2008-04-25 16:45:30 443,300 ----a-w C:\WINDOWS\system32\perfh009.dat

- 2006-08-29 21:02:16 386,592 ----a-w C:\WINDOWS\system32\perfh014.dat

+ 2008-04-25 16:45:30 446,292 ----a-w C:\WINDOWS\system32\perfh014.dat

+ 2006-10-24 10:30:20 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll

+ 2005-10-28 22:25:50 84,480 ------w C:\WINDOWS\system32\pintool.exe

- 2004-08-04 18:00:00 48,640 ----a-w C:\WINDOWS\system32\pnrpnsp.dll

+ 2006-10-11 16:26:32 58,880 ----a-w C:\WINDOWS\system32\pnrpnsp.dll

+ 2007-10-09 11:03:04 106,520 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

+ 2007-10-09 11:03:08 350,744 ----a-w C:\WINDOWS\system32\PresentationHost.exe

+ 2007-10-09 11:03:02 33,304 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll

+ 2007-10-09 11:03:12 779,800 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll

+ 2007-03-22 18:25:02 124,928 ------w C:\WINDOWS\system32\prntvpt.dll

+ 2006-08-24 14:15:06 150,808 ----a-w C:\WINDOWS\system32\rgb9rast_2.dll

- 2008-03-20 12:41:20 14,640 ------w C:\WINDOWS\system32\spmsg.dll

+ 2006-10-16 14:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll

+ 2007-03-22 18:24:50 762,880 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdrv.dll

+ 2007-03-22 18:24:34 131,584 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdui.dll

+ 2007-03-22 18:24:06 376,832 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrv.dll

+ 2007-03-22 19:03:54 749,568 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrvui.dll

+ 2007-03-22 19:03:58 761,344 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unires.dll

+ 2007-03-23 04:07:56 1,683,280 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\XpsSvcs.dll

+ 2006-10-14 14:43:18 27,648 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

+ 2007-03-22 18:25:42 677,376 ------w C:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe

+ 2006-10-14 15:13:02 34,304 ----a-w C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

+ 2007-03-22 18:53:16 746,496 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll

+ 2007-03-22 18:59:24 2,932,224 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll

+ 2007-03-22 18:53:16 746,496 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\mxdwdrv.dll

+ 2007-03-22 18:59:24 2,932,224 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\xpssvcs.dll

+ 2007-03-22 18:24:50 762,880 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\i386\mxdwdrv.dll

+ 2007-03-23 04:07:56 1,683,280 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\i386\xpssvcs.dll

+ 2007-03-22 18:24:50 762,880 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\mxdwdrv.dll

+ 2007-03-23 04:07:56 1,683,280 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\xpssvcs.dll

- 2006-09-25 15:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe

+ 2006-10-16 14:10:58 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe

+ 2007-10-09 10:58:20 16,896 ----a-w C:\WINDOWS\system32\tswpfwrp.exe

+ 2007-10-09 11:03:08 161,304 ----a-w C:\WINDOWS\system32\UIAutomationCore.dll

- 2004-08-04 18:00:00 36,352 ----a-w C:\WINDOWS\system32\umandlg.dll

+ 2006-10-04 13:39:42 36,352 ----a-w C:\WINDOWS\system32\umandlg.dll

- 2004-08-04 18:00:00 50,176 ----a-w C:\WINDOWS\system32\utilman.exe

+ 2006-10-04 13:34:52 50,176 ----a-w C:\WINDOWS\system32\utilman.exe

+ 2006-10-24 10:30:06 716,288 ------w C:\WINDOWS\system32\WindowsCodecs.dll

+ 2006-10-24 10:29:50 352,256 ------w C:\WINDOWS\system32\WindowsCodecsExt.dll

+ 2006-10-24 10:30:00 276,992 ------w C:\WINDOWS\system32\WMPhoto.dll

+ 2007-03-23 04:07:54 583,504 ------w C:\WINDOWS\system32\XPSSHHDR.dll

+ 2007-03-23 04:07:56 1,683,280 ------w C:\WINDOWS\system32\XpsSvcs.dll

+ 2007-10-09 11:03:08 308,760 ----a-w C:\WINDOWS\system32\XPSViewer\XPSViewer.exe

+ 2008-04-25 16:49:02 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_698.dat

+ 2007-10-23 23:47:56 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll

+ 2007-10-23 23:47:56 558,080 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll

+ 2007-10-23 23:47:56 635,904 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll

+ 2005-09-23 05:29:16 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll

+ 2005-09-23 05:29:16 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll

+ 2005-09-23 05:29:16 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SweetIM"="C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe" [2006-06-06 10:07 40960]

"Skype"="C:\Programfiler\Skype\Phone\Skype.exe" [2006-10-13 17:20 20058152]

"updateMgr"="C:\Programfiler\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

"ErrorSafeFree"="C:\Programfiler\ErrorSafe Free\uers.exe" [ ]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 20:00 15360]

"wffccvbv"="C:\WINDOWS\system32\rsrqhmzy.exe" [ ]

"tegyspio"="C:\WINDOWS\system32\sfwfwlgz.exe" [2008-04-24 23:17 106496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2005-12-19 14:52 15797248 C:\WINDOWS\RTHDCPL.exe]

"AzMixerSel"="C:\Programfiler\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 15:02 53248]

"SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-07-20 15:05 729177]

"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 20:00 208952]

"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 20:00 59392]

"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00 455168]

"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00 455168]

"PCMService"="C:\Programfiler\Acer\Acer Arcade\PCMService.exe" [2005-12-13 21:31 151552]

"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-11-28 13:55 98304]

"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-11-28 13:52 77824]

"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-11-28 13:55 118784]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-01-04 09:28 7393280]

"nwiz"="nwiz.exe" [2006-01-04 09:28 1519616 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-01-04 09:28 86016]

"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-10-19 09:30 69632]

"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-01-17 18:28 344064]

"Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-01-16 11:58 3080192]

"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-01-09 18:23 589824]

"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 18:00 397312]

"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 16:45 2462208]

"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

"SweetIM"="C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe" [2006-06-06 10:07 40960]

"Adobe Photo Downloader"="C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712]

"QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-12-11 10:56 286720]

"iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 20:00 15360]

C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\

Microsoft Office.lnk - C:\Programfiler\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]

Bluetooth Manager.lnk - C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-21 20:42:36 45056]

Adobe Reader Speed Launch.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.mkdmp3enc"= C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Programfiler\\Acer\\Acer Arcade\\PCMService.exe"=

"C:\\Programfiler\\Messenger\\msmsgs.exe"=

"C:\\Programfiler\\LimeWire\\LimeWire.exe"=

"C:\\Programfiler\\Java\\jre1.5.0_10\\BIN\\javaw.exe"=

"C:\\Programfiler\\Azureus\\Azureus.exe"=

"C:\\Programfiler\\MSN Messenger\\msnmsgr.exe"=

"C:\\Programfiler\\MSN Messenger\\livecall.exe"=

"C:\\Programfiler\\Internet Explorer\\iexplore.exe"=

"C:\\Programfiler\\SmartFTP Client\\SmartFTP.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Programfiler\\iTunes\\iTunes.exe"=

"C:\\Programfiler\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]

R1 OsaFsLoc;OsaFsLoc;C:\WINDOWS\system32\drivers\OsaFsLoc.sys [2005-10-15 18:20]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2005-04-22 16:57]

R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-22 16:57]

R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]

R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]

R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]

R3 NdisFilt;OSA NdisFilter Protocol;C:\WINDOWS\system32\Drivers\NdisFilt.sys [2005-09-13 15:34]

*Newly Created Service* - INT15.SYS

.

Contents of the 'Scheduled Tasks' folder

"2008-01-04 09:04:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Programfiler\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-25 19:20:26

Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-04-25 19:20:46

ComboFix-quarantined-files.txt 2008-04-25 17:20:44

ComboFix3.txt 2008-04-25 12:46:28

ComboFix2.txt 2008-04-25 14:36:00

Pre-Run: 13,939,834,880 byte ledig

Post-Run: 13,991,411,712 byte ledig

717 --- E O F --- 2008-04-25 16:51:43

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:51:31, on 25.04.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe

C:\Programfiler\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Acer\Empowering Technology\admServ.exe

C:\Programfiler\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

C:\Programfiler\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

C:\Programfiler\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

C:\Programfiler\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Acer\Acer Arcade\Kernel\TV\CLSched.exe

C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe

C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

C:\Programfiler\Acer\Acer Arcade\PCMService.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\Acer\Empowering Technology\eRecovery\Monitor.exe

C:\Acer\Empowering Technology\admtray.exe

C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe

C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe

C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Programfiler\iTunes\iTunesHelper.exe

C:\Programfiler\Skype\Phone\Skype.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\sfwfwlgz.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Programfiler\iPod\bin\iPodService.exe

C:\WINDOWS\explorer.exe

C:\Programfiler\internet explorer\iexplore.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/index.php?logged_o...c6378ca11d9af15

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programfiler\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar4.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar4.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AzMixerSel] C:\Programfiler\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [PCMService] "C:\Programfiler\Acer\Acer Arcade\PCMService.exe"

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe

O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [sweetIM] C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [sweetIM] C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe

O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [updateMgr] C:\Programfiler\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [ErrorSafeFree] C:\Programfiler\ErrorSafe Free\uers.exe /min

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [wffccvbv] C:\WINDOWS\system32\rsrqhmzy.exe

O4 - HKCU\..\Run: [tegyspio] C:\WINDOWS\system32\sfwfwlgz.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.start.no

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://stineabarstad.spaces.live.com//Phot...ad/MsnPUpld.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programfiler\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programfiler\Acer\Acer Arcade\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programfiler\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programfiler\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programfiler\WinPcap\rpcapd.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

--

End of file - 11192 bytes

Endret 25. april 2008 av Alastor

mjsol · 25. april 2008

Kopier loggene og lim de direkte inn i posten

Når du skal legge til en ny post (svare på et innlegg), så klikker du på knappen SVAR og ikke NYTT EMNE.

Og, om du skal forandre på en post du allerede har skrevet, velger du knappen REDIGER.

Beklage det der, når eg begynte på innlegget så ville ikkje menyen vise meg "post inlegg" knappen, har vært inne på lavasoft sine sider å sjekka opp i forumene der idag, men nå komme eg ikkje inn på suportforumet der. som om viruset nekta meg...

jeg helt Heilt fjern på dette her.

Takk for all hjelp

norbat · 25. april 2008

Ja, du har bla. en Trojan.Fake-Drop sak, så gjør følgende:

Kjør en full scan med gratisversjonen til SAS.

Den lager en logg som du finner på følgnede plass: Start SAS, velg Preferences->statistics/logs.

Når SAS er ferdigkjørt (og PC-en restartet), poster du en ny hjt-logg.

mjsol · 25. april 2008

Ja, du har bla. en Trojan.Fake-Drop sak, så gjør følgende:

Kjør en full scan med gratisversjonen til SAS.

Den lager en logg som du finner på følgnede plass: Start SAS, velg Preferences->statistics/logs.

Når SAS er ferdigkjørt (og PC-en restartet), poster du en ny hjt-logg.

Takk for hjelp, skal sette igang, har ikke skriver, så ved mye info så må penn og papir til

Takk igjen

Ja, du har bla. en Trojan.Fake-Drop sak, så gjør følgende:

Kjør en full scan med gratisversjonen til SAS.

Den lager en logg som du finner på følgnede plass: Start SAS, velg Preferences->statistics/logs.

Når SAS er ferdigkjørt (og PC-en restartet), poster du en ny hjt-logg.

Takk for hjelp, skal sette igang, har ikke skriver, så ved mye info så må penn og papir til

Takk igjen

Spm: Popup blocker av?

norbat · 25. april 2008

Popup-blocker trenger ikke å slås av pga. SAS. Eller tenkte du på noe annet?

mjsol · 25. april 2008

Popup-blocker trenger ikke å slås av pga. SAS. Eller tenkte du på noe annet?

Fikk ikke lastet den ned da poopuoblocker var på, da jeg slo på tillat, og skulle til å prøve igjen slo maskinen seg av og tok en diskkontroll på C: :l

norbat · 25. april 2008

Ok, la oss gjøre dette først:

Åpne notisblokk og kopier inn det som står i fet skrift under, lagre fila på skrivebordet som CFScript.txt.

Dra deretter fila over Combofix-iconet. Combofix vil starte igjen.

File::

C:\WINDOWS\system32\winlogonpc.exe

C:\WINDOWS\system32\hoproxy.dll

C:\Programfiler\SweetImSetup.exe

Registry::

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ErrorSafeFree"=-

"wffccvbv"=-

"tegyspio"=-

Etter restart, prøver du å hente ned SAS igjen.

mjsol · 25. april 2008

Ok, la oss gjøre dette først:

Åpne notisblokk og kopier inn det som står i fet skrift under, lagre fila på skrivebordet som CFScript.txt.

Dra deretter fila over Combofix-iconet. Combofix vil starte igjen.

File::

C:\WINDOWS\system32\winlogonpc.exe

C:\WINDOWS\system32\hoproxy.dll

C:\Programfiler\SweetImSetup.exe

Registry::

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ErrorSafeFree"=-

"wffccvbv"=-

"tegyspio"=-

Etter restart, prøver du å hente ned SAS igjen.

Kjører SAS nå.

Funnet 6 trussler hittil, 4 tracking cockies og 2 trojan Unknown Origin

mjsol · 25. april 2008

Her er HJT/SAS logg

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:54:32, on 25.04.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe

C:\Programfiler\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

C:\Programfiler\Acer\Acer Arcade\PCMService.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\PROGRA~1\LAUNCH~1\LManager.exe

C:\Acer\Empowering Technology\eRecovery\Monitor.exe

C:\Acer\Empowering Technology\admtray.exe

C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe

C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Programfiler\iTunes\iTunesHelper.exe

C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe

C:\Programfiler\Skype\Phone\Skype.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\sfwfwlgz.exe

C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Acer\Empowering Technology\admServ.exe

C:\Programfiler\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Programfiler\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

C:\Programfiler\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

C:\Programfiler\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Programfiler\Acer\Acer Arcade\Kernel\TV\CLSched.exe

C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe

C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe

C:\DOCUME~1\Stine\LOKALE~1\Temp\RtkBtMnt.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Programfiler\iPod\bin\iPodService.exe

C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/index.php?logged_o...c6378ca11d9af15

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programfiler\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\INSTAL~1\SPYBOT~1\SDHelper.dll