[InActive K ]Redirected on internet, information being stolen

[acelee]

Beyond a constant redirect two accounts of mine with different user names and passwords were hacked within two days of me using the computer and accessing those sites.  Also I can't search for the name of this virus in any search bar, I even put the name of this virus in this post but when I did the computer won't let me post or preview.  I need your help.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:17:56 AM, on 7/29/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Vid\vid.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0983.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0983.0\msneshellx.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Blorukurubohojaf] rundll32.exe "C:\WINDOWS\anequwezanonulur.dll",Startup
O4 - HKLM\..\Run: [SBAMTray] "C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Logitech Vid HD] "C:\Program Files\Logitech\Vid\vid.exe" -bootmode
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O8 - Extra context menu item: e&xport to microsoft excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67dabfbf-d0ab-41fa-9c46-cc0f21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F0006AA7-D371-4315-888F-D143BD1DFA09} (Merant Collage PopupMenu Control) - http://cms.andrews.edu/servlet/lib/PopupMenu.dll
O18 - Protocol: groovelocalgws - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: itlnfw32 - itlnfw32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: VIPRE Antivirus (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
O23 - Service: SB Recovery Service (SBPIMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 10493 bytes

[kevinf80]

Hello acelee and welcome to SpywareHammer,

I'm kevinf80 and I will be helping with any malware issues you may have with your system.

• Please be aware that some of the logs I may ask for can be very complex and can take a long time to decipher. I am a volunteer here with a job and family so I ask that you be patient when waiting for replies.
• Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.
• Either print or Save to Notepad all instructions and please follow them carefully, if there's something you don't understand or that will not work please let me know and we will go through it together.
• Malware is often buggy and can be very unstable, with that in mind it is advisable to backup any important data before we begin.
• If you do not reply within 72 hours the thread will be closed, if you need more time let me know. Likewise if I do not respond within 48 hours feel free to PM me.
• If you have any P2P applications installed such as BitTorrent, uTorrent, Limewire etc etc, please uninstall them before we begin.
• If you are using Cracked or Illegal software your thread will be locked and all help will cease.

Please proceed as follows :-

Step 1

Please download OTM by OldTimer.
Alternative Mirror 1
Alternative Mirror 2 
Save it to your desktop.
Double click OTM.exe to start the tool. Vista or Windows 7 users right click and select Run as Administrator

• Copy the text between the dotted lines below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  -------------------------------------------------------------------
  
  :Reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Blorukurubohojaf"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
  "itlnfw32"=-
  :Files
  ipconfig /flushdns /c
  C:\WINDOWS\anequwezanonulur.dll
  :Commands
  [EmptyTemp]
  [Reboot]
   
  ---------------------------------------------------------------------
  
  
• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  
• Click the red button.
  
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTM
  

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

Step 2

I see you have Malwarebytes installed,

• Open Malwarebytes, check for updates before proceeding.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• Please save the log to a location you will remember.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 3

Download Security Check by screen317 from HERE or HERE.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

What i`d like in your reply :-

• Log from OTM
• Log from Malwarebytes
• Log from Security Check

Kevin

[acelee]

 I can't remove the viruses I've found in Malwarebytes EVEN after Reboot.  And as I said earlier I can't post it in ANYTHING so even now when I've tried to post the log the part where the name of the virus is appears to not let the page go through, it just immediately goes to "connection timed out" or whatever and tells me to try again.  What I'm going to try this time is spacing out each letter of the word and see if it will let me send it.  Hopefully this makes sense. 

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7326

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/30/2011 12:16:54 PM
mbam-log-2011-07-30 (12-16-54).txt

Scan type: Quick scan
Objects scanned: 171564
Time elapsed: 11 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (H ijack. Windows Updates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Delete on reboot.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (H ijack. Windows Updates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Delete on reboot.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


 Results of screen317's Security Check version 0.99.18 
 Windows XP Service Pack 3 
 Internet Explorer 8 
``````````````````````````````
Antivirus/Firewall Check:
 VIPRE Antivirus     
```````````````````````````````
Anti-malware/Other Utilities Check:
 Malwarebytes' Anti-Malware   
 Java(TM) 6 Update 21 
 Java(TM) 6 Update 7 
 Java 2 Runtime Environment, SE v1.4.2_03
 Out of date Java installed!
Flash Player Out of Date!
 Adobe Flash Player    10.2.159.1 
 Mozilla Firefox (3.6.18) Firefox Out of Date! 
````````````````````````````````
Process Check: 
objlist.exe by Laurent
 Malwarebytes' Anti-Malware mbamservice.exe 
 Malwarebytes' Anti-Malware mbamgui.exe 
``````````End of Log````````````


OTM


User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 15171050 bytes
->Java cache emptied: 47705 bytes
->FireFox cache emptied: 86525794 bytes
->Flash cache emptied: 70536 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 192381719 bytes
->Java cache emptied: 17664 bytes
->Flash cache emptied: 33336 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2952721 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 145713768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 121356 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 165843 bytes
RecycleBin emptied: 1838295431 bytes
 
Total Files Cleaned = 4,849.00 mb
 
 
OTM by OldTimer - Version 3.1.18.0 log created on 07302011_103654

Files moved on Reboot...

Registry entries deleted on Reboot...

[kevinf80]

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

Link 1
Link 2

• Ensure that Combofix is saved directly to the Desktop <--- Very important
  
  Before saving Combofix to the Desktop re-name to Gotcha.exe as below:
  
  
  
  
  
• Disable all security programs as they will have a negative effect on Combofix, instructions available Here if required. Be aware the list may not have all programs listed, if you need more help please ask.
  
  
• Close any open browsers and any other programs you might have running
• Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
  
  
• Instructions for running Combofix available Here if required.
  
  
• If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
• When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read Here why  disabling autoruns is recommended.

*EXTRA NOTES*

• If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
• If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
• If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

Post the log in next reply please...

Kevin

[acelee]

Here is the ComboFix Log.  I was NOT able to save it under a different name but I hope that isn't a problem.  Also I was not able to save it directly to my desktop as my computer only gave me the option to send it directly to "Downloads".  I then and pasted it onto the desktop.  Please advise if this is not sufficient.  Also Windows update of which the virus was so aptly named has been doing updates all morning, not sure if the problem is solved or what I need to do next to get "Clean". 

ComboFix 11-07-29.01 - abe jr 07/31/2011   9:11.2.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.510.181 [GMT -4:00]
Running from: c:\documents and settings\abe jr\Desktop\ComboFix.exe
AV: Sunbelt VIPRE *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\NetworkService\Local Settings\Application Data\jyh.exe
.
.
(((((((((((((((((((((((((   Files Created from 2011-06-28 to 2011-07-31  )))))))))))))))))))))))))))))))
.
.
2011-07-31 12:52 . 2011-07-31 12:52   --------   d-----w-   c:\windows\LastGood
2011-07-30 01:26 . 2011-07-30 01:26   --------   d-sh--w-   c:\documents and settings\Administrator\PrivacIE
2011-07-29 17:11 . 2011-07-29 17:11   --------   d-----w-   C:\_OTM
2011-07-23 13:35 . 2011-07-23 13:35   388096   ----a-r-   c:\documents and settings\abe jr\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-23 13:35 . 2011-07-23 13:35   --------   d-----w-   c:\program files\Trend Micro
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-06 23:52 . 2011-01-03 20:11   41272   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 23:52 . 2011-01-03 20:11   22712   -c--a-w-   c:\windows\system32\drivers\mbam.sys
2011-05-27 02:00 . 2011-05-27 02:00   0   --sha-w-   c:\documents and settings\All Users\Application Data\aox.exe
2011-05-27 02:00 . 2011-05-27 02:00   0   --sha-w-   c:\documents and settings\All Users\Application Data\ylr.exe
2011-05-27 02:00 . 2011-05-27 02:00   0   --sha-w-   c:\documents and settings\All Users\Application Data\myj.exe
2011-05-27 02:00 . 2011-05-27 02:00   0   --sha-w-   c:\documents and settings\LocalService\Local Settings\Application Data\rpl.exe
2011-05-27 02:00 . 2011-05-27 02:00   0   --sha-w-   c:\documents and settings\All Users\Application Data\xlv.exe
2011-05-27 02:00 . 2011-05-27 02:00   0   --sha-w-   c:\documents and settings\All Users\Application Data\ita.exe
2011-05-27 02:00 . 2011-05-27 02:00   0   --sha-w-   c:\documents and settings\LocalService\Local Settings\Application Data\obu.exe
2011-05-27 02:00 . 2011-05-27 02:00   0   --sha-w-   c:\documents and settings\LocalService\Local Settings\Application Data\fej.exe
2011-05-27 02:00 . 2011-05-27 02:00   0   --sha-w-   c:\documents and settings\LocalService\Local Settings\Application Data\cxa.exe
2011-05-23 19:22 . 2011-05-23 19:22   0   --sha-w-   c:\documents and settings\All Users\Application Data\kkh.exe
2011-05-23 19:22 . 2011-05-23 19:22   0   --sha-w-   c:\documents and settings\All Users\Application Data\jub.exe
2011-05-23 19:22 . 2011-05-23 19:22   0   --sha-w-   c:\documents and settings\All Users\Application Data\wmy.exe
2011-05-23 19:22 . 2011-05-23 19:22   0   --sha-w-   c:\documents and settings\All Users\Application Data\nrf.exe
2011-05-23 19:22 . 2011-05-23 19:22   0   --sha-w-   c:\documents and settings\NetworkService\Local Settings\Application Data\mde.exe
2011-05-23 19:22 . 2011-05-23 19:22   0   --sha-w-   c:\documents and settings\All Users\Application Data\jcv.exe
2011-05-23 19:22 . 2011-05-23 19:22   0   --sha-w-   c:\documents and settings\NetworkService\Local Settings\Application Data\jle.exe
2011-05-23 19:22 . 2011-05-23 19:22   0   --sha-w-   c:\documents and settings\NetworkService\Local Settings\Application Data\clt.exe
2011-05-23 11:55 . 2011-05-23 11:55   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-11 20:55 . 2011-05-11 20:55   42832   ----a-w-   c:\windows\system32\sbbd.exe
2011-05-11 20:26 . 2010-08-30 16:21   74968   ----a-w-   c:\windows\system32\drivers\sbapifs.sys
2011-05-11 20:26 . 2010-08-30 16:21   21592   ----a-w-   c:\windows\system32\drivers\sbaphd.sys
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-07-31_04.01.45   )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-31 12:48 . 2011-07-31 12:48   16384              c:\windows\Temp\Perflib_Perfdata_7c.dat
+ 2011-07-31 12:48 . 2011-07-31 12:48   16384              c:\windows\Temp\Perflib_Perfdata_148.dat
+ 2008-10-16 20:09 . 2009-08-06 23:24   44768              c:\windows\system32\wups2.dll
+ 2004-08-10 18:02 . 2009-08-06 23:24   35552              c:\windows\system32\wups.dll
+ 2004-08-10 18:02 . 2009-08-06 23:24   35552              c:\windows\system32\dllcache\wups.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2004-07-19 306688]
"Logitech Vid HD"="c:\program files\Logitech\Vid\vid.exe" [2010-05-11 6061400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-06-06 26112]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230704]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"SBAMTray"="c:\program files\Sunbelt Software\VIPRE\SBAMTray.exe" [2011-05-11 1353040]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-6-6 24576]
NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2009-12-23 2330624]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Logitech\\Vid\\Vid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\globallyopenports\list]
"1786:TCP"= 1786:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [8/30/2010 12:21 PM 21592]
R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [8/30/2010 11:24 AM 212568]
R2 akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/10/2004 1:51 PM 14336]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [12/19/2008 4:00 PM 38144]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/3/2011 4:11 PM 366640]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [8/30/2010 12:21 PM 74968]
R2 SBPIMSvc;SB Recovery Service;c:\program files\Sunbelt Software\VIPRE\SBPIMSvc.exe [5/11/2011 4:54 PM 181584]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/3/2011 4:11 PM 22712]
R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [7/31/2009 3:12 PM 341504]
S1 21966608;21966608;c:\windows\system32\drivers\21966608.sys [7/13/2009 3:36 AM 0]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [4/29/2011 2:15 PM 101720]
S2 SBAMSvc;VIPRE Antivirus;c:\program files\Sunbelt Software\VIPRE\SBAMSvc.exe [5/11/2011 4:54 PM 2804280]
S3 BELKIN;Belkin Wireless G USB Network Adapter;c:\windows\system32\drivers\BLKWGU.sys [12/19/2008 3:56 PM 273280]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [1/3/2011 4:11 PM 41272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai   REG_MULTI_SZ      Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = <local>;*.local
IE: e&xport to microsoft excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1 68.87.72.134 68.87.77.134
DPF: {F0006AA7-D371-4315-888F-D143BD1DFA09} - hxxp://cms.andrews.edu/servlet/lib/PopupMenu.dll
FF - ProfilePath - c:\documents and settings\abe jr\Application Data\Mozilla\Firefox\Profiles\xljwbxz6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: XULRunner: {7169C891-3EB6-4B2B-8241-5E864DDF5E48} - c:\documents and settings\abe jr\Local Settings\Application Data\{7169C891-3EB6-4B2B-8241-5E864DDF5E48}
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\abe jr\Application Data\Move Networks
FF - user.js: general.useragent.extra.zencast -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-31 09:28
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST380011A rev.8.16 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
.
device: opened successfully
user: MBR read successfully
error: Read  A device attached to the system is not functioning.
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x82F2C53B
user & kernel MBR OK
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(808)
c:\windows\system32\WININET.dll
.
- - - - - - - > 'lsass.exe'(868)
c:\windows\system32\WININET.dll
.
Completion time: 2011-07-31  09:33:54
ComboFix-quarantined-files.txt  2011-07-31 13:33
ComboFix2.txt  2011-07-31 04:17
.
Pre-Run: 10,870,812,672 bytes free
Post-Run: 10,860,560,384 bytes free
.
- - End Of File - - 0233867CAD44C7744221356673C3AD54

[acelee]

My most recent malwarebytes scan.  Looks okay I think.  Not sure what to do going forward to protect myself from this type of problem in the future.

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7337

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/31/2011 10:40:18 AM
mbam-log-2011-07-31 (10-40-16).txt

Scan type: Quick scan
Objects scanned: 172742
Time elapsed: 25 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[kevinf80]

To save files to Desktop using Firefox do the following:

Select > Tools > Options > General Tab > Select "save files to" > Select "Browse" tab, then navigate to "Desktop" then select "OK" I`ve attached an image for reference.

Then as follows :-

Step 1

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the Codebox below into it:

Code: [Select]

KillAll::
File::
c:\documents and settings\All Users\Application Data\aox.exe
c:\documents and settings\All Users\Application Data\ylr.exe
c:\documents and settings\All Users\Application Data\myj.exe
c:\documents and settings\LocalService\Local Settings\Application Data\rpl.exe
c:\documents and settings\All Users\Application Data\xlv.exe
c:\documents and settings\All Users\Application Data\ita.exe
c:\documents and settings\LocalService\Local Settings\Application Data\obu.exe
c:\documents and settings\LocalService\Local Settings\Application Data\fej.exe
c:\documents and settings\LocalService\Local Settings\Application Data\cxa.exe
c:\documents and settings\All Users\Application Data\kkh.exe
c:\documents and settings\All Users\Application Data\jub.exe
c:\documents and settings\All Users\Application Data\wmy.exe
c:\documents and settings\All Users\Application Data\nrf.exe
c:\documents and settings\NetworkService\Local Settings\Application Data\mde.exe
c:\documents and settings\All Users\Application Data\jcv.exe
c:\documents and settings\NetworkService\Local Settings\Application Data\jle.exe
c:\documents and settings\NetworkService\Local Settings\Application Data\clt.exe
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\globallyopenports\list]
"1786:TCP"=-
"5000:UDP"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=-
"FirewallOverride"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 1
"DisableNotifications"= 0

Save this as CFScript.txt, and as Type: All Files (*.*) in the same location as ComboFix.exe





Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Step 2

Run ESET Online Scan

• Hold down Control and click on the following link to open ESET OnlineScan in a new window.

ESET OnlineScan

• Click the button.
  
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

• Check
  
• Click the button.
  
• Accept any security warnings from your browser.
• Check
  
• Leave the tick out of remove found threats
  
• Push the Start button.
  
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, push
  
• Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  
• Push the button.
  
• Push
  

You can refer to this animation by neomage if needed.
Frequently asked questions available Here  Please read them before running the scan.

Also be aware this scan can take between one and several hours to complete depending on the size of your system.

ESET log can be found here "C:\Program Files\ESET\EsetOnlineScanner\log.txt".

Let me see the logs from Combofix and ESET in your reply. Also you ran Combofix previously can I see that log also, find it here C:\Qoobox\ComboFix2.txt

Kevin

[kevinf80]

Still with us acelee?

[kevinf80]

Due to the lack of feedback this topic is closed. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

[kevinf80]

Re-opened at request of originator....

[acelee]

Not able to do the Combo fix using CFScript.txt.  Once it gets to the section that says ".... this will probably take about ten minutes". It gets stuck on the screen.  Waited about two hours and it didn't continue.  What should I do? Are you saying that the first combo fix log was not right?

[kevinf80]

No I`m not saying the first run of Combofix was wrong, I had added extras that Combofix has shown that needs to be removed to a Script fix, this is not unusual in any way. This is the problem when folk do not respond in a timely manner, as you can see from the log you`ve had active malware on your system since my response to you on 31st July. Now we more or less have to start again because you chose to let your thread lapse by approx 10 days.

Ok we will run a different tool and see if we can remove what was identified previously. We will also have to re-run CF from scratch.....

As follows please :-

Step 1

Please download OTM by OldTimer.
Alternative Mirror 1
Alternative Mirror 2 
Save it to your desktop.
Double click OTM.exe to start the tool. Vista or Windows 7 users right click and select Run as Administrator

• Copy the text between the dotted lines below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  -------------------------------------------------------------------
  
  :Registry
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\globallyopenports\list]
  "1786:TCP"=-
  "5000:UDP"=-
  :Files
  ipconfig /flushdns /c
  c:\documents and settings\All Users\Application Data\aox.exe
  c:\documents and settings\All Users\Application Data\ylr.exe
  c:\documents and settings\All Users\Application Data\myj.exe
  c:\documents and settings\LocalService\Local Settings\Application Data\rpl.exe
  c:\documents and settings\All Users\Application Data\xlv.exe
  c:\documents and settings\All Users\Application Data\ita.exe
  c:\documents and settings\LocalService\Local Settings\Application Data\obu.exe
  c:\documents and settings\LocalService\Local Settings\Application Data\fej.exe
  c:\documents and settings\LocalService\Local Settings\Application Data\cxa.exe
  c:\documents and settings\All Users\Application Data\kkh.exe
  c:\documents and settings\All Users\Application Data\jub.exe
  c:\documents and settings\All Users\Application Data\wmy.exe
  c:\documents and settings\All Users\Application Data\nrf.exe
  c:\documents and settings\NetworkService\Local Settings\Application Data\mde.exe
  c:\documents and settings\All Users\Application Data\jcv.exe
  c:\documents and settings\NetworkService\Local Settings\Application Data\jle.exe
  c:\documents and settings\NetworkService\Local Settings\Application Data\clt.exe
  :Commands
  [EmptyTemp]
  [Reboot]
   
  ---------------------------------------------------------------------
  
  
• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  
• Click the red button.
  
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTM
  

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

If you have trouble running OTM, disconnect from the internet and turn off all security. If you still have issues move on to Combofix

Step 2

Ensure you have an active internet connection...

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

Link 1
Link 2

• Ensure that Combofix is saved directly to the Desktop <--- Very important
  
  Before saving Combofix to the Desktop re-name to Gotcha.exe as below:
  
  
  
  
  
• Disable all security programs as they will have a negative effect on Combofix, instructions available Here if required. Be aware the list may not have all programs listed, if you need more help please ask.
  
  
• Close any open browsers and any other programs you might have running
• Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
  
  
• Instructions for running Combofix available Here if required.
  
  
• If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
• When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read Here why  disabling autoruns is recommended.

*EXTRA NOTES*

• If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
• If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
• If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

Post the logs in next reply please...

Kevin

[acelee]

Sorry for taking so long to get back to you last time.  I definitely apologize.  Had the parents in town which made things difficult.  But I'm back and ready.  Umm with this post it was saying that the combo fix log "....exceeded 50000 characters" so I broke it up into two posts and it said that it was still too long so I'm going to try breaking it into four posts I swear I'm not spamming... :).

ComboFix 11-08-14.02 - abe jr 08/14/2011   9:24.3.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.510.174 [GMT -4:00]
Running from: c:\documents and settings\abe jr\Desktop\Gotcha.exe
AV: Sunbelt VIPRE *Disabled/Outdated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2011-07-14 to 2011-08-14  )))))))))))))))))))))))))))))))
.
.
2011-08-10 00:17 . 2011-06-24 14:10   139656   ------w-   c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 00:16 . 2011-07-08 14:02   10496   ------w-   c:\windows\system32\dllcache\ndistapi.sys
2011-08-02 22:43 . 2011-08-02 22:43   --------   d-----w-   C:\a8c4613f5e3053ce53
2011-08-01 01:55 . 2010-08-23 16:12   617472   ------w-   c:\windows\system32\dllcache\comctl32.dll
2011-08-01 01:54 . 2010-06-14 14:31   744448   ------w-   c:\windows\system32\dllcache\helpsvc.exe
2011-08-01 01:54 . 2010-11-02 15:17   40960   ------w-   c:\windows\system32\dllcache\ndproxy.sys
2011-08-01 01:50 . 2011-04-21 13:37   105472   ------w-   c:\windows\system32\dllcache\mup.sys
2011-07-31 13:56 . 2011-06-23 18:36   743424   ------w-   c:\windows\system32\dllcache\iedvtool.dll
2011-07-31 13:53 . 2010-06-18 13:36   3558912   ------w-   c:\windows\system32\dllcache\moviemk.exe
2011-07-31 12:53 . 2010-10-11 14:59   45568   ------w-   c:\windows\system32\dllcache\wab.exe
2011-07-30 01:26 . 2011-07-30 01:26   --------   d-sh--w-   c:\documents and settings\Administrator\PrivacIE
2011-07-29 17:11 . 2011-07-29 17:11   --------   d-----w-   C:\_OTM
2011-07-23 13:35 . 2011-07-23 13:35   388096   ----a-r-   c:\documents and settings\abe jr\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-23 13:35 . 2011-07-23 13:35   --------   d-----w-   c:\program files\Trend Micro
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-15 13:29 . 2005-06-06 14:57   456320   ----a-w-   c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-10 17:51   10496   ----a-w-   c:\windows\system32\drivers\ndistapi.sys
2011-07-06 23:52 . 2011-01-03 20:11   41272   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 23:52 . 2011-01-03 20:11   22712   -c--a-w-   c:\windows\system32\drivers\mbam.sys
2011-06-24 14:10 . 2004-08-10 18:01   139656   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2004-08-10 17:51   916480   ----a-w-   c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2004-08-10 17:51   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2011-06-23 18:36 . 2004-08-10 17:51   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-10 17:51   385024   ----a-w-   c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-10 17:51   293376   ----a-w-   c:\windows\system32\winsrv.dll
2011-06-02 14:02 . 2004-08-10 17:51   1858944   ----a-w-   c:\windows\system32\win32k.sys
2011-05-23 11:55 . 2011-05-23 11:55   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-07-31_04.01.45   )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-14 13:12 . 2011-08-14 13:12   16384              c:\windows\Temp\Perflib_Perfdata_e0.dat
+ 2011-08-14 13:12 . 2011-08-14 13:12   16384              c:\windows\Temp\Perflib_Perfdata_7ec.dat
+ 2008-10-16 20:09 . 2009-08-06 23:24   44768              c:\windows\system32\wups2.dll
+ 2004-08-10 18:02 . 2009-08-06 23:24   35552              c:\windows\system32\wups.dll
+ 2004-08-10 17:51 . 2009-06-25 08:25   54272              c:\windows\system32\wdigest.dll
+ 2008-07-14 11:09 . 2010-11-03 13:12   46080              c:\windows\system32\tzchange.exe
+ 2004-08-10 17:51 . 2009-06-12 12:31   76288              c:\windows\system32\telnet.exe
- 2004-08-10 17:51 . 2008-04-14 00:12   75776              c:\windows\system32\strmfilt.dll
+ 2004-08-10 17:51 . 2009-10-21 05:38   75776              c:\windows\system32\strmfilt.dll
+ 2004-08-10 17:51 . 2010-08-27 05:57   99840              c:\windows\system32\srvsvc.dll
+ 2004-08-10 17:51 . 2010-08-17 13:17   58880              c:\windows\system32\spoolsv.exe
+ 2004-08-10 17:51 . 2009-06-25 08:25   56832              c:\windows\system32\secur32.dll
- 2004-08-10 17:51 . 2009-02-03 19:59   56832              c:\windows\system32\secur32.dll
+ 2004-08-10 17:51 . 2009-10-12 13:38   79872              c:\windows\system32\raschap.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   79872              c:\windows\system32\raschap.dll
+ 2010-03-31 04:16 . 2010-03-31 04:16   99176              c:\windows\system32\PresentationHostProxy.dll
- 2004-08-10 17:51 . 2011-04-02 18:12   72576              c:\windows\system32\perfc009.dat
+ 2004-08-10 17:51 . 2011-08-10 07:35   72576              c:\windows\system32\perfc009.dat
+ 2009-11-07 05:07 . 2009-11-07 05:07   49488              c:\windows\system32\netfxperf.dll
+ 2009-11-06 02:17 . 2009-11-06 02:17   11600              c:\windows\system32\mui\0409\mscorees.dll
+ 2004-08-04 05:56 . 2009-11-27 17:11   17920              c:\windows\system32\msyuv.dll
+ 2004-08-10 17:51 . 2009-11-27 16:07   28672              c:\windows\system32\msvidc32.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   11264              c:\windows\system32\msrle32.dll
+ 2004-08-10 17:51 . 2009-11-27 16:07   11264              c:\windows\system32\msrle32.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   66560              c:\windows\system32\mshtmled.dll
- 2004-08-10 17:51 . 2009-03-08 08:31   66560              c:\windows\system32\mshtmled.dll
- 2007-08-13 23:54 . 2009-03-08 08:31   55296              c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 23:54 . 2011-06-23 18:36   55296              c:\windows\system32\msfeedsbs.dll
+ 2004-08-10 17:51 . 2009-09-04 21:03   58880              c:\windows\system32\msasn1.dll
- 2004-08-10 17:51 . 2009-04-30 21:22   25600              c:\windows\system32\jsproxy.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   25600              c:\windows\system32\jsproxy.dll
+ 2004-08-04 05:56 . 2009-11-27 16:07   48128              c:\windows\system32\iyuv_32.dll
- 2004-08-10 18:02 . 2008-04-14 00:11   81920              c:\windows\system32\isign32.dll
+ 2004-08-10 18:02 . 2010-11-18 18:12   81920              c:\windows\system32\isign32.dll
- 2004-08-10 17:51 . 2008-04-14 00:11   80384              c:\windows\system32\iccvid.dll
+ 2004-08-10 17:51 . 2010-06-17 14:03   80384              c:\windows\system32\iccvid.dll
+ 2004-08-10 17:51 . 2009-10-21 05:38   25088              c:\windows\system32\httpapi.dll
+ 2004-08-10 17:51 . 2009-10-15 16:28   81920              c:\windows\system32\fontsub.dll
+ 2004-08-10 17:51 . 2010-11-02 15:17   40960              c:\windows\system32\drivers\ndproxy.sys
+ 2004-08-10 17:51 . 2009-06-24 11:18   92928              c:\windows\system32\drivers\ksecdd.sys
- 2004-08-10 17:50 . 2008-04-14 00:11   45568              c:\windows\system32\dnsrslvr.dll
+ 2004-08-10 17:50 . 2009-04-20 17:17   45568              c:\windows\system32\dnsrslvr.dll
+ 2009-06-25 20:26 . 2011-06-23 18:36   12800              c:\windows\system32\dllcache\xpshims.dll
- 2009-06-25 20:26 . 2009-04-30 21:22   12800              c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-10 18:02 . 2009-08-06 23:24   35552              c:\windows\system32\dllcache\wups.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25   54272              c:\windows\system32\dllcache\wdigest.dll
+ 2004-08-10 17:51 . 2009-06-12 12:31   76288              c:\windows\system32\dllcache\telnet.exe
+ 2004-08-10 17:51 . 2009-10-21 05:38   75776              c:\windows\system32\dllcache\strmfilt.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   75776              c:\windows\system32\dllcache\strmfilt.dll
+ 2010-08-27 05:57 . 2010-08-27 05:57   99840              c:\windows\system32\dllcache\srvsvc.dll
+ 2010-08-17 13:17 . 2010-08-17 13:17   58880              c:\windows\system32\dllcache\spoolsv.exe
- 2009-02-03 19:59 . 2009-02-03 19:59   56832              c:\windows\system32\dllcache\secur32.dll
+ 2009-02-03 19:59 . 2009-06-25 08:25   56832              c:\windows\system32\dllcache\secur32.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38   79872              c:\windows\system32\dllcache\raschap.dll
+ 2004-08-04 05:56 . 2009-11-27 17:11   17920              c:\windows\system32\dllcache\msyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07   28672              c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07   11264              c:\windows\system32\dllcache\msrle32.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   66560              c:\windows\system32\dllcache\mshtmled.dll
- 2004-08-10 17:51 . 2009-03-08 08:31   66560              c:\windows\system32\dllcache\mshtmled.dll
+ 2008-12-19 22:12 . 2011-06-23 18:36   55296              c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-12-19 22:12 . 2009-03-08 08:31   55296              c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03   58880              c:\windows\system32\dllcache\msasn1.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   43520              c:\windows\system32\dllcache\licmgr10.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18   92928              c:\windows\system32\dllcache\ksecdd.sys
- 2008-08-20 05:38 . 2009-04-30 21:22   25600              c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-20 05:38 . 2011-06-23 18:36   25600              c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 05:56 . 2009-11-27 16:07   48128              c:\windows\system32\dllcache\iyuv_32.dll
+ 2004-08-10 18:02 . 2010-11-18 18:12   81920              c:\windows\system32\dllcache\isign32.dll
- 2004-08-10 18:02 . 2008-04-14 00:11   81920              c:\windows\system32\dllcache\isign32.dll
+ 2009-10-21 05:38 . 2009-10-21 05:38   25088              c:\windows\system32\dllcache\httpapi.dll
+ 2004-08-10 17:51 . 2009-10-15 16:28   81920              c:\windows\system32\dllcache\fontsub.dll
+ 2009-04-20 17:17 . 2009-04-20 17:17   45568              c:\windows\system32\dllcache\dnsrslvr.dll
+ 2011-04-26 11:07 . 2011-04-26 11:07   33280              c:\windows\system32\dllcache\csrsrv.dll
+ 2004-08-10 17:50 . 2010-01-13 14:01   86016              c:\windows\system32\dllcache\cabview.dll
- 2004-08-10 17:50 . 2008-04-14 00:11   84992              c:\windows\system32\dllcache\avifil32.dll
+ 2004-08-10 17:50 . 2009-11-27 16:07   84992              c:\windows\system32\dllcache\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01   58880              c:\windows\system32\dllcache\atl.dll
+ 2010-03-05 14:37 . 2010-03-05 14:37   65536              c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-10 17:50 . 2011-04-26 11:07   33280              c:\windows\system32\csrsrv.dll
+ 2004-08-10 17:50 . 2010-01-13 14:01   86016              c:\windows\system32\cabview.dll
- 2004-08-10 17:50 . 2008-04-14 00:11   84992              c:\windows\system32\avifil32.dll
+ 2004-08-10 17:50 . 2009-11-27 16:07   84992              c:\windows\system32\avifil32.dll
- 2004-08-10 17:50 . 2008-04-14 00:11   58880              c:\windows\system32\atl.dll
+ 2004-08-10 17:50 . 2009-07-17 19:01   58880              c:\windows\system32\atl.dll
+ 2004-08-10 17:50 . 2010-03-05 14:37   65536              c:\windows\system32\asycfilt.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48   32768              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2008-07-29 23:16 . 2008-07-29 23:16   32768              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13648              c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2011-08-02 22:50 . 2008-07-25 15:17   77824              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Web.RegularExpressions.dll
+ 2011-08-02 22:50 . 2008-07-25 15:17   81920              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Drawing.Design.dll
+ 2011-08-02 22:52 . 2008-07-25 15:17   81920              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Configuration.Install.dll
+ 2011-08-02 22:51 . 2008-07-25 15:16   12800              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-08-02 22:51 . 2008-07-25 15:16   32768              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.Vsa.dll
+ 2011-08-02 22:51 . 2008-07-25 15:16   28672              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.VisualBasic.Vsa.dll
+ 2011-08-02 22:52 . 2008-07-25 15:16   77824              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.Build.Utilities.dll
+ 2011-08-02 22:52 . 2008-07-25 15:16   36864              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.Build.Framework.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   72192              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\ISymWrapper.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   77824              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\IEHost.dll
+ 2011-08-02 22:50 . 2008-07-25 15:17   69120              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\CustomMarshalers.dll
+ 2011-08-02 22:50 . 2008-07-25 15:16   13312              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\cscompmgd.dll
+ 2011-08-02 22:50 . 2008-07-25 15:17   10752              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Accessibility.dll
+ 2010-09-22 13:43 . 2010-09-22 13:43   30544              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2009-06-24 23:56 . 2009-06-24 23:56   73728              c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2010-09-23 19:55 . 2010-09-23 19:55   81920              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26   77824              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-14 01:58 . 2007-04-14 01:58   77824              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-14 01:57 . 2007-04-14 01:57   86016              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26   86016              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26   81920              c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-14 01:57 . 2007-04-14 01:57   81920              c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-14 02:30 . 2007-04-14 02:30   32768              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-09-23 07:17 . 2010-09-23 07:17   32768              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-21 00:19 . 2003-02-21 00:19   24576              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-09-23 07:17 . 2010-09-23 07:17   24576              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13648              c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13648              c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13648              c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13648              c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13664              c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13688              c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13664              c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13696              c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13656              c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13656              c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13656              c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13672              c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   13664              c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07   86864              c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2011-07-31 13:39 . 2011-07-31 13:39   32768              c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2011-08-10 07:07 . 2011-04-25 16:11   12800              c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   66560              c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   55296              c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   43520              c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   25600              c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
+ 2011-07-31 15:45 . 2009-04-30 21:22   12800              c:\windows\ie8updates\KB2530548-IE8\xpshims.dll
+ 2011-07-31 15:45 . 2009-03-08 08:31   66560              c:\windows\ie8updates\KB2530548-IE8\mshtmled.dll
+ 2011-07-31 15:45 . 2009-03-08 08:31   55296              c:\windows\ie8updates\KB2530548-IE8\msfeedsbs.dll
+ 2011-07-31 15:45 . 2009-03-08 08:34   43008              c:\windows\ie8updates\KB2530548-IE8\licmgr10.dll
+ 2011-07-31 15:45 . 2009-04-30 21:22   25600              c:\windows\ie8updates\KB2530548-IE8\jsproxy.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11   17920              c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07   48128              c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2011-07-31 15:14 . 2011-07-31 15:14   90112              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b5feee70\System.Drawing.Design.dll
+ 2011-07-31 15:14 . 2011-07-31 15:14   61440              c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_cbed848b\CustomMarshalers.dll
+ 2011-08-05 01:17 . 2011-08-05 01:17   60928              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1492e9393417d6e91b5ddc746b5ef320\UIAutomationProvider.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   37888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\343c52b741531ce9ae874ea7508831a7\System.Windows.Presentation.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   36864              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\246110974e3c48733458819b07464b23\System.Web.DynamicData.Design.ni.dll
+ 2011-08-10 07:54 . 2011-08-10 07:54   94208              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-03 01:02 . 2011-08-03 01:02   82944              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\177a17af98d803ab79006d6785706462\System.AddIn.Contract.ni.dll
+ 2011-08-10 07:43 . 2011-08-10 07:43   47104              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\40ee65aacd9d7472cd6f8dddbfca604b\PresentationFontCache.ni.exe
+ 2011-08-10 07:40 . 2011-08-10 07:40   39424              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\12c424eed7ee0e9c017bf72ff09eb78c\PresentationCFFRasterizer.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   55296              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f9c514544c8e23220493cd42a0e20678\Microsoft.Vsa.ni.dll
+ 2011-08-03 01:02 . 2011-08-03 01:02   65024              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
+ 2011-08-03 01:01 . 2011-08-03 01:01   74752              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
+ 2011-08-03 01:01 . 2011-08-03 01:01   14336              c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
+ 2011-08-03 01:01 . 2011-08-03 01:01   25600              c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-04-02 18:05 . 2011-04-02 18:05   77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-04-02 18:11 . 2011-04-02 18:11   32768              c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2011-07-31 15:24 . 2011-07-31 15:24   32768              c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2011-04-02 18:05 . 2011-04-02 18:05   81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-08-10 07:31 . 2011-08-10 07:31   81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-04-02 18:05 . 2011-04-02 18:05   13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-04-02 18:05 . 2011-04-02 18:05   10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-04-02 18:05 . 2011-04-02 18:05   69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-07-31 15:14 . 2011-07-31 15:14   81920              c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-06-24 21:45 . 2011-02-17 12:32   5120              c:\windows\system32\xpsp4res.dll
+ 2001-08-18 03:36 . 2009-11-27 16:07   8704              c:\windows\system32\tsbyuv.dll
+ 2001-08-18 03:36 . 2009-11-27 16:07   8704              c:\windows\system32\dllcache\tsbyuv.dll
+ 2011-08-02 22:51 . 2008-07-25 15:16   7168              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft_VsaVb.dll
+ 2011-08-02 22:52 . 2008-07-25 15:17   5632              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.VisualC.Dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   6656              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\IIEHost.dll
+ 2011-08-02 22:50 . 2008-07-25 15:17   8192              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\IEExecRemote.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07   8704              c:\windows\Driver Cache\i386\tsbyuv.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-04-02 18:06 . 2011-04-02 18:06   5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

[acelee]

+ 2004-08-10 17:51 . 2009-04-02 03:02   604160              c:\windows\system32\wmspdmod.dll
+ 2004-08-10 17:51 . 2009-07-14 03:43   286208              c:\windows\system32\wmpdxm.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   132096              c:\windows\system32\wkssvc.dll
+ 2004-08-10 17:51 . 2009-06-10 06:14   132096              c:\windows\system32\wkssvc.dll
+ 2004-08-10 17:51 . 2009-12-24 06:59   177664              c:\windows\system32\wintrust.dll
+ 2004-08-10 17:51 . 2009-08-25 09:17   354816              c:\windows\system32\winhttp.dll
+ 2004-08-10 17:51 . 2011-03-04 06:37   420864              c:\windows\system32\vbscript.dll
+ 2004-08-10 17:51 . 2010-04-16 15:36   406016              c:\windows\system32\usp10.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   406016              c:\windows\system32\usp10.dll
- 2004-08-10 17:51 . 2009-03-08 08:34   105984              c:\windows\system32\url.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   105984              c:\windows\system32\url.dll
+ 2004-08-10 17:51 . 2010-08-27 08:02   119808              c:\windows\system32\t2embed.dll
- 2004-08-10 17:51 . 2008-10-03 10:02   247326              c:\windows\system32\strmdll.dll
+ 2004-08-10 17:51 . 2009-08-26 08:00   247326              c:\windows\system32\strmdll.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   135168              c:\windows\system32\shsvcs.dll
+ 2004-08-10 17:51 . 2009-07-27 23:17   135168              c:\windows\system32\shsvcs.dll
+ 2004-08-10 17:51 . 2009-12-08 09:23   474112              c:\windows\system32\shlwapi.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   474112              c:\windows\system32\shlwapi.dll
+ 2004-08-10 17:51 . 2011-01-21 14:44   439296              c:\windows\system32\shimgvw.dll
+ 2004-08-10 17:51 . 2011-04-29 17:25   151552              c:\windows\system32\schannel.dll
+ 2004-08-10 17:51 . 2011-02-09 13:53   270848              c:\windows\system32\sbe.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   270848              c:\windows\system32\sbe.dll
+ 2004-08-10 17:51 . 2010-08-16 08:45   590848              c:\windows\system32\rpcrt4.dll
+ 2004-08-10 17:51 . 2009-10-12 13:38   149504              c:\windows\system32\rastls.dll
+ 2010-03-31 04:10 . 2010-03-31 04:10   295264              c:\windows\system32\PresentationHost.exe
- 2004-08-10 17:51 . 2011-04-02 18:12   445370              c:\windows\system32\perfh009.dat
+ 2004-08-10 17:51 . 2011-08-10 07:35   445370              c:\windows\system32\perfh009.dat
+ 2004-08-10 17:51 . 2010-12-20 17:32   551936              c:\windows\system32\oleaut32.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   551936              c:\windows\system32\oleaut32.dll
+ 2004-08-10 17:51 . 2010-11-09 14:52   249856              c:\windows\system32\odbc32.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   249856              c:\windows\system32\odbc32.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   206848              c:\windows\system32\occache.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   270336              c:\windows\system32\oakley.dll
+ 2004-08-10 17:51 . 2009-10-13 10:30   270336              c:\windows\system32\oakley.dll
+ 2004-08-10 17:51 . 2010-12-09 15:15   718336              c:\windows\system32\ntdll.dll
- 2004-08-10 17:51 . 2008-06-20 17:46   245248              c:\windows\system32\mswsock.dll
+ 2004-08-10 17:51 . 2008-06-20 16:02   245248              c:\windows\system32\mswsock.dll
+ 2004-08-10 17:51 . 2009-08-05 09:01   204800              c:\windows\system32\mswebdvd.dll
+ 2004-08-10 17:51 . 2009-09-11 14:18   136192              c:\windows\system32\msv1_0.dll
- 2004-08-10 18:01 . 2008-04-14 00:12   677888              c:\windows\system32\mstsc.exe
+ 2004-08-10 18:01 . 2011-01-27 11:57   677888              c:\windows\system32\mstsc.exe
+ 2004-08-10 17:51 . 2011-06-23 18:36   611840              c:\windows\system32\mstime.dll
- 2004-08-10 17:51 . 2009-03-08 08:32   611840              c:\windows\system32\mstime.dll
- 2008-04-14 00:12 . 2008-04-14 00:12   343040              c:\windows\system32\mspaint.exe
+ 2008-04-14 00:12 . 2009-12-16 18:43   343040              c:\windows\system32\mspaint.exe
+ 2007-08-13 23:54 . 2011-06-23 18:36   602112              c:\windows\system32\msfeeds.dll
+ 2009-11-06 02:17 . 2009-11-06 02:17   297808              c:\windows\system32\mscoree.dll
+ 2006-10-19 02:47 . 2010-03-30 16:24   317440              c:\windows\system32\mp4sdecd.dll
- 2006-10-19 02:47 . 2006-10-19 02:47   317440              c:\windows\system32\MP4SDECD.dll
+ 2004-08-10 17:51 . 2011-02-08 13:33   974848              c:\windows\system32\mfc42u.dll
+ 2004-08-10 17:51 . 2011-02-08 13:33   978944              c:\windows\system32\mfc42.dll
+ 2004-08-10 17:51 . 2010-09-18 06:53   953856              c:\windows\system32\mfc40u.dll
+ 2004-08-10 17:51 . 2010-09-18 06:53   954368              c:\windows\system32\mfc40.dll
+ 2004-08-10 17:51 . 2010-12-20 17:26   730112              c:\windows\system32\lsasrv.dll
+ 2004-08-10 17:51 . 2010-12-22 12:34   301568              c:\windows\system32\kerberos.dll
- 2004-08-10 17:51 . 2009-03-08 08:33   726528              c:\windows\system32\jscript.dll
+ 2004-08-10 17:51 . 2011-03-04 06:37   726528              c:\windows\system32\jscript.dll
+ 2004-08-10 18:02 . 2011-05-02 15:31   692736              c:\windows\system32\inetcomm.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   184320              c:\windows\system32\iepeers.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   387584              c:\windows\system32\iedkcs32.dll
+ 2004-08-10 17:51 . 2011-06-23 12:05   173568              c:\windows\system32\ie4uinit.exe
+ 2004-08-10 18:01 . 2011-02-11 13:25   229888              c:\windows\system32\fxscover.exe
- 2004-08-10 17:57 . 2011-04-09 13:49   348992              c:\windows\system32\FNTCACHE.DAT
+ 2004-08-10 17:57 . 2011-08-05 01:54   348992              c:\windows\system32\FNTCACHE.DAT
+ 2004-08-10 17:51 . 2011-02-09 13:53   186880              c:\windows\system32\encdec.dll
- 2004-08-10 17:51 . 2008-04-14 00:11   186880              c:\windows\system32\encdec.dll
+ 2004-08-10 17:51 . 2010-02-11 12:02   226880              c:\windows\system32\drivers\tcpip6.sys
+ 2004-08-10 17:51 . 2011-02-17 13:18   357888              c:\windows\system32\drivers\srv.sys
+ 2004-08-10 17:51 . 2011-04-21 13:37   105472              c:\windows\system32\drivers\mup.sys
+ 2004-08-04 04:00 . 2009-10-20 16:20   265728              c:\windows\system32\drivers\http.sys
- 2004-08-10 17:50 . 2008-08-14 10:04   138496              c:\windows\system32\drivers\afd.sys
+ 2004-08-10 17:50 . 2011-02-16 13:22   138496              c:\windows\system32\drivers\afd.sys
+ 2004-08-10 17:50 . 2011-03-03 06:55   149504              c:\windows\system32\dnsapi.dll
+ 2008-04-14 00:12 . 2010-07-12 12:55   218112              c:\windows\system32\dllcache\wordpad.exe
+ 2004-08-10 17:51 . 2009-04-02 03:02   604160              c:\windows\system32\dllcache\wmspdmod.dll
+ 2004-08-10 17:51 . 2009-07-14 03:43   286208              c:\windows\system32\dllcache\wmpdxm.dll
+ 2009-06-10 06:14 . 2009-06-10 06:14   132096              c:\windows\system32\dllcache\wkssvc.dll
+ 2009-12-24 06:59 . 2009-12-24 06:59   177664              c:\windows\system32\dllcache\wintrust.dll
+ 2011-04-26 11:07 . 2011-06-20 17:44   293376              c:\windows\system32\dllcache\winsrv.dll
+ 2008-08-20 05:38 . 2011-06-23 18:36   916480              c:\windows\system32\dllcache\wininet.dll
+ 2008-12-16 12:30 . 2009-08-25 09:17   354816              c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-10 18:02 . 2011-04-30 03:01   758784              c:\windows\system32\dllcache\vgx.dll
+ 2004-08-10 17:51 . 2011-03-04 06:37   420864              c:\windows\system32\dllcache\vbscript.dll
+ 2010-04-16 15:36 . 2010-04-16 15:36   406016              c:\windows\system32\dllcache\usp10.dll
+ 2007-08-13 23:44 . 2011-06-23 18:36   105984              c:\windows\system32\dllcache\url.dll
- 2007-08-13 23:44 . 2009-03-08 08:34   105984              c:\windows\system32\dllcache\url.dll
- 2004-08-10 18:02 . 2008-04-14 00:12   153088              c:\windows\system32\dllcache\triedit.dll
+ 2004-08-10 18:02 . 2009-06-21 21:44   153088              c:\windows\system32\dllcache\triedit.dll
+ 2004-08-10 17:51 . 2010-02-11 12:02   226880              c:\windows\system32\dllcache\tcpip6.sys
+ 2004-08-10 17:51 . 2010-08-27 08:02   119808              c:\windows\system32\dllcache\t2embed.dll
+ 2008-12-19 20:04 . 2009-08-26 08:00   247326              c:\windows\system32\dllcache\strmdll.dll
- 2008-12-19 20:04 . 2008-10-03 10:02   247326              c:\windows\system32\dllcache\strmdll.dll
+ 2008-11-21 23:01 . 2011-02-17 13:18   357888              c:\windows\system32\dllcache\srv.sys
+ 2009-07-27 23:17 . 2009-07-27 23:17   135168              c:\windows\system32\dllcache\shsvcs.dll
- 2009-01-07 22:20 . 2009-01-07 22:20   474112              c:\windows\system32\dllcache\shlwapi.dll
+ 2009-01-07 22:20 . 2009-12-08 09:23   474112              c:\windows\system32\dllcache\shlwapi.dll
+ 2011-01-21 14:44 . 2011-01-21 14:44   439296              c:\windows\system32\dllcache\shimgvw.dll
+ 2008-12-05 06:54 . 2011-04-29 17:25   151552              c:\windows\system32\dllcache\schannel.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   270848              c:\windows\system32\dllcache\sbe.dll
+ 2004-08-10 17:51 . 2011-02-09 13:53   270848              c:\windows\system32\dllcache\sbe.dll
+ 2009-04-15 14:51 . 2010-08-16 08:45   590848              c:\windows\system32\dllcache\rpcrt4.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38   149504              c:\windows\system32\dllcache\rastls.dll
+ 2010-12-20 17:32 . 2010-12-20 17:32   551936              c:\windows\system32\dllcache\oleaut32.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52   249856              c:\windows\system32\dllcache\odbc32.dll
+ 2007-08-13 23:44 . 2011-06-23 18:36   206848              c:\windows\system32\dllcache\occache.dll
+ 2009-10-13 10:30 . 2009-10-13 10:30   270336              c:\windows\system32\dllcache\oakley.dll
+ 2009-06-24 21:46 . 2010-12-09 15:15   718336              c:\windows\system32\dllcache\ntdll.dll
+ 2008-06-20 17:46 . 2008-06-20 16:02   245248              c:\windows\system32\dllcache\mswsock.dll
- 2008-06-20 17:46 . 2008-06-20 17:46   245248              c:\windows\system32\dllcache\mswsock.dll
+ 2004-08-10 17:51 . 2009-08-05 09:01   204800              c:\windows\system32\dllcache\mswebdvd.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18   136192              c:\windows\system32\dllcache\msv1_0.dll
- 2004-08-10 17:51 . 2009-03-08 08:32   611840              c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   611840              c:\windows\system32\dllcache\mstime.dll
- 2008-04-14 00:12 . 2008-04-14 00:12   343040              c:\windows\system32\dllcache\mspaint.exe
+ 2008-04-14 00:12 . 2009-12-16 18:43   343040              c:\windows\system32\dllcache\mspaint.exe
- 2004-08-10 18:02 . 2008-04-14 00:12   102400              c:\windows\system32\dllcache\msjro.dll
+ 2004-08-10 18:02 . 2010-11-09 14:52   102400              c:\windows\system32\dllcache\msjro.dll
+ 2008-12-19 22:12 . 2011-06-23 18:36   602112              c:\windows\system32\dllcache\msfeeds.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52   200704              c:\windows\system32\dllcache\msadox.dll
- 2004-08-10 18:02 . 2008-04-14 00:11   180224              c:\windows\system32\dllcache\msadomd.dll
+ 2004-08-10 18:02 . 2010-11-09 14:52   180224              c:\windows\system32\dllcache\msadomd.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52   536576              c:\windows\system32\dllcache\msado15.dll
- 2004-08-10 18:02 . 2008-04-14 00:11   143360              c:\windows\system32\dllcache\msadco.dll
+ 2004-08-10 18:02 . 2010-11-09 14:52   143360              c:\windows\system32\dllcache\msadco.dll
+ 2008-11-21 22:59 . 2011-07-15 13:29   456320              c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-03-30 16:24 . 2010-03-30 16:24   317440              c:\windows\system32\dllcache\mp4sdecd.dll
+ 2011-02-08 13:33 . 2011-02-08 13:33   974848              c:\windows\system32\dllcache\mfc42u.dll
+ 2011-02-08 13:33 . 2011-02-08 13:33   978944              c:\windows\system32\dllcache\mfc42.dll
+ 2004-08-10 17:51 . 2010-09-18 06:53   953856              c:\windows\system32\dllcache\mfc40u.dll
+ 2004-08-10 17:51 . 2010-09-18 06:53   954368              c:\windows\system32\dllcache\mfc40.dll
+ 2009-06-24 21:46 . 2010-12-20 17:26   730112              c:\windows\system32\dllcache\lsasrv.dll
+ 2011-01-27 11:57 . 2011-01-27 11:57   677888              c:\windows\system32\dllcache\lhmstsc.exe
+ 2009-06-25 08:25 . 2010-12-22 12:34   301568              c:\windows\system32\dllcache\kerberos.dll
- 2008-05-09 10:53 . 2009-03-08 08:33   726528              c:\windows\system32\dllcache\jscript.dll
+ 2008-05-09 10:53 . 2011-03-04 06:37   726528              c:\windows\system32\dllcache\jscript.dll
+ 2008-11-21 22:58 . 2011-05-02 15:31   692736              c:\windows\system32\dllcache\inetcomm.dll
+ 2009-06-25 20:26 . 2011-06-23 18:36   247808              c:\windows\system32\dllcache\ieproxy.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   184320              c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 23:39 . 2011-06-23 18:36   387584              c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-08-13 23:39 . 2011-06-23 12:05   173568              c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-10-20 16:20 . 2009-10-20 16:20   265728              c:\windows\system32\dllcache\http.sys
+ 2011-02-11 13:25 . 2011-02-11 13:25   229888              c:\windows\system32\dllcache\fxscover.exe
+ 2004-08-10 17:51 . 2011-02-09 13:53   186880              c:\windows\system32\dllcache\encdec.dll
- 2004-08-10 17:51 . 2008-04-14 00:11   186880              c:\windows\system32\dllcache\encdec.dll
+ 2008-06-20 17:46 . 2011-03-03 06:55   149504              c:\windows\system32\dllcache\dnsapi.dll
+ 2011-02-15 12:56 . 2011-02-15 12:56   290432              c:\windows\system32\dllcache\atmfd.dll
- 2008-11-21 23:02 . 2008-08-14 10:04   138496              c:\windows\system32\dllcache\afd.sys
+ 2008-11-21 23:02 . 2011-02-16 13:22   138496              c:\windows\system32\dllcache\afd.sys
+ 2004-08-10 17:50 . 2009-11-21 15:51   471552              c:\windows\system32\dllcache\aclayers.dll
+ 2004-08-10 17:50 . 2010-02-12 04:33   100864              c:\windows\system32\dllcache\6to4svc.dll
+ 2004-08-10 17:50 . 2010-08-23 16:12   617472              c:\windows\system32\comctl32.dll
- 2004-08-10 17:50 . 2008-04-14 00:11   617472              c:\windows\system32\comctl32.dll
+ 2004-08-10 17:50 . 2011-02-15 12:56   290432              c:\windows\system32\atmfd.dll
+ 2004-08-10 17:50 . 2010-02-12 04:33   100864              c:\windows\system32\6to4svc.dll
+ 2011-02-11 13:25 . 2011-02-11 13:25   229888              c:\windows\ServicePackFiles\ServicePackCache\i386\fxscover.exe
- 2004-08-10 18:02 . 2008-04-14 00:12   744448              c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2004-08-10 18:02 . 2010-06-14 14:31   744448              c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2010-03-31 04:16 . 2010-03-31 04:16   130408              c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48   970752              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-29 23:16 . 2008-07-29 23:16   110592              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48   110592              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-09-22 13:43 . 2010-09-22 13:43   435024              c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 16:22 . 2010-02-09 16:22   258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 15:17 . 2008-07-25 15:17   258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59   486400              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2008-07-25 15:17 . 2008-07-25 15:17   486400              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15   388936              c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15   363856              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15   989016              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-08-02 22:50 . 2008-07-25 15:17   839680              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Web.Services.dll
+ 2011-08-02 22:50 . 2008-07-25 15:17   835584              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Web.Mobile.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   261632              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Transactions.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   114688              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.ServiceProcess.dll
+ 2011-08-02 22:51 . 2010-02-09 16:22   258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Security.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   131072              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   303104              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Runtime.Remoting.dll
+ 2011-08-02 22:52 . 2008-07-25 15:17   258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Messaging.dll
+ 2011-08-02 22:52 . 2008-07-25 15:17   372736              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Management.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   113664              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.EnterpriseServices.Wrapper.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.EnterpriseServices.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   626688              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Drawing.dll
+ 2011-08-02 22:50 . 2008-07-25 15:17   188416              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.DirectoryServices.Protocols.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   401408              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.DirectoryServices.dll
+ 2011-08-02 22:52 . 2008-07-25 15:16   970752              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Deployment.dll
+ 2011-08-02 22:52 . 2008-07-25 15:17   745472              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Data.SqlXml.dll
+ 2011-08-02 22:52 . 2008-07-25 15:17   486400              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Data.OracleClient.dll
+ 2011-08-02 22:52 . 2008-07-25 15:17   425984              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.configuration.dll
+ 2011-08-02 22:52 . 2008-07-25 15:17   110592              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\sysglobl.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   659456              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.VisualBasic.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   372736              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.VisualBasic.Compatibility.dll
+ 2011-08-02 22:51 . 2008-07-25 15:17   110592              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-08-02 22:51 . 2008-07-25 15:16   749568              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.JScript.dll
+ 2011-08-02 22:52 . 2008-07-25 15:16   655360              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.Build.Tasks.dll
+ 2011-08-02 22:51 . 2008-07-25 15:16   348160              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\Microsoft.Build.Engine.dll
+ 2011-08-02 22:50 . 2008-07-25 15:16   507904              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\AspNetMMCExt.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26   102400              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-14 01:58 . 2007-04-14 01:58   102400              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-14 01:56 . 2007-04-14 01:56   315392              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2010-09-23 06:25 . 2010-09-23 06:25   315392              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 02:30 . 2007-04-14 02:30   258048              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-09-23 07:17 . 2010-09-23 07:17   258048              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-09-24 01:02 . 2010-09-24 01:02   798208              c:\windows\Installer\3fc4ba.msp
+ 2010-02-25 04:14 . 2010-02-25 04:14   543232              c:\windows\Installer\2f194d.msp
+ 2011-07-31 13:39 . 2011-07-31 13:39   429568              c:\windows\Installer\2f1947.msi
+ 2008-12-13 13:58 . 2008-12-13 13:58   754688              c:\windows\Installer\1ed9fa.msp
+ 2009-03-20 15:48 . 2009-03-20 15:48   183808              c:\windows\Installer\1ed9db.msp
+ 2011-08-10 07:07 . 2011-04-25 16:11   916480              c:\windows\ie8updates\KB2559049-

[acelee]

IE8\wininet.dll
+ 2011-08-10 07:07 . 2009-03-08 08:34   105984              c:\windows\ie8updates\KB2559049-IE8\url.dll
+ 2011-08-10 07:07 . 2010-07-05 13:16   382840              c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
+ 2011-08-10 07:07 . 2010-07-05 13:15   231288              c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
+ 2011-08-10 07:07 . 2011-04-25 16:11   206848              c:\windows\ie8updates\KB2559049-IE8\occache.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   611840              c:\windows\ie8updates\KB2559049-IE8\mstime.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   602112              c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   247808              c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   184320              c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   743424              c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   387584              c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
+ 2011-08-10 07:07 . 2011-04-25 12:01   173568              c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
+ 2011-07-31 13:39 . 2009-03-08 08:33   759296              c:\windows\ie8updates\KB2544521-IE8\vgx.dll
+ 2011-07-31 13:39 . 2010-07-05 13:16   382840              c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2011-07-31 13:39 . 2010-07-05 13:15   231288              c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2011-07-31 15:45 . 2009-05-13 05:15   915456              c:\windows\ie8updates\KB2530548-IE8\wininet.dll
+ 2011-07-31 15:45 . 2010-07-05 13:16   382840              c:\windows\ie8updates\KB2530548-IE8\spuninst\updspapi.dll
+ 2011-07-31 15:45 . 2010-07-05 13:15   231288              c:\windows\ie8updates\KB2530548-IE8\spuninst\spuninst.exe
+ 2011-07-31 15:45 . 2009-03-08 08:34   109568              c:\windows\ie8updates\KB2530548-IE8\occache.dll
+ 2011-07-31 15:45 . 2009-03-08 08:32   611840              c:\windows\ie8updates\KB2530548-IE8\mstime.dll
+ 2011-07-31 15:45 . 2009-03-08 08:32   594432              c:\windows\ie8updates\KB2530548-IE8\msfeeds.dll
+ 2011-07-31 15:45 . 2009-04-30 21:22   246272              c:\windows\ie8updates\KB2530548-IE8\ieproxy.dll
+ 2011-07-31 15:45 . 2009-03-08 08:31   183808              c:\windows\ie8updates\KB2530548-IE8\iepeers.dll
+ 2011-07-31 15:45 . 2009-03-08 08:35   742912              c:\windows\ie8updates\KB2530548-IE8\iedvtool.dll
+ 2011-07-31 15:45 . 2009-04-30 21:22   385536              c:\windows\ie8updates\KB2530548-IE8\iedkcs32.dll
+ 2011-07-31 15:45 . 2009-04-30 11:21   173056              c:\windows\ie8updates\KB2530548-IE8\ie4uinit.exe
+ 2011-07-31 13:39 . 2009-03-08 08:33   420352              c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2011-07-31 13:39 . 2010-07-05 13:16   382840              c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2011-07-31 13:39 . 2010-07-05 13:15   231288              c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
+ 2011-07-31 13:39 . 2009-03-08 08:33   726528              c:\windows\ie8updates\KB2510531-IE8\jscript.dll
+ 2008-11-21 22:59 . 2011-07-15 13:29   456320              c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-10-20 16:20 . 2009-10-20 16:20   265728              c:\windows\Driver Cache\i386\http.sys
+ 2011-07-31 15:15 . 2011-07-31 15:15   835584              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_ee3de429\System.Drawing.dll
+ 2011-07-31 15:15 . 2011-07-31 15:15   192512              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_3604141b\System.Drawing.Design.dll
+ 2011-07-31 15:15 . 2011-07-31 15:15   118784              c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_30357978\CustomMarshalers.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   321536              c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe
+ 2011-08-10 07:49 . 2011-08-10 07:49   240128              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961\WindowsFormsIntegration.ni.dll
+ 2011-08-03 00:52 . 2011-08-03 00:52   187904              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll
+ 2011-08-10 07:49 . 2011-08-10 07:49   447488              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\431e918aee8da919f5b9e3a5195ccf93\UIAutomationClient.ni.dll
+ 2011-08-10 07:59 . 2011-08-10 07:59   400896              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   129536              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\System.Web.Routing.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   202240              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   859648              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54\System.Web.Extensions.Design.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   328704              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\2314ff800782dc85224e69e802a073f7\System.Web.Entity.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   301056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c\System.Web.Entity.Design.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   547328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c5c96400424b85536443623f96f64581\System.Web.DynamicData.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   627200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   679936              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   311296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   621056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Net.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   998400              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   330752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad\System.Management.Instrumentation.ni.dll
+ 2011-08-10 07:51 . 2011-08-10 07:51   381440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll
+ 2011-08-10 07:51 . 2011-08-10 07:51   212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   280064              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   627712              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
+ 2011-08-10 07:48 . 2011-08-10 07:48   208384              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
+ 2011-08-10 07:56 . 2011-08-10 07:56   881152              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\822c996e6ad4901219b7de399a6f78bf\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-10 07:56 . 2011-08-10 07:56   455680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-10 07:56 . 2011-08-10 07:56   354816              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8\System.Data.Services.Design.ni.dll
+ 2011-08-10 07:56 . 2011-08-10 07:56   939008              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6\System.Data.Services.Client.ni.dll
+ 2011-08-10 07:56 . 2011-08-10 07:56   756736              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead\System.Data.Entity.Design.ni.dll
+ 2011-08-10 07:54 . 2011-08-10 07:54   135680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b\System.Data.DataSetExtensions.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   971264              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\585e68739b2a8aff61ee6b2786513245\System.Configuration.Install.ni.dll
+ 2011-08-10 07:54 . 2011-08-10 07:54   633856              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fbf6ef12d1456058acde29f2640092fb\System.AddIn.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   366080              c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe
+ 2011-08-10 07:52 . 2011-08-10 07:53   256000              c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll
+ 2011-08-10 07:52 . 2011-08-10 07:52   320512              c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575a6beb3a416bd480b98a7\ServiceModelReg.ni.exe
+ 2011-08-10 07:46 . 2011-08-10 07:46   224768              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f52e48f55258d0a04fbab3a1f93752e9\PresentationFramework.Classic.ni.dll
+ 2011-08-10 07:46 . 2011-08-10 07:46   368128              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\cf812b99f587ab514afb36fa9d4c1567\PresentationFramework.Aero.ni.dll
+ 2011-08-10 07:46 . 2011-08-10 07:46   539648              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b7795999cc67f3a6cec40f5b24005e00\PresentationFramework.Luna.ni.dll
+ 2011-08-10 07:46 . 2011-08-10 07:46   258048              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09f5af61ea2af04eb32c04b3091ffc86\PresentationFramework.Royale.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   133632              c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe
+ 2011-08-10 07:52 . 2011-08-10 07:52   386560              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   144384              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   175104              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   839680              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   222720              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-08-03 01:01 . 2011-08-03 01:01   220672              c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
+ 2011-08-10 07:52 . 2011-08-10 07:52   410112              c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe
+ 2011-08-10 07:51 . 2011-08-10 07:51   842240              c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetMMCExt.ni.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-04-02 18:05 . 2011-04-02 18:05   839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-04-02 18:05 . 2011-04-02 18:05   835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-08-03 00:34 . 2011-08-03 00:34   139264              c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
- 2011-04-02 18:13 . 2011-04-02 18:13   139264              c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2011-08-03 00:34 . 2011-08-03 00:34   229376              c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-07-31 15:24 . 2011-07-31 15:24   970752              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-07-31 15:24 . 2011-07-31 15:24   438272              c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-04-02 18:13 . 2011-04-02 18:13   442368              c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2011-08-03 00:34 . 2011-08-03 00:34   442368              c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2011-08-03 00:34 . 2011-08-03 00:34   294912              c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-04-02 18:13 . 2011-04-02 18:13   294912              c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-04-02 18:11 . 2011-04-02 18:11   110592              c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2011-07-31 15:24 . 2011-07-31 15:24   110592              c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-04-02 18:05 . 2011-04-02 18:05   507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-08-10 07:31 . 2011-08-10 07:31   507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2004-08-10 17:50 . 2009-11-21 15:51   471552              c:\windows\AppPatch\aclayers.dll
+ 2011-08-01 01:52 . 2010-10-23 00:51   1748992              c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2011-08-01 01:55 . 2010-08-23 16:12   1054208              c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2009-07-21 04:03 . 2009-07-21 04:03   1348432              c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2004-08-10 17:51 . 2010-04-06 08:52   2462720              c:\windows\system32\WMVCore.dll
+ 2004-08-10 17:51 . 2011-06-23 18:36   1212416              c:\windows\system32\urlmon.dll
+ 2004-08-10 17:51 . 2011-01-21 14:44   8462336              c:\windows\system32\shell32.dll
+ 2004-08-10 17:51 . 2009-07-17 16:22   1435648              c:\windows\system32\query.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   1435648              c:\windows\system32\query.dll
+ 2004-08-10 17:51 . 2010-02-05 18:27   1291776              c:\windows\system32\quartz.dll
+ 2004-08-10 17:51 . 2010-07-16 12:05   1288192              c:\windows\system32\ole32.dll
+ 2004-08-10 17:51 . 2010-12-09 13:38   2192768              c:\windows\system32\ntoskrnl.exe
+ 2004-08-04 03:59 . 2010-12-09 13:07   2069376              c:\windows\system32\ntkrnlpa.exe
+ 2008-04-14 00:12 . 2009-07-31 14:05   1372672              c:\windows\system32\msxml6.dll
+ 2009-07-21 04:05 . 2009-07-21 04:05   1348432              c:\windows\system32\msxml4.dll
+ 2004-08-10 17:51 . 2010-06-14 07:41   1172480              c:\windows\system32\msxml3.dll
+ 2004-08-10 18:01 . 2011-02-02 07:58   2067456              c:\windows\system32\mstscax.dll
+ 2004-08-10 17:51 . 2011-07-25 15:17   5969920              c:\windows\system32\mshtml.dll
+ 2007-08-13 23:34 . 2011-06-23 18:36   1991680              c:\windows\system32\iertutil.dll
+ 2004-08-10 17:51 . 2010-04-06 08:52   2462720              c:\windows\system32\dllcache\WMVCore.dll
+ 2008-11-21 23:01 . 2011-06-02 14:02   1858944              c:\windows\system32\dllcache\win32k.sys
+ 2008-08-20 05:38 . 2011-06-23 18:36   1212416              c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2011-01-21 14:44   8462336              c:\windows\system32\dllcache\shell32.dll
- 2004-08-10 17:51 . 2008-04-14 00:12   1435648              c:\windows\system32\dllcache\query.dll
+ 2004-08-10 17:51 . 2009-07-17 16:22   1435648              c:\windows\system32\dllcache\query.dll
+ 2008-05-07 05:12 . 2010-02-05 18:27   1291776              c:\windows\system32\dllcache\quartz.dll
+ 2010-07-16 12:05 . 2010-07-16 12:05   1288192              c:\windows\system32\dllcache\ole32.dll
+ 2008-11-21 23:00 . 2010-12-09 13:38   2192768              c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-11-21 23:00 . 2010-12-09 13:07   2027008              c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-11-21 23:00 . 2010-12-09 13:07   2069376              c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-11-21 23:00 . 2010-12-09 13:42   2148864              c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-14 00:12 . 2009-07-31 14:05   1372672              c:\windows\system32\dllcache\msxml6.dll
+ 2008-11-21 22:58 . 2010-06-14 07:41   1172480              c:\windows\system32\dllcache\msxml3.dll
+ 2009-06-10 13:19 . 2009-06-10 13:19   2066432              c:\windows\system32\dllcache\mstscax.dll
+ 2004-08-10 18:02 . 2010-01-29 15:01   1315328              c:\windows\system32\dllcache\msoe.dll
+ 2008-08-20 05:38 . 2011-07-25 15:17   5969920              c:\windows\system32\dllcache\mshtml.dll
+ 2011-02-02 07:58 . 2011-02-02 07:58   2067456              c:\windows\system32\dllcache\lhmstscx.dll
+ 2008-12-19 22:12 . 2011-06-23 18:36   1991680              c:\windows\system32\dllcache\iertutil.dll
+ 2009-11-07 05:06 . 2009-11-07 05:06   1130824              c:\windows\system32\dfshim.dll
+ 2008-12-05 23:35 . 2008-12-05 23:35   1736528              c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48   5967872              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59   2048000              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2008-07-25 15:17 . 2008-07-25 15:17   2048000              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15   5025792              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2008-07-25 15:17 . 2008-07-25 15:17   5025792              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2010-09-22 13:44 . 2010-09-22 13:44   5242880              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-04-29 01:50 . 2011-04-29 01:50   3182592              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15   5912400              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15   4550656              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-08-02 22:50 . 2008-07-25 15:17   5025792              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Windows.Forms.dll
+ 2011-08-02 22:49 . 2010-03-23 09:32   5242880              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Web.dll
+ 2011-08-02 22:52 . 2011-01-18 08:39   3182592              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.dll
+ 2011-08-02 22:50 . 2008-07-25 15:17   5062656              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Design.dll
+ 2011-08-02 22:52 . 2008-07-25 15:17   2933248              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\System.Data.dll
+ 2011-08-02 22:52 . 2008-07-25 15:17   4546560              c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC14693\mscorlib.dll
- 2007-04-14 02:35 . 2007-04-14 02:35   1265664              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55   1265664              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55   1232896              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-14 02:35 . 2007-04-14 02:35   1232896              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26   2514944              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-14 01:57 . 2007-04-14 01:57   2514944              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-14 01:57 . 2007-04-14 01:57   2523136              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-09-23 06:25 . 2010-09-23 06:25   2523136              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55   2142208              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2007-04-14 01:50 . 2007-04-14 01:50   2142208              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-09-23 11:39 . 2010-09-23 11:39   4265472              c:\windows\Installer\fcc96.msp
+ 2010-09-23 11:40 . 2010-09-23 11:40   2607104              c:\windows\Installer\9c894.msp
+ 2010-09-23 11:39 . 2010-09-23 11:39   4265472              c:\windows\Installer\9c893.msp
+ 2011-01-19 03:36 . 2011-01-19 03:36   2687488              c:\windows\Installer\4ef6f1.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17   2607104              c:\windows\Installer\4ef6dc.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17   4210688              c:\windows\Installer\4ef6db.msp
+ 2009-11-09 04:25 . 2009-11-09 04:25   1935360              c:\windows\Installer\2505ce.msp
+ 2008-12-13 13:57 . 2008-12-13 13:57   8397824              c:\windows\Installer\1ed9e7.msp
+ 2011-05-02 04:06 . 2011-05-02 04:06   2705920              c:\windows\Installer\18d0fa9.msp
+ 2011-08-10 07:07 . 2011-04-25 16:11   1211904              c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-08-10 07:07 . 2011-05-30 22:19   5964800              c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
+ 2011-08-10 07:07 . 2011-04-25 16:11   1991680              c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-07-31 15:45 . 2009-04-30 21:22   1207808              c:\windows\ie8updates\KB2530548-IE8\urlmon.dll
+ 2011-07-31 15:45 . 2009-05-13 05:15   5936128              c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
+ 2011-07-31 15:45 . 2009-04-30 21:22   1985024              c:\windows\ie8updates\KB2530548-IE8\iertutil.dll
+ 2008-11-21 23:00 . 2010-12-09 13:38   2192768              c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-11-21 23:00 . 2010-12-09 13:07   2027008              c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-11-21 23:00 . 2010-12-09 13:07   2069376              c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-11-21 23:00 . 2010-12-09 13:42   2148864              c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-07-31 15:15 . 2011-07-31 15:15   4792320              c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_f1ae369a\System.dll
+ 2011-07-31 15:14 . 2011-07-31 15:14   1966080              c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_16dfd2d5\System.dll
+ 2011-07-31 15:15 . 2011-07-31 15:15   2088960              c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_d5f70d0f\System.Xml.dll
+ 2011-07-31 15:15 . 2011-07-31 15:15   5513216              c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_9d576cd2\System.Xml.dll
+ 2011-07-31 15:15 . 2011-07-31 15:15   3018752              c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_fabd1e69\System.Windows.Forms.dll
+ 2011-07-31 15:15 . 2011-07-31 15:15   7884800              c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f130cce0\System.Windows.Forms.dll
+ 2011-07-31 15:15 . 2011-07-31 15:15   2244608              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_099c8ff0\System.Drawing.dll
+ 2011-07-31 15:15 . 2011-07-31 15:15   3395584              c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_87c556a1\System.Design.dll
+ 2011-07-31 15:15 . 2011-07-31 15:15   1470464              c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_35e8e5e9\System.Design.dll
+ 2011-07-31 15:16 . 2011-07-31 15:16   8908800              c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a3521760\mscorlib.dll
+ 2011-07-31 15:15 . 2011-07-31 15:15   3391488              c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_77a12caf\mscorlib.dll
+ 2011-08-10 07:41 . 2011-08-10 07:41   3325440              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsBase.ni.dll
+ 2011-08-10 07:49 . 2011-08-10 07:49   1049600              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\162600dde59fbaa0c048a949158ecba3\UIAutomationClientsideProviders.ni.dll
+ 2011-08-10 07:39 . 2011-08-10 07:39   7950848              c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
+ 2011-08-10 07:49 . 2011-08-10 07:49   5450752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
+ 2011-08-10 07:59 . 2011-08-10 07:59   1356288              c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\22229a30650a9afbac984e1093898b13\System.WorkflowServices.ni.dll
+ 2011-08-10 07:59 . 2011-08-10 07:59   1908224              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a\System.Workflow.Runtime.ni.dll
+ 2011-08-10 07:59 . 2011-08-10 07:59   4514304              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e\System.Workflow.ComponentModel.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   2992640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\ab4b50c7c789e46a485903365765fde8\System.Workflow.Activities.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   1840640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   2209280              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll
+ 2011-08-10 07:58 . 2011-08-10 07:58   2405376              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll
+ 2011-08-10 07:48 . 2011-08-10 07:48   1917952              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e1208f0d981c420fc59f806bfbaa713b\System.Speech.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   1706496              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69\System.ServiceModel.Web.ni.dll
+ 2011-08-10 07:51 . 2011-08-10 07:51   2345472              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
+ 2011-08-10 07:48 . 2011-08-10 07:48   1035776              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\90b444d02047ef27921153d46967ef0e\System.Printing.ni.dll
+ 2011-08-10 07:51 . 2011-08-10 07:51   1070080              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll
+ 2011-08-10 07:48 . 2011-08-10 07:48   1587200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
+ 2011-08-10 07:56 . 2011-08-10 07:56   1116672              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
+ 2011-08-10 07:56 . 2011-08-10 07:56   1801216              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll
+ 2011-08-10 07:48 . 2011-08-10 07:48   6616576              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   2510336              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
+ 2011-08-10 07:56 . 2011-08-10 07:56   1328128              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\c1b9b8ce390548dcca661a5e6a908408\System.Data.Services.ni.dll
+ 2011-08-10 07:48 . 2011-08-10 07:48   2516480              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\571af34939797a7c1cd05b0b925a45bf\System.Data.Linq.ni.dll
+ 2011-08-10 07:55 . 2011-08-10 07:55   9924096              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\2b58cc071d6bf0c741e91f86c09de5d7\System.Data.Entity.ni.dll
+ 2011-08-10 07:47 . 2011-08-10 07:47   2295296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll
+ 2011-08-10 07:47 . 2011-08-10 07:47   2128896              c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24ab0cacc77e8696ceff3157942a2de4\ReachFramework.ni.dll
+ 2011-08-10 07:47 . 2011-08-10 07:47   1657856              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fac1ca86f4fea17de40d7fdaba38563e\PresentationUI.ni.dll
+ 2011-08-10 07:40 . 2011-08-10 07:40   1451008              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b187becbc388c4ce7f33ede4da76e7b1\PresentationBuildTasks.ni.dll
+ 2011-08-10 07:54 . 2011-08-10 07:54   1712128              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
+ 2011-08-10 07:52 . 2011-08-10 07:52   1093120              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:57   2332160              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\345abd035c9378667b1cac54c1f21c97\Microsoft.JScript.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   1966080              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   1620992              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
+ 2011-08-10 07:53 . 2011-08-10 07:53   1888768              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
+ 2011-04-02 18:11 . 2011-08-05 00:51   1249280              c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   3182592              c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-08-10 07:34 . 2011-08-10 07:34   2048000              c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   2048000              c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-04-02 18:05 . 2011-04-02 18:05   5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-08-10 07:31 . 2011-08-10 07:31   5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-04-02 18:13 . 2011-04-02 18:13   1277952              c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2011-08-05 01:07 . 2011-08-05 01:07   1277952              c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2011-07-31 15:24 . 2011-07-31 15:24   5967872              c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2011-04-02 18:05 . 2011-04-02 18:05   5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-08-10 07:32 . 2011-08-10 07:32   5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-08-05 00:51 . 2011-08-05 00:51   5279744              c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2011-08-10 07:31 . 2011-08-10 07:31   5242880              c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-04-02 18:06 . 2011-04-02 18:06   2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-04-02 18:11 . 2011-04-02 18:11   4210688              c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-08-05 00:51 . 2011-08-05 00:51   4210688              c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-08-10 07:33 . 2011-08-10 07:33   4550656              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-07-31 15:14 . 2011-07-31 15:14   1232896              c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2008-11-22 23:55 . 2008-11-22 23:55   1232896              c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-07-31 15:14 . 2011-07-31 15:14   1265664              c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-11-22 23:55 . 2008-11-22 23:55   1265664              c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2004-08-10 17:51 . 2010-08-26 03:36   10841088              c:\windows\system32\wmp.dll
+ 2008-12-19 22:04 . 2011-08-10 07:10   52390856              c:\windows\system32\MRT.exe
+ 2007-08-13 23:54 . 2011-06-23 18:36   11081728              c:\windows\system32\ieframe.dll
+ 2004-08-10 17:51 . 2010-08-26 03:36   10841088              c:\windows\system32\dllcache\wmp.dll
+ 2008-12-19 22:12 . 2011-06-23 18:36   11081728              c:\windows\system32\dllcache\ieframe.dll
+ 2010-09-24 18:08 . 2010-09-24 18:08   11430400              c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17   14599680              c:\windows\Installer\4ef6ea.msp
+ 2010-09-24 11:08 . 2010-09-24 11:08   17518080              c:\windows\Installer\4ef6d1.msp
+ 2010-03-31 05:23 . 2010-03-31 05:23   15638528              c:\windows\Installer\2505da.msp
+ 2011-03-28 07:27 . 2011-03-28 07:27   15456256              c:\windows\Installer\1eda06.msp
+ 2008-12-13 14:21 . 2008-12-13 14:21   10473472              c:\windows\Installer\1ed9ef.msp
+ 2011-08-10 07:07 . 2011-04-26 14:11   11081728              c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-07-31 15:45 . 2009-04-30 21:22   11064832              c:\windows\ie8updates\KB2530548-IE8\ieframe.dll
+ 2011-08-10 07:49 . 2011-08-10 07:49   12430848              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
+ 2011-08-10 07:57 . 2011-08-10 07:58   11800576              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
+ 2011-08-10 07:52 . 2011-08-10 07:52   17403904              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll
+ 2011-08-10 07:48 . 2011-08-10 07:48   10683392              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038c8e2e41415657db8fc\System.Design.ni.dll
+ 2011-08-10 07:45 . 2011-08-10 07:45   14328320              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll
+ 2011-08-10 07:42 . 2011-08-10 07:42   12215808              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03eca57419c4f0e884092ee\PresentationCore.ni.dll
+ 2011-08-03 00:47 . 2011-08-03 00:47   11490816              c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
.