Inactive Sirefef found by MBAM

[BobTN]

Hi all. My situation is a little different (hopefully) than most I'm reading about on here. I have 2 PCs where Malwarebytes Anti-Malware has found sirefef, but I'm not sure the PC's are actively infected.

PC1 is an XP-Pro box built in 2005 and is hobbled for a couple of reasons (1) due to Microsoft techies remotely trashing various areas due to extremely poor performance after Microsoft Security Essentials didn't play nice with something, not really sure what and (2) a failed video card and perhaps some incompatibility between the replacement vid card and something in the PC. PC1 wouldn't boot for a very long time but will boot now. I tried removing things from startup that may have helped. I ran Ccleaner ad Comodo cleaner that may have further trashed parts of the OS. There are some long timeouts, for example if I try to use IE, there is a long timeout, IE never starts, long time later the error message appears to ask if I want to notify MS of the problem. I installed or already had Firefox and it runs fine. MS Sec Essentials Ver 1 ran on this pc for a long time until earlier this year. Ver 2 wouldn't install, ever. I ultimately removed Ver 1 hoping Ver 2 would install if it was a 'fresh' install instead of an over-the-top install. It wouldn't install as fresh either. So I ran this PC for several months occasiional surfing without AV. All my PCs are behind a router. PC1 runs fine wor a while, maybe 2 or 3 hours sometimes, but seems to crash after I press a link to a different page. Seems video card / page draw related to me. So PC1 has issues that may or may not relate to Sirefef. MBAM detects Sirefef in a folder I use to hold downloads, namely in a folder containing newer Nvidia drivers for the vid card; the audio folder of same. The filename is nvax9x.sys. I can provide the full folder structure if it might be helpful. I downloaded TrendMicro Titanium last week on a trial basis, it doesn't detect sirefef. MBAM does. The nvax9x.sys file has a date of 8/13/2003.

PC2 is an XP Pro box I built in 2007 that runs 24/7 as host to a small video security system I built on a whim. Machine runs fine, I believe. It was mysteriously powering off frequently after the last time I cleaned the dust bunnies out of it, then I realized I left out the cooling duct that directs air to the CPU. Once I replace the cooling duct, PC2 almost never powers off (it has once). PC2 is also behind the router. When PC1 was failing, and I got it running after the long time as a non-booter, I copied the data folder from PC1 to PC2. MBAM detects sirefef in the same file, in the data folder location copied from PC1. Same file date. PC2 has MS Sec Essentials Ver 2 with current updates. MSSE doesn't detect Sirefef. MSSE doesn't log any previous detections and deletions of sirefef.

>> So I don't know if these 2 PCs are actually infected or if I'm experiencing a false-positive detection from MBAM. I have a PC3 which is a Win7HP notebook, all updated, with no detections from MBAM or MSSE. I haven't done everything in the 5-step Virus/Spyware/Malware Prelim Removal Instructions because I didn't know if I needed to.

How do I find out for sure if either of the two PCs actually has a sirefef infection?

Thanks in advance to you noble malware warriors.

 

[Broni]

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
One computer per topic.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[BobTN]

The results that follow are for PC1. I'll start another post for PC2.

I completed all the steps except DDS would not run. When I doubleclick it displays something like ASCII text in a dialog box. The PC identifies the .scr as an AutoCAD script file. I couldn't find SCR in file associations to attempt to change it to Windows scripting file. I tried downloading it again, no change. Please advise.

Log file for MBAM:

alwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.02.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Bob :: SONATA-1 [administrator]

8/2/2012 12:07:45 AM
mbam-log-2012-08-02 (00-07-45).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231811
Time elapsed: 13 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
============================
Log file for GMER:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-08-02 01:10:13
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\si3112r1Port2Path0Target0Lun0 ST316002 rev.3.18
Running: p1ft0jmh.exe; Driver: C:\DOCUME~1\Bob\LOCALS~1\Temp\fwlyypow.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs SiWinAcc.sys (Windows Accelerator Driver/Silicon Image, Inc)
AttachedDevice \Driver\Tcpip \Device\Ip tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
---- EOF - GMER 1.0.15 ----
=============================
No logs available for DDS since DDS wouldn't run. See above.
I am only available Thursday and Friday (USA Eastern Time Zone) and will be going out of town on Saturday for 2 weeks. I will not have access to PC1 during this time. Fortunately, I will have pretty good availability to respond to your directions until then. Do you want to proceed as far as we can now or would you rather stop at some convenient point until I am back in town?
Regards
-Bob

 

[BobTN]

Please note that when MBAM detects sirefef, it only does so when running the FULL scan option. It does not detect on QUICK scan option.

 

[Broni]

• Download RogueKiller on the desktop
• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

=======================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

[BobTN]

I had some trouble downloading RogueKiller. I thought the browser had frozen. First used Google Chrome then used Firefox. When I closed the browser, the download completion dialog appeared. I think the file actually downloaded with Chrome, but I wasn't notified as usually occurs.

Ran RogueKiller. It seemed to find a hj. Log follows. Please note that I did not click CLEAN or REPAIR or whatever it was, I only ran the scanner as you instructed.

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Bob [Admin rights]
Mode: Scan -- Date: 08/02/2012 13:31:42

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 1 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤
SSDT[41] : NtCreateKey @ 0x8057376F -> HOOKED (Unknown @ 0x88436C14)
SSDT[43] : NtCreateMutant @ 0x805775C8 -> HOOKED (Unknown @ 0x884C809C)
SSDT[47] : NtCreateProcess @ 0x805B1BEA -> HOOKED (Unknown @ 0x88540B9C)
SSDT[48] : NtCreateProcessEx @ 0x8058124C -> HOOKED (Unknown @ 0x8854DBB4)
SSDT[52] : NtCreateSymbolicLinkObject @ 0x805A0036 -> HOOKED (Unknown @ 0x88463E5C)
SSDT[53] : NtCreateThread @ 0x80578803 -> HOOKED (Unknown @ 0x88555614)
SSDT[63] : NtDeleteKey @ 0x80597FFA -> HOOKED (Unknown @ 0x884C05F4)
SSDT[65] : NtDeleteValueKey @ 0x80595C1A -> HOOKED (Unknown @ 0x885147C4)
SSDT[68] : NtDuplicateObject @ 0x805748C2 -> HOOKED (Unknown @ 0x8841921C)
SSDT[97] : NtLoadDriver @ 0x805A425D -> HOOKED (Unknown @ 0x8856909C)
SSDT[122] : NtOpenProcess @ 0x80574AA9 -> HOOKED (Unknown @ 0x8854D7BC)
SSDT[125] : NtOpenSection @ 0x8056E467 -> HOOKED (Unknown @ 0x8849419C)
SSDT[128] : NtOpenThread @ 0x8059323B -> HOOKED (Unknown @ 0x8858551C)
SSDT[192] : NtRenameKey @ 0x8064F526 -> HOOKED (Unknown @ 0x883AEE84)
SSDT[204] : NtRestoreKey @ 0x8064FA19 -> HOOKED (Unknown @ 0x883AD48C)
SSDT[240] : NtSetSystemInformation @ 0x805A8349 -> HOOKED (Unknown @ 0x884C721C)
SSDT[247] : NtSetValueKey @ 0x8057BC5B -> HOOKED (Unknown @ 0x88594984)
SSDT[257] : NtTerminateProcess @ 0x805839B9 -> HOOKED (Unknown @ 0x8870A00C)
SSDT[258] : NtTerminateThread @ 0x80577F1F -> HOOKED (Unknown @ 0x8876700C)
SSDT[277] : NtWriteVirtualMemory @ 0x8057F712 -> HOOKED (Unknown @ 0x8858B784)
S_SSDT[548] : Unknown -> HOOKED (Unknown @ 0x87B252E4)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0x87B2531C)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST316002 3AS SCSI Disk Device +++++
--- User ---
[MBR] 848fb19af9cb0a25b68bcec6a0532d28
[BSP] c3be5f3a70f05ee941b623c8ad9648aa : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 39997 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 81915435 | Size: 112619 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt

=============================

Ran aswMBR using the default QuickScan. A suspicious entry found. Log follows. Please note the time required to download the Avast signature files. This PC (PC1) downloaded the files at approx 160 kb/sec while the other PC downloaded the files at approx 950 kb/sec. This may give you some insight as to why there are lags sometimes between a click and an associated response. For example, when I clicked YES to download the Avast files, perhaps a minute or 1.5 minutes went by before any download activity was displayed. The response was almost immediate on the other PC (PC2) covered in my 2nd topic.

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-02 13:35:10
-----------------------------
13:35:10.234 OS Version: Windows 5.1.2600 Service Pack 3
13:35:10.234 Number of processors: 1 586 0xA00
13:35:10.234 ComputerName: SONATA-1 UserName: Bob
13:35:10.578 Initialize success
13:41:32.906 AVAST engine defs: 12080200
13:44:35.562 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\si3112r1Port2Path0Target0Lun0
13:44:35.562 Disk 0 Vendor: ST316002 3.18 Size: 152627MB BusType: 1
13:44:35.578 Disk 0 MBR read successfully
13:44:35.578 Disk 0 MBR scan
13:44:35.609 Disk 0 Windows XP default MBR code
13:44:35.609 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 39997 MB offset 63
13:44:35.656 Disk 0 Partition - 00 0F Extended LBA 112619 MB offset 81915435
13:44:35.671 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 55999 MB offset 81915498
13:44:35.703 Disk 0 Partition - 00 05 Extended 56619 MB offset 196603470
13:44:35.718 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 56619 MB offset 196603533
13:44:35.750 Disk 0 scanning sectors +312560640
13:44:35.859 Disk 0 scanning C:\WINDOWS\system32\drivers
13:45:00.703 Service scanning
13:32:59.984 Modules scanning
13:33:03.375 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS**
13:33:13.921 Disk 0 trace - called modules:
13:33:13.953 ntoskrnl.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll si3112r.sys
13:33:13.953 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88af9ab8]
13:33:13.984 3 CLASSPNP.SYS[f784ffd7] -> nt!IofCallDriver -> \Device\Scsi\si3112r1Port2Path0Target0Lun0[0x88b13a38]
13:33:14.296 AVAST engine scan C:\WINDOWS
13:33:43.703 AVAST engine scan C:\WINDOWS\system32
13:40:51.531 AVAST engine scan C:\WINDOWS\system32\drivers
13:41:21.000 AVAST engine scan C:\Documents and Settings\Bob
13:48:33.375 AVAST engine scan C:\Documents and Settings\All Users
13:50:27.984 Scan finished successfully
13:52:47.562 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Bob\Desktop\MBR.dat"
13:52:47.562 The log file has been saved successfully to "C:\Documents and Settings\Bob\Desktop\aswMBR.txt"

==================

Thanks for your help!
-Bob

 

[Broni]

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.exe

• Double-click on the Rkill icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

 

[BobTN]

Hi Broni,
One of the instructions is to disable script blocking. I know how to do this in Internet Explorer but since IE won't be running I don't think you intend to stop script blocking there. I think you mean to disable script blocking in WinXPPro, but I don't know how to do this. Please advise.

Also, you mention to disable AV and there are notes about AVG and CA antivirus programs. I know I've used AVG before on this PC and I think I've used CA. Both have been uninstalled. Should I run AppRemover to clean up leftover bits that some AV program uninstallers leave behind?

 

[Broni]

One of the instructions is to disable script blocking.

If you run Windows Defender or/and Spybot disable those.

Should I run AppRemover to clean up leftover bits that some AV program uninstallers leave behind?

No.

 

[BobTN]

ComboFix log follows. Have you seen any sign of sirefef yet on this PC?

ComboFix 12-07-31.03 - Bob 08/02/2012 15:02:22.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.605 [GMT -4:00]
Running from: c:\documents and settings\Bob\Desktop\ComboFix.exe
AV: Trend Micro Titanium 2012 *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\xml2C.tmp
c:\documents and settings\All Users\Application Data\xml2D.tmp
c:\documents and settings\All Users\Application Data\xml2E.tmp
c:\documents and settings\All Users\Application Data\xml2F.tmp
c:\documents and settings\All Users\Application Data\xml30.tmp
c:\documents and settings\All Users\Application Data\xml31.tmp
c:\documents and settings\Bob\Application Data\E9F5E6
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-02 to 2012-08-02 )))))))))))))))))))))))))))))))
.
.
2012-07-28 19:24 . 2012-07-03 17:4622344----a-w-c:\windows\system32\drivers\mbam.sys
2012-07-28 19:24 . 2012-07-28 19:39--------d-----w-c:\program files\Malwarebytes' Anti-Malware
2012-07-28 17:25 . 2012-07-28 17:25--------d-----w-C:\temp
2012-07-28 17:20 . 2012-07-28 17:20--------d-----w-c:\documents and settings\Bob\Local Settings\Application Data\Trend Micro
2012-07-28 17:19 . 2012-07-28 17:19--------d-----w-c:\documents and settings\LocalService\Application Data\Trend Micro
2012-07-28 17:18 . 2012-07-28 17:1592432----a-w-c:\windows\system32\drivers\tmtdi.sys
2012-07-28 17:18 . 2012-07-28 17:1581168----a-w-c:\windows\system32\drivers\tmactmon.sys
2012-07-28 17:18 . 2012-07-28 17:1568368----a-w-c:\windows\system32\drivers\tmevtmgr.sys
2012-07-28 17:18 . 2012-07-28 17:15205072----a-w-c:\windows\system32\drivers\tmcomm.sys
2012-07-28 17:18 . 2012-07-28 17:26--------d-----w-c:\documents and settings\All Users\Application Data\Trend Micro
2012-07-28 17:18 . 2012-07-28 17:1856----a-w-c:\windows\system32\SupportTool.exe.bat
2012-07-28 16:48 . 2012-07-28 16:48--------d-----w-c:\documents and settings\Bob - Admin\Local Settings\Application Data\Temp
2012-07-28 16:36 . 2012-07-28 16:36--------d-----w-c:\documents and settings\All Users\Application Data\boost_interprocess
2012-07-22 20:47 . 2012-07-22 20:47612----a-w-C:\cc_20120722_164720.reg
2012-07-22 19:47 . 2012-07-22 19:4758186----a-w-C:\cc_20120722_154717.reg
2012-07-22 19:37 . 2012-07-22 19:37--------d-----w-c:\documents and settings\Bob\Application Data\NVIDIA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-28 18:12 . 2012-05-04 17:13426184----a-w-c:\windows\system32\FlashPlayerApp.exe
2012-06-28 18:12 . 2011-08-21 22:4470344----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:19 . 2004-12-16 01:061866112----a-w-c:\windows\system32\win32k.sys
2012-06-06 19:39 . 2012-06-06 19:39332----a-w-C:\cc_20120606_153946.reg
2012-06-06 19:38 . 2012-06-06 19:3815442----a-w-C:\cc_20120606_153835.reg
2012-06-05 15:50 . 2008-08-30 01:061372672------w-c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-12-16 01:061172480----a-w-c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-12-16 01:06152576----a-w-c:\windows\system32\schannel.dll
2012-06-02 19:19 . 2007-06-07 18:2422040----a-w-c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2007-06-07 18:2415384----a-w-c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2004-08-03 18:03219160----a-w-c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2004-08-03 18:02329240----a-w-c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2004-08-03 17:59210968----a-w-c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2007-06-07 18:2415384----a-w-c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2005-05-26 08:1645080----a-w-c:\windows\system32\wups2.dll
2012-06-02 19:19 . 2004-08-09 01:3753784----a-w-c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2004-08-03 17:5935864----a-w-c:\windows\system32\wups.dll
2012-06-02 19:19 . 2003-03-31 12:0097304----a-w-c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2007-06-07 18:2417944----a-w-c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2004-08-03 18:00577048----a-w-c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2004-08-09 01:371933848----a-w-c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2008-08-27 01:28275696----a-w-c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2008-08-27 01:2817136----a-w-c:\windows\system32\mucltui.dll.mui
2012-06-02 19:18 . 2007-07-30 23:18214256----a-w-c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2004-12-16 01:06599040----a-w-c:\windows\system32\crypt32.dll
2012-05-16 15:08 . 2004-12-16 01:06916992----a-w-c:\windows\system32\wininet.dll
2012-05-15 10:18 . 2012-05-28 03:3065536----a-w-c:\windows\system32\OpenCL.dll
2012-05-15 10:18 . 2012-05-28 03:30883008----a-w-c:\windows\system32\nvgenco32.dll
2012-05-15 10:18 . 2012-05-28 03:302530624----a-w-c:\windows\system32\nvcuvid.dll
2012-05-15 10:18 . 2012-05-28 03:3018771968----a-w-c:\windows\system32\nvoglnt.dll
2012-05-15 10:18 . 2012-05-28 03:301000768----a-w-c:\windows\system32\nvdispco32.dll
2012-05-15 10:18 . 2010-07-10 09:386012928----a-w-c:\windows\system32\nvcuda.dll
2012-05-15 10:18 . 2010-07-10 09:382445120----a-w-c:\windows\system32\nvcuvenc.dll
2012-05-15 10:18 . 2010-07-10 09:382359808----a-w-c:\windows\system32\nvapi.dll
2012-05-15 10:18 . 2010-07-10 09:3817543168----a-w-c:\windows\system32\nvcompiler.dll
2012-05-15 10:18 . 2004-08-04 07:564373248----a-w-c:\windows\system32\nv4_disp.dll
2012-05-15 10:18 . 2004-08-04 05:2914014656----a-w-c:\windows\system32\drivers\nv4_mini.sys
2012-05-15 09:40 . 2012-05-28 03:3154272----a-w-c:\windows\system32\nvwddi.dll
2012-05-15 09:40 . 2012-05-28 03:31143680----a-w-c:\windows\system32\nvcolor.exe
2012-05-15 09:40 . 2012-05-28 03:3115504192----a-w-c:\windows\system32\nvcpl.dll
2012-05-15 09:40 . 2012-05-28 03:31164160----a-w-c:\windows\system32\nvsvc32.exe
2012-05-15 09:40 . 2012-05-28 03:31108352----a-w-c:\windows\system32\nvmctray.dll
2012-05-11 14:42 . 2004-12-16 01:061469440------w-c:\windows\system32\inetcpl.cpl
2012-05-11 14:42 . 2004-12-16 01:0643520------w-c:\windows\system32\licmgr10.dll
2012-05-11 11:38 . 2004-08-04 05:59385024------w-c:\windows\system32\html.iec
2004-02-10 22:54 . 2009-05-16 19:58666256----a-w-c:\program files\PSADMIN.EXE
1997-07-22 13:24 . 2009-05-16 19:5816096----a-w-c:\program files\PSWINDSP.DLL
1997-04-09 21:47 . 2009-05-16 19:5819488----a-w-c:\program files\IPXDLL.DLL
1996-02-20 20:21 . 2009-05-16 19:5856048----a-w-c:\program files\IMPPRO20.VBX
1996-02-15 06:20 . 2009-05-16 19:58122496----a-w-c:\program files\PCTREE16.DLL
1995-06-15 04:00 . 2009-05-16 19:58277532----a-w-c:\program files\NWPSRV.DLL
1995-05-12 14:19 . 2009-05-16 19:58529440----a-w-c:\program files\SSPP20.VBX
1995-03-22 13:43 . 2009-05-16 19:5843088----a-w-c:\program files\NWLOCALE.DLL
1995-03-22 13:43 . 2009-05-16 19:5841456----a-w-c:\program files\NWIPXSPX.DLL
1995-03-22 13:43 . 2009-05-16 19:58225264----a-w-c:\program files\NWNET.DLL
1995-03-22 13:43 . 2009-05-16 19:58147616----a-w-c:\program files\NWCALLS.DLL
1993-11-23 16:52 . 2009-05-16 19:5821008----a-w-c:\program files\CTL3D.DLL
1993-07-16 19:28 . 2009-05-16 19:5864432----a-w-c:\program files\THREED.VBX
.
.

 

[Broni]

More coming I assume?

No signs of Sirefef so far.

 

[BobTN]

Hmmmm. Seems the ComboFix log is long. Will be posting multiple replies so it can be posted.

------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2002-08-29 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2003-03-31 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2003-03-31 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys
.
[-] 2003-03-31 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2003-03-31 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll
[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
.
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll
.
[-] 2008-04-14 00:11 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 00:11 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 00:11 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
[-] 2004-08-04 07:56 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
[-] 2003-03-31 . 6A1CF14D0E7D0B2241F552223769C8A7 . 221696 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll
.
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-04 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll
[-] 2003-03-31 . 493FCBED180DCACF0B5D4C8C29949CA9 . 260608 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB828741$\rpcss.dll
.
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2004-08-04 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe
.
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2003-03-31 . 2246D8D8F4714A2CEDB21AB9B1849ABB . 516608 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\winlogon.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2004-08-20 . FC13804088C77CCA6B6C9B26BA5BDECB . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1579_x-ww_7bbf8d08\comctl32.dll
[-] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2004-08-04 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2004-04-16 . A7B3F3FB365B8B3B29C7C7322392C765 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll
[-] 2003-03-31 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2003-03-31 . 76B90BD220F1B1CC9E183C6B1AE9FBB4 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
.
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
[-] 2003-03-31 . 41C70161BFCB17E7E12ED89BADD2AEF4 . 53248 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB826939$\cryptsvc.dll
.
[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2004-08-04 07:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll
[-] 2003-03-31 12:00 . C9702DDD814C39DC1254CF757C31C6E4 . 225280 . . [2001.12.4414.46] . . c:\windows\$NtUninstallKB828741$\es.dll
.
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . D8DB5397DE07577C1CB50BA6D23B3AD4 . 984064 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2003-03-31 . 8F162DC91D67D87C1A481BF602A9DAC8 . 930304 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\kernel32.dll
.
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll
[-] 2003-03-31 . 7D8C58C0CBB7331E9296A7357827CA8E . 15360 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB841356$\linkinfo.dll
.
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2003-03-31 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2003-03-31 . 70630CAD245477F8DB02B79D9A92834C . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll
.
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll
.
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2003-03-31 . DD9269230C21EE8FB7FD3FCCC3B1CFCB . 560128 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\user32.dll
.
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
[-] 2007-06-13 . 7712DF0CDDE3A5AC89843E61CD5B3658 . 1033216 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
.
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
[-] 2004-08-04 . 783AFC80383C176B22DBF8333343992D . 146432 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2004-08-04 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.








[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
[-] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
[-] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\ksuser.dll
[-] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\ksuser.dll
[-] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0017\DriverFiles\i386\ksuser.dll
[-] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\ksuser.dll
[-] 2002-12-12 04:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll
[-] 2002-12-12 04:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\ksuser.dll
[-] 2002-12-12 04:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\ksuser.dll
[-] 2001-08-18 . E486A5A8D51CEFF00404DC5AFF0A8330 . 4096 . . [5.1.2600.0] . . c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\ksuser.dll
.
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll

 

[BobTN]

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll
[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
[-] 2003-03-31 . 719B05113003A1934EA25EA1FED68C85 . 159232 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB841873$\schedsvc.dll
.
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll
[-] 2004-08-04 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll
[-] 2004-08-04 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[-] 2003-03-31 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys
[-] 2003-03-31 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
[-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
[-] 2003-03-31 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll
.
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
[-] 2003-03-31 . A81487520F11F65BF270D50EE29887B2 . 34304 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB828035$\msgsvc.dll
.
[-] 2006-10-19 01:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-19 01:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2005-01-28 18:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2005-01-28 18:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-11 06:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
.
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
[-] 2004-08-04 07:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll
.
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
[-] 2004-07-09 08:27 . 5BFA0676E082D4DD2CC0B376BB6210A9 . 363520 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
.
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
[-] 2004-07-09 08:27 . 9D9B4A7F83F1240F15876F45F5757887 . 265728 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
.
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
[-] 2004-08-04 07:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
[-] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll
[-] 2004-08-04 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll
[-] 2006-12-19 . D9F097AA3B97034D3358A01B43E635B2 . 333824 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
[-] 2004-08-04 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll
.
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll
[-] 2004-08-04 . 3B4702155BB2AE9DC00C06A68834BDFA . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll
[-] 2006-06-26 . B5D08C96B2DADAF5171FB69E341B272B . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
[-] 2006-06-26 . 5F098BD2AE6B03044B085DECFFDF91EC . 8192 . . [5.1.2600.2938] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
[-] 2004-08-04 . 4CAEC028C1E21C75E17877D4522D3DB4 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll
.
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wshtcpip.dll
[-] 2004-08-04 . A7F95A53EE055115DF03588997A47D4D . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
.
((((((((((((((((((((((((((((( SnapShot@2012-02-22_21.07.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-11 02:32 . 2011-01-11 02:3249152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80KOR.dll
+ 2011-01-11 02:32 . 2011-01-11 02:3249152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80JPN.dll
+ 2011-01-11 02:32 . 2011-01-11 02:3261440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ITA.dll
+ 2011-01-11 02:32 . 2011-01-11 02:3261440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80FRA.dll
+ 2011-01-11 02:32 . 2011-01-11 02:3261440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ESP.dll
+ 2011-01-11 02:32 . 2011-01-11 02:3257344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ENU.dll
+ 2011-01-11 02:32 . 2011-01-11 02:3265536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80DEU.dll
+ 2011-01-11 02:32 . 2011-01-11 02:3245056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHT.dll
+ 2011-01-11 02:32 . 2011-01-11 02:3240960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHS.dll
+ 2011-01-11 08:05 . 2011-01-11 08:0557856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80u.dll
+ 2011-01-11 08:23 . 2011-01-11 08:2369632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80.dll
+ 2011-01-11 01:21 . 2011-01-11 01:2197280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_7837863c\ATL80.dll
+ 2012-06-28 18:10 . 2012-06-02 19:1945080 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll
+ 2012-06-28 18:10 . 2012-06-02 19:1935864 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll
+ 2003-03-31 12:00 . 2012-07-28 17:1884478 c:\windows\system32\perfc009.dat
+ 2004-12-16 01:06 . 2012-05-11 14:4267072 c:\windows\system32\mshtmled.dll
+ 2006-11-08 02:03 . 2012-05-11 14:4255296 c:\windows\system32\msfeedsbs.dll
- 2006-11-08 02:03 . 2011-12-17 19:4655296 c:\windows\system32\msfeedsbs.dll
- 2004-12-16 01:06 . 2011-12-17 19:4625600 c:\windows\system32\jsproxy.dll
+ 2004-12-16 01:06 . 2012-05-11 14:4225600 c:\windows\system32\jsproxy.dll
+ 2010-05-23 18:27 . 2012-05-11 14:4212800 c:\windows\system32\dllcache\xpshims.dll
- 2010-05-23 18:27 . 2011-12-17 19:4612800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-12-16 01:06 . 2012-05-11 14:4267072 c:\windows\system32\dllcache\mshtmled.dll
- 2007-05-12 01:10 . 2011-12-17 19:4655296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-05-12 01:10 . 2012-05-11 14:4255296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-12-16 01:06 . 2012-05-11 14:4243520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-12-16 01:06 . 2011-12-17 19:4643520 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-12-16 01:06 . 2012-05-11 14:4225600 c:\windows\system32\dllcache\jsproxy.dll
- 2004-12-16 01:06 . 2011-12-17 19:4625600 c:\windows\system32\dllcache\jsproxy.dll
+ 2011-12-15 17:08 . 2011-12-15 17:0857616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2012-02-22 19:20 . 2012-02-22 19:2087408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0787408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0793024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-02-22 19:20 . 2012-02-22 19:2093024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0735688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-02-22 19:20 . 2012-02-22 19:2035688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0717784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-02-22 19:20 . 2012-02-22 19:2017784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0758240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-02-22 19:20 . 2012-02-22 19:2058240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-02-22 19:20 . 2012-02-22 19:2044920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0744920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-02-22 19:20 . 2012-02-22 19:2037240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0737240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-02-22 19:20 . 2012-02-22 19:2064352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0764352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0751032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-02-22 19:20 . 2012-02-22 19:2051032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-02-22 19:20 . 2012-02-22 19:2050552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0750552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-02-22 19:20 . 2012-02-22 19:2081784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0781784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0781800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-02-22 19:20 . 2012-02-22 19:2081800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-02-22 19:20 . 2012-02-22 19:2039784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0739784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0768952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-02-22 19:20 . 2012-02-22 19:2068952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-02-22 19:20 . 2012-02-22 19:2012128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-06 18:07 . 2012-06-06 18:0712128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-02-22 19:20 . 2012-02-22 19:2097680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0797680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-02-22 19:20 . 2012-02-22 19:2017240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0717240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-02-22 19:20 . 2012-02-22 19:2078168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0778168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-06 18:07 . 2012-06-06 18:0781248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-02-22 19:20 . 2012-02-22 19:2081248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-07-22 19:44 . 2012-07-22 19:4422016 c:\windows\Installer\91324.msi
+ 2012-06-28 18:33 . 2012-06-28 18:3342166 c:\windows\Installer\{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}\ARPPRODUCTICON.exe
- 2004-10-10 17:17 . 2004-10-10 17:1742166 c:\windows\Installer\{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}\ARPPRODUCTICON.exe
+ 2005-01-02 18:47 . 2012-07-18 22:5523040 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2005-01-02 18:47 . 2012-02-17 04:5323040 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2005-01-02 18:47 . 2012-07-18 22:5561440 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2005-01-02 18:47 . 2012-02-17 04:5361440 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2005-01-02 18:47 . 2012-02-17 04:5327136 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2005-01-02 18:47 . 2012-07-18 22:5527136 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2005-01-02 18:47 . 2012-02-17 04:5311264 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2005-01-02 18:47 . 2012-07-18 22:5511264 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2005-01-02 18:47 . 2012-02-17 04:5312288 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2005-01-02 18:47 . 2012-07-18 22:5512288 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2012-01-06 02:57 . 2012-01-06 02:5734632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2012-07-18 22:58 . 2012-07-18 22:5834632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2012-06-28 18:50 . 2012-03-01 11:0112800 c:\windows\ie8updates\KB2699988-IE8\xpshims.dll
+ 2012-06-28 18:49 . 2012-03-01 11:0166560 c:\windows\ie8updates\KB2699988-IE8\mshtmled.dll
+ 2012-06-28 18:49 . 2012-03-01 11:0155296 c:\windows\ie8updates\KB2699988-IE8\msfeedsbs.dll
+ 2012-06-28 18:49 . 2012-03-01 11:0143520 c:\windows\ie8updates\KB2699988-IE8\licmgr10.dll
+ 2012-06-28 18:49 . 2012-03-01 11:0125600 c:\windows\ie8updates\KB2699988-IE8\jsproxy.dll
+ 2012-04-13 03:48 . 2011-12-17 19:4612800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll
+ 2012-04-13 03:48 . 2011-12-17 19:4666560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll
+ 2012-04-13 03:48 . 2011-12-17 19:4655296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll
+ 2012-04-13 03:48 . 2011-12-17 19:4643520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll
+ 2012-04-13 03:48 . 2011-12-17 19:4625600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll
+ 2012-06-06 19:10 . 2012-06-06 19:1096768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\d81fe03da02265c1b303b34c28cf6b05\UIAutomationProvider.ni.dll
+ 2012-06-06 20:29 . 2012-06-06 20:2935328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\19417a127c31d4d27e9b82c9fd48c554\System.Windows.Presentation.ni.dll
+ 2012-06-06 20:29 . 2012-06-06 20:2971680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\e5cf7be6b9deee73d674f2bc43752fed\System.Web.ApplicationServices.ni.dll
+ 2012-06-06 20:28 . 2012-06-06 20:2882432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\39c6c5375d1763165dd8c1623bd10668\System.ServiceModel.Channels.ni.dll

More to come....

 

[BobTN]

+ 2012-06-06 19:10 . 2012-06-06 19:10 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\59be5fb54e018032511415f0b0523ee3\System.AddIn.Contract.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:09 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\46f273930666397a8cb538ffe9190eef\Microsoft.VisualC.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:09 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\36124bfc4baaa1c2063d699e77324080\System.Web.DynamicData.Design.ni.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2718704\update\spcustom.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2718704\spmsg.dll
+ 2012-06-28 18:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2709162\update\spcustom.dll
+ 2012-06-28 18:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2709162\spmsg.dll
+ 2012-06-28 18:53 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2707511\update\spcustom.dll
+ 2012-06-28 18:47 . 2012-05-05 03:16 16896 c:\windows\$hf_mig$\KB2707511\update\mpsyschk.dll
+ 2012-06-28 18:53 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2707511\spmsg.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2699988-IE8\update\spcustom.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2699988-IE8\spmsg.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 12800 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\xpshims.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 67072 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtmled.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 55296 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\msfeedsbs.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 43520 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\licmgr10.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 25600 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\jsproxy.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2695962\update\spcustom.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2695962\spmsg.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2686509\update\spcustom.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2686509\spmsg.dll
+ 2012-06-28 18:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2685939\update\spcustom.dll
+ 2012-06-28 18:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2685939\spmsg.dll
+ 2012-06-28 18:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2676562\update\spcustom.dll
+ 2012-06-28 18:47 . 2012-04-11 13:53 16896 c:\windows\$hf_mig$\KB2676562\update\mpsyschk.dll
+ 2012-06-28 18:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2676562\spmsg.dll
+ 2012-04-13 03:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2675157-IE8\update\spcustom.dll
+ 2012-04-13 03:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2675157-IE8\spmsg.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 12800 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\xpshims.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 66560 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtmled.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 55296 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\msfeedsbs.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 43520 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\licmgr10.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 25600 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\jsproxy.dll
+ 2012-04-13 03:43 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2653956\update\spcustom.dll
+ 2012-04-13 03:43 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2653956\spmsg.dll
+ 2012-04-13 03:43 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2647518\update\spcustom.dll
+ 2012-04-13 03:43 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2647518\spmsg.dll
+ 2012-04-13 03:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2641653\update\spcustom.dll
+ 2012-04-13 03:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2641653\spmsg.dll
+ 2012-04-13 03:45 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2621440\update\spcustom.dll
+ 2012-04-13 03:45 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2621440\spmsg.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-04-26 17:30 . 2012-05-28 03:24 7816 c:\windows\system32\d3d9caps.dat
- 2005-01-02 18:47 . 2012-02-17 04:53 4096 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2005-01-02 18:47 . 2012-07-18 22:55 4096 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2012-06-06 19:09 . 2012-06-06 19:09 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\fd866b4158c3bd2a26c875f2896c5573\dfsvc.ni.exe
- 2012-02-17 05:07 . 2012-02-17 05:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-02-17 05:07 . 2012-02-17 05:07 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-06-28 18:47 . 2012-04-19 11:26 8192 c:\windows\$hf_mig$\KB2686509\update\kblChecker.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-01-11 08:27 . 2011-01-11 08:27 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcr80.dll
+ 2011-01-11 08:24 . 2011-01-11 08:24 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcp80.dll
+ 2011-01-11 08:08 . 2011-01-11 08:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcm80.dll
+ 2004-12-16 01:06 . 2012-02-29 14:10 177664 c:\windows\system32\wintrust.dll
- 2004-12-16 01:06 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 105984 c:\windows\system32\url.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 105984 c:\windows\system32\url.dll
+ 2003-03-31 12:00 . 2012-07-28 17:18 496124 c:\windows\system32\perfh009.dat
- 2004-12-16 01:06 . 2011-12-17 19:46 206848 c:\windows\system32\occache.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 206848 c:\windows\system32\occache.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 611840 c:\windows\system32\mstime.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 611840 c:\windows\system32\mstime.dll
+ 2006-11-08 02:03 . 2012-05-11 14:42 629760 c:\windows\system32\msfeeds.dll
+ 2012-06-28 18:12 . 2012-06-28 18:12 686280 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe
+ 2012-05-04 17:13 . 2012-06-28 18:12 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2004-12-16 01:06 . 2012-02-29 14:10 148480 c:\windows\system32\imagehlp.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 184320 c:\windows\system32\iepeers.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 184320 c:\windows\system32\iepeers.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 387584 c:\windows\system32\iedkcs32.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 387584 c:\windows\system32\iedkcs32.dll
+ 2004-12-16 01:06 . 2012-05-11 11:38 174080 c:\windows\system32\ie4uinit.exe
- 2004-12-16 01:06 . 2011-12-16 12:23 174080 c:\windows\system32\ie4uinit.exe
- 2004-08-08 21:13 . 2012-02-17 05:32 382424 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-08 21:13 . 2012-07-18 23:00 382424 c:\windows\system32\FNTCACHE.DAT
- 2004-12-16 01:06 . 2011-06-24 14:10 139656 c:\windows\system32\drivers\rdpwd.sys
+ 2004-12-16 01:06 . 2012-05-02 13:46 139656 c:\windows\system32\drivers\rdpwd.sys
+ 2004-12-16 01:06 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll
- 2004-12-16 01:06 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 916992 c:\windows\system32\dllcache\wininet.dll
+ 2004-12-16 01:06 . 2012-05-16 15:08 916992 c:\windows\system32\dllcache\wininet.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 105984 c:\windows\system32\dllcache\url.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 105984 c:\windows\system32\dllcache\url.dll
+ 2004-12-16 01:06 . 2012-06-04 04:32 152576 c:\windows\system32\dllcache\schannel.dll
+ 2004-12-16 01:06 . 2012-05-02 13:46 139656 c:\windows\system32\dllcache\rdpwd.sys
- 2004-12-16 01:06 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys
- 2004-12-16 01:06 . 2011-12-17 19:46 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 206848 c:\windows\system32\dllcache\occache.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-05-12 01:10 . 2012-05-11 14:42 629760 c:\windows\system32\dllcache\msfeeds.dll
- 2004-12-16 01:06 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2004-12-16 01:06 . 2012-05-28 18:16 536576 c:\windows\system32\dllcache\msado15.dll
+ 2012-06-28 18:47 . 2012-05-11 14:42 521728 c:\windows\system32\dllcache\jsdbgui.dll
+ 2004-12-16 01:06 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll
- 2010-05-23 18:27 . 2011-12-17 19:46 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2010-05-23 18:27 . 2012-05-11 14:42 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-11 04:45 . 2012-05-11 14:42 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-06-11 04:45 . 2011-12-17 19:46 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-12-16 01:06 . 2012-05-11 11:38 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-12-16 01:06 . 2011-12-16 12:23 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-12-16 01:06 . 2012-05-31 13:22 599040 c:\windows\system32\dllcache\crypt32.dll
- 2004-12-16 01:06 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
+ 2005-02-21 01:39 . 2012-06-06 20:15 262144 c:\windows\system32\config\systemprofile\ntuser.dat
- 2005-02-21 01:39 . 2005-02-21 01:39 262144 c:\windows\system32\config\systemprofile\ntuser.dat
+ 2012-08-01 03:28 . 2011-12-05 21:18 195324 c:\windows\PCHealth\HelpCtr\Config\Cache\Professional_32_1033.dat
+ 2011-12-15 17:08 . 2011-12-15 17:08 182056 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 156440 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 386824 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2012-01-31 07:38 . 2012-01-31 07:38 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll

More to come....

 

[BobTN]

+ 2012-06-06 18:07 . 2012-06-06 18:07 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-07-22 21:05 . 2012-07-22 21:05 301056 c:\windows\Installer\ae19c.msi
+ 2012-02-03 03:56 . 2012-02-03 03:56 963584 c:\windows\Installer\28af04.msp
+ 2005-01-02 18:47 . 2012-07-18 22:55 409600 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2005-01-02 18:47 . 2012-02-17 04:53 409600 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2005-01-02 18:47 . 2012-02-17 04:53 286720 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2005-01-02 18:47 . 2012-07-18 22:55 286720 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2005-01-02 18:47 . 2012-07-18 22:55 249856 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2005-01-02 18:47 . 2012-02-17 04:53 249856 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2005-01-02 18:47 . 2012-07-18 22:55 794624 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2005-01-02 18:47 . 2012-02-17 04:53 794624 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2005-01-02 18:47 . 2012-02-17 04:53 135168 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2005-01-02 18:47 . 2012-07-18 22:55 135168 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2005-01-02 18:47 . 2012-02-17 04:53 593920 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2005-01-02 18:47 . 2012-07-18 22:55 593920 c:\windows\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 181096 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationHostDLL_X86.dll
+ 2012-06-28 18:49 . 2012-03-01 11:01 916992 c:\windows\ie8updates\KB2699988-IE8\wininet.dll
+ 2012-06-28 18:49 . 2012-03-01 11:01 105984 c:\windows\ie8updates\KB2699988-IE8\url.dll
+ 2012-06-28 18:50 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2699988-IE8\spuninst\updspapi.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2699988-IE8\spuninst\spuninst.exe
+ 2012-06-28 18:49 . 2012-03-01 11:01 206848 c:\windows\ie8updates\KB2699988-IE8\occache.dll
+ 2012-06-28 18:49 . 2012-03-01 11:01 611840 c:\windows\ie8updates\KB2699988-IE8\mstime.dll
+ 2012-06-28 18:49 . 2012-03-01 11:01 602112 c:\windows\ie8updates\KB2699988-IE8\msfeeds.dll
+ 2012-06-28 18:50 . 2009-03-08 09:35 521216 c:\windows\ie8updates\KB2699988-IE8\jsdbgui.dll
+ 2012-06-28 18:50 . 2012-03-01 11:01 247808 c:\windows\ie8updates\KB2699988-IE8\ieproxy.dll
+ 2012-06-28 18:49 . 2012-03-01 11:01 184320 c:\windows\ie8updates\KB2699988-IE8\iepeers.dll
+ 2012-06-28 18:50 . 2012-03-01 11:01 743424 c:\windows\ie8updates\KB2699988-IE8\iedvtool.dll
+ 2012-06-28 18:50 . 2012-03-01 11:01 387584 c:\windows\ie8updates\KB2699988-IE8\iedkcs32.dll
+ 2012-06-28 18:50 . 2012-02-29 12:17 174080 c:\windows\ie8updates\KB2699988-IE8\ie4uinit.exe
+ 2012-04-13 03:48 . 2011-12-17 19:46 916992 c:\windows\ie8updates\KB2675157-IE8\wininet.dll
+ 2012-04-13 03:48 . 2011-12-17 19:46 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll
+ 2012-04-13 03:48 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll
+ 2012-04-13 03:48 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe
+ 2012-04-13 03:48 . 2011-12-17 19:46 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll
+ 2012-04-13 03:48 . 2011-12-17 19:46 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll
+ 2012-04-13 03:48 . 2011-12-17 19:46 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll
+ 2012-04-13 03:48 . 2011-12-17 19:46 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll
+ 2012-04-13 03:48 . 2011-12-17 19:46 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll
+ 2012-04-13 03:48 . 2011-12-17 19:46 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll
+ 2012-04-13 03:48 . 2011-12-17 19:46 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll
+ 2012-04-13 03:48 . 2011-12-16 12:23 174080 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe
+ 2012-06-06 20:30 . 2012-06-06 20:30 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\0239b73b27954fa758289c6524bf864c\WindowsFormsIntegration.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0a80fd3af7e48eb9cc9099fee5814dff\UIAutomationTypes.ni.dll
+ 2012-06-06 20:29 . 2012-06-06 20:29 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\b9b816e8c78a78b2d5af593c8d3e509a\UIAutomationClient.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f44e12702dadeae606b8eaca609b1336\System.Xml.Linq.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 188928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\59fb92c38f1035e7b11a23fc6e82c992\System.Windows.Input.Manipulations.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 646656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\ce2aa3a5e89c326055ac8e2a309232f7\System.Transactions.ni.dll
+ 2012-06-06 20:28 . 2012-06-06 20:28 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\dbc4c0be36767456143cefecc1ce2809\System.ServiceProcess.ni.dll
+ 2012-06-06 20:28 . 2012-06-06 20:28 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\284141392cdba7fa4b2a4668125329a9\System.ServiceModel.Routing.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 729088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\efe46aa882d9ac31f7fbbdc004fc99d5\System.Security.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6a37764b2df9b3f9c7775701027ef779\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 762368 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0f9d7198d2c0a3953fb59b1aca0d35f7\System.Runtime.Remoting.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 652800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\b0a7e53e8aaaca2d2ae065e85f959ff4\System.Net.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\7439cb7f06f37d03095d9cffca7b0f96\System.Messaging.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\d7cba8bd14e7352bc6b1f7cd35b7fd43\System.Management.Instrumentation.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\100d056c9dc360ec5a25ff227a14840b\System.IO.Log.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 229376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\5e38634854f36e1aff7500a351830427\System.IdentityModel.Selectors.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\26ee061618887d629a9f7072970ffb85\System.EnterpriseServices.Wrapper.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 786944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\26ee061618887d629a9f7072970ffb85\System.EnterpriseServices.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 377344 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\1203e60a51fe0f726fbeaf0456f938a5\System.Dynamic.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 468992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\c75c07a581ad459c8474cd83aa7dabf4\System.DirectoryServices.Protocols.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\80373cd811bf63ae93af1733a6c7e1c5\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\6fbe438983c9ca94c80d64225ad2e5ce\System.Device.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\950c346ef6261ecc93ced8d995914a1d\System.Data.DataSetExtensions.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 980480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0c8e950df17a0abec10888e8ad966cbe\System.Configuration.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\5f1677711612f8920a01bd480b5d163f\System.Configuration.Install.ni.dll
+ 2012-06-06 18:09 . 2012-06-06 18:09 690176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\f7099031cfac8ec61b948bb09b07b1a1\System.ComponentModel.Composition.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\bcbd0e714127d69a895ef80afa5dfd78\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 624128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\41d68b79da934255ca82b466b93d7938\System.AddIn.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\2d00f7297e070e69c1cb44b25503b1c3\System.Activities.DurableInstancing.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:09 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\0ae347a9076db27075e06a63f2123186\SMSvcHost.ni.exe
+ 2012-06-06 19:10 . 2012-06-06 19:10 142848 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\9115e9f656b00fc4e46da91537ef1358\SMDiagnostics.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\65154746a8d265c0fac2b6a3dba40fbe\PresentationFramework.Aero.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\346dd9f96aeaddaf535d8ba8706e0da4\PresentationFramework.Classic.ni.dll
+ 2012-06-06 18:09 . 2012-06-06 18:09 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1df40509871106cbe2da63568db546d7\PresentationFramework.Luna.ni.dll
+ 2012-06-06 18:10 . 2012-06-06 18:10 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\19ed90ccc9d285beb1c38dc031665962\PresentationFramework.Royale.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:09 302592 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\f9e86c784508f05f5bd9337a4a005bfe\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:09 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\10d7bd563bd71306375c6887ddd9de46\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:09 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll
+ 2012-04-13 04:05 . 2012-04-13 04:05 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\5be064066858620a8aa628fca459a888\WindowsFormsIntegration.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\1107b3a711bab40c83e2561ba2431d62\System.Web.Routing.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d7c8c294920cfe79765215e242308d28\System.Web.Extensions.Design.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\5176923a8264305118a299419e1c7bde\System.Web.Entity.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d746c0f0ed36226efb2e0115de42cdd6\System.Web.Entity.Design.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\df5542604898c9ea3fda32c8619ae0e5\System.Web.DynamicData.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\b9c8715157536097b489132574ad5c17\System.Web.Abstractions.ni.dll
+ 2012-04-13 03:48 . 2012-04-13 03:48 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e433394df8d44e43690a855e403555\System.ServiceProcess.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\55a9cbd5683fa954af88540e23949fff\System.Messaging.ni.dll
+ 2012-04-13 04:04 . 2012-04-13 04:04 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\cc2cd3bc46c9c2b30e47281e404a3230\System.Drawing.Design.ni.dll
+ 2012-04-13 04:36 . 2012-04-13 04:36 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\8d6cd6a93f679608d52b6c874088b963\AspNetMMCExt.ni.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-06-28 18:50 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2718704$\spuninst\updspapi.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2718704$\spuninst\spuninst.exe
+ 2012-06-28 18:50 . 2011-09-28 07:06 599040 c:\windows\$NtUninstallKB2718704$\crypt32.dll
+ 2012-06-28 18:48 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2709162$\spuninst\updspapi.dll
+ 2012-06-28 18:48 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2709162$\spuninst\spuninst.exe
+ 2012-06-28 18:53 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2707511$\spuninst\updspapi.dll
+ 2012-06-28 18:53 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2707511$\spuninst\spuninst.exe
+ 2012-06-28 18:50 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2695962$\spuninst\updspapi.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2695962$\spuninst\spuninst.exe
+ 2012-06-28 18:50 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2686509$\spuninst\updspapi.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2686509$\spuninst\spuninst.exe
+ 2012-06-28 18:49 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2685939$\spuninst\updspapi.dll
+ 2012-06-28 18:49 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2685939$\spuninst\spuninst.exe
+ 2012-06-28 18:49 . 2012-01-09 16:20 139784 c:\windows\$NtUninstallKB2685939$\rdpwd.sys
+ 2012-06-28 18:48 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2676562$\spuninst\updspapi.dll
+ 2012-06-28 18:48 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2676562$\spuninst\spuninst.exe
+ 2012-06-28 18:52 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2659262$\spuninst\updspapi.dll
+ 2012-06-28 18:52 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2659262$\spuninst\spuninst.exe
+ 2012-04-13 03:43 . 2009-12-24 06:59 177664 c:\windows\$NtUninstallKB2653956$\wintrust.dll
+ 2012-04-13 03:43 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2653956$\spuninst\updspapi.dll
+ 2012-04-13 03:43 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2653956$\spuninst\spuninst.exe
+ 2012-04-13 03:43 . 2008-04-14 00:11 144384 c:\windows\$NtUninstallKB2653956$\imagehlp.dll
+ 2012-04-13 03:43 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2647518$\spuninst\updspapi.dll
+ 2012-04-13 03:43 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2647518$\spuninst\spuninst.exe
+ 2012-04-13 03:48 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2641653$\spuninst\updspapi.dll
+ 2012-04-13 03:48 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2641653$\spuninst\spuninst.exe
+ 2012-04-13 03:45 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2621440$\spuninst\updspapi.dll
+ 2012-04-13 03:45 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2621440$\spuninst\spuninst.exe
+ 2012-04-13 03:45 . 2011-06-24 14:10 139656 c:\windows\$NtUninstallKB2621440$\rdpwd.sys
+ 2012-06-28 18:50 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2718704\update\updspapi.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2718704\update\update.exe
+ 2012-06-28 18:50 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2718704\spuninst.exe
+ 2012-05-31 13:19 . 2012-05-31 13:19 599552 c:\windows\$hf_mig$\KB2718704\SP3QFE\crypt32.dll
+ 2012-06-28 18:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2709162\update\updspapi.dll
+ 2012-06-28 18:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2709162\update\update.exe
+ 2012-06-28 18:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2709162\spuninst.exe
+ 2012-06-28 18:53 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2707511\update\updspapi.dll
+ 2012-06-28 18:53 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2707511\update\update.exe
+ 2012-06-28 18:53 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2707511\spuninst.exe
+ 2012-06-28 18:50 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2699988-IE8\update\updspapi.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2699988-IE8\update\update.exe
+ 2012-06-28 18:50 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2699988-IE8\spuninst.exe
+ 2012-06-28 18:47 . 2012-05-16 15:06 920064 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 105984 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\url.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 206848 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\occache.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 611840 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mstime.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 630272 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\msfeeds.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 522240 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\jsdbgui.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 247808 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\ieproxy.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 184320 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\iepeers.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 743424 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\iedvtool.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 387584 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\iedkcs32.dll
+ 2012-06-28 18:47 . 2012-05-11 12:13 174080 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\ie4uinit.exe
+ 2012-06-28 18:50 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2695962\update\updspapi.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2695962\update\update.exe
+ 2012-06-28 18:50 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2695962\spuninst.exe
+ 2012-06-28 18:50 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2686509\update\updspapi.dll
+ 2012-06-28 18:50 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2686509\update\update.exe
+ 2012-06-28 18:50 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2686509\spuninst.exe
+ 2012-06-28 18:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2685939\update\updspapi.dll
+ 2012-06-28 18:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2685939\update\update.exe
+ 2012-06-28 18:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2685939\spuninst.exe
+ 2012-06-28 18:47 . 2012-05-02 13:45 139656 c:\windows\$hf_mig$\KB2685939\SP3QFE\rdpwd.sys
+ 2012-06-28 18:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2676562\update\updspapi.dll
+ 2012-06-28 18:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2676562\update\update.exe
+ 2012-06-28 18:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2676562\spuninst.exe

More to come ...

 

[BobTN]

+ 2012-04-13 03:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2675157-IE8\update\updspapi.dll
+ 2012-04-13 03:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2675157-IE8\update\update.exe
+ 2012-04-13 03:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2675157-IE8\spuninst.exe
+ 2012-04-13 03:42 . 2012-03-01 10:58 919552 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 105984 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\url.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 206848 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\occache.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 611840 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mstime.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 602112 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\msfeeds.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 247808 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ieproxy.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 184320 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iepeers.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 743424 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iedvtool.dll
+ 2012-04-13 03:42 . 2012-03-01 10:58 387584 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iedkcs32.dll
+ 2012-04-13 03:41 . 2012-02-29 12:30 174080 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ie4uinit.exe
+ 2012-04-13 03:43 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2653956\update\updspapi.dll
+ 2012-04-13 03:43 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2653956\update\update.exe
+ 2012-04-13 03:43 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2653956\spuninst.exe
+ 2012-02-29 14:08 . 2012-02-29 14:08 178176 c:\windows\$hf_mig$\KB2653956\SP3QFE\wintrust.dll
+ 2012-02-29 14:08 . 2012-02-29 14:08 148480 c:\windows\$hf_mig$\KB2653956\SP3QFE\imagehlp.dll
+ 2012-04-13 03:43 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2647518\update\updspapi.dll
+ 2012-04-13 03:43 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2647518\update\update.exe
+ 2012-04-13 03:43 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2647518\spuninst.exe
+ 2012-04-13 03:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2641653\update\updspapi.dll
+ 2012-04-13 03:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2641653\update\update.exe
+ 2012-04-13 03:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2641653\spuninst.exe
+ 2012-04-13 03:45 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2621440\update\updspapi.dll
+ 2012-04-13 03:45 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2621440\update\update.exe
+ 2012-04-13 03:45 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2621440\spuninst.exe
+ 2012-04-13 03:41 . 2012-01-09 16:19 139784 c:\windows\$hf_mig$\KB2621440\SP3QFE\rdpwd.sys
+ 2012-06-28 18:47 . 2012-02-09 15:43 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
+ 2011-01-11 02:50 . 2011-01-11 02:50 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80u.dll
+ 2011-01-11 02:50 . 2011-01-11 02:50 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 1212416 c:\windows\system32\urlmon.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 1212416 c:\windows\system32\urlmon.dll
+ 2004-12-16 01:06 . 2012-06-08 14:26 8462848 c:\windows\system32\shell32.dll
+ 2012-05-28 03:30 . 2012-06-01 07:06 1075544 c:\windows\system32\nvdrsdb1.bin
+ 2012-05-28 03:30 . 2012-06-01 07:09 1075544 c:\windows\system32\nvdrsdb0.bin
+ 2004-12-16 01:06 . 2012-05-11 14:42 6007808 c:\windows\system32\mshtml.dll
+ 2012-06-28 18:12 . 2012-06-28 18:12 9459912 c:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
+ 2006-10-17 16:57 . 2012-05-11 14:42 2000384 c:\windows\system32\iertutil.dll
- 2006-10-17 16:57 . 2011-12-17 19:46 2000384 c:\windows\system32\iertutil.dll
+ 2004-12-16 01:06 . 2012-06-13 13:19 1866112 c:\windows\system32\dllcache\win32k.sys
+ 2004-12-16 01:06 . 2012-05-11 14:42 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2004-12-16 01:06 . 2011-12-17 19:46 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2004-12-16 01:06 . 2012-06-08 14:26 8462848 c:\windows\system32\dllcache\shell32.dll
+ 2004-12-16 01:06 . 2012-05-04 13:12 2192640 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-17 23:45 . 2012-05-04 12:32 2026496 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2004-12-16 01:06 . 2012-05-04 12:32 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-17 23:45 . 2012-05-04 13:16 2148352 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-30 01:06 . 2012-06-05 15:50 1372672 c:\windows\system32\dllcache\msxml6.dll
- 2008-08-30 01:06 . 2009-07-31 15:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2004-12-16 01:06 . 2012-06-05 15:50 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2004-12-16 01:06 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2004-12-16 01:06 . 2012-05-11 14:42 6007808 c:\windows\system32\dllcache\mshtml.dll
- 2007-05-12 01:11 . 2011-12-17 19:46 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2007-05-12 01:11 . 2012-05-11 14:42 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 1369872 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 6429992 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 3789088 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 5029160 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 5029160 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 3789088 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-06 18:07 . 2012-06-06 18:07 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-02-22 19:20 . 2012-02-22 19:20 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-03-06 01:34 . 2012-03-06 01:34 5519872 c:\windows\Installer\b3fab9.msp
+ 2012-04-17 16:11 . 2012-04-17 16:11 7681024 c:\windows\Installer\7aad8.msp
+ 2012-04-09 20:50 . 2012-04-09 20:50 6829568 c:\windows\Installer\6d0ee1.msp
+ 2012-04-05 02:38 . 2012-04-05 02:38 3620864 c:\windows\Installer\676674.msp
+ 2012-03-20 02:02 . 2012-03-20 02:02 6695936 c:\windows\Installer\67666a.msp
+ 2012-01-31 00:46 . 2012-01-31 00:46 7069184 c:\windows\Installer\28af06.msp
+ 2012-03-22 17:09 . 2012-03-22 17:09 5521920 c:\windows\Installer\28aefb.msp
+ 2012-04-05 02:38 . 2012-04-05 02:38 2831360 c:\windows\Installer\25c8d3.msp
+ 2012-04-29 01:43 . 2012-04-29 01:43 8459264 c:\windows\Installer\25c8c9.msp
+ 2012-06-29 18:33 . 2012-06-29 18:33 6063616 c:\windows\Installer\25c8bf.msp
+ 2012-07-28 17:17 . 2012-07-28 17:17 1313280 c:\windows\Installer\1a7ae5.msi
+ 2012-04-27 19:09 . 2012-04-27 19:09 5521408 c:\windows\Installer\167ff7.msp
+ 2011-06-06 16:55 . 2011-06-06 16:55 1189004 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\JSByteCodeWin.bin
+ 2010-03-18 18:16 . 2010-03-18 18:16 1303896 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\WindowsBase_x86.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 6346600 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationFramework_x86.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 3545952 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationCore_x86.dll
+ 2011-08-17 14:49 . 2011-08-17 14:49 4683624 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\WRD12CNV.DLL
+ 2011-07-07 07:58 . 2011-07-07 07:58 1616240 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\OGL.DLL
+ 2012-06-28 18:49 . 2012-03-01 11:01 1212416 c:\windows\ie8updates\KB2699988-IE8\urlmon.dll
+ 2012-06-28 18:49 . 2012-03-01 11:01 5978624 c:\windows\ie8updates\KB2699988-IE8\mshtml.dll
+ 2012-06-28 18:49 . 2012-03-01 11:01 2000384 c:\windows\ie8updates\KB2699988-IE8\iertutil.dll
+ 2012-04-13 03:48 . 2011-12-17 19:46 1212416 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll
+ 2012-04-13 03:48 . 2011-12-17 19:46 5979136 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
+ 2012-04-13 03:48 . 2011-12-17 19:46 2000384 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll
+ 2008-10-17 23:45 . 2012-05-04 13:12 2192640 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-17 23:45 . 2012-05-04 12:32 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-17 23:45 . 2012-05-04 12:32 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-17 23:45 . 2012-05-04 13:16 2148352 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2012-06-06 18:08 . 2012-06-06 18:08 3856896 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\48caa269efbfb9e8ff3d24266ff997b1\WindowsBase.ni.dll
+ 2012-06-06 20:29 . 2012-06-06 20:29 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\8e781e6163ae43948398bd67dc39fb23\UIAutomationClientsideProviders.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 9090560 c:\windows\assembly\NativeImages_v4.0.30319_32\System\6f399163bb35597da7141ccdb7f39d16\System.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 5618176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\5ee8bf77e7b3e25cdbff6e1c299574fe\System.Xml.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 1781760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\9b6f1bcb2cf4e6ad429cd721b942f30f\System.Xaml.ni.dll
+ 2012-06-06 20:29 . 2012-06-06 20:29 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\a761587533a3d34ffe936781c011d121\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-06 20:29 . 2012-06-06 20:29 1859584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\1126dc2c152098ec23d4554405217184\System.Web.Services.ni.dll
+ 2012-06-06 20:29 . 2012-06-06 20:29 2010624 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\7ebd25fd0282e19eba65f4da70ab5a0b\System.Speech.ni.dll
+ 2012-06-06 20:28 . 2012-06-06 20:28 1128960 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\28b09f14e54a06c091073b1d3e316fb6\System.ServiceModel.Discovery.ni.dll
+ 2012-06-06 20:28 . 2012-06-06 20:28 1387520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\18d8e3f9e290217ac0c48571557c5fc3\System.ServiceModel.Activities.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 2637312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9bfda0add366eea12ea0402e60d01e84\System.Runtime.Serialization.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 1020928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\a40c42510e312339018486b1d7076e0a\System.Runtime.DurableInstancing.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\1fb98fd8aea1502c95018db64c89e279\System.Printing.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\1409dc3832b37f850569c69a795f834b\System.Management.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 1072128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a90d8ca6c54f70507704d788fd0d3ded\System.IdentityModel.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 1653248 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\45796b0658535e8d2ff6f6ec1ab6a244\System.Drawing.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\8d978e3524c0bd870ce63db289c4de6d\System.DirectoryServices.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 1878016 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\022dd1fbd35bec6a1d61f1120df31778\System.Deployment.ni.dll
+ 2012-06-06 18:09 . 2012-06-06 18:09 6798336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\9f5111b0b58258c3a4bbcfb8bf27374c\System.Data.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 2545152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\6cdfd96214b74cdf4984ae8ee076f421\System.Data.SqlXml.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 1338880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\65444428f83ba9e46053e46d2341655f\System.Data.Services.Client.ni.dll
+ 2012-06-06 18:10 . 2012-06-06 18:10 2512384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\867ce3db3528f36121841762a19da61d\System.Data.Linq.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 7052800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\14ba6251d6ec84c9579ed3d3e10b30c1\System.Core.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 4121088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\95b5ece57120cb7363e69e5fbd4616b7\System.Activities.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 3755008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\205c11cb85454cef511260e7d0aa8d9d\System.Activities.Presentation.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 1544192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\03a2c4de6afcdcef177bbc7bf3799003\System.Activities.Core.Presentation.ni.dll
+ 2012-06-06 19:10 . 2012-06-06 19:10 2904576 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\7d83efb636e657fb9f8759e1aa15e98e\ReachFramework.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:10 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\fb5b77c1bdf8c0636f7ff25d03381a2b\PresentationUI.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:09 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\72bd3a5cda56b3817e0522a60e170eae\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:09 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\434583d8e633570da52da83faea4a758\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:09 1836544 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\34db6470c4cba5c27634346ccbf664fd\Microsoft.VisualBasic.ni.dll
+ 2012-06-06 19:09 . 2012-06-06 19:09 1082368 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\50ca1cf4491136871b732062c412bad0\Microsoft.Transactions.Bridge.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\78e5704cfbbec26947e2e1ff07f647bf\Microsoft.JScript.ni.dll
+ 2012-06-06 18:10 . 2012-06-06 18:10 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\9c3ba92c4fce8efd41b59a0243415408\Microsoft.CSharp.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\d31d2eb0a862d3c1d3561be5f1570c3e\System.WorkflowServices.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\53c2336db392bfa5484850780048e37a\System.Workflow.ComponentModel.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\f243723cda77dd647b250dd9c42c35e2\System.Workflow.Activities.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\d1dacd5cb445b242b70bf7d606464293\System.Web.Mobile.ni.dll
+ 2012-04-13 04:37 . 2012-04-13 04:37 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6acbb8bb1a43fab0fdcf55bedd1fbcc3\System.Web.Extensions.ni.dll
+ 2012-04-13 04:04 . 2012-04-13 04:04 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\44d507a702c1623810e094adf751f687\System.Printing.ni.dll
+ 2012-04-13 03:48 . 2012-04-13 03:48 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll
+ 2012-04-13 03:49 . 2012-04-13 03:49 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3d253a2235f7c03630003bc1fbaf34a3\System.Deployment.ni.dll
+ 2012-04-13 04:04 . 2012-04-13 04:04 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\c73e109dbac6b099786cc68fe36e3d0b\ReachFramework.ni.dll
+ 2012-04-13 04:04 . 2012-04-13 04:04 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\20d72aeac1109863b77532d37d3f4fa2\PresentationUI.ni.dll
+ 2012-04-13 04:36 . 2012-04-13 04:36 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ec4a3f74cb80c9b9581d778e8645b2c\Microsoft.VisualBasic.ni.dll
+ 2012-04-13 04:36 . 2012-04-13 04:36 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\daa176f80db2aea136c7e9ca1bb8ed55\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-04-13 04:36 . 2012-04-13 04:36 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\59c7029103c3e42b19a5527b875ea27b\Microsoft.PowerShell.Editor.ni.dll
+ 2012-04-13 04:36 . 2012-04-13 04:36 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\876b7280cf4e81fd65b120f60d38a7d9\Microsoft.Build.Tasks.ni.dll
+ 2012-04-13 04:36 . 2012-04-13 04:36 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\64ba53308e90fa3837fe47977e2d37b6\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-04-13 04:36 . 2012-04-13 04:36 1140736 c:\windows\assembly\NativeImages_v2.0.50727_32\AcLayer\51bd940eb6c38f0786933ee413803c13\AcLayer.ni.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-02-17 05:07 . 2012-02-17 05:07 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-13 03:47 . 2012-04-13 03:47 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-28 18:48 . 2012-02-03 09:22 1860096 c:\windows\$NtUninstallKB2709162$\win32k.sys
+ 2012-06-28 18:52 . 2012-04-11 13:10 2192640 c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe
+ 2012-06-28 18:52 . 2012-04-11 12:35 2026496 c:\windows\$NtUninstallKB2707511$\ntkrpamp.exe
+ 2012-06-28 18:52 . 2012-04-11 12:35 2069120 c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe
+ 2012-06-28 18:52 . 2012-04-11 13:14 2148352 c:\windows\$NtUninstallKB2707511$\ntkrnlmp.exe
+ 2012-06-28 18:48 . 2011-10-25 13:33 2192768 c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe
+ 2012-06-28 18:48 . 2011-10-25 12:52 2027008 c:\windows\$NtUninstallKB2676562$\ntkrpamp.exe
+ 2012-06-28 18:48 . 2011-10-25 12:52 2069376 c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe
+ 2012-06-28 18:48 . 2011-10-25 13:37 2148864 c:\windows\$NtUninstallKB2676562$\ntkrnlmp.exe
+ 2012-04-13 03:48 . 2012-01-12 16:53 1859968 c:\windows\$NtUninstallKB2641653$\win32k.sys
+ 2012-05-15 13:27 . 2012-05-15 13:27 1872128 c:\windows\$hf_mig$\KB2709162\SP3QFE\win32k.sys
+ 2012-05-04 13:20 . 2012-05-04 13:20 2192640 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe
+ 2012-05-04 12:41 . 2012-05-04 12:41 2026496 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrpamp.exe
+ 2012-05-04 12:41 . 2012-05-04 12:41 2069120 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
+ 2012-05-04 13:24 . 2012-05-04 13:24 2148352 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlmp.exe
+ 2012-06-28 18:47 . 2012-05-11 14:41 1214464 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\urlmon.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 6009344 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 2001408 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\iertutil.dll
+ 2012-04-11 13:23 . 2012-04-11 13:23 1871360 c:\windows\$hf_mig$\KB2676562\SP3QFE\win32k.sys
+ 2012-04-11 13:22 . 2012-04-11 13:22 2192640 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
+ 2012-04-11 12:42 . 2012-04-11 12:42 2026496 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrpamp.exe
+ 2012-04-11 12:42 . 2012-04-11 12:42 2069120 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
+ 2012-04-11 13:26 . 2012-04-11 13:26 2148352 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlmp.exe
+ 2012-04-13 03:41 . 2012-03-01 10:58 1214464 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\urlmon.dll
+ 2012-04-13 03:41 . 2012-03-01 10:58 5980672 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll
+ 2012-04-13 03:41 . 2012-03-01 10:58 2001408 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iertutil.dll
+ 2012-04-13 03:41 . 2012-02-03 09:26 1869184 c:\windows\$hf_mig$\KB2641653\SP3QFE\win32k.sys
+ 2005-07-21 00:46 . 2012-07-18 22:56 57442464 c:\windows\system32\MRT.exe
+ 2006-11-08 02:03 . 2012-05-12 00:12 11111424 c:\windows\system32\ieframe.dll
+ 2007-05-12 01:10 . 2012-05-12 00:12 11111424 c:\windows\system32\dllcache\ieframe.dll
+ 2012-06-30 17:07 . 2012-06-30 17:07 23771136 c:\windows\Installer\7aae5.msp
+ 2012-06-30 17:07 . 2012-06-30 17:07 23771136 c:\windows\Installer\7aada.msp
+ 2012-06-30 19:07 . 2012-06-30 19:07 23771136 c:\windows\Installer\6d0ecc.msp
+ 2011-12-15 17:40 . 2011-12-15 17:40 23374336 c:\windows\Installer\67668b.msp
+ 2012-01-03 17:58 . 2012-01-03 17:58 15929344 c:\windows\Installer\5fb51b.msp
+ 2012-03-28 22:10 . 2012-03-28 22:10 12098048 c:\windows\Installer\28aee5.msp
+ 2012-04-04 13:32 . 2012-04-04 13:32 16613376 c:\windows\Installer\28aed0.msp
+ 2012-06-28 18:49 . 2012-03-02 10:01 11082752 c:\windows\ie8updates\KB2699988-IE8\ieframe.dll
+ 2012-04-13 03:48 . 2011-12-18 19:46 11082240 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll
+ 2012-06-06 18:09 . 2012-06-06 18:09 13137920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\a76b58bd61fc970c0f11e6fac0ffbeef\System.Windows.Forms.ni.dll
+ 2012-06-06 20:28 . 2012-06-06 20:28 17996800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\5be1370b1331393f73af710d0d71b02d\System.ServiceModel.ni.dll
+ 2012-06-06 19:12 . 2012-06-06 19:12 13324288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\65d0d6f4cdbc47ecd5cce9e959827fe8\System.Data.Entity.ni.dll
+ 2012-06-06 18:09 . 2012-06-06 18:09 17998848 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3f8b854e0f67d3149608667b92363e7c\PresentationFramework.ni.dll
+ 2012-06-06 18:09 . 2012-06-06 18:09 11451392 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\d967e3512aa73fe5485fb36b3e561ad5\PresentationCore.ni.dll
+ 2012-06-06 18:08 . 2012-06-06 18:08 14412800 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
+ 2012-04-13 03:48 . 2012-04-13 03:49 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll
+ 2012-04-13 04:04 . 2012-04-13 04:04 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\db1d2470de43ffcb6f562277208d56e5\System.Web.ni.dll
+ 2012-04-13 04:04 . 2012-04-13 04:04 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\561138d8d199861578c197c4d24e3934\System.Design.ni.dll
+ 2012-04-13 04:04 . 2012-04-13 04:04 15424000 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\717a195a7cd377bbd4f7275046eecd0a\PresentationFramework.ni.dll
+ 2012-04-13 03:52 . 2012-04-13 03:52 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\029d1d9e6495065aa4f38bcf2315ee8c\PresentationFramework.ni.dll
+ 2012-04-13 03:49 . 2012-04-13 03:49 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0a059ecfca6e421629a8298b03a7814c\PresentationCore.ni.dll
+ 2012-06-28 18:47 . 2012-05-11 14:41 11112960 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\ieframe.dll
+ 2012-04-13 03:41 . 2012-03-01 10:58 11085312 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MaxMenuMgr"="d:\program files\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2008-02-19 1089536]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-05-15 108352]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-05-15 1634112]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2012-02-27 1304792]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-02-27 133424]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-06-02 20:06 87424----a-w- c:\windows\system32\LMIinit.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Status Monitor.lnk]
backup=c:\windows\pss\Status Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-09-22 04:28 47904----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 12:22 59240----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360----a-w- c:\windows\system32\ctfmon.exe
[FONT=Times New Roman].[/FONT]
$\KB2�!6\
 �� dspapi.dll

+ 2012-06-28 18:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2676562\update\update.exe
+ 2012-06-28 18:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2676562\spuninst.exe

Still more to come....

 

[BobTN]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-24 06:10 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmctxth]
2009-07-07 18:48 647216 ----a-w- c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 19:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-10-19 00:05 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SandraAgentSrv"=3 (0x3)
"ose"=3 (0x3)
"nmservice"=2 (0x2)
"LVPrcSrv"=2 (0x2)
"IswSvc"=2 (0x2)
"IntuitUpdateService"=2 (0x2)
"IDriverT"=3 (0x3)
"Autodesk Licensing Service"=3 (0x3)
"LVSrvLauncher"=2 (0x2)
"iPod Service"=3 (0x3)
"gupdate1c9e142c0b1f8f0"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\program files\\Microsoft ActiveSync\\wcescomm.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Brother\\Brmfl08g\\FAXRX.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*isabledxpsp2res.dll,-22009
"54925:UDP"= 54925:UDP:BrotherNetwork Scanner
"5985:TCP"= 5985:TCP:*isabled:Windows Remote Management
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 si3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [8/27/2004 5:18 PM 116264]
R0 SiWinAcc;SiWinAcc;c:\windows\system32\drivers\SiWinAcc.sys [5/20/2004 6:35 PM 19240]
R1 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [7/28/2012 1:18 PM 68368]
R2 FreeAgentGoNext Service;Seagate Service;d:\program files\Sync\FreeAgentService.exe [9/26/2009 12:32 AM 189736]
S1 MpKsl1178ba2f;MpKsl1178ba2f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EB84E65B-F5B2-4730-9749-757197E4DB6E}\MpKsl1178ba2f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EB84E65B-F5B2-4730-9749-757197E4DB6E}\MpKsl1178ba2f.sys [?]
S1 MpKsl231eebfa;MpKsl231eebfa;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{80674338-B513-4643-92BD-A6A640369317}\MpKsl231eebfa.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{80674338-B513-4643-92BD-A6A640369317}\MpKsl231eebfa.sys [?]
S1 MpKsl2751f54d;MpKsl2751f54d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{101E2C77-EE8B-4369-B9E9-0F4D46849721}\MpKsl2751f54d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{101E2C77-EE8B-4369-B9E9-0F4D46849721}\MpKsl2751f54d.sys [?]
S1 MpKsl39e8a9ab;MpKsl39e8a9ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D4F2DE46-B7A9-4351-8E7F-A9FFADD09499}\MpKsl39e8a9ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D4F2DE46-B7A9-4351-8E7F-A9FFADD09499}\MpKsl39e8a9ab.sys [?]
S1 MpKsl7150a8a0;MpKsl7150a8a0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9DA868BD-5140-44D9-8E1E-B2BB2AD72370}\MpKsl7150a8a0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9DA868BD-5140-44D9-8E1E-B2BB2AD72370}\MpKsl7150a8a0.sys [?]
S1 MpKsl867c8dc4;MpKsl867c8dc4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{14D708B9-A6BB-45F5-9439-4210E4B6FC45}\MpKsl867c8dc4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{14D708B9-A6BB-45F5-9439-4210E4B6FC45}\MpKsl867c8dc4.sys [?]
S1 MpKsl9d06480a;MpKsl9d06480a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA56F80D-71BF-44DD-8CB7-648B880157C0}\MpKsl9d06480a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA56F80D-71BF-44DD-8CB7-648B880157C0}\MpKsl9d06480a.sys [?]
S1 MpKslb201c47b;MpKslb201c47b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8CB83CBD-45B6-402D-BCD9-D12C018A4937}\MpKslb201c47b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8CB83CBD-45B6-402D-BCD9-D12C018A4937}\MpKslb201c47b.sys [?]
S1 MpKslbc7d866c;MpKslbc7d866c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{82B75403-E49B-45BF-BED1-4B7348A76F77}\MpKslbc7d866c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{82B75403-E49B-45BF-BED1-4B7348A76F77}\MpKslbc7d866c.sys [?]
S1 MpKsle03e63b1;MpKsle03e63b1;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EA481F83-BA67-4ADE-83E1-E7CB12788C05}\MpKsle03e63b1.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EA481F83-BA67-4ADE-83E1-E7CB12788C05}\MpKsle03e63b1.sys [?]
S2 ALIEHCD;ALi PCI to USB Enhanced Host Controller;c:\windows\system32\drivers\AliEhci.sys [12/13/2010 11:46 AM 112835]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [7/28/2012 1:17 PM 200632]
S2 gupdate1c9e142c0b1f8f0;Google Update Service (gupdate1c9e142c0b1f8f0);c:\program files\Google\Update\GoogleUpdate.exe [5/30/2009 12:21 PM 133104]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5/30/2009 12:21 PM 133104]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [5/3/2012 11:46 PM 113120]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\DRIVERS\TMPassthru.sys --> c:\windows\system32\DRIVERS\TMPassthru.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*NewlyCreated* - TRUESIGHT
*Deregistered* - aswMBR
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-30 16:21]
.
2012-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-30 16:21]
.
2012-08-02 c:\windows\Tasks\User_Feed_Synchronization-{DF542F13-DAE3-4D65-B1C7-4D99E7E66840}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100
DPF: ppctlcab - hxxp://www.pestscan.com/scanner/ppctlcab.cab
DPF: {4A026B12-94F3-4D2F-A468-96AA55DE20A5} - hxxp://svander.ourlinksys.com:1024/img/NetCamPlayerWeb11g.ocx
DPF: {84A31672-371A-4CBF-8785-DCE55CDC7370} - hxxp://68.184.160.115/ocxfile/DownLoad.ocx
DPF: {A7A61125-0EAA-11D1-B22F-0000C08C00C4} - hxxps://www.ext.ch2m.com/ETS/controls/sheridan3_13.cab
FF - ProfilePath - c:\documents and settings\Bob\Application Data\Mozilla\Firefox\Profiles\gj9ibnoh.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-COMODO System Cleaner SafeDelete - c:\program files\COMODO\System Cleaner\CSC.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-02 15:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1085031214-1614895754-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(748)
c:\windows\system32\LMIinit.dll
.
Completion time: 2012-08-02 15:15:30
ComboFix-quarantined-files.txt 2012-08-02 19:15
ComboFix2.txt 2012-02-22 21:14
.
Pre-Run: 14,817,148,928 bytes free
Post-Run: 15,166,656,512 bytes free
.
- - End Of File - - C00AD00CE4F30933142BAC4E97F5FAEC

HooRay!!!! end of ComboFix log For PC1!!!!

 

[Broni]

Looks good

Any current issues?

================================

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[BobTN]

Have not run OTL yet.

Machine crashed while I was browsing the news on yahoo.com. Often does this as described in original post.

Current issue is "Windows could not start because the following file is missing or corrupt:
\windows\ssystem32\config\system
You can attempt to repair this file by starting Windows Setup using the original Setup CD-ROM. Select 'r' at the first screen to start repair.

I have known this machine had serious issues and have been planning to attempt a non-destruc tive repair but want to purchase a replacement XP Pro CD with SP3 and recent updates. My original CD for PC1 is SP1......

Suggestions?

 

[Broni]

We have system hive corrupted or missing.
We can attempt to fix this issue but you may consider reinstallation.
First of all I didn't see much in your logs and also you're saying that the computer have been having issues for a while.
Windows reinstallation may be the best option here.

Let me know.

 

[BobTN]

Problem is I don't have much time before I leave town, and I have some things to do to get ready for departure. I had previously attempted to use the CD for my other PC which is SP2 to slipstream to SP3. I tried a repai with that CD but my XP wouldn't accept it. Maybe because of OEM vs retail copies, I don't recall. Could be probs with the CD drive. Didn't have time then to figure out why it would n't work. I'd prefer to attempt a repair before I go with reinstall. I have free training sw installed that I no longer have access to. Not a problem with license, but a problem with access to the installation sources - I had a brief period of access when I was first laid off. I'd hate to lose the sw but ultimately may need to bite the bullet.

Would this be a good time to put further work on this PC on HOLD until I return from my trip?

So, did you ever see sirefef on this PC? Any other infection. I saw some refs to 'adult entertainment' sites. Recall this started when MBAM hit on an Nvidia file when doing a somewhat routine FULL scan.

I very much appreciate your help!

-Bob

 

[Broni]

As I said I didn't see much there especially Sirefef.

I'm pretty sure you have some other issues which cause computer's misbehavior.

Keep in mind that you can't backup any program prior to reinstallation.
Programs have to be reinstalled.

If you want to wait until you're back it's fine with me.

 

[BobTN]

I'd prefer to wait. Otherwise I could get into a bind.

Let me know how to get things going again when I get back in town. I'll be gone 2 weeks but it may be 3 weeks before I can get back to this after I get back and get everything settled down again.

 

[Broni]

If you find your topic closed simply PM me.

 

[Broni]

Just checking on you...