Changeset 1347

Show
Ignore:
Timestamp:
03/10/08 11:23:38 (6 months ago)
Author:
kindlund
Message:

Updated white list for Windows Update.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • honeyclient/trunk/thirdparty/capture-mod/FileMonitor.exl

    r1346 r1347  
    207207+   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD1\.tmp\\wuweb\.cat 
    208208+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\system32\\CatRoot2\\dberr\.txt 
    209 +   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\LastGood\\TMP1\.tmp 
    210 +   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\system32\\SET3\.tmp 
    211 +   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\system32\\SET3\.tmp 
    212 +   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\Downloaded Program Files\\SET4\.tmp 
    213 +   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\Downloaded Program Files\\SET4\.tmp 
     209+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\LastGood\\TMP.?.?\.tmp 
     210+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\system32\\SET.?.?\.tmp 
     211+   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\system32\\SET.?.?\.tmp 
     212+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\Downloaded Program Files\\SET.?.?\.tmp 
     213+   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\Downloaded Program Files\\SET.?.?\.tmp 
    214214+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WuRedir\\9482F4B4-E343-43B6-B170-9A65BC822C77\\wuredir\.cab\.bak 
    215215+   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WuRedir\\9482F4B4-E343-43B6-B170-9A65BC822C77\\wuredir\.cab\.bak 
     
    217217+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WuRedir\\9482F4B4-E343-43B6-B170-9A65BC822C77\\wuredir\.cab 
    218218+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WebSetup\\wuident\.txt 
     219+   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WebSetup\\wuident\.txt 
    219220+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WebSetup\\wuident\.cab 
     221+   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WebSetup\\wuident\.cab 
    220222+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WebSetup\\wsus3setup\.cab 
     223+   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WebSetup\\wsus3setup\.cab 
    221224+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WebSetup\\wsus3setup\.inf 
     225+   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WebSetup\\wsus3setup\.inf 
    222226+   Write   C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WebSetup\\wsus3setup\.cat 
     227+   Delete  C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\SoftwareDistribution\\WebSetup\\wsus3setup\.cat 
    223228+   Delete  C:\\WINDOWS\\system32\\svchost\.exe C:\\WINDOWS\\system32\\CatRoot2\\tmp\.edb 
    224229+   Write   C:\\WINDOWS\\system32\\winlogon\.exe    C:\\WINDOWS\\system32\\dllcache\\wuweb\.dll\.new