Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus or malware - it is very slow . . .

Started by MickFee , Dec 07 2010 06:33 PM

  • This topic is locked This topic is locked

#16
MickFee
Posted 19 December 2010 - 09:21 PM

MickFee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
OK

Combo - Fix run, after a singular false start where it indicated Trend was still having an "Active Scan" in place.

Still, "clicked through" everything, Combo-Fix ran OK and here's the report:

ComboFix 10-12-18.02 - MICHAEL FEEHAN 20/12/2010 13:54:59.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.223.105 [GMT 11:00]
Running from: c:\documents and settings\MICHAEL FEEHAN\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Internet Security *Enabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Trend Micro Personal Firewall *Enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\HP Image Zone .lnk
c:\windows\system\oeminfo.ini

.
((((((((((((((((((((((((( Files Created from 2010-11-20 to 2010-12-20 )))))))))))))))))))))))))))))))
.

2010-12-18 00:51 . 2010-12-18 00:51 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-18 00:50 . 2010-12-18 00:50 -------- d--h--w- c:\windows\msdownld.tmp
2010-12-16 23:55 . 2010-12-16 23:55 -------- d-----w- C:\_OTL
2010-12-16 23:20 . 2010-11-12 07:53 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-12-16 04:59 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-08 00:01 . 2010-12-08 00:01 -------- d-----w- c:\documents and settings\New Folder
2010-12-02 01:21 . 2010-12-02 01:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\HpUpdate
2010-12-02 01:18 . 2010-12-02 01:18 -------- d-----w- c:\documents and settings\Administrator\Application Data\HP
2010-12-02 01:13 . 2010-12-02 01:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2010-12-02 01:05 . 2010-12-02 01:05 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\AVG Security Toolbar
2010-12-02 01:04 . 2010-12-02 01:04 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-12-02 00:51 . 2010-12-02 00:51 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-12-02 00:30 . 2010-12-02 00:30 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-12-02 00:29 . 2010-12-02 00:29 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 03:03 . 2010-07-07 23:48 1409 ----a-w- c:\windows\QTFont.for
2010-11-29 06:42 . 2010-07-08 00:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-29 06:42 . 2010-07-08 00:59 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:12 . 2005-07-06 00:51 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 07:53 . 2010-05-06 00:21 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 05:34 . 2008-01-21 04:03 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-06 00:26 . 2002-08-29 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2002-08-29 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2002-08-29 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2008-01-25 01:23 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2002-08-29 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2002-08-29 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2002-08-29 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2004-10-11 09:46 . 2004-10-11 09:46 205312 ----a-w- c:\program files\ltefx13n.dll
2004-01-19 04:31 . 2004-01-19 04:31 153600 ----a-w- c:\program files\ltfil13n.DLL
2004-01-19 03:31 . 2004-01-19 03:31 27648 ----a-w- c:\program files\lfiff13n.dll
2004-01-19 03:31 . 2004-01-19 03:31 20480 ----a-w- c:\program files\lfCUT13n.dll
2004-01-19 02:31 . 2004-01-19 02:31 453120 ----a-w- c:\program files\ltkrn13n.dll
2004-01-19 02:12 . 2004-01-19 02:12 89600 ----a-w- c:\program files\Lfcgm13n.dll
2004-01-19 01:49 . 2004-01-19 01:49 278016 ----a-w- c:\program files\LFJ2K13n.dll
2004-01-19 01:49 . 2004-01-19 01:49 180736 ----a-w- c:\program files\Lfpng13n.dll
2004-01-19 01:47 . 2004-01-19 01:47 76800 ----a-w- c:\program files\Lfwmf13n.dll
2004-01-19 01:47 . 2004-01-19 01:47 509440 ----a-w- c:\program files\LFCMW13n.dll
2004-01-19 01:45 . 2004-01-19 01:45 420352 ----a-w- c:\program files\LFCMP13n.DLL
2004-01-19 01:44 . 2004-01-19 01:44 143872 ----a-w- c:\program files\lftif13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 56832 ----a-w- c:\program files\lfpsd13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 19968 ----a-w- c:\program files\lfpcd13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 26624 ----a-w- c:\program files\lfpcx13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 65536 ----a-w- c:\program files\Lfpct13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 18944 ----a-w- c:\program files\lfmsp13n.dll
2004-01-19 01:35 . 2004-01-19 01:35 18944 ----a-w- c:\program files\lfmac13n.dll
2004-01-19 01:35 . 2004-01-19 01:35 20992 ----a-w- c:\program files\lfimg13n.dll
2004-01-19 01:34 . 2004-01-19 01:34 31744 ----a-w- c:\program files\lfclp13n.dll
2004-01-19 01:34 . 2004-01-19 01:34 30208 ----a-w- c:\program files\lfbmp13n.dll
2004-01-19 01:33 . 2004-01-19 01:33 444928 ----a-w- c:\program files\ltimg13n.dll
2004-01-19 01:32 . 2004-01-19 01:32 265216 ----a-w- c:\program files\LTDIS13n.dll
2000-05-01 18:17 . 2000-05-01 18:17 212480 ----a-w- c:\program files\PCDLIB32.DLL
1999-11-18 13:00 . 1999-11-18 13:00 284032 ----a-w- c:\program files\XceedZip.dll
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2002-08-29 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2002-08-29 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-03 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\soft2\Download\f7c10c2b68f88196f082e36f7313e169\sp2gdr\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys

[-] 2002-08-29 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2002-08-29 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\soft2\Download\146ae5e7b51a37f45e0e5cf03d0d5e3c\sp2gdr\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2GDR\tcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB941644$\tcpip.sys

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2004-08-03 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-03 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\soft2\Download\f7a4b3723a3aad7955ede9785b307e88\sp2gdr\netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-03 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-03 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\soft2\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\sp2gdr\rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\soft2\Download\7fc28d97b1595fa7b9dce8dd43cee6b0\sp2gdr\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-03 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll

[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-03 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe

[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\soft2\Download\0fd33c77398fa2b50df56456525ef5c3\sp2gdr\spoolsv.exe
[-] 2004-08-03 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-03 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2006-08-25 . 11B508E0D26622D2BD25B60033245F6A . 925184 . . [6.0] . . c:\windows\soft2\Download\e533f2b7494d7e198f7fd652beea5687\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\soft2\Download\e533f2b7494d7e198f7fd652beea5687\sp2qfe\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\soft2\Download\e533f2b7494d7e198f7fd652beea5687\sp2qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\InstallTemp\2830078\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2006-03-17 . 551E967F1E08EE6E205FCB5ADCB0DFC5 . 925184 . . [6.0] . . c:\windows\soft2\Download\cb2769f3b1daf367a31ed046299a3790\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2005-08-31 . A93B7C3B08B9AC15B4DCDC96A50E4C2C . 925184 . . [6.0] . . c:\windows\soft2\Download\0ad26524c298df9a41026d3b49a38936\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2005-03-11 . F6A21D5476C7B4CA9873D97BD246D6EB . 925184 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1643_x-ww_7c3a9bc6\comctl32.dll
[-] 2004-12-21 . 865CF4B7CA471E4E9E4EC3F3CE60FE9E . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1612_x-ww_7c379b08\comctl32.dll
[-] 2004-08-20 . FC13804088C77CCA6B6C9B26BA5BDECB . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1579_x-ww_7bbf8d08\comctl32.dll
[-] 2004-08-03 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2004-08-03 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2002-08-29 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\55483\comctl32.dll
[-] 2002-08-29 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2002-08-29 . 76B90BD220F1B1CC9E183C6B1AE9FBB4 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-03 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\soft2\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\sp2gdr\es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2004-08-03 13:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-03 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\soft2\Download\c1835c8cb0bb13f938a8a983ca5edea4\sp2gdr\kernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2004-08-03 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2004-08-03 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB935839$\kernel32.dll

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\soft2\Download\0ad26524c298df9a41026d3b49a38936\sp2gdr\linkinfo.dll
[-] 2004-08-03 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-03 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3QFE\mshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3GDR\mshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\system32\mshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2010-09-10 . DE41132DA8E5A3CD57201C6F2175EC05 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
[-] 2010-09-10 . 8A03CC037E6B7D1796192815231B0C3F . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 94DC7E938C57F3C3D1BC4A0F68FC5830 . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 4D7EF94795384CD2BBAAB078B7929FEA . 5951488 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-02-25 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . C0F9AC6FAB2C788FFEE3E69585A0E93F . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . CBB1EF54B86EDB78649909DD1699E5CA . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[-] 2009-10-22 . CDA69BC1C23B0EA033B989F67CB722FF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[-] 2009-10-22 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[-] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[-] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[-] 2009-07-19 . 5A32B43A48D6DCA339BF24105D9A028F . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[-] 2009-07-19 . F25D866DD486AD30E05E5596CB363C3E . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[-] 2009-05-13 . EEAADAA744B20E68CF5EB4FBB4F8AFA9 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[-] 2009-05-13 . EEAADAA744B20E68CF5EB4FBB4F8AFA9 . 5936128 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\mshtml.dll
[-] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[-] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\ie8\mshtml.dll
[-] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[-] 2009-03-07 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[-] 2009-02-21 . 1BB754AB47B327DE8DBF2FA18C36357C . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[-] 2009-02-20 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll
[-] 2009-01-16 . CC9D001B7370B292C35B366CA05B12B4 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[-] 2009-01-16 . 3B413267DA8AE71C20E5EF3E54F74728 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[-] 2008-12-13 . 121EC39A64D64205A88C2C45B034B455 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-12-13 . C79FAD61CD4A26ED5AA8C16D991C6FBD . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[-] 2008-10-16 . B74F31A4BD83797D7A083F922169287D . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[-] 2008-10-16 . EACAEDEF6FA2A969DE5B36190D45396F . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[-] 2008-08-27 . 1AD035E04A7068EC2820B055A3131ED8 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[-] 2008-08-26 . 25CC085720EE3617FD1F8AB9E2F7CAB2 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[-] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[-] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[-] 2008-04-23 . 8976CAB317105F7431B08EA32AB73C65 . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[-] 2008-04-23 . 4D612FF5D3B7EEF200595AE6F95D5E68 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2008-03-01 . 4EE273E2B09317C1217EF0DB91F93534 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
[-] 2008-03-01 . AB2C88167D78D71D93558ACECB24CC7A . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll
[-] 2007-12-08 . A097C36412455F0C7E42377FAF8809B7 . 3592192 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\mshtml.dll
[-] 2007-12-07 . 976C46ED4A75FC66D9C596778898CE1E . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
[-] 2007-10-30 . 54D8B404F17AA74C666F7F3AEF2AE459 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
[-] 2007-10-30 . 8AB7ECF59D6EBBE986277B65ED4A40A1 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll
[-] 2007-10-30 . 8AB7ECF59D6EBBE986277B65ED4A40A1 . 3590656 . . [7.00.6000.16587] . . c:\windows\soft2\Download\f079f64483de750433b596960466dd78\sp2gdr\mshtml.dll
[-] 2007-08-20 . AA8A4BD78D24FCDB96DDAEE3756AA372 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
[-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll
[-] 2007-07-18 . 7CE243CFD47AD0DC431586CB8C542A11 . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll
[-] 2007-05-08 . 1D4E3B86C601A2497C99790CC4D7DF26 . 3584000 . . [7.00.6000.20591] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\mshtml.dll
[-] 2007-03-07 . 190E1AE9B973049B12A67BAD478C770C . 3581952 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\mshtml.dll
[-] 2007-03-07 . DA297A862E5F093A07D37C05F608C686 . 3582976 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\mshtml.dll
[-] 2007-01-04 . 1C45525574EF206346FBAFCAAC7CC4A5 . 3062272 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll
[-] 2006-10-23 . 5FC7DE1195C8E9B5360FD65DBE95E5B0 . 3055104 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll
[-] 2006-09-14 . BE45460D1453B7342E01EAE79BFBC681 . 3054592 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2006-09-14 . CEFEA1C301139A817931BE132F0359FE . 3058688 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\mshtml.dll
[-] 2006-07-28 . D251679BD9EF0250201FB899EC40FD32 . 3058176 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll
[-] 2006-07-28 . C7074DA3D8F8C0F6C03874BA0B05069C . 3054080 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll
[-] 2006-05-19 . 284CE76B71DD5260B42A3CCF0135AF67 . 3052544 . . [6.00.2900.2912] . . c:\windows\$NtUninstallKB918899$\mshtml.dll
[-] 2006-05-19 . 8687E029BE63C77D4919485068C54D77 . 3055104 . . [6.00.2900.2912] . . c:\windows\$hf_mig$\KB916281\SP2QFE\mshtml.dll
[-] 2006-03-23 . DEAA438EA31095E14A196FF647E38D13 . 3053568 . . [6.00.2900.2873] . . c:\windows\$NtUninstallKB916281$\mshtml.dll
[-] 2006-03-23 . ABCD123F888E4E97C8751378CCCC4F26 . 3055616 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll
[-] 2005-11-24 . D3F037F5DA702AE9DDD7663EC9D78BA7 . 3018240 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll
[-] 2005-11-24 . 5E7A39950EA133BB54719A6E08C544A7 . 3015680 . . [6.00.2900.2802] . . c:\windows\$NtUninstallKB912812$\mshtml.dll
[-] 2005-10-05 . 3394299FBF1CD0B24089FC762611360B . 3017728 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll
[-] 2005-10-04 . 042AC20E084D21DD6BEE99B89CC30FB7 . 3015168 . . [6.00.2900.2769] . . c:\windows\$NtUninstallKB905915$\mshtml.dll
[-] 2005-07-20 . A14A7A206AE22DE4FE563E44CFC7DDF5 . 3016192 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll
[-] 2005-07-20 . 31E7520E58E5E4DFA93215A6D5603AF2 . 3014144 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB896688$\mshtml.dll
[-] 2005-05-02 . DCC5C79B99F02EEF8C826B074DBFC222 . 3014144 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll
[-] 2005-05-02 . DCFAC5470EE0A159EC4222BC28AE3EE6 . 3012608 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\mshtml.dll
[-] 2004-08-03 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB883939$\mshtml.dll
[-] 2004-08-03 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2004-08-03 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2004-08-03 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2004-08-03 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2002-08-29 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2002-08-29 . 70630CAD245477F8DB02B79D9A92834C . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-03 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-03 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-03 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-03 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-03 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-03 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\soft2\Download\c97484bc3f0a909669b5abb5a1bd9a86\sp2gdr\tapisrv.dll
[-] 2004-08-03 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\soft2\Download\4d9d678c0d8af22c04a4a7fc7f1ff86c\sp2gdr\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\soft2\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\user32.dll

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-03 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3QFE\wininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3GDR\wininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\system32\wininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\system32\dllcache\wininet.dll
[-] 2010-09-10 . 36FE8ABC59AAFBE20CBE54BC372F9429 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll
[-] 2010-09-10 . 0555E190DCD06B8998E6DDCA42DAEB82 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 60237E50D575FBA9BEC9BC043F157149 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . D3DEB6B2B424AC93DE3801EAEB21A9A5 . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 75240F6EDBCE7B85DF66874407D38A4F . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 . 7E8A47A2E6561274B83E257CE74803FD . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[-] 2009-07-03 . 38114DAB42FB2EB84D1726C42B8D80C5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[-] 2009-05-13 . 366C72AF6970DB7BB39AB0142BF09DB5 . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[-] 2009-05-13 . 366C72AF6970DB7BB39AB0142BF09DB5 . 915456 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\wininet.dll
[-] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[-] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\ie8\wininet.dll
[-] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2009-03-07 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[-] 2009-03-03 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
[-] 2009-03-03 . C8667854873938CA13C986F16B0CD183 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2008-12-20 . 044E0A4E9FE97C0FB9AFE9C89E2A82E6 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . A82935D32D0672E8FF4E91AE398E901C . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . 6741EAF7B7F110E803A6E38F6E5FA6B0 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-10-16 . 0D5B75171FF51775B630A431B6C667E8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . 77C192FE56A70D7FA0247BA0A6201C32 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . EF8EBA98145BFA44E80D17A3B3453300 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 . F6589BE784647CFDBC22EA51CCB1A57A . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-04-23 . 41546B396A526918DA7995A02EA04E51 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2008-03-01 . AD21461AEF8244EDEC2EF18E55E1DCF3 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll
[-] 2008-03-01 . 6316C2F0C61271C8ABDFF7429174879E . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[-] 2007-12-07 . 806D274C9A6C3AAEA5EAE8E4AF841E04 . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll
[-] 2007-12-07 . B5B411BB229AE6EAD7652A32ED47BFB9 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[-] 2007-10-10 . 30C1E0F34AD2972C72A01DB5C74AB065 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll
[-] 2007-10-10 . 30C1E0F34AD2972C72A01DB5C74AB065 . 824832 . . [7.00.6000.16574] . . c:\windows\soft2\Download\f079f64483de750433b596960466dd78\sp2gdr\wininet.dll
[-] 2007-10-10 . 0E5D918F87EFA7D2424D66B499C7EB04 . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[-] 2007-08-20 . 357D54BF94FE9D6D8505A96B5C2A3BCA . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll
[-] 2007-06-27 . D6ED5E042C5207553E7F5E842918137F . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
[-] 2007-04-25 . 431DEFBB4A3D7B0DC062C1B064623A2F . 823808 . . [7.00.6000.20583] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[-] 2007-03-07 . 5B35DAE6E4886F64D1DA58C4E3E01EB9 . 822784 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\wininet.dll
[-] 2007-03-07 . B8F4DB39CA7353752F245379D285C80E . 823296 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[-] 2007-01-04 . 3FFA1573FC274E5AA7467D03941C45EE . 665088 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll
[-] 2006-10-23 . 6B2735ADFF5A5D3B9130CA4A794722F0 . 658944 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll
[-] 2006-09-14 . 621AF3F6174A3F60677F5230E28BCC07 . 658944 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2006-09-14 . D207370287CF769AEBEBF03837784963 . 664576 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll
[-] 2006-06-23 . 64CE26DB72810B30F7855EA51E1DF836 . 664576 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll
[-] 2006-06-23 . 2B4DB890936430C71419037039502752 . 658944 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll
[-] 2006-05-10 . D94CFFDB53E7AC867438E2DFD50E7CBC . 663552 . . [6.00.2900.2904] . . c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll
[-] 2006-05-10 . 38AB7A56F566D9AAAD31812494944824 . 658432 . . [6.00.2900.2904] . . c:\windows\$NtUninstallKB918899$\wininet.dll
[-] 2006-03-04 . C0845ECBF4F9164E618EE381B79C9032 . 663552 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
[-] 2006-03-04 . 1C0979C7A489BEE573CD0BF4AD94BB06 . 658432 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB916281$\wininet.dll
[-] 2005-10-21 . E7B27B6B6E06CE34EA019FD8B858C613 . 658432 . . [6.00.2900.2781] . . c:\windows\$NtUninstallKB912812$\wininet.dll
[-] 2005-10-21 . AF785C4947676A7FC1673FDC5C8D0B5B . 661504 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2005-09-02 . 97A6FD7CAFD688CF2C78939EBAF0CD0C . 660480 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll
[-] 2005-09-02 . AF61EBB1F550175EFF406D545D6AB086 . 658432 . . [6.00.2900.2753] . . c:\windows\$NtUninstallKB905915$\wininet.dll
[-] 2005-07-03 . 5B5FF992C0FA762CCF8655FC290E6E52 . 658432 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB896688$\wininet.dll
[-] 2005-07-03 . 6E533D155B259EB2363D3E04B5BE309F . 659456 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll
[-] 2005-05-02 . E1E18136F9DD3DF1AD9C82193A5898A6 . 658944 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll
[-] 2005-05-02 . 1A078AF3F85D10BA56444C23B3A18E74 . 657920 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\wininet.dll
[-] 2004-08-03 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB883939$\wininet.dll
[-] 2004-08-03 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2004-08-03 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-03 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-03 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 7712DF0CDDE3A5AC89843E61CD5B3658 . 1033216 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\soft2\Download\44d74c37f0595a363bcec5e9229d8564\sp2gdr\explorer.exe
[-] 2004-08-03 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe

[-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\soft2\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\sp2gdr\ole32.dll
[-] 2005-07-26 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2005-04-28 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
[-] 2005-04-28 . 5950E4F28FDA9D147576BF6798937397 . 1285120 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll
[-] 2005-04-28 . 5950E4F28FDA9D147576BF6798937397 . 1285120 . . [5.1.2600.2665] . . c:\windows\soft2\Download\7fc28d97b1595fa7b9dce8dd43cee6b0\sp2gdr\ole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\ole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll
[-] 2005-01-14 . 2E752611C9A9AE1B6BFD0DA03CF7F17E . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll
[-] 2004-08-03 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll

[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2004-08-03 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-03 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-03 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-03 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-03 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-03 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-03 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\soft2\Download\b45151c33087fb9df3e7d6e3700f80ed\sp2gdr\shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[-] 2004-08-03 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-03 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-03 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-03 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-03 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2002-08-29 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\soft2\Download\11e16da0817126b62afaea7136882d9f\sp2gdr\aec.sys
[-] 2004-08-03 11:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\soft2\Download\26553d2988faa6629ee272005cd35201\sp2qfe\mfc40u.dll
[-] 2002-08-29 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-03 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll

[-] 2006-10-18 11:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2004-08-03 14:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-08-03 13:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll

[-] 2010-04-27 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-12-08 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 7437BA6F538E89381A2E3643AED296C7 . 2066048 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
[-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 4AC58F03EB94A72809949D757FC39D80 . 2066048 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2007-02-28 . 4D3DBDCCBF97F5BA1E74F322B155C3BA . 2059392 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 . 515D30E2C90A3665A2739309334C9283 . 2057600 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2007-02-28 . 515D30E2C90A3665A2739309334C9283 . 2057600 . . [5.1.2600.3093] . . c:\windows\soft2\Download\10e16e65c532d077de7c89a212bd8df8\sp2gdr\ntkrnlpa.exe
[-] 2006-12-19 . BA4B97C00A437C1CC3DA365D93EE1E9D . 2059392 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\soft2\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\ntkrnlpa.exe

[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-03 13:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\soft2\Download\b3183a1e00bc9d14758dc26c2b339e76\sp2gdr\upnphost.dll
[-] 2004-08-03 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-03 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
[-] 2002-12-11 16:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-03 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-03 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
[-] 2002-12-11 16:14 . 61CC64C43BEC193100E3722F6CF4B1E1 . 284160 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll

[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-03 13:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-03 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-03 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll

[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-16 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-12-08 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 8415D9C7C050E7022AED8ABF281BE4A6 . 2189184 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2008-08-14 . EEAF32F8E15A24F62BECB1BD403BB5C5 . 2189184 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2007-02-28 . 5A5C8DB4AA962C714C8371FBDF189FC9 . 2182144 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 . 582A8DBAA58C3B1F176EB2817DAEE77C . 2180352 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2007-02-28 . 582A8DBAA58C3B1F176EB2817DAEE77C . 2180352 . . [5.1.2600.3093] . . c:\windows\soft2\Download\10e16e65c532d077de7c89a212bd8df8\sp2gdr\ntoskrnl.exe
[-] 2006-12-19 . CEF243F6DEFD20BE4ADDE26C7ECACB54 . 2182016 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\soft2\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\ntoskrnl.exe

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-03 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-03 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll

[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2006-12-19 . D9F097AA3B97034D3358A01B43E635B2 . 333824 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\soft2\Download\d130ed3c2e7e410b5d831b3fad9ac078\sp2gdr\wiaservc.dll
[-] 2004-08-03 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-08 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"PHIME2002ASync"="c:\windows\System32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-29 455168]
"PHIME2002A"="c:\windows\System32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-29 455168]
"SiS Tray"="c:\windows\System32\sistray.EXE" [2002-11-17 303104]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-01-30 77824]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2005-03-08 176128]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-24 09:15 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2004-06-28 22:06 88363 ----a-w- c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2002-08-29 12:00 44032 ----a-w- c:\windows\ime\IMKR6_1\imekrmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-09-25 13:31 185640 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2002-08-29 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 00:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2003-12-18 06:00 64512 ----a-w- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 00:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-03-08 02:10 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UfSeAgnt.exe]
2008-01-21 01:16 1393928 ----a-w- c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
2008-07-11 17:06 223984 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [26/09/2009 12:32 AM 189736]
S2 0111321199571088mcinstcleanup;McAfee Application Installer Cleanup (0111321199571088);c:\windows\TEMP\011132~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\windows\TEMP\011132~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/02/2010 6:33 PM 135664]
S3 BiPAC 3011G WLAN 11g USB Adapter(Billion);BiPAC 3011G WLAN 11g USB Adapter Driver(Billion);c:\windows\system32\DRIVERS\zd1211u.sys --> c:\windows\system32\DRIVERS\zd1211u.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8/07/2010 11:59 AM 38224]
.
Contents of the 'Scheduled Tasks' folder

2010-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 07:33]

2010-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 07:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.au/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &eBay Search
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\MICHAEL FEEHAN\Application Data\Mozilla\Firefox\Profiles\4x4y2nmu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
Notify-avgrsstarter - avgrsstx.dll
Notify-NavLogon - (no file)
MSConfigStartUp-MBkLogOnHook - c:\program files\McAfee\MBK\LogOnHook.exe
MSConfigStartUp-McAfee Backup - c:\program files\McAfee\MBK\McAfeeDataBackup.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
MSConfigStartUp-McENUI - c:\progra~1\McAfee\MHN\McENUI.exe
MSConfigStartUp-MWLExe - c:\program files\Mcafee\MWL\MWLGuiSt.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-20 14:06
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(4052)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\WgaTray.exe
.
**************************************************************************
.
Completion time: 2010-12-20 14:16:17 - machine was rebooted
ComboFix-quarantined-files.txt 2010-12-20 03:16

Pre-Run: 44,924,805,120 bytes free
Post-Run: 44,850,900,992 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - 89828C3B31FF06F7C586CF59F547D507


All the Best

Mick
  • 0

Advertisements

#17
emeraldnzl
Posted 19 December 2010 - 10:08 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello MickFee,

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KillAll::

Driver::
0111321199571088mcinstcleanup

File::
c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service
c:\windows\TEMP\011132~1.EXE

Folder::
C:\Program Files\Trend Micro

Reboot::

Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt. Please post that here for further review.
  • 0

#18
MickFee
Posted 20 December 2010 - 04:34 PM

MickFee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Emeraldnzl!!

Did the copy, paste, save and shove it into Combo Fix thing.

Combo Fix immediately wanted to run, I let it.

It did ask to update to a later version, which of course I allowed.

Here's the report for your information and action as appropriate.

All the Best

Mick

ComboFix 10-12-20.01 - MICHAEL FEEHAN 21/12/2010 9:06.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.223.110 [GMT 11:00]
Running from: c:\documents and settings\MICHAEL FEEHAN\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\MICHAEL FEEHAN\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Internet Security *Enabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Trend Micro Personal Firewall *Enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

FILE ::
"c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service"
"c:\windows\TEMP\011132~1.EXE"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Trend Micro
c:\program files\Trend Micro\BM\Profiles\TIS-User.cfg
c:\program files\Trend Micro\BM\Profiles\tmpolicy.cfg
c:\program files\Trend Micro\BM\tmcomeng.dll
c:\program files\Trend Micro\BM\tmtap.dll
c:\program files\Trend Micro\BM\tmufeng.dll
c:\program files\Trend Micro\HijackThis\HijackThis.exe
c:\program files\Trend Micro\Internet Security 2005\20050423124439.dmp
c:\program files\Trend Micro\Internet Security 2005\20050423124449.dmp
c:\program files\Trend Micro\Internet Security 2005\20051231135838.dmp
c:\program files\Trend Micro\Internet Security 2005\20051231135841.dmp
c:\program files\Trend Micro\Internet Security 2005\20060102092217.dmp
c:\program files\Trend Micro\Internet Security 2005\20060102092220.dmp
c:\program files\Trend Micro\Internet Security 2005\20060105104007.dmp
c:\program files\Trend Micro\Internet Security 2005\20060105104010.dmp
c:\program files\Trend Micro\Internet Security 2005\20060105115726.dmp
c:\program files\Trend Micro\Internet Security 2005\20060105115729.dmp
c:\program files\Trend Micro\Internet Security 2005\Log\20060117.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060117.UPG
c:\program files\Trend Micro\Internet Security 2005\Log\20060118.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060118.UPG
c:\program files\Trend Micro\Internet Security 2005\Log\20060119.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060119.UPG
c:\program files\Trend Micro\Internet Security 2005\Log\20060120.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060120.UPG
c:\program files\Trend Micro\Internet Security 2005\Log\20060121.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060122.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060123.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060123.UPG
c:\program files\Trend Micro\Internet Security 2005\Log\20060124.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060124.UPG
c:\program files\Trend Micro\Internet Security 2005\Log\20060125.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060126.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060126.UPG
c:\program files\Trend Micro\Internet Security 2005\Log\20060127.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060127.UPG
c:\program files\Trend Micro\Internet Security 2005\Log\20060129.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060130.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060130.UPG
c:\program files\Trend Micro\Internet Security 2005\Log\20060131.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060201.PFG
c:\program files\Trend Micro\Internet Security 2005\Log\20060201.UPG
c:\program files\Trend Micro\Internet Security 2005\Log\pcc.log
c:\program files\Trend Micro\Internet Security 2005\Log\PccPrm.log
c:\program files\Trend Micro\Internet Security 2005\Log\PCCTool.log
c:\program files\Trend Micro\Internet Security 2005\Log\TmPfw.log
c:\program files\Trend Micro\Internet Security 2005\Log\TmProxy.log
c:\program files\Trend Micro\Internet Security 2005\PccPrm.exe
c:\program files\Trend Micro\Internet Security 2005\PccPrm.ini
c:\program files\Trend Micro\Internet Security 2006\log\20061130.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061130.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061201.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061201.SPG
c:\program files\Trend Micro\Internet Security 2006\log\20061202.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061203.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061204.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061204.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061205.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061205.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061206.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061206.SPG
c:\program files\Trend Micro\Internet Security 2006\log\20061206.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061207.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061207.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061208.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061208.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061209.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061210.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061210.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061211.ASG
c:\program files\Trend Micro\Internet Security 2006\log\20061211.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061211.SPG
c:\program files\Trend Micro\Internet Security 2006\log\20061211.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061212.ASG
c:\program files\Trend Micro\Internet Security 2006\log\20061212.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061212.PPG
c:\program files\Trend Micro\Internet Security 2006\log\20061212.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061213.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061214.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061214.SPG
c:\program files\Trend Micro\Internet Security 2006\log\20061214.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061215.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061215.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061216.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061216.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061217.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061217.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061218.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061219.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061219.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061220.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061221.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061222.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061222.VAG
c:\program files\Trend Micro\Internet Security 2006\log\20061223.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061223.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061224.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061225.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061226.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061226.SPG
c:\program files\Trend Micro\Internet Security 2006\log\20061227.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061228.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061228.PPG
c:\program files\Trend Micro\Internet Security 2006\log\20061228.UPG
c:\program files\Trend Micro\Internet Security 2006\log\20061229.PFG
c:\program files\Trend Micro\Internet Security 2006\log\20061229.PPG
c:\program files\Trend Micro\Internet Security 2006\log\20061230.PFG
c:\program files\Trend Micro\Internet Security 2006\log\pcc.log
c:\program files\Trend Micro\Internet Security 2006\log\TmPfw.log
c:\program files\Trend Micro\Internet Security 2006\log\TmProxy.log
c:\program files\Trend Micro\Internet Security\atl80.dll
c:\program files\Trend Micro\Internet Security\aucfg.ini
c:\program files\Trend Micro\Internet Security\behavior.ini
c:\program files\Trend Micro\Internet Security\BPMNT.dll
c:\program files\Trend Micro\Internet Security\ciussi32.dll
c:\program files\Trend Micro\Internet Security\clnrbin.exe
c:\program files\Trend Micro\Internet Security\Component\Engine\0x00000004\BPMNT.dll
c:\program files\Trend Micro\Internet Security\Component\Engine\0x00000004\vsapi32.dll
c:\program files\Trend Micro\Internet Security\Component\Engine\0x00000010\tmpreflt.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x00000010\tmpreflt.sys
c:\program files\Trend Micro\Internet Security\Component\Engine\0x00000010\tmxpflt.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x00000010\tmxpflt.sys
c:\program files\Trend Micro\Internet Security\Component\Engine\0x00000010\VsapiNT.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x00000010\VsapiNT.sys
c:\program files\Trend Micro\Internet Security\Component\Engine\0x14000000\tmufeng.dll
c:\program files\Trend Micro\Internet Security\Component\Engine\0x21000800\vstlib32.dll
c:\program files\Trend Micro\Internet Security\Component\Engine\0x21080000\tsc.exe
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000010\ssapi32.dll
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000040\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmactmon.cat
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmactmon.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmactmon.sys
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmcomm.cat
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmcomm.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmcomm.sys
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.cat
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000040\tmevtmgr.sys
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000080\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000080\TMBMSRV.exe
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000080\tmcomeng.dll
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22000080\tmtap.dll
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22001000\ncfg.exe
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22001000\tm_cfw.cat
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22001000\tm_cfw.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22001000\tm_cfw.sys
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22001000\tm_cfwmp.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22004000\TMLWF.cat
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22004000\tmlwf.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22004000\TMLWF.sys
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22004000\tmlwfins.exe
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22004000\TMWFP.cat
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22004000\tmwfp.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22004000\TMWFP.sys
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22004000\tmwfpins.exe
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22010000\tdiins.exe
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22010000\tmtdi.cat
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22010000\tmtdi.dll
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22010000\tmtdi.inf
c:\program files\Trend Micro\Internet Security\Component\Engine\0x22010000\tmtdi.sys
c:\program files\Trend Micro\Internet Security\Component\Framework\146\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Framework\146\PccScan.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\PcPaFrwk.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\PcPaFrwkGS.ini
c:\program files\Trend Micro\Internet Security\Component\Framework\146\PcPaFrwkPRO.ini
c:\program files\Trend Micro\Internet Security\Component\Framework\146\PcPaFrwkTAV.ini
c:\program files\Trend Micro\Internet Security\Component\Framework\146\PcPaFrwkTIS.ini
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfCtlCom.exe
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnBehv.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnCpP3.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnCpPd.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnCpPh.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnCpSp.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnCpUf.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnCpWm.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnFwLc.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnFwNl.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnFwRl.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnFwSs.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnVSMs.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfEnVSRs.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfFnUp.exe
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfFnUtil.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfSvLcMg.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfSvUiSv.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\SfSvUpMg.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\tismsi.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\TmPfw.exe
c:\program files\Trend Micro\Internet Security\Component\Framework\146\TmPfwApi.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\TmPfwCtl.dll
c:\program files\Trend Micro\Internet Security\Component\Framework\146\UfLogUi.exe
c:\program files\Trend Micro\Internet Security\Component\Framework\146\UfNavi.exe
c:\program files\Trend Micro\Internet Security\Component\Framework\146\UfSeAgnt.exe
c:\program files\Trend Micro\Internet Security\Component\Framework\146\UfUpdUi.exe
c:\program files\Trend Micro\Internet Security\Component\Function\155\PccScan.dll
c:\program files\Trend Micro\Internet Security\Component\Function\156\PccSpy.dll
c:\program files\Trend Micro\Internet Security\Component\Function\157\PcDce.dll
c:\program files\Trend Micro\Internet Security\Component\Function\157\PcDceLog.dll
c:\program files\Trend Micro\Internet Security\Component\Function\158\TmCfwApi.dll
c:\program files\Trend Micro\Internet Security\Component\Function\158\TmHash.dll
c:\program files\Trend Micro\Internet Security\Component\Function\158\TmPfw.exe
c:\program files\Trend Micro\Internet Security\Component\Function\158\TmPfw.ini
c:\program files\Trend Micro\Internet Security\Component\Function\158\TmPfwApi.dll
c:\program files\Trend Micro\Internet Security\Component\Function\158\TmPfwCtl.dll
c:\program files\Trend Micro\Internet Security\Component\Function\158\TmPfwHlp.dll
c:\program files\Trend Micro\Internet Security\Component\Function\158\TmPfwLog.dll
c:\program files\Trend Micro\Internet Security\Component\Function\158\TmPfwRul.dll
c:\program files\Trend Micro\Internet Security\Component\Function\158\tmwfpapi.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmcfScan.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmMsg.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmpeASpm.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmpeHosF.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmpePDP.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmpeUrlF.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmpeVS.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmphAim.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmphHttp.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmphIcq.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmphMsn.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmphPop3.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmphSMTP.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmphYmsg.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmProxy.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmProxy.exe
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmProxy.ini
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmpxCfg.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmpxHelp.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmsmHttp.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmsmIm.dll
c:\program files\Trend Micro\Internet Security\Component\Function\159\TmsmMail.dll
c:\program files\Trend Micro\Internet Security\Component\Function\160\aucfg.ini
c:\program files\Trend Micro\Internet Security\Component\Function\160\ciussi32.dll
c:\program files\Trend Micro\Internet Security\Component\Function\160\Patch.exe
c:\program files\Trend Micro\Internet Security\Component\Function\160\patchbld.dll
c:\program files\Trend Micro\Internet Security\Component\Function\160\PATCHW32.DLL
c:\program files\Trend Micro\Internet Security\Component\Function\160\SfFnUp.exe
c:\program files\Trend Micro\Internet Security\Component\Function\160\TmUpdate.dll
c:\program files\Trend Micro\Internet Security\Component\Function\161\SfFnAvIm.dll
c:\program files\Trend Micro\Internet Security\Component\Function\162\SfFnHttp.dll
c:\program files\Trend Micro\Internet Security\Component\Function\163\SfFnSvAg.dll
c:\program files\Trend Micro\Internet Security\Component\Function\165\HomeNet.dll
c:\program files\Trend Micro\Internet Security\Component\Function\165\HomeNet.ini
c:\program files\Trend Micro\Internet Security\Component\Function\165\NetBSrvr.dll
c:\program files\Trend Micro\Internet Security\Component\Function\165\tmdp.dll
c:\program files\Trend Micro\Internet Security\Component\Function\165\tmpp.dll
c:\program files\Trend Micro\Internet Security\Component\Function\171\clnrbin.exe
c:\program files\Trend Micro\Internet Security\Component\Function\171\PcHisCln.dll
c:\program files\Trend Micro\Internet Security\Component\Pattern\0x00000004\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Pattern\0x00000800\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Pattern\0x00080000\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Pattern\0x00100000\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Pattern\0x20000020\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Pattern\0x20000040\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Pattern\0x20000400\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Pattern\0x40000010\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Pattern\0x40800000\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\Pattern\0x41000000\AU_Backup\AuBackup.ini
c:\program files\Trend Micro\Internet Security\Component\TmDbg32.dll
c:\program files\Trend Micro\Internet Security\GENKEY32.dll
c:\program files\Trend Micro\Internet Security\GetServer.ini
c:\program files\Trend Micro\Internet Security\HCcommon.dll
c:\program files\Trend Micro\Internet Security\HomeNet.dll
c:\program files\Trend Micro\Internet Security\HomeNet.ini
c:\program files\Trend Micro\Internet Security\libexpat.dll
c:\program files\Trend Micro\Internet Security\Log\25032008_TIS16_SfCtlCom.log
c:\program files\Trend Micro\Internet Security\Log\25032008_TIS16_SfFnUtil.log
c:\program files\Trend Micro\Internet Security\Log\Tmdshell.log
c:\program files\Trend Micro\Internet Security\Log\VBProp.log
c:\program files\Trend Micro\Internet Security\mfc80.dll
c:\program files\Trend Micro\Internet Security\mfc80u.dll
c:\program files\Trend Micro\Internet Security\mfcm80.dll
c:\program files\Trend Micro\Internet Security\mfcm80u.dll
c:\program files\Trend Micro\Internet Security\Microsoft.VC80.ATL.manifest
c:\program files\Trend Micro\Internet Security\Microsoft.VC80.CRT.manifest
c:\program files\Trend Micro\Internet Security\Microsoft.VC80.MFC.manifest
c:\program files\Trend Micro\Internet Security\Microsoft.VC80.MFCLOC.manifest
c:\program files\Trend Micro\Internet Security\msvcm80.dll
c:\program files\Trend Micro\Internet Security\msvcp80.dll
c:\program files\Trend Micro\Internet Security\msvcr80.dll
c:\program files\Trend Micro\Internet Security\NetBSrvr.dll
c:\program files\Trend Micro\Internet Security\Patch.exe
c:\program files\Trend Micro\Internet Security\patchbld.dll
c:\program files\Trend Micro\Internet Security\PATCHW32.DLL
c:\program files\Trend Micro\Internet Security\PccScan.dll
c:\program files\Trend Micro\Internet Security\PccSpy.dll
c:\program files\Trend Micro\Internet Security\PcDce.dll
c:\program files\Trend Micro\Internet Security\PcDceLog.dll
c:\program files\Trend Micro\Internet Security\PcHisCln.dll
c:\program files\Trend Micro\Internet Security\PcPaBase.dll
c:\program files\Trend Micro\Internet Security\realtime.ini
c:\program files\Trend Micro\Internet Security\result.htm.tag
c:\program files\Trend Micro\Internet Security\RuleSet.xml.tag
c:\program files\Trend Micro\Internet Security\ser_test.ini.tag
c:\program files\Trend Micro\Internet Security\SetupWiz.ini
c:\program files\Trend Micro\Internet Security\SfCtlCom.exe
c:\program files\Trend Micro\Internet Security\SfEnAs.dll
c:\program files\Trend Micro\Internet Security\SfEnAv.dll
c:\program files\Trend Micro\Internet Security\SfEnBehv.dll
c:\program files\Trend Micro\Internet Security\SfEnCm.dll
c:\program files\Trend Micro\Internet Security\SfEnCp.dll
c:\program files\Trend Micro\Internet Security\SfEnCpAs.dll
c:\program files\Trend Micro\Internet Security\SfEnCpP3.dll
c:\program files\Trend Micro\Internet Security\SfEnCpPd.dll
c:\program files\Trend Micro\Internet Security\SfEnCpPh.dll
c:\program files\Trend Micro\Internet Security\SfEnCpSp.dll
c:\program files\Trend Micro\Internet Security\SfEnCpUf.dll
c:\program files\Trend Micro\Internet Security\SfEnCpWm.dll
c:\program files\Trend Micro\Internet Security\SfEnFw.dll
c:\program files\Trend Micro\Internet Security\SfEnFwLc.dll
c:\program files\Trend Micro\Internet Security\SfEnFwNl.dll
c:\program files\Trend Micro\Internet Security\SfEnFwRl.dll
c:\program files\Trend Micro\Internet Security\SfEnFwSs.dll
c:\program files\Trend Micro\Internet Security\SfEnMc.dll
c:\program files\Trend Micro\Internet Security\SfEnMcHn.dll
c:\program files\Trend Micro\Internet Security\SfEnMcTs.dll
c:\program files\Trend Micro\Internet Security\SfEnMcVa.dll
c:\program files\Trend Micro\Internet Security\SfEnVSMs.dll
c:\program files\Trend Micro\Internet Security\SfEnVSRs.dll
c:\program files\Trend Micro\Internet Security\SfFnAvIm.dll
c:\program files\Trend Micro\Internet Security\SfFnHttp.dll
c:\program files\Trend Micro\Internet Security\SfFnProf.dll
c:\program files\Trend Micro\Internet Security\SfFnSvAg.dll
c:\program files\Trend Micro\Internet Security\SfFnUp.exe
c:\program files\Trend Micro\Internet Security\SfFnUtil.dll
c:\program files\Trend Micro\Internet Security\SfFnWSC.exe
c:\program files\Trend Micro\Internet Security\SfFnWTC.dll
c:\program files\Trend Micro\Internet Security\SfIfCom.dll
c:\program files\Trend Micro\Internet Security\SfIfDtCv.dll
c:\program files\Trend Micro\Internet Security\SfIfDtHd.dll
c:\program files\Trend Micro\Internet Security\SfIfEvMg.dll
c:\program files\Trend Micro\Internet Security\SfIfHttp.dll
c:\program files\Trend Micro\Internet Security\SfPxSt32.dll
c:\program files\Trend Micro\Internet Security\SfSvCoMg.dll
c:\program files\Trend Micro\Internet Security\SfSvEnHd.dll
c:\program files\Trend Micro\Internet Security\SfSvEvLg.dll
c:\program files\Trend Micro\Internet Security\SfSvLcMg.dll
c:\program files\Trend Micro\Internet Security\SfSvQuMg.dll
c:\program files\Trend Micro\Internet Security\SfSvTkSd.dll
c:\program files\Trend Micro\Internet Security\SfSvUiSv.dll
c:\program files\Trend Micro\Internet Security\SfSvUpMg.dll
c:\program files\Trend Micro\Internet Security\ssapi32.dll
c:\program files\Trend Micro\Internet Security\Task\{1E586711-B6AB-47f8-AB69-8C3D43DF6FED}.tsk
c:\program files\Trend Micro\Internet Security\Task\{299D7C1F-49AC-474d-A5A4-F2BF589AF3B9}.tsk
c:\program files\Trend Micro\Internet Security\Task\{2AF27A90-34F3-4832-ABB4-32833DF501C8}.tsk
c:\program files\Trend Micro\Internet Security\Task\{3F8804B1-4662-4cd1-AF81-B84778C3F4FD}.tsk
c:\program files\Trend Micro\Internet Security\Task\{668849BA-8321-4c21-AD80-BDA6FF82E56F}.tsk
c:\program files\Trend Micro\Internet Security\Task\{8C88C894-52C1-4b74-80F4-C2CBA44AB01A}.tsk
c:\program files\Trend Micro\Internet Security\Task\{AC0247A5-D785-48ad-96E5-66AC9CA760ED}.tsk
c:\program files\Trend Micro\Internet Security\Task\{D9C0FC47-095A-4134-903C-DD5C5E200AEA}.tsk
c:\program files\Trend Micro\Internet Security\Task\{E74C5133-FCA6-4ac5-B7C6-F3DC1EDB8D63}.tsk
c:\program files\Trend Micro\Internet Security\Task\{FAA1746B-6EA7-4588-891B-FF3A0D121DD6}.tsk
c:\program files\Trend Micro\Internet Security\tismsi.dll
c:\program files\Trend Micro\Internet Security\tisshcut.xml
c:\program files\Trend Micro\Internet Security\tisspwiz.exe
c:\program files\Trend Micro\Internet Security\TISSuprt.exe
c:\program files\Trend Micro\Internet Security\TISSuprt.ini
c:\program files\Trend Micro\Internet Security\TisWrapr.dll
c:\program files\Trend Micro\Internet Security\TMAS_AU.exe
c:\program files\Trend Micro\Internet Security\TMAS_Hlp.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\auhome\aucfg.ini
c:\program files\Trend Micro\Internet Security\TMAS_OE\auhome\ciuas32.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\auhome\ciussi32.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\auhome\patch.exe
c:\program files\Trend Micro\Internet Security\TMAS_OE\auhome\patchbld.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\auhome\PATCHW32.DLL
c:\program files\Trend Micro\Internet Security\TMAS_OE\auhome\TmUpdate.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\rule\en_US.dsc
c:\program files\Trend Micro\Internet Security\TMAS_OE\rule\ja_JP.dsc
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_AU.exe
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_Hlp.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OE.exe
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OE.ini
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEA.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEApi.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEApiInit.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEHook.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEImp.exe
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEStore.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEWab.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\tmaseng.dll
c:\program files\Trend Micro\Internet Security\TMAS_OE\TmasHlp.dll
c:\program files\Trend Micro\Internet Security\TMAS_OL\auhome\aucfg.ini
c:\program files\Trend Micro\Internet Security\TMAS_OL\auhome\ciuas32.dll
c:\program files\Trend Micro\Internet Security\TMAS_OL\auhome\ciussi32.dll
c:\program files\Trend Micro\Internet Security\TMAS_OL\auhome\patch.exe
c:\program files\Trend Micro\Internet Security\TMAS_OL\auhome\patchbld.dll
c:\program files\Trend Micro\Internet Security\TMAS_OL\auhome\PATCHW32.DLL
c:\program files\Trend Micro\Internet Security\TMAS_OL\auhome\TmUpdate.dll
c:\program files\Trend Micro\Internet Security\TMAS_OL\Redemption.dll
c:\program files\Trend Micro\Internet Security\TMAS_OL\rule\en_US.dsc
c:\program files\Trend Micro\Internet Security\TMAS_OL\rule\ja_JP.dsc
c:\program files\Trend Micro\Internet Security\TMAS_OL\TMAS_AU.exe
c:\program files\Trend Micro\Internet Security\TMAS_OL\TMAS_Hlp.dll
c:\program files\Trend Micro\Internet Security\TMAS_OL\TMAS_OL.exe
c:\program files\Trend Micro\Internet Security\TMAS_OL\TMAS_OL.ini
c:\program files\Trend Micro\Internet Security\TMAS_OL\TMAS_OLA.dll
c:\program files\Trend Micro\Internet Security\TMAS_OL\TMAS_OLImp.exe
c:\program files\Trend Micro\Internet Security\TMAS_OL\TMAS_OLSentry.exe
c:\program files\Trend Micro\Internet Security\TMAS_OL\TMAS_OLShare.dll
c:\program files\Trend Micro\Internet Security\TMAS_OL\tmaseng.dll
c:\program files\Trend Micro\Internet Security\TMAS_OL\TmasHlp.dll
c:\program files\Trend Micro\Internet Security\TmasHlp.dll
c:\program files\Trend Micro\Internet Security\TMASmsi.dll
c:\program files\Trend Micro\Internet Security\TMBMCLI.dll
c:\program files\Trend Micro\Internet Security\TmcfScan.dll
c:\program files\Trend Micro\Internet Security\TmCfwApi.dll
c:\program files\Trend Micro\Internet Security\tmdbg.ini
c:\program files\Trend Micro\Internet Security\TmDbg32.dll
c:\program files\Trend Micro\Internet Security\tmdp.dll
c:\program files\Trend Micro\Internet Security\Tmdshell.dll
c:\program files\Trend Micro\Internet Security\TmEngDrv.dll
c:\program files\Trend Micro\Internet Security\TmHash.dll
c:\program files\Trend Micro\Internet Security\TmMsg.dll
c:\program files\Trend Micro\Internet Security\TmpeASpm.dll
c:\program files\Trend Micro\Internet Security\TmpeHosF.dll
c:\program files\Trend Micro\Internet Security\TmpePDP.dll
c:\program files\Trend Micro\Internet Security\TmpeUrlF.dll
c:\program files\Trend Micro\Internet Security\TmpeVS.dll
c:\program files\Trend Micro\Internet Security\TmPfw.ini
c:\program files\Trend Micro\Internet Security\TmPfwApi.dll
c:\program files\Trend Micro\Internet Security\TmPfwCtl.dll
c:\program files\Trend Micro\Internet Security\TmPfwHlp.dll
c:\program files\Trend Micro\Internet Security\TmPfwLog.dll
c:\program files\Trend Micro\Internet Security\TmPfwRul.dll
c:\program files\Trend Micro\Internet Security\TmphAim.dll
c:\program files\Trend Micro\Internet Security\TmphHttp.dll
c:\program files\Trend Micro\Internet Security\TmphIcq.dll
c:\program files\Trend Micro\Internet Security\TmphMsn.dll
c:\program files\Trend Micro\Internet Security\TmphPop3.dll
c:\program files\Trend Micro\Internet Security\TmphSMTP.dll
c:\program files\Trend Micro\Internet Security\TmphYmsg.dll
c:\program files\Trend Micro\Internet Security\tmpp.dll
c:\program files\Trend Micro\Internet Security\tmpreflt.inf
c:\program files\Trend Micro\Internet Security\TmProxy.dll
c:\program files\Trend Micro\Internet Security\TmProxy.ini
c:\program files\Trend Micro\Internet Security\TmpxCfg.dll
c:\program files\Trend Micro\Internet Security\TmpxHelp.dll
c:\program files\Trend Micro\Internet Security\TmsmHttp.dll
c:\program files\Trend Micro\Internet Security\TmsmIm.dll
c:\program files\Trend Micro\Internet Security\TmsmMail.dll
c:\program files\Trend Micro\Internet Security\tmtdi.dll
c:\program files\Trend Micro\Internet Security\tmufeng.dll
c:\program files\Trend Micro\Internet Security\TmUins16.ini
c:\program files\Trend Micro\Internet Security\TmUpdate.dll
c:\program files\Trend Micro\Internet Security\TmUtyPPI.dll
c:\program files\Trend Micro\Internet Security\tmwfpapi.dll
c:\program files\Trend Micro\Internet Security\tmxpflt.inf
c:\program files\Trend Micro\Internet Security\tsc.exe
c:\program files\Trend Micro\Internet Security\TSRemove.exe
c:\program files\Trend Micro\Internet Security\TVscan32.exe
c:\program files\Trend Micro\Internet Security\UfCNavi.ini
c:\program files\Trend Micro\Internet Security\UfIfAvIm.exe
c:\program files\Trend Micro\Internet Security\UfLogUi.exe
c:\program files\Trend Micro\Internet Security\UfMNavi.ini
c:\program files\Trend Micro\Internet Security\UfNavi.exe
c:\program files\Trend Micro\Internet Security\UfPack.dll
c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe
c:\program files\Trend Micro\Internet Security\UfSNavi.ini
c:\program files\Trend Micro\Internet Security\UfTNavi.ini
c:\program files\Trend Micro\Internet Security\UfUpdUi.exe
c:\program files\Trend Micro\Internet Security\UfWNavi.ini
c:\program files\Trend Micro\Internet Security\VBProp.dll
c:\program files\Trend Micro\Internet Security\vsapi32.dll
c:\program files\Trend Micro\Internet Security\vsapiins.exe
c:\program files\Trend Micro\Internet Security\VsapiNT.inf
c:\program files\Trend Micro\Internet Security\vstlib32.dll
c:\program files\Trend Micro\Internet Security\wtc.ini
c:\program files\Trend Micro\Internet Security\wtclog.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\1033.mst
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\db_pcc.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\license.rtf
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\ASPAList.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\ASPBList.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\aucfg.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\BinDT00.PDP
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\BinDT01.PDP
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\BinDT02.PDP
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\BinDT03.PDP
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\BinDT04.PDP
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\BPM95.DLL
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\BPMNT.DLL
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\chksvr.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Detect.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\dh1024.pem
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\DnsAlt.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\DZIP32.DLL
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Filter32.VXD
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\GENKEY32.DLL
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Help\tmhelp.chm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Help\tmmain.chm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\hhupd.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\HosFList.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\hostexp.hsx
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\HostFAlt.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\HostFErr.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Http.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\HttpHosf.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\HttpPDP.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\HttpUErr.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\icudt18l.DLL
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\icuin18.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\icuuc18.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\ImPDP.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\L10N\extra.avi
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\L10N\FrameH.bmp
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\L10N\FrameR.bmp
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\L10N\FrameV.bmp
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\L10N\PphRes.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\L10N\tlphish.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\L10nPcc.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\L10NTmpx.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\libexpat.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\LOADHTTP.DLL
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\MEMBOOT.DLL
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\NVAlert.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Patch.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PATCHW32.DLL
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PccAltUI.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pccapl.xen
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PCCBrows.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pccdesc.xen
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pccguide.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PccIeBar.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pccillin.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PCCIOMON.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pcclient.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PCClient.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PccLog.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pccmain.bmp
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pccmain.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PcCmdCom.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PccMsi.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pccntsec.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PccPrf.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pccprof.xen
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PccRBMsg.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pccrule.xen
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PccScan.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PcCtlCom.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PcCtlPS.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PcCtlSpy.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PcCtlVA.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PCCTool.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PCCTool.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PCCTSWin.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\pccupd.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PccVaUI.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PCCVScan.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PcDce.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PcDceLog.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PDPAlt.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PDPCfg.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PEW952.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PEWNT2.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0001.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0002.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0003.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0004.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0005.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0006.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0007.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0008.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0009.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl000A.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl000B.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl000C.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl000D.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl000E.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl000F.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0010.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0011.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0012.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0013.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0014.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0015.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0016.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0017.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0018.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRl0019.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PFW\TmRulMas.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Pop3.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\PphEng.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Profile\GUID.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Profile\Prf00000.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Profile\Prf00000.rul
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Profile\Prf00001.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Profile\Prf00001.rul
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Profile\Prf00002.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Profile\Prf00002.rul
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Profile\Prf00003.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Profile\Prf00003.rul
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\psapi.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Readme.txt
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Realtime.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Rescue\DOS4GW.EXE
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Rescue\PCSCAN.DAT
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Rescue\pcscan.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Rescue\Readme.txt
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Rescue\Rescue.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Rescue\Rescue.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Smtp.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\SmtpPDP.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\splash.bmp
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\SpyDlist.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\SpyElist.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\system.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TASK\PCC75.TSK
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TASK\PCC76.TSK
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TASK\PCC77.TSK
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TASK\PCC78.TSK
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TASK\PCC79.TSK
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TASK\PCC7A.TSK
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TASK\PCC7B.TSK
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TASK\PCC7C.TSK
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tm_cfw.vxd
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TMADCE.ptn
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmAsEng.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmcfScan.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmCfwApi.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmdbg.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmdp.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmdp.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tmdshell.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TMEVENT.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmHash.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmMsg.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmNewML.txt
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TMNotify.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TMNotify.set
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tmntsrv.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TMOACfg.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TMOAgent.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmpeASpm.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmpeHosF.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmpePDP.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmpeUrlF.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmpeVS.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmPfw.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmPfw.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmPfwApi.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmPfwHlp.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmPfwLog.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmPfwRul.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmphAim.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmphHttp.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmphIcq.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmphMsn.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmphPop3.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmphSMTP.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmpp.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmpp.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tmpp01.enc
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tmpp01p.enc
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tmpp02.enc
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tmpp02p.enc
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmppRoot.pem
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmProxy.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmproxy.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmProxy.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmpxCfg.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmpxHelp.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmsmHttp.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmsmIm.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmsmMail.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmtdi.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmtdi.vxd
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmufeng.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmUins14.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmUpdate.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmUtyPPI.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tmvainfo.xml
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TMVAmain.ptn
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmvDlg.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TmWarn.txt
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\toolbar.bmp
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TRIALMSG.bmp
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TRIALMSG.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TrialMsg.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\TSC.EXE
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tsc.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tsc.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\tsc.ptn
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\a_wzrd.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\activate.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\auto_upd.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\b_cntr.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\b_l.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\b_r.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\back_d.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\back_u.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\base.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\bk_l.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\bk_r.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\blueball.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\bnr_cntr.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\bnr_l.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\bnr_r.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\bs_l.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\bs_right.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\bullet.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\cmpltsc.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\divider.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\exit_d.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\exit_u.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\header.css
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\next_d.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\next_u.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\overview.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\page2.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\page3.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\page4.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\pfw.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\pp.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\register.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\rts_sp.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\rts_v.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\scr01.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\spfr_fil.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\tip.gif
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\Tutorial.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\update.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\Tutorial\web_fil.jpg
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\ULicense.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\update.bmp
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\UpdPcc.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\UpdTmpx.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\URLAList.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\URLBList.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\URLCateg.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\URLfAlt.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\UrlFErr.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\URLfPhsh.htm
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\URLGroup.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\UServer.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\UVid.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\VBProp.bmp
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\VBProp.dll
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\VSAPI32.DLL
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Module\VSAPI32.VXD
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\en_US.dsc
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\ja_JP.dsc
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tm013916.exp
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tm013916.phi
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tm013916.rul
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tm013916.sig
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmasbdch.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmasctch.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmasdtch.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmasfrch.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmasmich.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmasrtch.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmasrvch.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmassbch.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmastoch.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmtkbd01.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmtkbd02.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmtkbd03.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmtkbd04.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmtkbd05.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\AspmData\tmtkbd06.bin
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\lpt$vpn.857
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\tmaptn.283
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\tmf10225.ptn
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Pattern\tml00001.ptn
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\pcc.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\setup.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\setup.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\System32\drivers\TM_CFW.sys
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\System32\drivers\TMFilter.sys
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\System32\drivers\tmpreflt.sys
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\System32\drivers\tmtdi.sys
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\System32\drivers\tmxpflt.sys
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\System32\drivers\VsapiNT.sys
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\tmpcc.msi
c:\program files\Trend Micro\PCC2006USR_1400_1341\Setup\Tmsrl.dat
c:\program files\Trend Micro\PCC2006USR_1400_1341\Tools\PCCTool.exe
c:\program files\Trend Micro\PCC2006USR_1400_1341\Tools\PCCTool.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Tools\TmUins07.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Tools\TmUins08.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Tools\TmUins09.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Tools\TmUins10.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Tools\TmUins11.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Tools\TmUins12.ini
c:\program files\Trend Micro\PCC2006USR_1400_1341\Tools\TmUins14.ini
c:\windows\system32\Oeminfo.ini

c:\windows\regedit.exe . . . is infected!!

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_0111321199571088MCINSTCLEANUP
-------\Service_0111321199571088mcinstcleanup


((((((((((((((((((((((((( Files Created from 2010-11-20 to 2010-12-20 )))))))))))))))))))))))))))))))
.

2010-12-18 00:51 . 2010-12-18 00:51 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-18 00:50 . 2010-12-18 00:50 -------- d--h--w- c:\windows\msdownld.tmp
2010-12-16 23:55 . 2010-12-16 23:55 -------- d-----w- C:\_OTL
2010-12-16 23:20 . 2010-11-12 07:53 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-12-16 04:59 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-08 00:01 . 2010-12-08 00:01 -------- d-----w- c:\documents and settings\New Folder
2010-12-02 01:21 . 2010-12-02 01:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\HpUpdate
2010-12-02 01:18 . 2010-12-02 01:18 -------- d-----w- c:\documents and settings\Administrator\Application Data\HP
2010-12-02 01:13 . 2010-12-02 01:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2010-12-02 01:05 . 2010-12-02 01:05 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\AVG Security Toolbar
2010-12-02 01:04 . 2010-12-02 01:04 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-12-02 00:51 . 2010-12-02 00:51 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-12-02 00:30 . 2010-12-02 00:30 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-12-02 00:29 . 2010-12-02 00:29 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 03:03 . 2010-07-07 23:48 1409 ----a-w- c:\windows\QTFont.for
2010-11-29 06:42 . 2010-07-08 00:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-29 06:42 . 2010-07-08 00:59 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:12 . 2005-07-06 00:51 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 07:53 . 2010-05-06 00:21 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 05:34 . 2008-01-21 04:03 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-06 00:26 . 2002-08-29 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2002-08-29 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2002-08-29 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2008-01-25 01:23 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2002-08-29 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2002-08-29 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2002-08-29 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2004-10-11 09:46 . 2004-10-11 09:46 205312 ----a-w- c:\program files\ltefx13n.dll
2004-01-19 04:31 . 2004-01-19 04:31 153600 ----a-w- c:\program files\ltfil13n.DLL
2004-01-19 03:31 . 2004-01-19 03:31 27648 ----a-w- c:\program files\lfiff13n.dll
2004-01-19 03:31 . 2004-01-19 03:31 20480 ----a-w- c:\program files\lfCUT13n.dll
2004-01-19 02:31 . 2004-01-19 02:31 453120 ----a-w- c:\program files\ltkrn13n.dll
2004-01-19 02:12 . 2004-01-19 02:12 89600 ----a-w- c:\program files\Lfcgm13n.dll
2004-01-19 01:49 . 2004-01-19 01:49 278016 ----a-w- c:\program files\LFJ2K13n.dll
2004-01-19 01:49 . 2004-01-19 01:49 180736 ----a-w- c:\program files\Lfpng13n.dll
2004-01-19 01:47 . 2004-01-19 01:47 76800 ----a-w- c:\program files\Lfwmf13n.dll
2004-01-19 01:47 . 2004-01-19 01:47 509440 ----a-w- c:\program files\LFCMW13n.dll
2004-01-19 01:45 . 2004-01-19 01:45 420352 ----a-w- c:\program files\LFCMP13n.DLL
2004-01-19 01:44 . 2004-01-19 01:44 143872 ----a-w- c:\program files\lftif13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 56832 ----a-w- c:\program files\lfpsd13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 19968 ----a-w- c:\program files\lfpcd13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 26624 ----a-w- c:\program files\lfpcx13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 65536 ----a-w- c:\program files\Lfpct13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 18944 ----a-w- c:\program files\lfmsp13n.dll
2004-01-19 01:35 . 2004-01-19 01:35 18944 ----a-w- c:\program files\lfmac13n.dll
2004-01-19 01:35 . 2004-01-19 01:35 20992 ----a-w- c:\program files\lfimg13n.dll
2004-01-19 01:34 . 2004-01-19 01:34 31744 ----a-w- c:\program files\lfclp13n.dll
2004-01-19 01:34 . 2004-01-19 01:34 30208 ----a-w- c:\program files\lfbmp13n.dll
2004-01-19 01:33 . 2004-01-19 01:33 444928 ----a-w- c:\program files\ltimg13n.dll
2004-01-19 01:32 . 2004-01-19 01:32 265216 ----a-w- c:\program files\LTDIS13n.dll
2000-05-01 18:17 . 2000-05-01 18:17 212480 ----a-w- c:\program files\PCDLIB32.DLL
1999-11-18 13:00 . 1999-11-18 13:00 284032 ----a-w- c:\program files\XceedZip.dll
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2002-08-29 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2002-08-29 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-03 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\soft2\Download\f7c10c2b68f88196f082e36f7313e169\sp2gdr\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys

[-] 2002-08-29 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2002-08-29 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\soft2\Download\146ae5e7b51a37f45e0e5cf03d0d5e3c\sp2gdr\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2GDR\tcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB941644$\tcpip.sys

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2004-08-03 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-03 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\soft2\Download\f7a4b3723a3aad7955ede9785b307e88\sp2gdr\netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-03 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-03 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\soft2\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\sp2gdr\rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\soft2\Download\7fc28d97b1595fa7b9dce8dd43cee6b0\sp2gdr\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-03 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll

[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-03 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe

[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\soft2\Download\0fd33c77398fa2b50df56456525ef5c3\sp2gdr\spoolsv.exe
[-] 2004-08-03 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-03 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2006-08-25 . 11B508E0D26622D2BD25B60033245F6A . 925184 . . [6.0] . . c:\windows\soft2\Download\e533f2b7494d7e198f7fd652beea5687\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\soft2\Download\e533f2b7494d7e198f7fd652beea5687\sp2qfe\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\soft2\Download\e533f2b7494d7e198f7fd652beea5687\sp2qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\InstallTemp\2830078\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2006-03-17 . 551E967F1E08EE6E205FCB5ADCB0DFC5 . 925184 . . [6.0] . . c:\windows\soft2\Download\cb2769f3b1daf367a31ed046299a3790\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2005-08-31 . A93B7C3B08B9AC15B4DCDC96A50E4C2C . 925184 . . [6.0] . . c:\windows\soft2\Download\0ad26524c298df9a41026d3b49a38936\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2005-03-11 . F6A21D5476C7B4CA9873D97BD246D6EB . 925184 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1643_x-ww_7c3a9bc6\comctl32.dll
[-] 2004-12-21 . 865CF4B7CA471E4E9E4EC3F3CE60FE9E . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1612_x-ww_7c379b08\comctl32.dll
[-] 2004-08-20 . FC13804088C77CCA6B6C9B26BA5BDECB . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1579_x-ww_7bbf8d08\comctl32.dll
[-] 2004-08-03 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2004-08-03 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2002-08-29 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\55483\comctl32.dll
[-] 2002-08-29 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2002-08-29 . 76B90BD220F1B1CC9E183C6B1AE9FBB4 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-03 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\soft2\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\sp2gdr\es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2004-08-03 13:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-03 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\soft2\Download\c1835c8cb0bb13f938a8a983ca5edea4\sp2gdr\kernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2004-08-03 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2004-08-03 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB935839$\kernel32.dll

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\soft2\Download\0ad26524c298df9a41026d3b49a38936\sp2gdr\linkinfo.dll
[-] 2004-08-03 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-03 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3QFE\mshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3GDR\mshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\system32\mshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2010-09-10 . DE41132DA8E5A3CD57201C6F2175EC05 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
[-] 2010-09-10 . 8A03CC037E6B7D1796192815231B0C3F . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 94DC7E938C57F3C3D1BC4A0F68FC5830 . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 4D7EF94795384CD2BBAAB078B7929FEA . 5951488 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-02-25 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . C0F9AC6FAB2C788FFEE3E69585A0E93F . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . CBB1EF54B86EDB78649909DD1699E5CA . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[-] 2009-10-22 . CDA69BC1C23B0EA033B989F67CB722FF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[-] 2009-10-22 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[-] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[-] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[-] 2009-07-19 . 5A32B43A48D6DCA339BF24105D9A028F . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[-] 2009-07-19 . F25D866DD486AD30E05E5596CB363C3E . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[-] 2009-05-13 . EEAADAA744B20E68CF5EB4FBB4F8AFA9 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[-] 2009-05-13 . EEAADAA744B20E68CF5EB4FBB4F8AFA9 . 5936128 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\mshtml.dll
[-] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[-] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\ie8\mshtml.dll
[-] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[-] 2009-03-07 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[-] 2009-02-21 . 1BB754AB47B327DE8DBF2FA18C36357C . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[-] 2009-02-20 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll
[-] 2009-01-16 . CC9D001B7370B292C35B366CA05B12B4 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[-] 2009-01-16 . 3B413267DA8AE71C20E5EF3E54F74728 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[-] 2008-12-13 . 121EC39A64D64205A88C2C45B034B455 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-12-13 . C79FAD61CD4A26ED5AA8C16D991C6FBD . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[-] 2008-10-16 . B74F31A4BD83797D7A083F922169287D . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[-] 2008-10-16 . EACAEDEF6FA2A969DE5B36190D45396F . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[-] 2008-08-27 . 1AD035E04A7068EC2820B055A3131ED8 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[-] 2008-08-26 . 25CC085720EE3617FD1F8AB9E2F7CAB2 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[-] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[-] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[-] 2008-04-23 . 8976CAB317105F7431B08EA32AB73C65 . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[-] 2008-04-23 . 4D612FF5D3B7EEF200595AE6F95D5E68 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2008-03-01 . 4EE273E2B09317C1217EF0DB91F93534 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
[-] 2008-03-01 . AB2C88167D78D71D93558ACECB24CC7A . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll
[-] 2007-12-08 . A097C36412455F0C7E42377FAF8809B7 . 3592192 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\mshtml.dll
[-] 2007-12-07 . 976C46ED4A75FC66D9C596778898CE1E . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
[-] 2007-10-30 . 54D8B404F17AA74C666F7F3AEF2AE459 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
[-] 2007-10-30 . 8AB7ECF59D6EBBE986277B65ED4A40A1 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll
[-] 2007-10-30 . 8AB7ECF59D6EBBE986277B65ED4A40A1 . 3590656 . . [7.00.6000.16587] . . c:\windows\soft2\Download\f079f64483de750433b596960466dd78\sp2gdr\mshtml.dll
[-] 2007-08-20 . AA8A4BD78D24FCDB96DDAEE3756AA372 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
[-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll
[-] 2007-07-18 . 7CE243CFD47AD0DC431586CB8C542A11 . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll
[-] 2007-05-08 . 1D4E3B86C601A2497C99790CC4D7DF26 . 3584000 . . [7.00.6000.20591] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\mshtml.dll
[-] 2007-03-07 . 190E1AE9B973049B12A67BAD478C770C . 3581952 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\mshtml.dll
[-] 2007-03-07 . DA297A862E5F093A07D37C05F608C686 . 3582976 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\mshtml.dll
[-] 2007-01-04 . 1C45525574EF206346FBAFCAAC7CC4A5 . 3062272 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll
[-] 2006-10-23 . 5FC7DE1195C8E9B5360FD65DBE95E5B0 . 3055104 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll
[-] 2006-09-14 . BE45460D1453B7342E01EAE79BFBC681 . 3054592 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2006-09-14 . CEFEA1C301139A817931BE132F0359FE . 3058688 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\mshtml.dll
[-] 2006-07-28 . D251679BD9EF0250201FB899EC40FD32 . 3058176 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll
[-] 2006-07-28 . C7074DA3D8F8C0F6C03874BA0B05069C . 3054080 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll
[-] 2006-05-19 . 284CE76B71DD5260B42A3CCF0135AF67 . 3052544 . . [6.00.2900.2912] . . c:\windows\$NtUninstallKB918899$\mshtml.dll
[-] 2006-05-19 . 8687E029BE63C77D4919485068C54D77 . 3055104 . . [6.00.2900.2912] . . c:\windows\$hf_mig$\KB916281\SP2QFE\mshtml.dll
[-] 2006-03-23 . DEAA438EA31095E14A196FF647E38D13 . 3053568 . . [6.00.2900.2873] . . c:\windows\$NtUninstallKB916281$\mshtml.dll
[-] 2006-03-23 . ABCD123F888E4E97C8751378CCCC4F26 . 3055616 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll
[-] 2005-11-24 . D3F037F5DA702AE9DDD7663EC9D78BA7 . 3018240 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll
[-] 2005-11-24 . 5E7A39950EA133BB54719A6E08C544A7 . 3015680 . . [6.00.2900.2802] . . c:\windows\$NtUninstallKB912812$\mshtml.dll
[-] 2005-10-05 . 3394299FBF1CD0B24089FC762611360B . 3017728 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll
[-] 2005-10-04 . 042AC20E084D21DD6BEE99B89CC30FB7 . 3015168 . . [6.00.2900.2769] . . c:\windows\$NtUninstallKB905915$\mshtml.dll
[-] 2005-07-20 . A14A7A206AE22DE4FE563E44CFC7DDF5 . 3016192 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll
[-] 2005-07-20 . 31E7520E58E5E4DFA93215A6D5603AF2 . 3014144 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB896688$\mshtml.dll
[-] 2005-05-02 . DCC5C79B99F02EEF8C826B074DBFC222 . 3014144 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll
[-] 2005-05-02 . DCFAC5470EE0A159EC4222BC28AE3EE6 . 3012608 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\mshtml.dll
[-] 2004-08-03 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB883939$\mshtml.dll
[-] 2004-08-03 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2004-08-03 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2004-08-03 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2004-08-03 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2002-08-29 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2002-08-29 . 70630CAD245477F8DB02B79D9A92834C . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-03 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-03 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-03 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-03 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-03 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-03 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\soft2\Download\c97484bc3f0a909669b5abb5a1bd9a86\sp2gdr\tapisrv.dll
[-] 2004-08-03 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\soft2\Download\4d9d678c0d8af22c04a4a7fc7f1ff86c\sp2gdr\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\soft2\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\user32.dll

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-03 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3QFE\wininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3GDR\wininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\system32\wininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\system32\dllcache\wininet.dll
[-] 2010-09-10 . 36FE8ABC59AAFBE20CBE54BC372F9429 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll
[-] 2010-09-10 . 0555E190DCD06B8998E6DDCA42DAEB82 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 60237E50D575FBA9BEC9BC043F157149 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . D3DEB6B2B424AC93DE3801EAEB21A9A5 . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 75240F6EDBCE7B85DF66874407D38A4F . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 . 7E8A47A2E6561274B83E257CE74803FD . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[-] 2009-07-03 . 38114DAB42FB2EB84D1726C42B8D80C5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[-] 2009-05-13 . 366C72AF6970DB7BB39AB0142BF09DB5 . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[-] 2009-05-13 . 366C72AF6970DB7BB39AB0142BF09DB5 . 915456 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\wininet.dll
[-] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[-] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\ie8\wininet.dll
[-] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2009-03-07 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[-] 2009-03-03 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
[-] 2009-03-03 . C8667854873938CA13C986F16B0CD183 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2008-12-20 . 044E0A4E9FE97C0FB9AFE9C89E2A82E6 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . A82935D32D0672E8FF4E91AE398E901C . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . 6741EAF7B7F110E803A6E38F6E5FA6B0 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-10-16 . 0D5B75171FF51775B630A431B6C667E8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . 77C192FE56A70D7FA0247BA0A6201C32 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . EF8EBA98145BFA44E80D17A3B3453300 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 . F6589BE784647CFDBC22EA51CCB1A57A . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-04-23 . 41546B396A526918DA7995A02EA04E51 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2008-03-01 . AD21461AEF8244EDEC2EF18E55E1DCF3 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll
[-] 2008-03-01 . 6316C2F0C61271C8ABDFF7429174879E . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[-] 2007-12-07 . 806D274C9A6C3AAEA5EAE8E4AF841E04 . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll
[-] 2007-12-07 . B5B411BB229AE6EAD7652A32ED47BFB9 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[-] 2007-10-10 . 30C1E0F34AD2972C72A01DB5C74AB065 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll
[-] 2007-10-10 . 30C1E0F34AD2972C72A01DB5C74AB065 . 824832 . . [7.00.6000.16574] . . c:\windows\soft2\Download\f079f64483de750433b596960466dd78\sp2gdr\wininet.dll
[-] 2007-10-10 . 0E5D918F87EFA7D2424D66B499C7EB04 . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[-] 2007-08-20 . 357D54BF94FE9D6D8505A96B5C2A3BCA . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll
[-] 2007-06-27 . D6ED5E042C5207553E7F5E842918137F . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
[-] 2007-04-25 . 431DEFBB4A3D7B0DC062C1B064623A2F . 823808 . . [7.00.6000.20583] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[-] 2007-03-07 . 5B35DAE6E4886F64D1DA58C4E3E01EB9 . 822784 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\wininet.dll
[-] 2007-03-07 . B8F4DB39CA7353752F245379D285C80E . 823296 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[-] 2007-01-04 . 3FFA1573FC274E5AA7467D03941C45EE . 665088 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll
[-] 2006-10-23 . 6B2735ADFF5A5D3B9130CA4A794722F0 . 658944 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll
[-] 2006-09-14 . 621AF3F6174A3F60677F5230E28BCC07 . 658944 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2006-09-14 . D207370287CF769AEBEBF03837784963 . 664576 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll
[-] 2006-06-23 . 64CE26DB72810B30F7855EA51E1DF836 . 664576 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll
[-] 2006-06-23 . 2B4DB890936430C71419037039502752 . 658944 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll
[-] 2006-05-10 . D94CFFDB53E7AC867438E2DFD50E7CBC . 663552 . . [6.00.2900.2904] . . c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll
[-] 2006-05-10 . 38AB7A56F566D9AAAD31812494944824 . 658432 . . [6.00.2900.2904] . . c:\windows\$NtUninstallKB918899$\wininet.dll
[-] 2006-03-04 . C0845ECBF4F9164E618EE381B79C9032 . 663552 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
[-] 2006-03-04 . 1C0979C7A489BEE573CD0BF4AD94BB06 . 658432 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB916281$\wininet.dll
[-] 2005-10-21 . E7B27B6B6E06CE34EA019FD8B858C613 . 658432 . . [6.00.2900.2781] . . c:\windows\$NtUninstallKB912812$\wininet.dll
[-] 2005-10-21 . AF785C4947676A7FC1673FDC5C8D0B5B . 661504 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2005-09-02 . 97A6FD7CAFD688CF2C78939EBAF0CD0C . 660480 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll
[-] 2005-09-02 . AF61EBB1F550175EFF406D545D6AB086 . 658432 . . [6.00.2900.2753] . . c:\windows\$NtUninstallKB905915$\wininet.dll
[-] 2005-07-03 . 5B5FF992C0FA762CCF8655FC290E6E52 . 658432 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB896688$\wininet.dll
[-] 2005-07-03 . 6E533D155B259EB2363D3E04B5BE309F . 659456 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll
[-] 2005-05-02 . E1E18136F9DD3DF1AD9C82193A5898A6 . 658944 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll
[-] 2005-05-02 . 1A078AF3F85D10BA56444C23B3A18E74 . 657920 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\wininet.dll
[-] 2004-08-03 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB883939$\wininet.dll
[-] 2004-08-03 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2004-08-03 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-03 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-03 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 7712DF0CDDE3A5AC89843E61CD5B3658 . 1033216 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\soft2\Download\44d74c37f0595a363bcec5e9229d8564\sp2gdr\explorer.exe
[-] 2004-08-03 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe

[-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\soft2\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\sp2gdr\ole32.dll
[-] 2005-07-26 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2005-04-28 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
[-] 2005-04-28 . 5950E4F28FDA9D147576BF6798937397 . 1285120 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll
[-] 2005-04-28 . 5950E4F28FDA9D147576BF6798937397 . 1285120 . . [5.1.2600.2665] . . c:\windows\soft2\Download\7fc28d97b1595fa7b9dce8dd43cee6b0\sp2gdr\ole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\ole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll
[-] 2005-01-14 . 2E752611C9A9AE1B6BFD0DA03CF7F17E . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll
[-] 2004-08-03 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll

[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2004-08-03 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-03 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-03 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-03 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-03 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-03 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-03 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\soft2\Download\b45151c33087fb9df3e7d6e3700f80ed\sp2gdr\shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[-] 2004-08-03 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-03 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-03 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-03 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-03 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2002-08-29 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\soft2\Download\11e16da0817126b62afaea7136882d9f\sp2gdr\aec.sys
[-] 2004-08-03 11:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\soft2\Download\26553d2988faa6629ee272005cd35201\sp2qfe\mfc40u.dll
[-] 2002-08-29 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-03 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll

[-] 2006-10-18 11:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2004-08-03 14:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-08-03 13:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll

[-] 2010-04-27 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-12-08 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 7437BA6F538E89381A2E3643AED296C7 . 2066048 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
[-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 4AC58F03EB94A72809949D757FC39D80 . 2066048 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2007-02-28 . 4D3DBDCCBF97F5BA1E74F322B155C3BA . 2059392 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 . 515D30E2C90A3665A2739309334C9283 . 2057600 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2007-02-28 . 515D30E2C90A3665A2739309334C9283 . 2057600 . . [5.1.2600.3093] . . c:\windows\soft2\Download\10e16e65c532d077de7c89a212bd8df8\sp2gdr\ntkrnlpa.exe
[-] 2006-12-19 . BA4B97C00A437C1CC3DA365D93EE1E9D . 2059392 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\soft2\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\ntkrnlpa.exe

[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-03 13:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\soft2\Download\b3183a1e00bc9d14758dc26c2b339e76\sp2gdr\upnphost.dll
[-] 2004-08-03 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-03 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
[-] 2002-12-11 16:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-03 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-03 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
[-] 2002-12-11 16:14 . 61CC64C43BEC193100E3722F6CF4B1E1 . 284160 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll

[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-03 13:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-03 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-03 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll

[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-16 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-12-08 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 8415D9C7C050E7022AED8ABF281BE4A6 . 2189184 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2008-08-14 . EEAF32F8E15A24F62BECB1BD403BB5C5 . 2189184 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2007-02-28 . 5A5C8DB4AA962C714C8371FBDF189FC9 . 2182144 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 . 582A8DBAA58C3B1F176EB2817DAEE77C . 2180352 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2007-02-28 . 582A8DBAA58C3B1F176EB2817DAEE77C . 2180352 . . [5.1.2600.3093] . . c:\windows\soft2\Download\10e16e65c532d077de7c89a212bd8df8\sp2gdr\ntoskrnl.exe
[-] 2006-12-19 . CEF243F6DEFD20BE4ADDE26C7ECACB54 . 2182016 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\soft2\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\ntoskrnl.exe

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-03 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-03 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll

[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2006-12-19 . D9F097AA3B97034D3358A01B43E635B2 . 333824 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\soft2\Download\d130ed3c2e7e410b5d831b3fad9ac078\sp2gdr\wiaservc.dll
[-] 2004-08-03 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-08 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"PHIME2002ASync"="c:\windows\System32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-29 455168]
"PHIME2002A"="c:\windows\System32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-29 455168]
"SiS Tray"="c:\windows\System32\sistray.EXE" [2002-11-17 303104]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-01-30 77824]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2005-03-08 176128]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-24 09:15 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2004-06-28 22:06 88363 ----a-w- c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2002-08-29 12:00 44032 ----a-w- c:\windows\ime\IMKR6_1\imekrmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-09-25 13:31 185640 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2002-08-29 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 00:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2003-12-18 06:00 64512 ----a-w- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 00:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-03-08 02:10 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
2008-07-11 17:06 223984 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [26/09/2009 12:32 AM 189736]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/02/2010 6:33 PM 135664]
S3 BiPAC 3011G WLAN 11g USB Adapter(Billion);BiPAC 3011G WLAN 11g USB Adapter Driver(Billion);c:\windows\system32\DRIVERS\zd1211u.sys --> c:\windows\system32\DRIVERS\zd1211u.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8/07/2010 11:59 AM 38224]
.
Contents of the 'Scheduled Tasks' folder

2010-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 07:33]

2010-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 07:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.au/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &eBay Search
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\MICHAEL FEEHAN\Application Data\Mozilla\Firefox\Profiles\4x4y2nmu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-UfSeAgnt - c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-21 09:19
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3812)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\WgaTray.exe
.
**************************************************************************
.
Completion time: 2010-12-21 09:28:55 - machine was rebooted
ComboFix-quarantined-files.txt 2010-12-20 22:28
ComboFix2.txt 2010-12-20 03:16

Pre-Run: 44,829,061,120 bytes free
Post-Run: 44,659,060,736 bytes free

- - End Of File - - 5359651EAB2E7F7B32849E1ECFD0879D
  • 0

#19
emeraldnzl
Posted 20 December 2010 - 05:09 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello MickFee,

ComboFix shows a system file that is infected. Let's see if we can find some copies on your machine.

It also shows a long list of system files that have been modified. This sometimes means they have been corrupted by malware but can also mean that some program (some games or system tweakers) you have been using has modified them.

For the meantime we will assume they are okay.

Now

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
regedit.exe
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found at on your Desktop entitled SystemLook.txt

Finally in this post

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:


Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

So when you return please post
  • SystemLook.txt
  • MBRCheck log
  • 0

#20
MickFee
Posted 20 December 2010 - 05:18 PM

MickFee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Another very quick response (woohoo).

Ran System Look - here's the Log:

SystemLook 04.09.10 by jpshortstuff
Log created at 10:11 on 21/12/2010 by MICHAEL FEEHAN
Administrator - Elevation successful

========== filefind ==========

Searching for "regedit.exe"
C:\WINDOWS\regedit.exe ------- 146432 bytes [12:00 29/08/2002] [00:12 14/04/2008] 058710B720282CA82B909912D3EF28DB
C:\WINDOWS\$NtServicePackUninstall$\regedit.exe -----c- 146432 bytes [00:35 05/08/2008] [13:56 03/08/2004] 783AFC80383C176B22DBF8333343992D
C:\WINDOWS\ServicePackFiles\i386\regedit.exe -----c- 146432 bytes [13:56 03/08/2004] [00:12 14/04/2008] 058710B720282CA82B909912D3EF28DB

-= EOF =-


Then set off MBRCheck. No infection flagged, here's that log:

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001d

Kernel Drivers (total 111):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EE000 \WINDOWS\system32\hal.dll
0xFA3AC000 \WINDOWS\system32\KDCOM.DLL
0xFA2BC000 \WINDOWS\system32\BOOTVID.dll
0xF9E5D000 ACPI.sys
0xFA3AE000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xF9E4C000 pci.sys
0xF9EAC000 isapnp.sys
0xFA474000 pciide.sys
0xFA12C000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xF9EBC000 MountMgr.sys
0xF9E2D000 ftdisk.sys
0xFA134000 PartMgr.sys
0xF9ECC000 VolSnap.sys
0xF9E15000 atapi.sys
0xF9EDC000 disk.sys
0xF9EEC000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xF9DF5000 fltmgr.sys
0xF9DE3000 sr.sys
0xFA13C000 PxHelp20.sys
0xF9DCC000 KSecDD.sys
0xF9D3F000 Ntfs.sys
0xF9D12000 NDIS.sys
0xF9EFC000 SISAGPX.sys
0xF9CF8000 Mup.sys
0xFA11C000 \SystemRoot\System32\DRIVERS\intelppm.sys
0xF9AE6000 \SystemRoot\System32\DRIVERS\sisgrp.sys
0xF9AD2000 \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
0xF9F2C000 \SystemRoot\System32\DRIVERS\imapi.sys
0xF9F3C000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xF9F4C000 \SystemRoot\System32\DRIVERS\redbook.sys
0xF9AAF000 \SystemRoot\System32\DRIVERS\ks.sys
0xF9A15000 \SystemRoot\system32\drivers\ALCXWDM.SYS
0xF99F1000 \SystemRoot\system32\drivers\portcls.sys
0xF9F5C000 \SystemRoot\system32\drivers\drmk.sys
0xF998F000 \SystemRoot\system32\drivers\ALCXSENS.SYS
0xFA1DC000 \SystemRoot\System32\DRIVERS\usbohci.sys
0xF996B000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xFA1E4000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xFA1EC000 \SystemRoot\System32\DRIVERS\sisnic.sys
0xF9835000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0xFA1F4000 \SystemRoot\System32\Drivers\Modem.SYS
0xFA1FC000 \SystemRoot\System32\DRIVERS\fdc.sys
0xF9F6C000 \SystemRoot\System32\DRIVERS\serial.sys
0xFA36C000 \SystemRoot\System32\DRIVERS\serenum.sys
0xF9821000 \SystemRoot\System32\DRIVERS\parport.sys
0xF9F7C000 \SystemRoot\System32\DRIVERS\i8042prt.sys
0xFA204000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xFA20C000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xFA370000 \SystemRoot\System32\DRIVERS\gameenum.sys
0xFA539000 \SystemRoot\system32\drivers\msmpu401.sys
0xFA53A000 \SystemRoot\System32\DRIVERS\audstub.sys
0xF9F8C000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xFA374000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xF980A000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xF9F9C000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xF9FAC000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xFA214000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xF97F9000 \SystemRoot\System32\DRIVERS\psched.sys
0xF9FBC000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xFA21C000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xFA224000 \SystemRoot\System32\DRIVERS\raspti.sys
0xF9FCC000 \SystemRoot\System32\DRIVERS\termdd.sys
0xFA3D6000 \SystemRoot\System32\DRIVERS\swenum.sys
0xF979B000 \SystemRoot\System32\DRIVERS\update.sys
0xFA384000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xFA00C000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xFA01C000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xFA3DA000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xFA24C000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xFA3DE000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xFA4A1000 \SystemRoot\System32\Drivers\Null.SYS
0xFA3E0000 \SystemRoot\System32\Drivers\Beep.SYS
0xFA274000 \SystemRoot\System32\drivers\vga.sys
0xFA3E2000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xFA3E4000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xFA27C000 \SystemRoot\System32\Drivers\Msfs.SYS
0xFA284000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF9B5E000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xEEDAE000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xEED55000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xEED2D000 \SystemRoot\System32\DRIVERS\netbt.sys
0xEED0B000 \SystemRoot\System32\drivers\afd.sys
0xFA05C000 \SystemRoot\System32\DRIVERS\netbios.sys
0xF9B56000 \SystemRoot\system32\drivers\srvkp.sys
0xEECE0000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xEEC70000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xFA07C000 \SystemRoot\System32\Drivers\Fips.SYS
0xEEC4A000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xFA08C000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xFA0AC000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xEEB6A000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xFA3E8000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF9797000 \SystemRoot\System32\drivers\Dxapi.sys
0xFA28C000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xFA51C000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\SiSGRV.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xEEAFA000 \SystemRoot\System32\DRIVERS\ndisuio.sys
0xEE865000 \SystemRoot\system32\drivers\wdmaud.sys
0xF16D3000 \SystemRoot\system32\drivers\sysaudio.sys
0xEE5B2000 \SystemRoot\System32\DRIVERS\mrxdav.sys
0xFA43C000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xEE4BA000 \SystemRoot\System32\DRIVERS\srv.sys
0xEE576000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xEE0B9000 \SystemRoot\System32\Drivers\HTTP.sys
0xFA29C000 \??\C:\ComboFix\catchme.sys
0xFA3CE000 \??\C:\WINDOWS\system32\Drivers\PROCEXP113.SYS
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 30):
0 System Idle Process
4 System
300 C:\WINDOWS\system32\smss.exe
348 csrss.exe
372 C:\WINDOWS\system32\winlogon.exe
416 C:\WINDOWS\system32\services.exe
428 C:\WINDOWS\system32\lsass.exe
572 C:\WINDOWS\system32\svchost.exe
632 svchost.exe
668 C:\WINDOWS\system32\svchost.exe
720 svchost.exe
796 svchost.exe
1088 C:\WINDOWS\system32\spoolsv.exe
1820 svchost.exe
1868 C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
1980 C:\Program Files\Java\jre6\bin\jqs.exe
128 C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
264 C:\WINDOWS\system32\HPZipm12.exe
340 C:\WINDOWS\system32\svchost.exe
960 alg.exe
1172 C:\WINDOWS\system32\sistray.exe
1072 C:\Program Files\QuickTime\qttask.exe
420 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
1468 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
1740 C:\WINDOWS\system32\WGATray.exe
1900 C:\WINDOWS\system32\svchost.exe
3812 C:\WINDOWS\explorer.exe
3364 C:\Program Files\Mozilla Firefox\firefox.exe
2544 C:\WINDOWS\notepad.exe
2504 C:\Documents and Settings\MICHAEL FEEHAN\My Documents\Downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: WDCWD600BB-22JHA0, Rev: 05.01C05

Size Device Name MBR Status
--------------------------------------------
55 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!


Hope to "hear" from you soon!!

Mick
  • 0

#21
emeraldnzl
Posted 20 December 2010 - 05:23 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello MickFee,

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KillAll::

FCopy::
C:\WINDOWS\$NtServicePackUninstall$\regedit.exe | c:\windows\regedit.exe

Reboot::

Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt. Please post that here for further review.
  • 0

#22
MickFee
Posted 20 December 2010 - 05:58 PM

MickFee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Instructions obeyed (to the letter) and here is the Combo Fix Log:

ComboFix 10-12-20.01 - MICHAEL FEEHAN 21/12/2010 10:33:09.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.223.108 [GMT 11:00]
Running from: c:\documents and settings\MICHAEL FEEHAN\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\MICHAEL FEEHAN\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Internet Security *Enabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Trend Micro Personal Firewall *Enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\regedit.exe . . . is infected!!

.
--------------- FCopy ---------------

c:\windows\$NtServicePackUninstall$\regedit.exe --> c:\windows\regedit.exe
.
((((((((((((((((((((((((( Files Created from 2010-11-20 to 2010-12-20 )))))))))))))))))))))))))))))))
.

2010-12-18 00:51 . 2010-12-18 00:51 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-18 00:50 . 2010-12-18 00:50 -------- d--h--w- c:\windows\msdownld.tmp
2010-12-16 23:55 . 2010-12-16 23:55 -------- d-----w- C:\_OTL
2010-12-16 23:20 . 2010-11-12 07:53 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-12-16 04:59 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-08 00:01 . 2010-12-08 00:01 -------- d-----w- c:\documents and settings\New Folder
2010-12-02 01:21 . 2010-12-02 01:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\HpUpdate
2010-12-02 01:18 . 2010-12-02 01:18 -------- d-----w- c:\documents and settings\Administrator\Application Data\HP
2010-12-02 01:13 . 2010-12-02 01:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2010-12-02 01:05 . 2010-12-02 01:05 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\AVG Security Toolbar
2010-12-02 01:04 . 2010-12-02 01:04 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-12-02 00:51 . 2010-12-02 00:51 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-12-02 00:30 . 2010-12-02 00:30 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-12-02 00:29 . 2010-12-02 00:29 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 03:03 . 2010-07-07 23:48 1409 ----a-w- c:\windows\QTFont.for
2010-11-29 06:42 . 2010-07-08 00:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-29 06:42 . 2010-07-08 00:59 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:12 . 2005-07-06 00:51 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 07:53 . 2010-05-06 00:21 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 05:34 . 2008-01-21 04:03 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-06 00:26 . 2002-08-29 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2002-08-29 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2002-08-29 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2008-01-25 01:23 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2002-08-29 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2002-08-29 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2002-08-29 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2004-10-11 09:46 . 2004-10-11 09:46 205312 ----a-w- c:\program files\ltefx13n.dll
2004-01-19 04:31 . 2004-01-19 04:31 153600 ----a-w- c:\program files\ltfil13n.DLL
2004-01-19 03:31 . 2004-01-19 03:31 27648 ----a-w- c:\program files\lfiff13n.dll
2004-01-19 03:31 . 2004-01-19 03:31 20480 ----a-w- c:\program files\lfCUT13n.dll
2004-01-19 02:31 . 2004-01-19 02:31 453120 ----a-w- c:\program files\ltkrn13n.dll
2004-01-19 02:12 . 2004-01-19 02:12 89600 ----a-w- c:\program files\Lfcgm13n.dll
2004-01-19 01:49 . 2004-01-19 01:49 278016 ----a-w- c:\program files\LFJ2K13n.dll
2004-01-19 01:49 . 2004-01-19 01:49 180736 ----a-w- c:\program files\Lfpng13n.dll
2004-01-19 01:47 . 2004-01-19 01:47 76800 ----a-w- c:\program files\Lfwmf13n.dll
2004-01-19 01:47 . 2004-01-19 01:47 509440 ----a-w- c:\program files\LFCMW13n.dll
2004-01-19 01:45 . 2004-01-19 01:45 420352 ----a-w- c:\program files\LFCMP13n.DLL
2004-01-19 01:44 . 2004-01-19 01:44 143872 ----a-w- c:\program files\lftif13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 56832 ----a-w- c:\program files\lfpsd13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 19968 ----a-w- c:\program files\lfpcd13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 26624 ----a-w- c:\program files\lfpcx13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 65536 ----a-w- c:\program files\Lfpct13n.dll
2004-01-19 01:36 . 2004-01-19 01:36 18944 ----a-w- c:\program files\lfmsp13n.dll
2004-01-19 01:35 . 2004-01-19 01:35 18944 ----a-w- c:\program files\lfmac13n.dll
2004-01-19 01:35 . 2004-01-19 01:35 20992 ----a-w- c:\program files\lfimg13n.dll
2004-01-19 01:34 . 2004-01-19 01:34 31744 ----a-w- c:\program files\lfclp13n.dll
2004-01-19 01:34 . 2004-01-19 01:34 30208 ----a-w- c:\program files\lfbmp13n.dll
2004-01-19 01:33 . 2004-01-19 01:33 444928 ----a-w- c:\program files\ltimg13n.dll
2004-01-19 01:32 . 2004-01-19 01:32 265216 ----a-w- c:\program files\LTDIS13n.dll
2000-05-01 18:17 . 2000-05-01 18:17 212480 ----a-w- c:\program files\PCDLIB32.DLL
1999-11-18 13:00 . 1999-11-18 13:00 284032 ----a-w- c:\program files\XceedZip.dll
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2002-08-29 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2002-08-29 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-03 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\soft2\Download\f7c10c2b68f88196f082e36f7313e169\sp2gdr\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys

[-] 2002-08-29 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2002-08-29 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\soft2\Download\146ae5e7b51a37f45e0e5cf03d0d5e3c\sp2gdr\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2GDR\tcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB941644$\tcpip.sys

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2004-08-03 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-03 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\soft2\Download\f7a4b3723a3aad7955ede9785b307e88\sp2gdr\netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-03 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-03 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\soft2\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\sp2gdr\rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\soft2\Download\7fc28d97b1595fa7b9dce8dd43cee6b0\sp2gdr\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-03 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll

[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-03 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe

[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\soft2\Download\0fd33c77398fa2b50df56456525ef5c3\sp2gdr\spoolsv.exe
[-] 2004-08-03 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-03 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2006-08-25 . 11B508E0D26622D2BD25B60033245F6A . 925184 . . [6.0] . . c:\windows\soft2\Download\e533f2b7494d7e198f7fd652beea5687\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\soft2\Download\e533f2b7494d7e198f7fd652beea5687\sp2qfe\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\soft2\Download\e533f2b7494d7e198f7fd652beea5687\sp2qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\InstallTemp\2830078\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2006-03-17 . 551E967F1E08EE6E205FCB5ADCB0DFC5 . 925184 . . [6.0] . . c:\windows\soft2\Download\cb2769f3b1daf367a31ed046299a3790\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2005-08-31 . A93B7C3B08B9AC15B4DCDC96A50E4C2C . 925184 . . [6.0] . . c:\windows\soft2\Download\0ad26524c298df9a41026d3b49a38936\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2005-03-11 . F6A21D5476C7B4CA9873D97BD246D6EB . 925184 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1643_x-ww_7c3a9bc6\comctl32.dll
[-] 2004-12-21 . 865CF4B7CA471E4E9E4EC3F3CE60FE9E . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1612_x-ww_7c379b08\comctl32.dll
[-] 2004-08-20 . FC13804088C77CCA6B6C9B26BA5BDECB . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1579_x-ww_7bbf8d08\comctl32.dll
[-] 2004-08-03 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2004-08-03 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2002-08-29 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\55483\comctl32.dll
[-] 2002-08-29 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2002-08-29 . 76B90BD220F1B1CC9E183C6B1AE9FBB4 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-03 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\soft2\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\sp2gdr\es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2004-08-03 13:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-03 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\soft2\Download\c1835c8cb0bb13f938a8a983ca5edea4\sp2gdr\kernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2004-08-03 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2004-08-03 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB935839$\kernel32.dll

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\soft2\Download\0ad26524c298df9a41026d3b49a38936\sp2gdr\linkinfo.dll
[-] 2004-08-03 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-03 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3QFE\mshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3GDR\mshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\system32\mshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2010-09-10 . DE41132DA8E5A3CD57201C6F2175EC05 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
[-] 2010-09-10 . 8A03CC037E6B7D1796192815231B0C3F . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 94DC7E938C57F3C3D1BC4A0F68FC5830 . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 4D7EF94795384CD2BBAAB078B7929FEA . 5951488 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-02-25 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . C0F9AC6FAB2C788FFEE3E69585A0E93F . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . CBB1EF54B86EDB78649909DD1699E5CA . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[-] 2009-10-22 . CDA69BC1C23B0EA033B989F67CB722FF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[-] 2009-10-22 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[-] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[-] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[-] 2009-07-19 . 5A32B43A48D6DCA339BF24105D9A028F . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[-] 2009-07-19 . F25D866DD486AD30E05E5596CB363C3E . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[-] 2009-05-13 . EEAADAA744B20E68CF5EB4FBB4F8AFA9 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[-] 2009-05-13 . EEAADAA744B20E68CF5EB4FBB4F8AFA9 . 5936128 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\mshtml.dll
[-] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[-] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\ie8\mshtml.dll
[-] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[-] 2009-03-07 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[-] 2009-02-21 . 1BB754AB47B327DE8DBF2FA18C36357C . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[-] 2009-02-20 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll
[-] 2009-01-16 . CC9D001B7370B292C35B366CA05B12B4 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[-] 2009-01-16 . 3B413267DA8AE71C20E5EF3E54F74728 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[-] 2008-12-13 . 121EC39A64D64205A88C2C45B034B455 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-12-13 . C79FAD61CD4A26ED5AA8C16D991C6FBD . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[-] 2008-10-16 . B74F31A4BD83797D7A083F922169287D . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[-] 2008-10-16 . EACAEDEF6FA2A969DE5B36190D45396F . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[-] 2008-08-27 . 1AD035E04A7068EC2820B055A3131ED8 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[-] 2008-08-26 . 25CC085720EE3617FD1F8AB9E2F7CAB2 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[-] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[-] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[-] 2008-04-23 . 8976CAB317105F7431B08EA32AB73C65 . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[-] 2008-04-23 . 4D612FF5D3B7EEF200595AE6F95D5E68 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2008-03-01 . 4EE273E2B09317C1217EF0DB91F93534 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
[-] 2008-03-01 . AB2C88167D78D71D93558ACECB24CC7A . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll
[-] 2007-12-08 . A097C36412455F0C7E42377FAF8809B7 . 3592192 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\mshtml.dll
[-] 2007-12-07 . 976C46ED4A75FC66D9C596778898CE1E . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
[-] 2007-10-30 . 54D8B404F17AA74C666F7F3AEF2AE459 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
[-] 2007-10-30 . 8AB7ECF59D6EBBE986277B65ED4A40A1 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll
[-] 2007-10-30 . 8AB7ECF59D6EBBE986277B65ED4A40A1 . 3590656 . . [7.00.6000.16587] . . c:\windows\soft2\Download\f079f64483de750433b596960466dd78\sp2gdr\mshtml.dll
[-] 2007-08-20 . AA8A4BD78D24FCDB96DDAEE3756AA372 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
[-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll
[-] 2007-07-18 . 7CE243CFD47AD0DC431586CB8C542A11 . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll
[-] 2007-05-08 . 1D4E3B86C601A2497C99790CC4D7DF26 . 3584000 . . [7.00.6000.20591] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\mshtml.dll
[-] 2007-03-07 . 190E1AE9B973049B12A67BAD478C770C . 3581952 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\mshtml.dll
[-] 2007-03-07 . DA297A862E5F093A07D37C05F608C686 . 3582976 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\mshtml.dll
[-] 2007-01-04 . 1C45525574EF206346FBAFCAAC7CC4A5 . 3062272 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll
[-] 2006-10-23 . 5FC7DE1195C8E9B5360FD65DBE95E5B0 . 3055104 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll
[-] 2006-09-14 . BE45460D1453B7342E01EAE79BFBC681 . 3054592 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2006-09-14 . CEFEA1C301139A817931BE132F0359FE . 3058688 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\mshtml.dll
[-] 2006-07-28 . D251679BD9EF0250201FB899EC40FD32 . 3058176 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll
[-] 2006-07-28 . C7074DA3D8F8C0F6C03874BA0B05069C . 3054080 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll
[-] 2006-05-19 . 284CE76B71DD5260B42A3CCF0135AF67 . 3052544 . . [6.00.2900.2912] . . c:\windows\$NtUninstallKB918899$\mshtml.dll
[-] 2006-05-19 . 8687E029BE63C77D4919485068C54D77 . 3055104 . . [6.00.2900.2912] . . c:\windows\$hf_mig$\KB916281\SP2QFE\mshtml.dll
[-] 2006-03-23 . DEAA438EA31095E14A196FF647E38D13 . 3053568 . . [6.00.2900.2873] . . c:\windows\$NtUninstallKB916281$\mshtml.dll
[-] 2006-03-23 . ABCD123F888E4E97C8751378CCCC4F26 . 3055616 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll
[-] 2005-11-24 . D3F037F5DA702AE9DDD7663EC9D78BA7 . 3018240 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll
[-] 2005-11-24 . 5E7A39950EA133BB54719A6E08C544A7 . 3015680 . . [6.00.2900.2802] . . c:\windows\$NtUninstallKB912812$\mshtml.dll
[-] 2005-10-05 . 3394299FBF1CD0B24089FC762611360B . 3017728 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll
[-] 2005-10-04 . 042AC20E084D21DD6BEE99B89CC30FB7 . 3015168 . . [6.00.2900.2769] . . c:\windows\$NtUninstallKB905915$\mshtml.dll
[-] 2005-07-20 . A14A7A206AE22DE4FE563E44CFC7DDF5 . 3016192 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll
[-] 2005-07-20 . 31E7520E58E5E4DFA93215A6D5603AF2 . 3014144 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB896688$\mshtml.dll
[-] 2005-05-02 . DCC5C79B99F02EEF8C826B074DBFC222 . 3014144 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll
[-] 2005-05-02 . DCFAC5470EE0A159EC4222BC28AE3EE6 . 3012608 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\mshtml.dll
[-] 2004-08-03 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB883939$\mshtml.dll
[-] 2004-08-03 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2004-08-03 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2004-08-03 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2004-08-03 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2002-08-29 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2002-08-29 . 70630CAD245477F8DB02B79D9A92834C . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-03 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-03 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-03 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-03 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-03 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-03 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\soft2\Download\c97484bc3f0a909669b5abb5a1bd9a86\sp2gdr\tapisrv.dll
[-] 2004-08-03 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\soft2\Download\4d9d678c0d8af22c04a4a7fc7f1ff86c\sp2gdr\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\soft2\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\user32.dll

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-03 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3QFE\wininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\SoftwareDistribution\Download\88796e09434ce2ba0af7fc45bba372bf\SP3GDR\wininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\system32\wininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\system32\dllcache\wininet.dll
[-] 2010-09-10 . 36FE8ABC59AAFBE20CBE54BC372F9429 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll
[-] 2010-09-10 . 0555E190DCD06B8998E6DDCA42DAEB82 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 60237E50D575FBA9BEC9BC043F157149 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . D3DEB6B2B424AC93DE3801EAEB21A9A5 . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 75240F6EDBCE7B85DF66874407D38A4F . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 . 7E8A47A2E6561274B83E257CE74803FD . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[-] 2009-07-03 . 38114DAB42FB2EB84D1726C42B8D80C5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[-] 2009-05-13 . 366C72AF6970DB7BB39AB0142BF09DB5 . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[-] 2009-05-13 . 366C72AF6970DB7BB39AB0142BF09DB5 . 915456 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\wininet.dll
[-] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[-] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\ie8\wininet.dll
[-] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2009-03-07 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[-] 2009-03-03 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
[-] 2009-03-03 . C8667854873938CA13C986F16B0CD183 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2008-12-20 . 044E0A4E9FE97C0FB9AFE9C89E2A82E6 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . A82935D32D0672E8FF4E91AE398E901C . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . 6741EAF7B7F110E803A6E38F6E5FA6B0 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-10-16 . 0D5B75171FF51775B630A431B6C667E8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . 77C192FE56A70D7FA0247BA0A6201C32 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . EF8EBA98145BFA44E80D17A3B3453300 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 . F6589BE784647CFDBC22EA51CCB1A57A . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-04-23 . 41546B396A526918DA7995A02EA04E51 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2008-03-01 . AD21461AEF8244EDEC2EF18E55E1DCF3 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll
[-] 2008-03-01 . 6316C2F0C61271C8ABDFF7429174879E . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[-] 2007-12-07 . 806D274C9A6C3AAEA5EAE8E4AF841E04 . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll
[-] 2007-12-07 . B5B411BB229AE6EAD7652A32ED47BFB9 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[-] 2007-10-10 . 30C1E0F34AD2972C72A01DB5C74AB065 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll
[-] 2007-10-10 . 30C1E0F34AD2972C72A01DB5C74AB065 . 824832 . . [7.00.6000.16574] . . c:\windows\soft2\Download\f079f64483de750433b596960466dd78\sp2gdr\wininet.dll
[-] 2007-10-10 . 0E5D918F87EFA7D2424D66B499C7EB04 . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[-] 2007-08-20 . 357D54BF94FE9D6D8505A96B5C2A3BCA . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll
[-] 2007-06-27 . D6ED5E042C5207553E7F5E842918137F . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
[-] 2007-04-25 . 431DEFBB4A3D7B0DC062C1B064623A2F . 823808 . . [7.00.6000.20583] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[-] 2007-03-07 . 5B35DAE6E4886F64D1DA58C4E3E01EB9 . 822784 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\wininet.dll
[-] 2007-03-07 . B8F4DB39CA7353752F245379D285C80E . 823296 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[-] 2007-01-04 . 3FFA1573FC274E5AA7467D03941C45EE . 665088 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll
[-] 2006-10-23 . 6B2735ADFF5A5D3B9130CA4A794722F0 . 658944 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll
[-] 2006-09-14 . 621AF3F6174A3F60677F5230E28BCC07 . 658944 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2006-09-14 . D207370287CF769AEBEBF03837784963 . 664576 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll
[-] 2006-06-23 . 64CE26DB72810B30F7855EA51E1DF836 . 664576 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll
[-] 2006-06-23 . 2B4DB890936430C71419037039502752 . 658944 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll
[-] 2006-05-10 . D94CFFDB53E7AC867438E2DFD50E7CBC . 663552 . . [6.00.2900.2904] . . c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll
[-] 2006-05-10 . 38AB7A56F566D9AAAD31812494944824 . 658432 . . [6.00.2900.2904] . . c:\windows\$NtUninstallKB918899$\wininet.dll
[-] 2006-03-04 . C0845ECBF4F9164E618EE381B79C9032 . 663552 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
[-] 2006-03-04 . 1C0979C7A489BEE573CD0BF4AD94BB06 . 658432 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB916281$\wininet.dll
[-] 2005-10-21 . E7B27B6B6E06CE34EA019FD8B858C613 . 658432 . . [6.00.2900.2781] . . c:\windows\$NtUninstallKB912812$\wininet.dll
[-] 2005-10-21 . AF785C4947676A7FC1673FDC5C8D0B5B . 661504 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2005-09-02 . 97A6FD7CAFD688CF2C78939EBAF0CD0C . 660480 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll
[-] 2005-09-02 . AF61EBB1F550175EFF406D545D6AB086 . 658432 . . [6.00.2900.2753] . . c:\windows\$NtUninstallKB905915$\wininet.dll
[-] 2005-07-03 . 5B5FF992C0FA762CCF8655FC290E6E52 . 658432 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB896688$\wininet.dll
[-] 2005-07-03 . 6E533D155B259EB2363D3E04B5BE309F . 659456 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll
[-] 2005-05-02 . E1E18136F9DD3DF1AD9C82193A5898A6 . 658944 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll
[-] 2005-05-02 . 1A078AF3F85D10BA56444C23B3A18E74 . 657920 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\wininet.dll
[-] 2004-08-03 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB883939$\wininet.dll
[-] 2004-08-03 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2004-08-03 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-03 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-03 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 7712DF0CDDE3A5AC89843E61CD5B3658 . 1033216 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\soft2\Download\44d74c37f0595a363bcec5e9229d8564\sp2gdr\explorer.exe
[-] 2004-08-03 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe

[-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\soft2\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\sp2gdr\ole32.dll
[-] 2005-07-26 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2005-04-28 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
[-] 2005-04-28 . 5950E4F28FDA9D147576BF6798937397 . 1285120 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll
[-] 2005-04-28 . 5950E4F28FDA9D147576BF6798937397 . 1285120 . . [5.1.2600.2665] . . c:\windows\soft2\Download\7fc28d97b1595fa7b9dce8dd43cee6b0\sp2gdr\ole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\ole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll
[-] 2005-01-14 . 2E752611C9A9AE1B6BFD0DA03CF7F17E . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll
[-] 2004-08-03 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll

[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2004-08-03 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-03 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-03 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-03 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-03 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-03 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-03 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\soft2\Download\b45151c33087fb9df3e7d6e3700f80ed\sp2gdr\shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[-] 2004-08-03 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-03 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-03 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-03 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-03 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2002-08-29 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\soft2\Download\11e16da0817126b62afaea7136882d9f\sp2gdr\aec.sys
[-] 2004-08-03 11:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\soft2\Download\26553d2988faa6629ee272005cd35201\sp2qfe\mfc40u.dll
[-] 2002-08-29 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-03 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll

[-] 2006-10-18 11:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2004-08-03 14:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-08-03 13:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll

[-] 2010-04-27 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-12-08 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 7437BA6F538E89381A2E3643AED296C7 . 2066048 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
[-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 4AC58F03EB94A72809949D757FC39D80 . 2066048 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2007-02-28 . 4D3DBDCCBF97F5BA1E74F322B155C3BA . 2059392 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 . 515D30E2C90A3665A2739309334C9283 . 2057600 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2007-02-28 . 515D30E2C90A3665A2739309334C9283 . 2057600 . . [5.1.2600.3093] . . c:\windows\soft2\Download\10e16e65c532d077de7c89a212bd8df8\sp2gdr\ntkrnlpa.exe
[-] 2006-12-19 . BA4B97C00A437C1CC3DA365D93EE1E9D . 2059392 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\soft2\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\ntkrnlpa.exe

[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-03 13:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\soft2\Download\b3183a1e00bc9d14758dc26c2b339e76\sp2gdr\upnphost.dll
[-] 2004-08-03 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-03 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
[-] 2002-12-11 16:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-03 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-03 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
[-] 2002-12-11 16:14 . 61CC64C43BEC193100E3722F6CF4B1E1 . 284160 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll

[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-03 13:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-03 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-03 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll

[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-16 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-12-08 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 8415D9C7C050E7022AED8ABF281BE4A6 . 2189184 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2008-08-14 . EEAF32F8E15A24F62BECB1BD403BB5C5 . 2189184 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2007-02-28 . 5A5C8DB4AA962C714C8371FBDF189FC9 . 2182144 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 . 582A8DBAA58C3B1F176EB2817DAEE77C . 2180352 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2007-02-28 . 582A8DBAA58C3B1F176EB2817DAEE77C . 2180352 . . [5.1.2600.3093] . . c:\windows\soft2\Download\10e16e65c532d077de7c89a212bd8df8\sp2gdr\ntoskrnl.exe
[-] 2006-12-19 . CEF243F6DEFD20BE4ADDE26C7ECACB54 . 2182016 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\soft2\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\ntoskrnl.exe

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-03 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-03 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll

[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2006-12-19 . D9F097AA3B97034D3358A01B43E635B2 . 333824 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\soft2\Download\d130ed3c2e7e410b5d831b3fad9ac078\sp2gdr\wiaservc.dll
[-] 2004-08-03 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-08 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"PHIME2002ASync"="c:\windows\System32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-29 455168]
"PHIME2002A"="c:\windows\System32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-29 455168]
"SiS Tray"="c:\windows\System32\sistray.EXE" [2002-11-17 303104]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-01-30 77824]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2005-03-08 176128]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-24 09:15 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2004-06-28 22:06 88363 ----a-w- c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2002-08-29 12:00 44032 ----a-w- c:\windows\ime\IMKR6_1\imekrmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-09-25 13:31 185640 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2002-08-29 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 00:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2003-12-18 06:00 64512 ----a-w- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 00:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-03-08 02:10 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
2008-07-11 17:06 223984 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

S3 BiPAC 3011G WLAN 11g USB Adapter(Billion);BiPAC 3011G WLAN 11g USB Adapter Driver(Billion);c:\windows\system32\DRIVERS\zd1211u.sys --> c:\windows\system32\DRIVERS\zd1211u.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8/07/2010 11:59 AM 38224]
.
Contents of the 'Scheduled Tasks' folder

2010-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 07:33]

2010-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 07:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.au/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &eBay Search
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\MICHAEL FEEHAN\Application Data\Mozilla\Firefox\Profiles\4x4y2nmu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-21 10:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3116)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\WgaTray.exe
.
**************************************************************************
.
Completion time: 2010-12-21 10:56:28 - machine was rebooted
ComboFix-quarantined-files.txt 2010-12-20 23:56
ComboFix2.txt 2010-12-20 22:28
ComboFix3.txt 2010-12-20 03:16

Pre-Run: 44,661,395,456 bytes free
Post-Run: 44,652,978,176 bytes free

- - End Of File - - C5B73597A708465CAF98F6DB2C49D6FB
  • 0

#23
emeraldnzl
Posted 20 December 2010 - 06:16 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello MickFee,

  • Double click on the OTL icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • Under the Custom Scan box paste this in:




    /md5start
    regedit.exe
    /md5stop

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open a notepad window, OTL.txt. This is saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of the file and paste it into your reply.
  • 0

#24
MickFee
Posted 20 December 2010 - 06:32 PM

MickFee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Here's the latest, post "copy and paste" OTL report:

OTL logfile created on: 21/12/2010 11:27:19 AM - Run 5
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\MICHAEL FEEHAN\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

223.00 Mb Total Physical Memory | 132.00 Mb Available Physical Memory | 59.00% Memory free
547.00 Mb Paging File | 378.00 Mb Available in Paging File | 69.00% Paging File free
Paging file location(s): c:\pagefile.sys 336 672 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.90 Gb Total Space | 41.60 Gb Free Space | 74.43% Space Free | Partition Type: NTFS

Computer Name: CHARLIE | User Name: MICHAEL FEEHAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/17 10:50:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MICHAEL FEEHAN\My Documents\Downloads\OTL.exe
PRC - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/03/08 13:10:04 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/12/31 17:04:48 | 000,942,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WGATray.exe
PRC - [2008/04/14 11:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/09 18:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2002/11/17 19:36:16 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe


========== Modules (SafeList) ==========

MOD - [2010/12/17 10:50:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MICHAEL FEEHAN\My Documents\Downloads\OTL.exe
MOD - [2010/08/24 03:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2007/08/09 18:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\zd1211u.sys -- (BiPAC 3011G WLAN 11g USB Adapter(Billion)) BiPAC 3011G WLAN 11g USB Adapter Driver(Billion)
DRV - [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2008/04/14 05:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 22:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004/06/29 09:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/01/14 11:30:00 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDPNDIS5.sys -- (ZDPNDIS5)
DRV - [2003/12/19 05:08:22 | 000,639,836 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003/10/04 15:25:00 | 000,401,152 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/07/18 12:58:20 | 000,036,992 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (sisagp)
DRV - [2003/03/28 14:53:18 | 000,390,144 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/03/20 14:03:54 | 000,010,496 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2002/08/29 23:00:00 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/18 01:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.live.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/18 11:50:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/18 11:50:29 | 000,000,000 | ---D | M]

[2010/07/08 12:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Mozilla\Extensions
[2010/12/21 11:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Mozilla\Firefox\Profiles\4x4y2nmu.default\extensions
[2010/07/08 12:55:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Mozilla\Firefox\Profiles\4x4y2nmu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/16 12:21:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Mozilla\Firefox\Profiles\4x4y2nmu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/12/21 11:16:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/17 10:21:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/12/18 09:40:29 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/12/18 09:40:29 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/12/18 09:40:29 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/12/18 09:40:29 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/12/21 10:42:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_23.dll (Sun Microsystems, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1201563106031 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1187672878515 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\MICHAEL FEEHAN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\MICHAEL FEEHAN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/06/24 16:35:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/12/21 10:41:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/12/20 13:52:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/12/20 13:48:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/12/20 13:48:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/12/20 13:48:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/12/20 13:48:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/12/20 13:48:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/12/20 12:40:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/12/18 11:50:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2010/12/17 10:55:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/17 10:20:57 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/17 10:20:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/17 10:20:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/16 15:59:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2004/10/11 20:46:32 | 000,205,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltefx13n.dll
[2004/01/19 15:31:00 | 000,153,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltfil13n.DLL
[2004/01/19 14:31:06 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfiff13n.dll
[2004/01/19 14:31:06 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfCUT13n.dll
[2004/01/19 13:31:50 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltkrn13n.dll
[2004/01/19 13:12:00 | 000,089,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfcgm13n.dll
[2004/01/19 12:49:52 | 000,278,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFJ2K13n.dll
[2004/01/19 12:49:08 | 000,180,736 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfpng13n.dll
[2004/01/19 12:47:36 | 000,076,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfwmf13n.dll
[2004/01/19 12:47:04 | 000,509,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFCMW13n.dll
[2004/01/19 12:45:38 | 000,420,352 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFCMP13n.DLL
[2004/01/19 12:44:52 | 000,143,872 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lftif13n.dll
[2004/01/19 12:36:48 | 000,056,832 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpsd13n.dll
[2004/01/19 12:36:36 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcd13n.dll
[2004/01/19 12:36:32 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcx13n.dll
[2004/01/19 12:36:24 | 000,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfpct13n.dll
[2004/01/19 12:36:18 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfmsp13n.dll
[2004/01/19 12:35:56 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfmac13n.dll
[2004/01/19 12:35:34 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfimg13n.dll
[2004/01/19 12:34:50 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfclp13n.dll
[2004/01/19 12:34:42 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfbmp13n.dll
[2004/01/19 12:33:48 | 000,444,928 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltimg13n.dll
[2004/01/19 12:32:18 | 000,265,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LTDIS13n.dll
[2000/05/02 05:17:00 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Program Files\PCDLIB32.DLL
[1999/11/19 00:00:00 | 000,284,032 | ---- | C] (Xceed Software Inc (450) 442-2626 [email protected] www.xceedsoft.com) -- C:\Program Files\XceedZip.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/21 11:03:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/21 10:45:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/21 10:43:21 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/12/21 10:43:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/21 10:42:55 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/12/21 10:42:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/21 10:42:47 | 234,409,984 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/21 08:59:39 | 003,995,496 | R--- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\ComboFix.exe
[2010/12/20 14:03:55 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/12/20 13:53:01 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/12/20 11:45:31 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Google Chrome.lnk
[2010/12/20 11:45:31 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/18 12:33:23 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Shortcut to Downloads.lnk
[2010/12/16 16:23:31 | 000,186,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/16 16:11:29 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/16 15:36:46 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Windows Update.lnk
[2010/12/02 12:15:19 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/20 13:53:01 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/12/20 13:52:58 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/12/20 13:48:35 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/20 13:48:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/20 13:48:35 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/20 13:48:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/20 13:48:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/20 13:12:20 | 003,995,496 | R--- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\ComboFix.exe
[2010/12/20 11:45:31 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Google Chrome.lnk
[2010/12/20 11:45:31 | 000,001,832 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/20 10:56:32 | 000,002,145 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\resetlog.txt
[2010/12/18 12:33:22 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Shortcut to Downloads.lnk
[2010/12/18 11:34:59 | 234,409,984 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/02 12:15:17 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/12/31 17:04:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008/01/15 10:40:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2007/12/27 20:52:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2006/12/15 10:03:47 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006/10/25 15:27:22 | 000,221,175 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2006/10/25 15:27:22 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2006/10/25 15:26:22 | 000,002,219 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\HPSU_48BitScanUpdate.log
[2006/10/25 15:26:22 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/10/25 15:21:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\HelpFilesUpdatePatch_HELPFILEREPLACE.log
[2006/10/25 15:21:51 | 000,000,375 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
[2006/10/25 15:21:51 | 000,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2006/10/25 15:11:44 | 000,002,577 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\PatchUpdate_HP_ISRegionListUpdatelog_HPSU.log
[2006/10/25 15:11:44 | 000,000,228 | ---- | C] () -- C:\WINDOWS\HP_ISRegionListUpdatelog_HPSU.ini
[2006/10/25 15:10:55 | 000,003,015 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\PatchUpdate_InstantShareJPG.log
[2006/10/25 15:10:55 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2006/10/25 15:01:39 | 000,003,842 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\PatchUpdate_IZClosingDiscError.log
[2006/10/25 15:01:39 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2006/04/24 19:56:54 | 000,121,262 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Update_HP_RedboxHprblog_HPSU.log
[2006/04/24 19:56:54 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/04/19 12:16:52 | 000,094,720 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/01/15 11:02:19 | 000,002,817 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Hewlett-PackardHP PSC 1400 series1136271544_PROTOCOL.log
[2006/01/15 11:02:19 | 000,001,348 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Hewlett-PackardHP PSC 1400 series1136271544_UI.log
[2006/01/15 11:02:19 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2006/01/15 11:02:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Hewlett-PackardHP PSC 1400 series1136271544_API.log
[2006/01/03 18:07:10 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\MICHAEL FEEHAN\Local Settings\Application Data\fusioncache.dat
[2006/01/03 17:49:20 | 000,002,358 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2005/11/06 18:54:29 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.MICHAEL FEEHAN.ini
[2005/09/21 23:41:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/09/21 10:36:25 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005/02/01 13:17:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/01/26 19:20:13 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2005/01/26 17:57:33 | 000,000,517 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2004/11/29 14:54:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/06/25 00:27:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/06/24 16:52:30 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2004/06/24 16:48:58 | 000,033,807 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2004/06/24 16:48:58 | 000,015,958 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2004/06/24 16:47:50 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2004/06/24 16:44:06 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/03/23 16:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== Custom Scans ==========



< MD5 for: REGEDIT.EXE >
[2008/04/14 11:12:32 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
[2004/08/04 00:56:56 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=783AFC80383C176B22DBF8333343992D -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2004/08/04 00:56:56 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=783AFC80383C176B22DBF8333343992D -- C:\WINDOWS\regedit.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844

< End of report >
[2010/12/21 11:28:40 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\NTUSER.DAT.LOG
[2010/12/21 11:25:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/12/21 11:03:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/21 10:56:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\MICHAEL FEEHAN\Local Settings
[2010/12/21 10:45:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/21 10:43:21 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/12/21 10:43:10 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/12/21 10:43:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/21 10:42:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/12/21 10:42:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/21 10:41:42 | 004,554,752 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\ntuser.dat
[2010/12/21 10:41:42 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\ntuser.ini
[2010/12/21 10:38:17 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/12/21 10:33:00 | 000,000,000 | R--D | M] -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop
[2010/12/21 10:32:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data
[2010/12/21 10:27:07 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\MICHAEL FEEHAN\Recent
[2010/12/21 08:59:39 | 003,995,496 | R--- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\ComboFix.exe
[2010/12/20 14:03:55 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/12/20 14:02:45 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu
[2010/12/20 13:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/12/20 13:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Desktop
[2010/12/20 13:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/12/20 13:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/12/20 13:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/12/20 13:28:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/12/20 13:28:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/12/20 13:27:38 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2010/12/20 13:27:19 | 000,000,000 | R--D | M] -- C:\Documents and Settings\MICHAEL FEEHAN\My Documents
[2010/12/20 11:51:01 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\MICHAEL FEEHAN\Cookies
[2010/12/20 11:45:31 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Google Chrome.lnk
[2010/12/20 11:45:31 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/20 11:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MICHAEL FEEHAN\Local Settings\Application Data\Google
[2010/12/20 11:42:02 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/12/20 11:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MICHAEL FEEHAN\Local Settings\Application Data\Temp
[2010/12/20 10:56:33 | 000,002,145 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\resetlog.txt
[2010/12/18 12:33:23 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Shortcut to Downloads.lnk
[2010/12/18 10:39:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\MICHAEL FEEHAN\NetHood
[2010/12/17 10:36:11 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/12/17 10:36:11 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Java
[2010/12/17 09:31:12 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Symantec Shared
[2010/12/16 16:23:31 | 000,186,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/16 16:23:29 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/12/16 16:23:28 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/12/16 16:11:29 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/16 16:04:57 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/12/16 15:36:46 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Windows Update.lnk
[2010/12/02 11:43:29 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/10 13:56:34 | 000,002,358 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/01/24 19:45:13 | 000,046,688 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/09/03 12:29:26 | 000,001,348 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Hewlett-PackardHP PSC 1400 series1136271544_UI.log
[2008/09/03 12:28:20 | 000,002,817 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Hewlett-PackardHP PSC 1400 series1136271544_PROTOCOL.log
[2008/08/13 16:55:11 | 007,993,908 | -H-- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Local Settings\Application Data\IconCache.db
[2008/05/13 16:45:40 | 000,094,720 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/25 11:14:38 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2006/10/25 15:28:58 | 000,221,175 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2006/10/25 15:26:29 | 000,002,219 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\HPSU_48BitScanUpdate.log
[2006/10/25 15:22:00 | 000,000,375 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
[2006/10/25 15:21:53 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\HelpFilesUpdatePatch_HELPFILEREPLACE.log
[2006/10/25 15:11:46 | 000,002,577 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\PatchUpdate_HP_ISRegionListUpdatelog_HPSU.log
[2006/10/25 15:11:02 | 000,003,015 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\PatchUpdate_InstantShareJPG.log
[2006/10/25 15:04:47 | 000,003,842 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\PatchUpdate_IZClosingDiscError.log
[2006/04/24 19:57:10 | 000,121,262 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Update_HP_RedboxHprblog_HPSU.log
[2006/01/15 11:02:19 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Hewlett-PackardHP PSC 1400 series1136271544_API.log
[2006/01/03 18:07:10 | 000,000,137 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Local Settings\Application Data\fusioncache.dat
[2004/10/11 20:46:32 | 000,205,312 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\ltefx13n.dll
[2004/06/25 00:25:27 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\desktop.ini
[2004/01/19 15:31:00 | 000,153,600 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\ltfil13n.DLL
[2004/01/19 14:31:06 | 000,027,648 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lfiff13n.dll
[2004/01/19 14:31:06 | 000,020,480 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lfCUT13n.dll
[2004/01/19 13:31:50 | 000,453,120 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\ltkrn13n.dll
[2004/01/19 13:12:00 | 000,089,600 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\Lfcgm13n.dll
[2004/01/19 12:49:52 | 000,278,016 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\LFJ2K13n.dll
[2004/01/19 12:49:08 | 000,180,736 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\Lfpng13n.dll
[2004/01/19 12:47:36 | 000,076,800 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\Lfwmf13n.dll
[2004/01/19 12:47:04 | 000,509,440 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\LFCMW13n.dll
[2004/01/19 12:45:38 | 000,420,352 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\LFCMP13n.DLL
[2004/01/19 12:44:52 | 000,143,872 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lftif13n.dll
[2004/01/19 12:36:48 | 000,056,832 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lfpsd13n.dll
[2004/01/19 12:36:36 | 000,019,968 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcd13n.dll
[2004/01/19 12:36:32 | 000,026,624 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcx13n.dll
[2004/01/19 12:36:24 | 000,065,536 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\Lfpct13n.dll
[2004/01/19 12:36:18 | 000,018,944 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lfmsp13n.dll
[2004/01/19 12:35:56 | 000,018,944 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lfmac13n.dll
[2004/01/19 12:35:34 | 000,020,992 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lfimg13n.dll
[2004/01/19 12:34:50 | 000,031,744 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lfclp13n.dll
[2004/01/19 12:34:42 | 000,030,208 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\lfbmp13n.dll
[2004/01/19 12:33:48 | 000,444,928 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\ltimg13n.dll
[2004/01/19 12:32:18 | 000,265,216 | ---- | M] (LEAD Technologies, Inc.) -- C:\Program Files\LTDIS13n.dll
[2000/05/02 05:17:00 | 000,212,480 | ---- | M] (Eastman Kodak) -- C:\Program Files\PCDLIB32.DLL
[1999/11/19 00:00:00 | 000,284,032 | ---- | M] (Xceed Software Inc (450) 442-2626 [email protected] www.xceedsoft.com) -- C:\Program Files\XceedZip.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/21 11:03:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/21 10:45:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/21 10:43:21 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/12/21 10:43:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/21 10:42:55 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/12/21 10:42:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/21 10:42:47 | 234,409,984 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/21 08:59:39 | 003,995,496 | R--- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\ComboFix.exe
[2010/12/20 14:03:55 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/12/20 13:53:01 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/12/20 11:45:31 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Google Chrome.lnk
[2010/12/20 11:45:31 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/18 12:33:23 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Shortcut to Downloads.lnk
[2010/12/16 16:23:31 | 000,186,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/16 16:11:29 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/16 15:36:46 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\MICHAEL FEEHAN\Desktop\Windows Update.lnk
[2010/12/02 12:15:19 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Custom Scans ==========



< MD5 for: REGEDIT.EXE >
[2008/04/14 11:12:32 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
[2004/08/04 00:56:56 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=783AFC80383C176B22DBF8333343992D -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2004/08/04 00:56:56 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=783AFC80383C176B22DBF8333343992D -- C:\WINDOWS\regedit.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844

< End of report >
  • 0

#25
emeraldnzl
Posted 20 December 2010 - 06:47 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello MickFee,

Making good progress I think.

Bit to do in this post. :D

Now

Please run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.

:Commands
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.
Next

You have used Malwarebytes before. If you still have it on your machine please update and run. Post the scan report back here.

If you no-longer have Malwarebytes please download from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Finally in this post

Please run a free online scan with the ESET Online Scanner
Note: ESET was designed to run with Internet Explorer, compatibility with other browsers has been added recently but if you find difficulty, go to using Internet Explorer
  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Click Start and if your security program asks you if you want to allow the program, click yes.
  • If you anti-virus is active you may see a panel appear warning you that this may affect performance. Disabling the programs listed may speed things along.
  • Make sure that the options Remove found threats and Scan archives are checked (do not worry about advanced settings)
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt (open Notepad > File > Open and navigate to the log.txt)
  • Copy and paste that log as a reply to this topic
When you return please post
  • OTL fix log
  • MBAM scan log
  • ESET scan results
  • and tell me how your computer is now
  • 0

Advertisements

#26
MickFee
Posted 20 December 2010 - 08:10 PM

MickFee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
OK, all tasks completed.

Here is the OTL Fix Log:

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.17.3 log created on 12212010_115234


Here is the MBAM log - yes, MBAM was updated:

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5363

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21/12/2010 12:01:32 PM
mbam-log-2010-12-21 (12-01-32).txt

Scan type: Quick scan
Objects scanned: 165274
Time elapsed: 6 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Finally, here is the Eset log - indicated nothing found:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=402899ed4251db4fb0786961ddd34117
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-12-21 02:02:02
# local_time=2010-12-21 01:02:02 (+1000, AUS Eastern Daylight Time)
# country="Australia"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1029 16777194 0 1 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=56329
# found=0
# cleaned=0
# scan_time=2904



Now, the machine is running a lot better - incrementally faster as we have worked through the problems.

I have to reload an antivirus, I think AVG again, can I ask you your preference? I am thinking the newer AVG Free 2011 as a fresh install may be OK - what say you?

All the Best

Mick
  • 0

#27
emeraldnzl
Posted 20 December 2010 - 09:50 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello MickFee,

I have to reload an antivirus, I think AVG again, can I ask you your preference?


Here are a couple that I like at the moment (these are also free for personal use):I like Avira but some people find the pop up advertisements each time it updates a bit trying.

Step 2

The infection your machine had can mess up Internet Explorer. I don't know if you use it or even if it has been corrupted (although those internet access problems are a hint) but you might like to check out this (specifically running Fixit):

Please go to support Microsoft for instructions on how to repair/reinstall your Internet Explorer.

Now

I think your machine is clean.

We have a couple of last steps to perform and then you're all set.Posted Image

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.
  • Click START then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

    Posted Image
Step 2
  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep. The MBRCheck folders/files may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to turn back on any anti-malware programs you may have turned off during the cleaning process.

-------------------------------------------------------------------------------------------------------------------

Now that your machine is clean here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

Regularly check that your Java is up to date. Older versions are vunerable to malicious attack.
  • Download from here Java Runtime Environment (JDK) Update
  • Scroll to where it says "Windows XP/Vista/2000/2003/2008 online" and download and follow the instructions to install.

    Reboot your computer.
    You also need to uininstall older versions of Java.
  • Click Start > Control Panel > Programs
  • Remove all Java updates except the latest one you have just installed.
--------------------------------------------------------------------------------------------------------------------

Be sure and give the Temp folders a cleaning out now and then. This helps with security and your computer will run more efficiently. I clean mine once a week.

For ease of use, you might consider the following free program:---------------------------------------------------------------------------------------------------------------------

To reduce the amount of fragmentation in your machines file system occasionally run a defragmenter utility. You can use your built in program (Start > Programs > Accessories > System Tools > Disk Defragmentor) or alternatively here is a program you can download and use: Puran Disc Defragmenter

---------------------------------------------------------------------------------------------------------------------

Make Internet Explorer more secure
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
* Consider using an alternate browser.

Opera may be downloaded from here. It is one of the least targeted of all browers.

Avant may be downloaded from here. Another one that is less well known.

Firefox may be downloaded from Here. I use Firefox because I like it. Used to be one of the safest but now targeted probably as much as IE.

Adblock Plus is a good Add-on for Firefox that helps prevent those annoying pop ups.

-----------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future here are some free programs you can look at:

  • If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

    And to keep your system clean consider choosing from these free for home use malware scanners and updating and running weekly.
  • Malwarebytes
  • SuperAntiSpyWare
Be aware of what emails you open and websites you visit.

An antivirus program is essential.

Here are a two good anti-virus programs to choose from (these are also free for personal use):I like Avira but some people find the pop up advertisements each time it updates a bit trying.

A firewall is essential to help prevent hackers from infiltrating your computer.

Here are three good firewalls free for personal use:

Note: Do not use more than one anti-virus or firewall. Running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.

Go here for some good advice about how to prevent infection.

Have a safe and happy computing day!
  • 0

#28
MickFee
Posted 21 December 2010 - 11:04 PM

MickFee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
OK, after an absolute nightmare downloading and running (I use the term advsedly) AVG Free 2011, I have removed it and replaced it with Avira - which does not have anything like the slow problems of AVG (so far, ho ho).

I've cleaned up everything as advised, OTL, ComboFix, cleaned out the Temp files and cache with the recommended app, checked IE settings,. They seem to be OK/correspond with your recommendations, however that Mats_Run ieperformance did not want to play on this machine - refused to proceed, saying it was "incompatible".

Go figure.

Anyway, thanks very much for your help in this endeavour and I hope your future "customers" are as happy as this one.

All the Best

Mick

P.S. Is there anything else I need to do?

Edited by MickFee, 21 December 2010 - 11:15 PM.

  • 0

#29
MickFee
Posted 21 December 2010 - 11:21 PM

MickFee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Another P.S.

I still have the "angry yellow advisories" in the Network adapters of the Device Manager.

Windows won't allow a direct removal via the device manger interface, however I have disabled the things and thus far no problems.

What do you think - don't worry about it, start anothet thread or panic?

Mick

Edited by MickFee, 21 December 2010 - 11:21 PM.

  • 0

#30
emeraldnzl
Posted 21 December 2010 - 11:53 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

I still have the "angry yellow advisories" in the Network adapters of the Device Manager.


Go to Start > Run and type: devmgmt.msc . Press OK, now Device Manager should open.

Expand the Network adapters.

Right click the items listed and choose uninstall. (There can be one, two or even three devices.)

Reboot your computer now, the network adapters should be installed automatically at reboot.

Come back and tell me how you got on. :D
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP