pberchum

Ik heb de scan gedraaid. volgens mij heeft deze vooral bestanden gevonden die al door eerdere scans gevonden waren. Hieronder staat het log. Het probleem is nog steeds aanwezig. [TABLE=width: 65] [TR] [TD=width: 65]521cc617.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;Trojan.Packed.21724;Niet repareerbaar.Verplaatst.;[/TD] [/TR] [TR] [TD]SoftonicDownloader_for_extractnow.exe;C:\drivers;Adware.Downware.82;Verplaatst.;[/TD] [/TR] [TR] [TD]A0013660.exe;C:\System Volume Information\_restore{97D004E7-6EB4-4184-83D8-ED52F9528E42}\RP28;Tool.Killproc.7;Verplaatst.;[/TD] [/TR] [TR] [TD]A0016379.exe;C:\System Volume Information\_restore{97D004E7-6EB4-4184-83D8-ED52F9528E42}\RP33;Adware.Downware.82;Verplaatst.;[/TD] [/TR] [/TABLE]

Gedaan, maar nog geen resultaat.

Ja, de foutmelding is nog steeds daar. Ik heb Malewarebytes nu wel kunnen starten. Dit is de logfile: Malwarebytes Anti-Malware 1.65.0.1400 Malwarebytes : Free anti-malware download Databaseversie: v2012.10.01.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Piet :: ACER-9D3D1AEB8D [administrator] 1-10-2012 21:51:57 mbam-log-2012-10-01 (21-51-57).txt Scantype: Volledige scan (C:\|D:\|) Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 358379 Verstreken tijd: 50 minuut/minuten, 43 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

Ja, de foutmelding is nog steeds daar. Het viel mij vandaag ook op dat de netwerkadapter 1394 actief en verbonden is. Zover ik weet is dit een firewire aansluiting, maar er is geen firewire apparatuur aangesloten.

Bij deze de logfile: Emsisoft Emergency Kit - Versie 2.0 Laatste Update: 25-9-2012 19:54:11 Scaninstellingen: Scantype: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, D:\ Scan archieven: Aan ADS Scan: Aan Scan gestart: 25-9-2012 19:55:05 C:\TDSSKiller_Quarantine\10.09.2012_21.50.08\mbr0000\mbr0000\tsk0000.dta Ontdekt: Trojan.DOS.Sinowal!E2 C:\MGtools\Process.exe Ontdekt: Riskware.Win32.PrcView!E1 C:\Documents and Settings\Piet\Bureaublad\RK_Quarantine\PhysicalDrive0_LL1.dat Ontdekt: Trojan.DOS.Sinowal!E2 Gescand 622111 Gevonden 3 Scan geëindigd: 26-9-2012 0:58:13 Scantijd: 5:03:08 C:\MGtools\Process.exe Verwijderd Riskware.Win32.PrcView!E1 C:\TDSSKiller_Quarantine\10.09.2012_21.50.08\mbr0000\mbr0000\tsk0000.dta Verwijderd Trojan.DOS.Sinowal!E2 C:\Documents and Settings\Piet\Bureaublad\RK_Quarantine\PhysicalDrive0_LL1.dat Verwijderd Trojan.DOS.Sinowal!E2 Verwijderd 3

Ik heb de procedure gevolgd. Na herstart van windows door Combofix kreeg ik de volgende twee meldingen: Er is een fout opgetreden tijdens het laden van C:\windows\system32\iernonce.dll %1 is geen geldige Win32-toepassing De toepassing of DLL-bestand C:\windows\system32\ADVPACK.DLL is geen geldige Windows-kopie. Controleer dit op uw installatiediskette Malwarebytes start nog steeds niet, dezelfde melding. Bij deze de log van Combofix: ComboFix 12-09-23.02 - Piet 24-09-2012 21:08:36.5.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.767.343 [GMT 2:00] Gestart vanuit: c:\documents and settings\Piet\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Piet\Bureaublad\CFScript.txt AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . FILE :: "c:\windows\system32\drivers\e_rdmbe.sys" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\drivers\etc\hosts.ics . c:\windows\system32\upnphost.dll . . . is geÔnfecteerd!! . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_E_RDMBE.SYS -------\Service_e_rdmbe.sys . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-24 to 2012-09-24 )))))))))))))))))))))))))))))) . . 2012-09-24 18:55 . 2012-09-24 18:55 -------- d-----w- c:\program files\TeamViewer 2012-09-24 18:53 . 2012-09-24 18:59 -------- d-----w- c:\documents and settings\LogMeInRemoteUser 2012-09-24 18:52 . 2012-09-24 18:52 -------- d-----w- c:\documents and settings\Piet\Local Settings\Application Data\LogMeIn 2012-09-24 18:51 . 2012-07-05 16:10 83392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-09-24 18:51 . 2012-07-05 16:09 52128 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll 2012-09-24 18:51 . 2012-07-05 16:09 30624 ----a-w- c:\windows\system32\LMIport.dll 2012-09-24 18:51 . 2012-06-08 10:06 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys 2012-09-24 18:51 . 2012-07-05 16:09 87456 ----a-w- c:\windows\system32\LMIinit.dll 2012-09-24 18:51 . 2012-09-24 18:52 -------- d-----w- c:\documents and settings\All Users\Application Data\LogMeIn 2012-09-24 18:51 . 2012-09-24 18:53 -------- d-----w- c:\program files\LogMeIn 2012-09-23 12:29 . 2012-09-23 12:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-09-23 12:29 . 2012-09-23 12:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-23 12:29 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-10 20:04 . 2012-09-10 20:06 -------- d-----w- C:\MGtools 2012-09-10 19:57 . 2012-09-10 19:58 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro 2012-09-10 19:52 . 2012-09-10 19:52 -------- d-----w- C:\TDSSKiller_Quarantine 2012-09-10 19:15 . 2012-09-24 19:06 -------- d--h--r- c:\documents and settings\Piet\Onlangs geopend 2012-08-26 15:50 . 2012-08-26 15:50 -------- d-----w- c:\documents and settings\Piet\Application Data\Avira 2012-08-26 15:44 . 2012-07-18 16:05 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-08-26 15:44 . 2012-07-18 16:05 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2012-08-26 15:44 . 2012-07-18 16:05 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-08-26 15:44 . 2012-08-26 15:44 -------- d-----w- c:\program files\Avira 2012-08-26 15:44 . 2012-08-26 15:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-19 10:52 . 2012-03-29 17:04 696240 -c--a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-19 10:52 . 2011-06-17 11:33 73136 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-10 20:06 . 2012-09-10 20:04 193728 ----a-w- C:\MGlogs.zip 2008-12-02 09:52 . 2010-06-27 12:14 7360680 -c--a-w- c:\program files\CarryItEasy.exe . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys . [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [-] 2004-08-04 05:00 . 2561FAE4BF35576587CE2A6A69DD5976 . 14336 . . [------] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys . [-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2004-08-04 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys . [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys . [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys . [-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll . [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2004-08-04 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe . [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2005-08-22 . F32049792BCBF64954FF964508E47AFB . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll [-] 2005-08-22 . 269182FF03F1FDD0EF803AEB63C01080 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll [-] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll . [-] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll [-] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll [-] 2004-08-04 05:00 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll . [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [-] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll . [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2005-07-26 . B52BD9DB0BD6D01BDB01B0DBFBB804CD . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2005-07-26 . 23B465FD2354D83218AC091D0EE6D91B . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll [-] 2005-04-28 . 6D61211D515EA7E31FDB7B0FA9CEF878 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll [-] 2005-04-28 . 0468AA524F6912F449BC14CF7DACAF68 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll [-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll [-] 2004-08-04 . DDE0457B7706C3AD4E5AFDD502698A06 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll . [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe . [-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe [-] 2004-08-04 . CCCB8B94B17466EFB9DC27F42625B0E5 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe . [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe . [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys [-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys . [-] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2010-08-23 . 01D982636AFC3A79537B81D9C3DA897A . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [-] 2006-08-25 . F67AE54BCA3873D48A1AC722A9CA70BF . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2006-08-25 . F567148940C1F5D93070822C0F3C0C34 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [-] 2004-08-04 . 8A473F553E9E45DB4EF6FF11AB54E4E1 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [-] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 2004-08-04 . FBCF5EF8A261632D1CB45B20ACEDE4B1 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll . [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll . [-] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:23 . B3A4422CBD8DAA6710431F67C679DA24 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll [-] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll [-] 2004-08-04 05:00 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll . [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2004-08-04 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll . [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2007-04-16 . 68757F5935D6D76DD10975B7B7A9751D . 1027072 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [-] 2007-04-16 . 6557EA471552BB9AF16B66902D572BD5 . 1025536 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [-] 2006-07-05 . F2352FB7D9E5C70374568724A32B5CB7 . 1025024 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll [-] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll . [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2005-09-01 . BDF49EB509B446650A752F751634AA1C . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll [-] 2005-09-01 . 74B59D2B62583D3932FCE6CBB6EB5F77 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll [-] 2004-08-04 . 5B42639BE48C8E84FD52C66958A44427 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll . [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll . [-] 2011-05-30 . 7EA2A988004ED9A3D9DC5192DC547C57 . 5964800 . . [8.00.6001.19088] . . c:\windows\system32\mshtml.dll [-] 2011-05-30 . 6DE2D62A51F4C110AA995583B7463487 . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll [-] 2011-02-22 . 80A564DD39C82A79F34F5A093CE1A6BD . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll [-] 2011-02-22 . E7618AEF7203F57D94266153C7E514C4 . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll [-] 2010-12-20 . 91F5FB2C81CBE00B36B7F90E8DFDEC9E . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll [-] 2010-12-20 . 55F5920E04513ED481129E5E1DD94772 . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll [-] 2010-11-06 . F22C3F322F5291FECDCC13371E3909A4 . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll [-] 2010-11-06 . CB4E08223EFCEB7C9E534D7A2AB00D6A . 5959168 . . [8.00.6001.18999] . . c:\windows\ie8updates\KB2482017-IE8\mshtml.dll [-] 2010-09-10 . 83C01E6BEE0BAEAC11B7C681302E7F18 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll [-] 2010-09-10 . 90215AE398050E9510A5B71CD222A6FD . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll [-] 2010-06-24 . 4866ECEEFB5964BB1CB081FB3A2A370D . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll [-] 2010-06-24 . 1048BF4C23101A0404252A19A9151C16 . 5951488 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\mshtml.dll [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-02-25 . A38971E011619C2CF1B87ADE965F5DD4 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll [-] 2010-02-25 . 2399C13AE076A84037794AA0E9BF152A . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll [-] 2009-12-21 . 0C92E8AAD0E68E0A5358813353F31CE3 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll [-] 2009-12-21 . 585A8B2FD6373FC06D6893867754CF74 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . A66CEDA2AA6FA052D3F7A46CE7553D21 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll [-] 2009-10-29 . 6D626567986D37E021F44EE66446D515 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll [-] 2009-10-22 . 9DCF8C4EA18DD6B28F6CC87711F57893 . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll [-] 2009-10-22 . A7A81279E5D4E79886EB3EE0D8C0B5B0 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll [-] 2009-08-29 . 61AEF2B79A3926AF9F7D85B024DFA4D1 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll [-] 2009-08-29 . 618B612AC467401AAF9DE95EC8927372 . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll [-] 2009-07-19 . 2644060A699C0654B609F24CE5A322D8 . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll [-] 2009-07-19 . BC35530055668C449898AF8FB9C98EAC . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll [-] 2009-05-13 . 099182C5D0A74802A9818C510B870124 . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll [-] 2009-05-13 . 099182C5D0A74802A9818C510B870124 . 5936128 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\ba9ee71e2965db33798dc8d4cecc0a07\SP3QFE\mshtml.dll [-] 2009-05-13 . E6972B3A25FAC8EC66F9523E5E17F2D0 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll [-] 2009-05-13 . E6972B3A25FAC8EC66F9523E5E17F2D0 . 5936128 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\ba9ee71e2965db33798dc8d4cecc0a07\SP3GDR\mshtml.dll [-] 2009-04-29 . D987EC1A7B0E44BA64B4F3F9FA2FC675 . 3596288 . . [7.00.6000.16850] . . c:\windows\ie8\mshtml.dll [-] 2009-04-29 . 65B7FE26ABEC85DCAA6EB610D7AFA544 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll [-] 2009-02-21 . ED8D8B5B74BC2F3F62DC3136294334F5 . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll [-] 2009-02-20 . 48CB187C52D11616A96EDE7E02FEFFB6 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll [-] 2009-01-16 . A1F6948767628BBFCA8E91D5D41A2B24 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll [-] 2009-01-16 . 8DA948871A1664116F51E4149963E4DA . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll [-] 2008-12-13 . A2D4AE79DB67AC64BCA2551942417334 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll [-] 2008-12-13 . B621B834A8F81D4D4550B91760261B77 . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll [-] 2008-10-17 . CDBF095A4621CBA1F8DAB87CEEE9C5F5 . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll [-] 2008-10-16 . EE6E909D702975A8DC842B45832AF5B7 . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll [-] 2008-08-27 . 4681D5AF0FAE690BA98C6020DC717FAA . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll [-] 2008-08-26 . 5BE5C242C6ABF45CB3195CA6751D0272 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll [-] 2008-06-25 . 0DF998D5B19A8A3463F8E38402A026EC . 3088896 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll [-] 2008-06-24 . C9EE3EB15A2B15BED93CA8E74757E68D . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll [-] 2008-06-24 . C9EE3EB15A2B15BED93CA8E74757E68D . 3592192 . . [7.00.6000.16705] . . c:\windows\SoftwareDistribution\Download\ea4772a3e9d8b534362bbf4723756836\SP2GDR\mshtml.dll [-] 2008-06-23 . 6975533B9EDB4A5963E688F7B22C3F79 . 3088384 . . [6.00.2900.3395] . . c:\windows\ie7\mshtml.dll [-] 2008-06-23 . 7853E46554A5D637D8AAD55FB0C4EE7E . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll [-] 2008-06-23 . 7853E46554A5D637D8AAD55FB0C4EE7E . 3594240 . . [7.00.6000.20861] . . c:\windows\SoftwareDistribution\Download\ea4772a3e9d8b534362bbf4723756836\SP2QFE\mshtml.dll [-] 2008-06-23 . CC51CAD063737BC57732638C990C255B . 3088384 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll [-] 2008-04-21 . 3F63F6905BE003FA3AA87D91C5997F43 . 3087872 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838$\mshtml.dll [-] 2008-04-21 . A7C4AB35FCAF4BB70D57D74C3602C701 . 3087872 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll [-] 2008-04-21 . 672278873C3BB6898FAFF498C78A99F8 . 3088384 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll [-] 2007-10-30 . 36B42273942F82DA277A15509E8A8F2E . 3086848 . . [6.00.2900.3243] . . c:\windows\$NtUninstallKB950759$\mshtml.dll [-] 2007-08-22 . CCDF2AEC8C6AEB51EE6C4BBFDBB8897E . 3085824 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB942615$\mshtml.dll [-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll [-] 2007-06-15 . 34AF8680725DD035053A920683C373BB . 3085312 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB939653$\mshtml.dll [-] 2007-05-04 . D9B1913BA7F86A3758A2EAA2E8548A1D . 3085312 . . [6.00.2900.3132] . . c:\windows\$NtUninstallKB937143$\mshtml.dll [-] 2007-01-04 . 51E8C6369DB16D9F42826DC272C7CC09 . 3083264 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB933566$\mshtml.dll [-] 2006-10-23 . B2C3664C38FB778922EDF24C783526BB . 3082240 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll [-] 2006-09-14 . 64C50B7D71B8E2EF31806D8693B87681 . 3079680 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\mshtml.dll [-] 2006-07-28 . FB8009A211F49770D185B677242028A6 . 3079168 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll [-] 2005-07-20 . 89881B165F5D47BBA473B4730DFF26B8 . 3014144 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll [-] 2005-07-19 . DDBE7ADD11664BE7AB98A431C522D233 . 3012096 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB918899$\mshtml.dll [-] 2005-05-02 . 4A8BADAD69F188573B99EAFFAD8BDE36 . 3012608 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll [-] 2005-05-02 . A84B1A1E5D482821E23A4CB135379BF3 . 3011072 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\mshtml.dll [-] 2005-03-09 . 8D9257DB6CB9AE5E2F3C7DBD88B14280 . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll [-] 2005-01-27 . D4547DB84D86D9E4BBEB72A973D92801 . 3006976 . . [6.00.2900.2604] . . c:\windows\$NtUninstallKB883939$\mshtml.dll [-] 2005-01-27 . 71B497EAE91F2EC8B07BCDF6FD23F38B . 3008000 . . [6.00.2900.2604] . . c:\windows\$hf_mig$\KB867282\SP2QFE\mshtml.dll [-] 2004-08-04 . 43E31383850CFEA3C0F445BED9A700F4 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB867282$\mshtml.dll . [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll [-] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2004-08-04 . 40AC9CE966A05B05C9A4DB5B306A26C3 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll . [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2004-08-04 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll . [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll . [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2004-08-04 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll . [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll . [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2004-08-04 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe . [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [-] 2005-07-08 . C2A4E29888F45E7FC1FD64C83D5EA669 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll [-] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll . [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2007-03-08 . FA35431E333943F4B2A6D33FA4EE3CE9 . 579584 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 . CB18F701A5D55A6308FAB8D18322C060 . 579072 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2005-03-02 . 0B62745CE93E8C6F56547F70269DBABC . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . A9F2EBFC6EF9C1FB38CEDCF747162B6C . 578560 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll [-] 2004-08-04 . 8E5D344FD717D35EE7ED1C8E0AD0CBE6 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll . [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe . [-] 2011-04-25 . 1C95CF3DBAEBB3CCA34845CD884FB8CA . 916480 . . [8.00.6001.19072] . . c:\windows\system32\wininet.dll [-] 2011-04-25 . 00F17371D9145B114061564BDABD8C24 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll [-] 2011-02-22 . CC5AE9A79DA18AFD29FB7CF95F23A143 . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll [-] 2011-02-22 . 51B29ABC95E882F7AD80FDBFD5E729CC . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll [-] 2010-12-20 . 81BB5AF5584545323F20AA75610EBD01 . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll [-] 2010-12-20 . 21A739156ED963C45419D3EB02E44F0C . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll [-] 2010-11-06 . 51964C721E751FD4E798252CC0E4FFB9 . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll [-] 2010-11-06 . BCEB709EF4C751E0BE355B76D834A954 . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll [-] 2010-09-10 . EA2E4CFB3F124DD54F3B02F3BCCF6E82 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll [-] 2010-09-10 . 5D081F5E3E46966C4F63D32231C93511 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . 8168F7D81CD04C83D7E04F3981A7D0F5 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . A3D63C0EF4D32F1F04D9E9596AEA0FFE . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . 2A850B8F7B435ACFB9DCD0A566FD720C . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . BB424C9406140FEAFB4732025BEBB69B . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2009-12-21 . FA2B753F8FE84904A6940589A43F30B4 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 4C145AB616871611FCE38F053C75807C . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 765E049E1F6E2EF9265B85E02DE487B5 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-10-29 . D906535CAB4BB8A60AC060351EDE159F . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll [-] 2009-08-29 . EFEDB80523B32DF44404704430BC3397 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll [-] 2009-08-29 . 977886782C8F7ACA874BE770C48FF75C . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll [-] 2009-07-03 . AE9E8D0E50D9D874B5AAFB8B74E9FAAC . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll [-] 2009-07-03 . 8BF5136BEFB6712E8890BDC9ED123182 . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll [-] 2009-05-13 . 4BF497D1787B9B72DB6083395A1789D8 . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll [-] 2009-05-13 . 4BF497D1787B9B72DB6083395A1789D8 . 915456 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\ba9ee71e2965db33798dc8d4cecc0a07\SP3QFE\wininet.dll [-] 2009-05-13 . 84A401C1C289056C4CC9E1A391DE91E3 . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll [-] 2009-05-13 . 84A401C1C289056C4CC9E1A391DE91E3 . 915456 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\ba9ee71e2965db33798dc8d4cecc0a07\SP3GDR\wininet.dll [-] 2009-04-29 . D5E276ADDE1400549B5678873A804E6F . 827392 . . [7.00.6000.16850] . . c:\windows\ie8\wininet.dll [-] 2009-04-29 . 478A5E95C6121A98673EE33DFCBE3400 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll [-] 2009-03-03 . 78B519AC87AD7256C24EF44279EFD694 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll [-] 2009-03-03 . C2A37E9F4096B019694A7519C5FFB2A0 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll [-] 2008-12-20 . 6A77C48E137A73FFD1408F1A71C5184C . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll [-] 2008-12-20 . DB4777DBC853EAC790E3DBDB68FFB1A1 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll [-] 2008-10-16 . FE082C9C1190051D8DA700C65A49C649 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll [-] 2008-10-16 . C5C71C8265D07F52E304EE906332BEEE . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll [-] 2008-08-26 . 8B421DDF376F3D042EC616994E6E7896 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll [-] 2008-08-26 . 5A1BB22BDFE98B2639A6D29E8CFB3BA4 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll [-] 2008-06-23 . 68FA9EED5B05EE48CDE843901C35E74A . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll [-] 2008-06-23 . 68FA9EED5B05EE48CDE843901C35E74A . 826368 . . [7.00.6000.16705] . . c:\windows\SoftwareDistribution\Download\ea4772a3e9d8b534362bbf4723756836\SP2GDR\wininet.dll [-] 2008-06-23 . 745795941F497E1CB3918A4AD3BEDEEE . 670208 . . [6.00.2900.3395] . . c:\windows\ie7\wininet.dll [-] 2008-06-23 . AA8521032671FEFA0C99ACFC62BE26DA . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll [-] 2008-06-23 . AA8521032671FEFA0C99ACFC62BE26DA . 827904 . . [7.00.6000.20861] . . c:\windows\SoftwareDistribution\Download\ea4772a3e9d8b534362bbf4723756836\SP2QFE\wininet.dll [-] 2008-06-23 . 8ADFF2F029A90FED04A322CBF084F3EA . 669184 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll [-] 2008-06-23 . AE1A6AEA7F65F452C0916FB1399D832E . 669696 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll [-] 2008-04-21 . 20238850AFE4A19A885CD5658433D60D . 669696 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838$\wininet.dll [-] 2008-04-21 . 0E4C070B2D83D7D76CF2A0384FA50750 . 669184 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll [-] 2008-04-21 . 438F668DDACCAD59F934772EE894A704 . 669696 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll [-] 2007-10-11 . 9142B3C4732F906E45529F29B0546390 . 669184 . . [6.00.2900.3231] . . c:\windows\$NtUninstallKB950759$\wininet.dll [-] 2007-08-22 . 1577844C62558C9838526B3CC114695B . 668672 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB942615$\wininet.dll [-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll [-] 2007-06-26 . 7A0C9A702ED8F8695AC925C5B1850A07 . 668672 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB939653$\wininet.dll [-] 2007-04-18 . B2219D7AF938DE9372EB159C68FF83B5 . 668672 . . [6.00.2900.3121] . . c:\windows\$NtUninstallKB937143$\wininet.dll [-] 2007-01-04 . 243988BB76262D72A48E8312BF8A0231 . 668160 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB933566$\wininet.dll [-] 2006-10-23 . 7693CCDD13B082985CA0AC2862CBCAF7 . 667648 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll [-] 2006-09-14 . 0D3A915A798CD9568ABDBBE55489DD51 . 667648 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\wininet.dll [-] 2006-06-23 . 0960FA973421FF4630D024843341509E . 667648 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll [-] 2005-07-03 . C9567D2CD2441DFF60814E721EF6EB43 . 661504 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB918899$\wininet.dll [-] 2005-07-03 . C167930AEEF3C1739F340D5758834B01 . 662528 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll [-] 2005-05-02 . C048C90CE1CE329AB9E1E412DEC87920 . 662016 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll [-] 2005-05-02 . 2D9BCCC29C0F34794DADE5E4C95E9239 . 660992 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\wininet.dll [-] 2005-03-10 . 8010EECE634E0F3D6FF176457DF63619 . 660992 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll [-] 2005-01-27 . 5D2FFB9D94D9FDC5304B4783999BF43E . 659968 . . [6.00.2900.2577] . . c:\windows\$NtUninstallKB883939$\wininet.dll [-] 2005-01-27 . 35C432675828491688B75E8782871A11 . 660992 . . [6.00.2900.2598] . . c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll [-] 2004-08-04 . 6C7E1322898378C30BCD9F779A2621EE . 659456 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB867282$\wininet.dll . [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll . [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2004-08-04 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll . [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2007-06-13 . 147E95A42A58CE99E403F7F57656BBEB . 1036800 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2007-06-13 . 1D6245AFBD3FAABC16A885116BE1874D . 1036800 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [-] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe . [-] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\regedit.exe [-] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe [-] 2004-08-04 . 39C7FA0F39376599CFA59888816F477B . 153088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe . [-] 2010-07-16 . AD2B41BEAB5BB7A258F6A2CCDCA09B82 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll [-] 2010-07-16 . 57F12B548695C680421CD1EB8169A1C8 . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll [-] 2005-07-26 . 588443247F2EE6A61B5864B64A7E270E . 1284608 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll [-] 2005-07-26 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll [-] 2005-04-28 . 48629EDCD92AA071554304F9F9E96E38 . 1284608 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll [-] 2005-04-28 . 5C3B15C45ADF30B024927F1A0823BD16 . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll [-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll [-] 2005-01-13 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll [-] 2004-08-04 . 602969286376832E3F49F54E4F0F051A . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll . [-] 2010-04-16 . 36BA0AAABD0AA4798403CB3FF08D5DDD . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll [-] 2010-04-16 . 7BB3922CB9973877D2BF4C7222EA8E70 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll [-] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll [-] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll [-] 2004-08-04 . 24B72C7A002170ECC72B6AA5F642A705 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll . [-] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll [-] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll [-] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll [-] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\ksuser.dll . [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2004-08-04 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe . [-] 2009-07-27 . 2D5D4156292150FE571872C1B88E9299 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll [-] 2009-07-27 . C28A9E9D28ACDAF8097BE4578C49559B . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2006-12-19 . D6F2B8963663F2014FAFCD8E15E4E778 . 135168 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] 2006-12-19 . 20A1DFA416579DACEE28E15E331C3930 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [-] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll . [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll . [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe . [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll . [-] 2010-12-09 . 9011D64E9090247C04EE767ED6C7B4BE . 739328 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll [-] 2010-12-09 . 175BBCC9133387119BF15FA09D9EE202 . 739328 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll [-] 2009-02-09 . 231DD439149F6955FF148E5CD8B02E7E . 736256 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll [-] 2009-02-09 . F06373320840F31D01E152F35DD68C42 . 735744 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll [-] 2008-04-14 . EF5F6C88C4282A739844DB6013E15720 . 727040 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll [-] 2008-04-14 . EF5F6C88C4282A739844DB6013E15720 . 727040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll [-] 2004-08-04 . A558BE062173291AA6BB94D9FCB8FA7F . 729088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntdll.dll . [-] 2008-04-14 . BC1C255415DFCA2E202924A1FBAE3D4F . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime [-] 2008-04-14 . BC1C255415DFCA2E202924A1FBAE3D4F . 177152 . . [5.1.2600.5512] . . c:\windows\system32\msctfime.ime [-] 2004-08-04 . A3CA3ED34D0752B11E9B52475187209D . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime . [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll . [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll . [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys [-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys . [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll . [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll . [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2004-08-04 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll . [-] 2008-04-14 17:02 . E4C7E6EF3BF8C9D023C87FFBEE3B5FED . 297472 . . [------] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll . [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll [-] 2004-08-04 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll . [-] 2004-08-04 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys [-] 2004-08-03 21:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys . [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys . [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys . [-] 2010-09-18 07:18 . C7F383764824117AEE9C3ED0FCA78044 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll [-] 2010-09-18 06:53 . 7892005CE5CDC809783F452B21FAF58F . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll [-] 2006-11-01 19:19 . 13E52326F0F19A1A8D34681E3444E8D1 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll [-] 2004-08-04 05:00 . 8EED1D71C14C356684E586B0A7DB6BCE . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll . [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2004-08-04 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll . [-] 2008-04-14 17:02 . 2628076412EC86C92827AE5202501E5D . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2004-08-04 05:00 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll . [-] 2010-12-09 . BAD22963CD6046C0B2834D2BFFAB56B5 . 2073728 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe [-] 2010-12-09 . 2DB8EA01CD063A7723299FDBDCCAC82B . 2031616 . . [5.1.2600.6055] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe [-] 2010-04-28 . 6A55E209D8DC13CDA67C86AE4FBF72C2 . 2029056 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe [-] 2010-02-16 . 8734043A9B2FD911BA85A8A08F202B91 . 2029056 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe [-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 1EC8EEA049772D6C6A6D7518589B6B5D . 2028544 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-08-04 . AB21A63A3B15653043E71126E5BBE3DE . 2070528 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . BAF4A9062EBB03002F07C56F73DA9FA0 . 2028544 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe [-] 2009-02-09 . 6DCC1CE955F33EC4C0CE271BFA5D3310 . 2028544 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . DE961B54D30C7DD6AA6C3BD27D584E30 . 2070400 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . E13B0F6208EAB1ECB9EBCE5D6E866268 . 2028544 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-04-14 . 1B3709F568AF90FDB935FD017C92E5E9 . 2028544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [-] 2007-02-28 . F51B8D8B0703518349096604E788B83E . 2063744 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe [-] 2007-02-28 . 6F3DE0DF5031560A92F4498A23062641 . 2020352 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [-] 2005-03-02 . E38C7D3BCDB2D9C592F56CEE094D82F7 . 2019840 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\S-1-5-18\ec180ad830c6a0106db6b71b00aa937b\backup\sp2gdr\ntkrnlpa.exe [-] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe [-] 2004-08-04 . E0399688D466B7C3AFDFFB5A2ED9F351 . 2061184 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe [-] 2004-08-03 . E0399688D466B7C3AFDFFB5A2ED9F351 . 2061184 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\S-1-5-18\ec180ad830c6a0106db6b71b00aa937b\backup\sp2qfe\ntkrnlpa.exe . [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2004-08-04 05:00 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll . [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 17:02 . 0E3477EDD6B6037FDB479DD5B5ADC3EC . 186368 . . [------] . . c:\windows\system32\upnphost.dll [-] 2007-02-05 . 063B30C37E3902760919D3E5D98CC7C9 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll [-] 2007-02-05 . DE0A3D72D98A08A115300E2B2DC4374B . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll [-] 2004-08-04 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll . [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll . [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2004-08-04 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll . [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2004-08-04 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll . [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2004-08-04 05:00 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll . [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2004-08-04 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll . [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll [-] 2004-08-04 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll . [-] 2010-12-09 . 431D614A7395BADB939FE552DBDD8723 . 2197120 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe [-] 2010-12-09 . 5D23EB1B99728FBC24AE6B989128D261 . 2153472 . . [5.1.2600.6055] . . c:\windows\system32\ntoskrnl.exe [-] 2010-04-28 . B101D9AB9CCC09F2DDCF8B6C684CD939 . 2150912 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe [-] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe [-] 2010-02-16 . DA6465E0F6BBA4618E40C3D36B263866 . 2150912 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe [-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 91BB9F7616C0A8BB6ECA10EB6816B21C . 2149888 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-08-04 . 0BAEA30E3FE87E5C09899ED37F52C714 . 2149888 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe [-] 2009-08-04 . 2F1443AB72A64182FD8258BBAE801EA7 . 2193664 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . AAC6BB111B1ACEAFCD3D3AD569BA3DD3 . 2149888 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2008-08-14 . E332B6DE826D4222A758E3264AD8D520 . 2193536 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-08-14 . A14FB47B054DAEF42BE7C0D590407875 . 2149888 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [-] 2008-04-14 . F13A2B659A51AA340F5596E7D604864B . 2149888 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe [-] 2007-02-28 . 59DCA97DC201792C1CCF9FE621EE5ED7 . 2186496 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe [-] 2007-02-28 . 5836C9B396DE1EFDA60C07ED5AE09AA9 . 2140672 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [-] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\S-1-5-18\ec180ad830c6a0106db6b71b00aa937b\backup\sp2gdr\ntoskrnl.exe [-] 2005-03-02 . F221AC7E2980D3B23FAF596E69586C9C . 2140160 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [-] 2004-08-04 . 87AAEA3908E069FB1BE37380C895DFB8 . 2185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe [-] 2004-08-03 . 87AAEA3908E069FB1BE37380C895DFB8 . 2185344 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\S-1-5-18\ec180ad830c6a0106db6b71b00aa937b\backup\sp2qfe\ntoskrnl.exe . [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll . [-] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll [-] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll [-] 2004-08-04 . EF361E7A6319C445C21C81A131CF1F99 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll . [-] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll [-] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll [-] 2006-12-19 . 1689AC8BD2FC31B377D5D23CC7D872A8 . 334336 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll [-] 2006-12-19 . 0BF8DE5896D9A02C99C4A4EF896E917E . 334336 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll [-] 2004-08-04 . A52AA02DDB663FEF22C18C693B0EE891 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll . [-] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll [-] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll [-] 2004-08-04 . E291F42AE2793304990C6EA77C482979 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll . [-] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll [-] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll [-] 2006-06-26 . 5F1240D4B842F0122042FDA8540432FC . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll [-] 2006-06-26 . 91282911237187F11BD3AD8F834CB5E6 . 8192 . . [5.1.2600.2938] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll [-] 2004-08-04 . 9C38671C922A2C86802A7FA3F5834634 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll . [-] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll [-] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll [-] 2004-08-04 . 70220C6EF8447A1BD5A921D77D502822 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] "CarryLaunch"="c:\documents and settings\Piet\Application Data\CoSoSys\CarryItEasy\CarryLaunch.exe" [2008-12-02 172032] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-09-19 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"="Alaunch" [X] "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 14854144] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 397312] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-14 344064] "AspireService"="c:\program files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 114688] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664] "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2012-06-08 63048] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Piet\Menu Start\Programma's\Opstarten\ Snelkoppeling naar Printkey.lnk - c:\documents and settings\Piet\Bureaublad\Printkey.exe [2008-12-27 589824] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Post-itÆ Software Notes Lite.lnk - c:\program files\Post-it\PsnLite.exe [2007-12-12 2080768] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 2012-07-05 16:09 87456 ----a-w- c:\windows\system32\LMIinit.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] 2012-07-18 16:04 348664 ----a-w- c:\program files\Avira\AntiVir Desktop\avgnt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "AntiVirService"=2 (0x2) "AntiVirSchedulerService"=2 (0x2) "Acer Media Server"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Adobe\\Adobe Dreamweaver CS3\\Dreamweaver.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Microsoft Office\\Live Meeting 8\\Console\\PWConsole.exe"= "c:\\Program Files\\UGS\\NX 5.0\\UGII\\ugraf.exe"= "c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R0 m5287;m5287;c:\windows\system32\drivers\m5287.sys [5-2-2005 9:00 85888] R1 A2DDA;A2 Direct Disk Access Support Driver;d:\downloads\Emisoft\Run\a2ddax86.sys [26-8-2012 19:51 17904] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [26-8-2012 17:44 36000] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [26-8-2012 17:44 86224] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [5-7-2012 18:09 374184] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [8-6-2012 12:06 12856] R2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [24-9-2012 20:55 2754984] R2 UGS License Server (ugslmd);UGS License Server (ugslmd);c:\program files\UGS\UGSLicensing\lmgrd.exe [2-2-2007 17:02 1327104] S2 A4SII300;A4SII300;c:\windows\system32\drivers\a4sii300.sys [8-2-2011 21:53 25632] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7-8-2010 18:30 136176] S2 Unigraphics License Server (uglmd);Unigraphics License Server (uglmd);"c:\program files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe" --> c:\program files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe [?] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [29-3-2012 19:04 250288] S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\drivers\aabed2.sys [25-2-2011 18:25 21888] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7-8-2010 18:30 136176] S3 SFC4;SFC4;c:\windows\system32\drivers\sfc4.sys [8-2-2011 22:26 41472] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - TEAMVIEWER7 . Inhoud van de 'Gedeelde Taken' map . 2012-09-24 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 10:52] . 2012-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-07 16:29] . 2012-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-07 16:29] . 2012-09-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3883909537-2134546285-1128479403-1006Core.job - c:\documents and settings\Piet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-26 09:12] . 2012-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3883909537-2134546285-1128479403-1006UA.job - c:\documents and settings\Piet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-26 09:12] . 2012-09-24 c:\windows\Tasks\User_Feed_Synchronization-{93D82971-F07B-4C5A-AB11-B68575CD92D0}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe" uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 TCP: DhcpNameServer = 88.159.1.200 88.159.1.201 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-09-24 21:30 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(548) c:\windows\system32\Ati2evxx.dll c:\windows\system32\LMIinit.dll . - - - - - - - > 'explorer.exe'(2300) c:\program files\TeamViewer\Version7\tv_w32.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\System32\SCardSvr.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\LogMeIn\x86\RaMaint.exe c:\program files\LogMeIn\x86\LogMeIn.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\UGS\UGSLicensing\ugslmd.exe c:\program files\TeamViewer\Version7\TeamViewer.exe c:\program files\TeamViewer\Version7\tv_w32.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\RTHDCPL.EXE c:\progra~1\Post-it\PSNGive.exe c:\program files\teamviewer\version7\TeamViewer_Desktop.exe . ************************************************************************** . Voltooingstijd: 2012-09-24 21:36:21 - machine werd herstart ComboFix-quarantined-files.txt 2012-09-24 19:36 ComboFix2.txt 2012-09-23 19:34 ComboFix3.txt 2012-09-23 12:39 ComboFix4.txt 2012-09-13 19:29 . Pre-Run: 99.372.244.992 bytes beschikbaar Post-Run: 99.402.039.296 bytes beschikbaar . - - End Of File - - 0D7359D96382E79D381990725B4E0A40

Bij de eerste poging met Combofix is er een fout opgetreden in PEV.exe Ik heb de pc opnieuw opgestart en nog een keer Combofix gestart. Dit is de logfile: ComboFix 12-09-23.02 - Piet 23-09-2012 21:18:58.4.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.767.390 [GMT 2:00] Gestart vanuit: c:\drivers\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\drivers\etc\hosts.ics . ---- Voorgaande Run ------- . c:\windows\system32\drivers\etc\hosts.ics . -- Voorgaande Run -- . c:\windows\system32\upnphost.dll . . . is geÔnfecteerd!! . -------- . c:\windows\system32\drivers\ntfs.sys . . . is geÔnfecteerd!! . . .Failed to restore. Attempting to replace on reboot . c:\windows\system32\upnphost.dll . . . is geÔnfecteerd!! . Besmet exemplaar van c:\windows\system32\drivers\ntfs.sys werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\system volume information\_restore{97D004E7-6EB4-4184-83D8-ED52F9528E42}\RP23\A0009793.sys . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-23 to 2012-09-23 )))))))))))))))))))))))))))))) . . 2012-09-23 12:29 . 2012-09-23 12:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-09-23 12:29 . 2012-09-23 12:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-23 12:29 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-10 20:04 . 2012-09-10 20:06 -------- d-----w- C:\MGtools 2012-09-10 19:57 . 2012-09-10 19:58 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro 2012-09-10 19:52 . 2012-09-10 19:52 -------- d-----w- C:\TDSSKiller_Quarantine 2012-09-10 19:15 . 2012-09-21 11:07 -------- d--h--r- c:\documents and settings\Piet\Onlangs geopend 2012-08-26 15:50 . 2012-08-26 15:50 -------- d-----w- c:\documents and settings\Piet\Application Data\Avira 2012-08-26 15:44 . 2012-07-18 16:05 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-08-26 15:44 . 2012-07-18 16:05 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2012-08-26 15:44 . 2012-07-18 16:05 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-08-26 15:44 . 2012-08-26 15:44 -------- d-----w- c:\program files\Avira 2012-08-26 15:44 . 2012-08-26 15:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-19 10:52 . 2012-03-29 17:04 696240 -c--a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-19 10:52 . 2011-06-17 11:33 73136 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-10 20:06 . 2012-09-10 20:04 193728 ----a-w- C:\MGlogs.zip 2008-12-02 09:52 . 2010-06-27 12:14 7360680 -c--a-w- c:\program files\CarryItEasy.exe . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys . [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [-] 2004-08-04 05:00 . 2561FAE4BF35576587CE2A6A69DD5976 . 14336 . . [------] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys . [-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2004-08-04 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys . [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys . [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys . [-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll . [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2004-08-04 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe . [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2005-08-22 . F32049792BCBF64954FF964508E47AFB . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll [-] 2005-08-22 . 269182FF03F1FDD0EF803AEB63C01080 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll [-] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll . [-] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll [-] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll [-] 2004-08-04 05:00 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll . [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [-] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll . [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2005-07-26 . B52BD9DB0BD6D01BDB01B0DBFBB804CD . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2005-07-26 . 23B465FD2354D83218AC091D0EE6D91B . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll [-] 2005-04-28 . 6D61211D515EA7E31FDB7B0FA9CEF878 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll [-] 2005-04-28 . 0468AA524F6912F449BC14CF7DACAF68 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll [-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll [-] 2004-08-04 . DDE0457B7706C3AD4E5AFDD502698A06 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll . [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe . [-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe [-] 2004-08-04 . CCCB8B94B17466EFB9DC27F42625B0E5 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe . [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe . [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys [-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys . [-] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2010-08-23 . 01D982636AFC3A79537B81D9C3DA897A . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [-] 2006-08-25 . F67AE54BCA3873D48A1AC722A9CA70BF . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2006-08-25 . F567148940C1F5D93070822C0F3C0C34 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [-] 2004-08-04 . 8A473F553E9E45DB4EF6FF11AB54E4E1 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [-] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 2004-08-04 . FBCF5EF8A261632D1CB45B20ACEDE4B1 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll . [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll . [-] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:23 . B3A4422CBD8DAA6710431F67C679DA24 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll [-] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll [-] 2004-08-04 05:00 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll . [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2004-08-04 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll . [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2007-04-16 . 68757F5935D6D76DD10975B7B7A9751D . 1027072 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [-] 2007-04-16 . 6557EA471552BB9AF16B66902D572BD5 . 1025536 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [-] 2006-07-05 . F2352FB7D9E5C70374568724A32B5CB7 . 1025024 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll [-] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll . [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2005-09-01 . BDF49EB509B446650A752F751634AA1C . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll [-] 2005-09-01 . 74B59D2B62583D3932FCE6CBB6EB5F77 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll [-] 2004-08-04 . 5B42639BE48C8E84FD52C66958A44427 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll . [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll . [-] 2011-05-30 . 7EA2A988004ED9A3D9DC5192DC547C57 . 5964800 . . [8.00.6001.19088] . . c:\windows\system32\mshtml.dll [-] 2011-05-30 . 6DE2D62A51F4C110AA995583B7463487 . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll [-] 2011-02-22 . 80A564DD39C82A79F34F5A093CE1A6BD . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll [-] 2011-02-22 . E7618AEF7203F57D94266153C7E514C4 . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll [-] 2010-12-20 . 91F5FB2C81CBE00B36B7F90E8DFDEC9E . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll [-] 2010-12-20 . 55F5920E04513ED481129E5E1DD94772 . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll [-] 2010-11-06 . F22C3F322F5291FECDCC13371E3909A4 . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll [-] 2010-11-06 . CB4E08223EFCEB7C9E534D7A2AB00D6A . 5959168 . . [8.00.6001.18999] . . c:\windows\ie8updates\KB2482017-IE8\mshtml.dll [-] 2010-09-10 . 83C01E6BEE0BAEAC11B7C681302E7F18 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll [-] 2010-09-10 . 90215AE398050E9510A5B71CD222A6FD . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll [-] 2010-06-24 . 4866ECEEFB5964BB1CB081FB3A2A370D . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll [-] 2010-06-24 . 1048BF4C23101A0404252A19A9151C16 . 5951488 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\mshtml.dll [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-02-25 . A38971E011619C2CF1B87ADE965F5DD4 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll [-] 2010-02-25 . 2399C13AE076A84037794AA0E9BF152A . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll [-] 2009-12-21 . 0C92E8AAD0E68E0A5358813353F31CE3 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll [-] 2009-12-21 . 585A8B2FD6373FC06D6893867754CF74 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . A66CEDA2AA6FA052D3F7A46CE7553D21 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll [-] 2009-10-29 . 6D626567986D37E021F44EE66446D515 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll [-] 2009-10-22 . 9DCF8C4EA18DD6B28F6CC87711F57893 . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll [-] 2009-10-22 . A7A81279E5D4E79886EB3EE0D8C0B5B0 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll [-] 2009-08-29 . 61AEF2B79A3926AF9F7D85B024DFA4D1 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll [-] 2009-08-29 . 618B612AC467401AAF9DE95EC8927372 . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll [-] 2009-07-19 . 2644060A699C0654B609F24CE5A322D8 . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll [-] 2009-07-19 . BC35530055668C449898AF8FB9C98EAC . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll [-] 2009-05-13 . 099182C5D0A74802A9818C510B870124 . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll [-] 2009-05-13 . 099182C5D0A74802A9818C510B870124 . 5936128 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\ba9ee71e2965db33798dc8d4cecc0a07\SP3QFE\mshtml.dll [-] 2009-05-13 . E6972B3A25FAC8EC66F9523E5E17F2D0 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll [-] 2009-05-13 . E6972B3A25FAC8EC66F9523E5E17F2D0 . 5936128 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\ba9ee71e2965db33798dc8d4cecc0a07\SP3GDR\mshtml.dll [-] 2009-04-29 . D987EC1A7B0E44BA64B4F3F9FA2FC675 . 3596288 . . [7.00.6000.16850] . . c:\windows\ie8\mshtml.dll [-] 2009-04-29 . 65B7FE26ABEC85DCAA6EB610D7AFA544 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll [-] 2009-02-21 . ED8D8B5B74BC2F3F62DC3136294334F5 . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll [-] 2009-02-20 . 48CB187C52D11616A96EDE7E02FEFFB6 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll [-] 2009-01-16 . A1F6948767628BBFCA8E91D5D41A2B24 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll [-] 2009-01-16 . 8DA948871A1664116F51E4149963E4DA . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll [-] 2008-12-13 . A2D4AE79DB67AC64BCA2551942417334 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll [-] 2008-12-13 . B621B834A8F81D4D4550B91760261B77 . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll [-] 2008-10-17 . CDBF095A4621CBA1F8DAB87CEEE9C5F5 . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll [-] 2008-10-16 . EE6E909D702975A8DC842B45832AF5B7 . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll [-] 2008-08-27 . 4681D5AF0FAE690BA98C6020DC717FAA . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll [-] 2008-08-26 . 5BE5C242C6ABF45CB3195CA6751D0272 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll [-] 2008-06-25 . 0DF998D5B19A8A3463F8E38402A026EC . 3088896 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll [-] 2008-06-24 . C9EE3EB15A2B15BED93CA8E74757E68D . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll [-] 2008-06-24 . C9EE3EB15A2B15BED93CA8E74757E68D . 3592192 . . [7.00.6000.16705] . . c:\windows\SoftwareDistribution\Download\ea4772a3e9d8b534362bbf4723756836\SP2GDR\mshtml.dll [-] 2008-06-23 . 6975533B9EDB4A5963E688F7B22C3F79 . 3088384 . . [6.00.2900.3395] . . c:\windows\ie7\mshtml.dll [-] 2008-06-23 . 7853E46554A5D637D8AAD55FB0C4EE7E . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll [-] 2008-06-23 . 7853E46554A5D637D8AAD55FB0C4EE7E . 3594240 . . [7.00.6000.20861] . . c:\windows\SoftwareDistribution\Download\ea4772a3e9d8b534362bbf4723756836\SP2QFE\mshtml.dll [-] 2008-06-23 . CC51CAD063737BC57732638C990C255B . 3088384 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll [-] 2008-04-21 . 3F63F6905BE003FA3AA87D91C5997F43 . 3087872 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838$\mshtml.dll [-] 2008-04-21 . A7C4AB35FCAF4BB70D57D74C3602C701 . 3087872 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll [-] 2008-04-21 . 672278873C3BB6898FAFF498C78A99F8 . 3088384 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll [-] 2007-10-30 . 36B42273942F82DA277A15509E8A8F2E . 3086848 . . [6.00.2900.3243] . . c:\windows\$NtUninstallKB950759$\mshtml.dll [-] 2007-08-22 . CCDF2AEC8C6AEB51EE6C4BBFDBB8897E . 3085824 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB942615$\mshtml.dll [-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll [-] 2007-06-15 . 34AF8680725DD035053A920683C373BB . 3085312 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB939653$\mshtml.dll [-] 2007-05-04 . D9B1913BA7F86A3758A2EAA2E8548A1D . 3085312 . . [6.00.2900.3132] . . c:\windows\$NtUninstallKB937143$\mshtml.dll [-] 2007-01-04 . 51E8C6369DB16D9F42826DC272C7CC09 . 3083264 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB933566$\mshtml.dll [-] 2006-10-23 . B2C3664C38FB778922EDF24C783526BB . 3082240 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll [-] 2006-09-14 . 64C50B7D71B8E2EF31806D8693B87681 . 3079680 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\mshtml.dll [-] 2006-07-28 . FB8009A211F49770D185B677242028A6 . 3079168 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll [-] 2005-07-20 . 89881B165F5D47BBA473B4730DFF26B8 . 3014144 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll [-] 2005-07-19 . DDBE7ADD11664BE7AB98A431C522D233 . 3012096 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB918899$\mshtml.dll [-] 2005-05-02 . 4A8BADAD69F188573B99EAFFAD8BDE36 . 3012608 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll [-] 2005-05-02 . A84B1A1E5D482821E23A4CB135379BF3 . 3011072 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\mshtml.dll [-] 2005-03-09 . 8D9257DB6CB9AE5E2F3C7DBD88B14280 . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll [-] 2005-01-27 . D4547DB84D86D9E4BBEB72A973D92801 . 3006976 . . [6.00.2900.2604] . . c:\windows\$NtUninstallKB883939$\mshtml.dll [-] 2005-01-27 . 71B497EAE91F2EC8B07BCDF6FD23F38B . 3008000 . . [6.00.2900.2604] . . c:\windows\$hf_mig$\KB867282\SP2QFE\mshtml.dll [-] 2004-08-04 . 43E31383850CFEA3C0F445BED9A700F4 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB867282$\mshtml.dll . [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll [-] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2004-08-04 . 40AC9CE966A05B05C9A4DB5B306A26C3 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll . [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2004-08-04 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll . [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll . [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2004-08-04 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll . [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll . [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2004-08-04 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe . [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [-] 2005-07-08 . C2A4E29888F45E7FC1FD64C83D5EA669 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll [-] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll . [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2007-03-08 . FA35431E333943F4B2A6D33FA4EE3CE9 . 579584 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 . CB18F701A5D55A6308FAB8D18322C060 . 579072 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2005-03-02 . 0B62745CE93E8C6F56547F70269DBABC . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . A9F2EBFC6EF9C1FB38CEDCF747162B6C . 578560 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll [-] 2004-08-04 . 8E5D344FD717D35EE7ED1C8E0AD0CBE6 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll . [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe . [-] 2011-04-25 . 1C95CF3DBAEBB3CCA34845CD884FB8CA . 916480 . . [8.00.6001.19072] . . c:\windows\system32\wininet.dll [-] 2011-04-25 . 00F17371D9145B114061564BDABD8C24 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll [-] 2011-02-22 . CC5AE9A79DA18AFD29FB7CF95F23A143 . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll [-] 2011-02-22 . 51B29ABC95E882F7AD80FDBFD5E729CC . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll [-] 2010-12-20 . 81BB5AF5584545323F20AA75610EBD01 . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll [-] 2010-12-20 . 21A739156ED963C45419D3EB02E44F0C . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll [-] 2010-11-06 . 51964C721E751FD4E798252CC0E4FFB9 . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll [-] 2010-11-06 . BCEB709EF4C751E0BE355B76D834A954 . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll [-] 2010-09-10 . EA2E4CFB3F124DD54F3B02F3BCCF6E82 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll [-] 2010-09-10 . 5D081F5E3E46966C4F63D32231C93511 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . 8168F7D81CD04C83D7E04F3981A7D0F5 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . A3D63C0EF4D32F1F04D9E9596AEA0FFE . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . 2A850B8F7B435ACFB9DCD0A566FD720C . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . BB424C9406140FEAFB4732025BEBB69B . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2009-12-21 . FA2B753F8FE84904A6940589A43F30B4 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 4C145AB616871611FCE38F053C75807C . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 765E049E1F6E2EF9265B85E02DE487B5 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-10-29 . D906535CAB4BB8A60AC060351EDE159F . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll [-] 2009-08-29 . EFEDB80523B32DF44404704430BC3397 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll [-] 2009-08-29 . 977886782C8F7ACA874BE770C48FF75C . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll [-] 2009-07-03 . AE9E8D0E50D9D874B5AAFB8B74E9FAAC . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll [-] 2009-07-03 . 8BF5136BEFB6712E8890BDC9ED123182 . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll [-] 2009-05-13 . 4BF497D1787B9B72DB6083395A1789D8 . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll [-] 2009-05-13 . 4BF497D1787B9B72DB6083395A1789D8 . 915456 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\ba9ee71e2965db33798dc8d4cecc0a07\SP3QFE\wininet.dll [-] 2009-05-13 . 84A401C1C289056C4CC9E1A391DE91E3 . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll [-] 2009-05-13 . 84A401C1C289056C4CC9E1A391DE91E3 . 915456 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\ba9ee71e2965db33798dc8d4cecc0a07\SP3GDR\wininet.dll [-] 2009-04-29 . D5E276ADDE1400549B5678873A804E6F . 827392 . . [7.00.6000.16850] . . c:\windows\ie8\wininet.dll [-] 2009-04-29 . 478A5E95C6121A98673EE33DFCBE3400 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll [-] 2009-03-03 . 78B519AC87AD7256C24EF44279EFD694 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll [-] 2009-03-03 . C2A37E9F4096B019694A7519C5FFB2A0 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll [-] 2008-12-20 . 6A77C48E137A73FFD1408F1A71C5184C . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll [-] 2008-12-20 . DB4777DBC853EAC790E3DBDB68FFB1A1 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll [-] 2008-10-16 . FE082C9C1190051D8DA700C65A49C649 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll [-] 2008-10-16 . C5C71C8265D07F52E304EE906332BEEE . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll [-] 2008-08-26 . 8B421DDF376F3D042EC616994E6E7896 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll [-] 2008-08-26 . 5A1BB22BDFE98B2639A6D29E8CFB3BA4 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll [-] 2008-06-23 . 68FA9EED5B05EE48CDE843901C35E74A . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll [-] 2008-06-23 . 68FA9EED5B05EE48CDE843901C35E74A . 826368 . . [7.00.6000.16705] . . c:\windows\SoftwareDistribution\Download\ea4772a3e9d8b534362bbf4723756836\SP2GDR\wininet.dll [-] 2008-06-23 . 745795941F497E1CB3918A4AD3BEDEEE . 670208 . . [6.00.2900.3395] . . c:\windows\ie7\wininet.dll [-] 2008-06-23 . AA8521032671FEFA0C99ACFC62BE26DA . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll [-] 2008-06-23 . AA8521032671FEFA0C99ACFC62BE26DA . 827904 . . [7.00.6000.20861] . . c:\windows\SoftwareDistribution\Download\ea4772a3e9d8b534362bbf4723756836\SP2QFE\wininet.dll [-] 2008-06-23 . 8ADFF2F029A90FED04A322CBF084F3EA . 669184 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll [-] 2008-06-23 . AE1A6AEA7F65F452C0916FB1399D832E . 669696 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll [-] 2008-04-21 . 20238850AFE4A19A885CD5658433D60D . 669696 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838$\wininet.dll [-] 2008-04-21 . 0E4C070B2D83D7D76CF2A0384FA50750 . 669184 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll [-] 2008-04-21 . 438F668DDACCAD59F934772EE894A704 . 669696 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll [-] 2007-10-11 . 9142B3C4732F906E45529F29B0546390 . 669184 . . [6.00.2900.3231] . . c:\windows\$NtUninstallKB950759$\wininet.dll [-] 2007-08-22 . 1577844C62558C9838526B3CC114695B . 668672 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB942615$\wininet.dll [-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll [-] 2007-06-26 . 7A0C9A702ED8F8695AC925C5B1850A07 . 668672 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB939653$\wininet.dll [-] 2007-04-18 . B2219D7AF938DE9372EB159C68FF83B5 . 668672 . . [6.00.2900.3121] . . c:\windows\$NtUninstallKB937143$\wininet.dll [-] 2007-01-04 . 243988BB76262D72A48E8312BF8A0231 . 668160 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB933566$\wininet.dll [-] 2006-10-23 . 7693CCDD13B082985CA0AC2862CBCAF7 . 667648 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll [-] 2006-09-14 . 0D3A915A798CD9568ABDBBE55489DD51 . 667648 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\wininet.dll [-] 2006-06-23 . 0960FA973421FF4630D024843341509E . 667648 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll [-] 2005-07-03 . C9567D2CD2441DFF60814E721EF6EB43 . 661504 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB918899$\wininet.dll [-] 2005-07-03 . C167930AEEF3C1739F340D5758834B01 . 662528 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll [-] 2005-05-02 . C048C90CE1CE329AB9E1E412DEC87920 . 662016 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll [-] 2005-05-02 . 2D9BCCC29C0F34794DADE5E4C95E9239 . 660992 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\wininet.dll [-] 2005-03-10 . 8010EECE634E0F3D6FF176457DF63619 . 660992 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll [-] 2005-01-27 . 5D2FFB9D94D9FDC5304B4783999BF43E . 659968 . . [6.00.2900.2577] . . c:\windows\$NtUninstallKB883939$\wininet.dll [-] 2005-01-27 . 35C432675828491688B75E8782871A11 . 660992 . . [6.00.2900.2598] . . c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll [-] 2004-08-04 . 6C7E1322898378C30BCD9F779A2621EE . 659456 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB867282$\wininet.dll . [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll . [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2004-08-04 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll . [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2007-06-13 . 147E95A42A58CE99E403F7F57656BBEB . 1036800 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2007-06-13 . 1D6245AFBD3FAABC16A885116BE1874D . 1036800 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [-] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe . [-] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\regedit.exe [-] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe [-] 2004-08-04 . 39C7FA0F39376599CFA59888816F477B . 153088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe . [-] 2010-07-16 . AD2B41BEAB5BB7A258F6A2CCDCA09B82 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll [-] 2010-07-16 . 57F12B548695C680421CD1EB8169A1C8 . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll [-] 2005-07-26 . 588443247F2EE6A61B5864B64A7E270E . 1284608 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll [-] 2005-07-26 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll [-] 2005-04-28 . 48629EDCD92AA071554304F9F9E96E38 . 1284608 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll [-] 2005-04-28 . 5C3B15C45ADF30B024927F1A0823BD16 . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll [-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll [-] 2005-01-13 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll [-] 2004-08-04 . 602969286376832E3F49F54E4F0F051A . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll . [-] 2010-04-16 . 36BA0AAABD0AA4798403CB3FF08D5DDD . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll [-] 2010-04-16 . 7BB3922CB9973877D2BF4C7222EA8E70 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll [-] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll [-] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll [-] 2004-08-04 . 24B72C7A002170ECC72B6AA5F642A705 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll . [-] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll [-] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll [-] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll [-] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\ksuser.dll . [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2004-08-04 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe . [-] 2009-07-27 . 2D5D4156292150FE571872C1B88E9299 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll [-] 2009-07-27 . C28A9E9D28ACDAF8097BE4578C49559B . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2006-12-19 . D6F2B8963663F2014FAFCD8E15E4E778 . 135168 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] 2006-12-19 . 20A1DFA416579DACEE28E15E331C3930 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [-] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll . [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll . [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe . [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll . [-] 2010-12-09 . 9011D64E9090247C04EE767ED6C7B4BE . 739328 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll [-] 2010-12-09 . 175BBCC9133387119BF15FA09D9EE202 . 739328 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll [-] 2009-02-09 . 231DD439149F6955FF148E5CD8B02E7E . 736256 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll [-] 2009-02-09 . F06373320840F31D01E152F35DD68C42 . 735744 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll [-] 2008-04-14 . EF5F6C88C4282A739844DB6013E15720 . 727040 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll [-] 2008-04-14 . EF5F6C88C4282A739844DB6013E15720 . 727040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll [-] 2004-08-04 . A558BE062173291AA6BB94D9FCB8FA7F . 729088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntdll.dll . [-] 2008-04-14 . BC1C255415DFCA2E202924A1FBAE3D4F . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime [-] 2008-04-14 . BC1C255415DFCA2E202924A1FBAE3D4F . 177152 . . [5.1.2600.5512] . . c:\windows\system32\msctfime.ime [-] 2004-08-04 . A3CA3ED34D0752B11E9B52475187209D . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime . [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll . [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll . [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys [-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys [-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys . [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll . [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll . [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2004-08-04 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll . [-] 2008-04-14 17:02 . E4C7E6EF3BF8C9D023C87FFBEE3B5FED . 297472 . . [------] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll . [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll [-] 2004-08-04 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll . [-] 2004-08-04 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys [-] 2004-08-03 21:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys . [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys . [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys . [-] 2010-09-18 07:18 . C7F383764824117AEE9C3ED0FCA78044 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll [-] 2010-09-18 06:53 . 7892005CE5CDC809783F452B21FAF58F . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll [-] 2006-11-01 19:19 . 13E52326F0F19A1A8D34681E3444E8D1 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll [-] 2004-08-04 05:00 . 8EED1D71C14C356684E586B0A7DB6BCE . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll . [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2004-08-04 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll . [-] 2008-04-14 17:02 . 2628076412EC86C92827AE5202501E5D . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2004-08-04 05:00 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll . [-] 2010-12-09 . BAD22963CD6046C0B2834D2BFFAB56B5 . 2073728 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe [-] 2010-12-09 . 2DB8EA01CD063A7723299FDBDCCAC82B . 2031616 . . [5.1.2600.6055] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe [-] 2010-04-28 . 6A55E209D8DC13CDA67C86AE4FBF72C2 . 2029056 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe [-] 2010-02-16 . 8734043A9B2FD911BA85A8A08F202B91 . 2029056 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe [-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 1EC8EEA049772D6C6A6D7518589B6B5D . 2028544 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-08-04 . AB21A63A3B15653043E71126E5BBE3DE . 2070528 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . BAF4A9062EBB03002F07C56F73DA9FA0 . 2028544 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe [-] 2009-02-09 . 6DCC1CE955F33EC4C0CE271BFA5D3310 . 2028544 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . DE961B54D30C7DD6AA6C3BD27D584E30 . 2070400 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . E13B0F6208EAB1ECB9EBCE5D6E866268 . 2028544 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-04-14 . 1B3709F568AF90FDB935FD017C92E5E9 . 2028544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [-] 2007-02-28 . F51B8D8B0703518349096604E788B83E . 2063744 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe [-] 2007-02-28 . 6F3DE0DF5031560A92F4498A23062641 . 2020352 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [-] 2005-03-02 . E38C7D3BCDB2D9C592F56CEE094D82F7 . 2019840 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\S-1-5-18\ec180ad830c6a0106db6b71b00aa937b\backup\sp2gdr\ntkrnlpa.exe [-] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe [-] 2004-08-04 . E0399688D466B7C3AFDFFB5A2ED9F351 . 2061184 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe [-] 2004-08-03 . E0399688D466B7C3AFDFFB5A2ED9F351 . 2061184 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\S-1-5-18\ec180ad830c6a0106db6b71b00aa937b\backup\sp2qfe\ntkrnlpa.exe . [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2004-08-04 05:00 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll . [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 17:02 . 0E3477EDD6B6037FDB479DD5B5ADC3EC . 186368 . . [------] . . c:\windows\system32\upnphost.dll [-] 2007-02-05 . 063B30C37E3902760919D3E5D98CC7C9 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll [-] 2007-02-05 . DE0A3D72D98A08A115300E2B2DC4374B . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll [-] 2004-08-04 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll . [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll . [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2004-08-04 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll . [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2004-08-04 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll . [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2004-08-04 05:00 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll . [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2004-08-04 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll . [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll [-] 2004-08-04 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll . [-] 2010-12-09 . 431D614A7395BADB939FE552DBDD8723 . 2197120 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe [-] 2010-12-09 . 5D23EB1B99728FBC24AE6B989128D261 . 2153472 . . [5.1.2600.6055] . . c:\windows\system32\ntoskrnl.exe [-] 2010-04-28 . B101D9AB9CCC09F2DDCF8B6C684CD939 . 2150912 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe [-] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe [-] 2010-02-16 . DA6465E0F6BBA4618E40C3D36B263866 . 2150912 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe [-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 91BB9F7616C0A8BB6ECA10EB6816B21C . 2149888 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-08-04 . 0BAEA30E3FE87E5C09899ED37F52C714 . 2149888 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe [-] 2009-08-04 . 2F1443AB72A64182FD8258BBAE801EA7 . 2193664 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . AAC6BB111B1ACEAFCD3D3AD569BA3DD3 . 2149888 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2008-08-14 . E332B6DE826D4222A758E3264AD8D520 . 2193536 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-08-14 . A14FB47B054DAEF42BE7C0D590407875 . 2149888 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [-] 2008-04-14 . F13A2B659A51AA340F5596E7D604864B . 2149888 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe [-] 2007-02-28 . 59DCA97DC201792C1CCF9FE621EE5ED7 . 2186496 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe [-] 2007-02-28 . 5836C9B396DE1EFDA60C07ED5AE09AA9 . 2140672 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [-] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\S-1-5-18\ec180ad830c6a0106db6b71b00aa937b\backup\sp2gdr\ntoskrnl.exe [-] 2005-03-02 . F221AC7E2980D3B23FAF596E69586C9C . 2140160 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [-] 2004-08-04 . 87AAEA3908E069FB1BE37380C895DFB8 . 2185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe [-] 2004-08-03 . 87AAEA3908E069FB1BE37380C895DFB8 . 2185344 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\S-1-5-18\ec180ad830c6a0106db6b71b00aa937b\backup\sp2qfe\ntoskrnl.exe . [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll . [-] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll [-] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll [-] 2004-08-04 . EF361E7A6319C445C21C81A131CF1F99 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll . [-] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll [-] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll [-] 2006-12-19 . 1689AC8BD2FC31B377D5D23CC7D872A8 . 334336 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll [-] 2006-12-19 . 0BF8DE5896D9A02C99C4A4EF896E917E . 334336 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll [-] 2004-08-04 . A52AA02DDB663FEF22C18C693B0EE891 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll . [-] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll [-] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll [-] 2004-08-04 . E291F42AE2793304990C6EA77C482979 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll . [-] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll [-] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll [-] 2006-06-26 . 5F1240D4B842F0122042FDA8540432FC . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll [-] 2006-06-26 . 91282911237187F11BD3AD8F834CB5E6 . 8192 . . [5.1.2600.2938] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll [-] 2004-08-04 . 9C38671C922A2C86802A7FA3F5834634 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll . [-] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll [-] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll [-] 2004-08-04 . 70220C6EF8447A1BD5A921D77D502822 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] "CarryLaunch"="c:\documents and settings\Piet\Application Data\CoSoSys\CarryItEasy\CarryLaunch.exe" [2008-12-02 172032] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-09-19 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"="Alaunch" [X] "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 14854144] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 397312] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-14 344064] "AspireService"="c:\program files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 114688] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Piet\Menu Start\Programma's\Opstarten\ Snelkoppeling naar Printkey.lnk - c:\documents and settings\Piet\Bureaublad\Printkey.exe [2008-12-27 589824] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Post-itÆ Software Notes Lite.lnk - c:\program files\Post-it\PsnLite.exe [2007-12-12 2080768] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] 2012-07-18 16:04 348664 ----a-w- c:\program files\Avira\AntiVir Desktop\avgnt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "AntiVirService"=2 (0x2) "AntiVirSchedulerService"=2 (0x2) "Acer Media Server"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Adobe\\Adobe Dreamweaver CS3\\Dreamweaver.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Microsoft Office\\Live Meeting 8\\Console\\PWConsole.exe"= "c:\\Program Files\\UGS\\NX 5.0\\UGII\\ugraf.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R0 m5287;m5287;c:\windows\system32\drivers\m5287.sys [5-2-2005 9:00 85888] R1 A2DDA;A2 Direct Disk Access Support Driver;d:\downloads\Emisoft\Run\a2ddax86.sys [26-8-2012 19:51 17904] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [26-8-2012 17:44 36000] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [26-8-2012 17:44 86224] R2 UGS License Server (ugslmd);UGS License Server (ugslmd);c:\program files\UGS\UGSLicensing\lmgrd.exe [2-2-2007 17:02 1327104] S2 A4SII300;A4SII300;c:\windows\system32\drivers\a4sii300.sys [8-2-2011 21:53 25632] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7-8-2010 18:30 136176] S2 Unigraphics License Server (uglmd);Unigraphics License Server (uglmd);"c:\program files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe" --> c:\program files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe [?] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [29-3-2012 19:04 250288] S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\drivers\aabed2.sys [25-2-2011 18:25 21888] S3 e_rdmbe.sys;e_rdmbe.sys;\??\c:\windows\system32\drivers\e_rdmbe.sys --> c:\windows\system32\drivers\e_rdmbe.sys [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7-8-2010 18:30 136176] S3 SFC4;SFC4;c:\windows\system32\drivers\sfc4.sys [8-2-2011 22:26 41472] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - INT15.SYS . Inhoud van de 'Gedeelde Taken' map . 2012-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 10:52] . 2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-07 16:29] . 2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-07 16:29] . 2012-09-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3883909537-2134546285-1128479403-1006Core.job - c:\documents and settings\Piet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-26 09:12] . 2012-09-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3883909537-2134546285-1128479403-1006UA.job - c:\documents and settings\Piet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-26 09:12] . 2012-09-23 c:\windows\Tasks\User_Feed_Synchronization-{93D82971-F07B-4C5A-AB11-B68575CD92D0}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe" uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 TCP: DhcpNameServer = 88.159.1.200 88.159.1.201 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-09-23 21:29 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(552) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(4000) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\System32\SCardSvr.exe c:\windows\system32\Ati2evxx.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\UGS\UGSLicensing\ugslmd.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\RTHDCPL.EXE c:\progra~1\Post-it\PSNGive.exe . ************************************************************************** . Voltooingstijd: 2012-09-23 21:34:41 - machine werd herstart ComboFix-quarantined-files.txt 2012-09-23 19:34 ComboFix.txt 2012-09-23 12:39 . Pre-Run: 99.615.268.864 bytes beschikbaar Post-Run: 99.604.402.176 bytes beschikbaar . - - End Of File - - C35F32D716596367F9108D4B8DE6AEDE

Hallo, Ik heb Hijackthis succesvol uitgevoerd. Daarna heb ik Malwarebytes geinstalleerd en proberen te starten. Bij het opstarten van Malwarebytes krijg ik de volgende melding: run-time error 48, file not found: advpack Bij het zoeken op google kwam ik de volgende pagina tegen: http://www.myantispyware.com/2009/06/08/malwarebytes-wont-install-run-or-update-how-to-fix-it/ Ik heb alle suggesties op deze pagina uitgevoerd. TDSSKiller heeft iets gevonden en verwijderd. Het log daarvan is bijgevoegd. Malwarebytes geeft echter nog steeds dezelfde melding, en ik heb ook nog geen toegang tot IE instellingen. Alvast bedankt voor de verdere hulp. *** TDSSKiller log: 21:50:07.0765 0544 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48 21:50:08.0265 0544 ============================================================ 21:50:08.0265 0544 Current date / time: 2012/09/10 21:50:08.0265 21:50:08.0265 0544 SystemInfo: 21:50:08.0265 0544 21:50:08.0265 0544 OS Version: 5.1.2600 ServicePack: 3.0 21:50:08.0265 0544 Product type: Workstation 21:50:08.0265 0544 ComputerName: ACER-9D3D1AEB8D 21:50:08.0265 0544 UserName: Piet 21:50:08.0265 0544 Windows directory: C:\WINDOWS 21:50:08.0265 0544 System windows directory: C:\WINDOWS 21:50:08.0265 0544 Processor architecture: Intel x86 21:50:08.0265 0544 Number of processors: 2 21:50:08.0265 0544 Page size: 0x1000 21:50:08.0265 0544 Boot type: Normal boot 21:50:08.0265 0544 ============================================================ 21:50:12.0531 0544 BG loaded 21:50:13.0265 0544 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2DC00 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x000000A8 21:50:13.0359 0544 ============================================================ 21:50:13.0375 0544 \Device\Harddisk0\DR0: 21:50:13.0531 0544 MBR partitions: 21:50:13.0531 0544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9C263D, BlocksNum 0xE383782 21:50:13.0531 0544 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xED45DBF, BlocksNum 0xE47E7C2 21:50:13.0531 0544 ============================================================ 21:50:13.0640 0544 C: <-> \Device\Harddisk0\DR0\Partition1 21:50:13.0640 0544 D: <-> \Device\Harddisk0\DR0\Partition2 21:50:13.0703 0544 ============================================================ 21:50:13.0703 0544 Initialize success 21:50:13.0703 0544 ============================================================ 21:50:42.0843 2784 ============================================================ 21:50:42.0843 2784 Scan started 21:50:42.0843 2784 Mode: Manual; 21:50:42.0843 2784 ============================================================ 21:50:43.0250 2784 ================ Scan system memory ======================== 21:50:45.0375 2784 System memory ( MEM:Backdoor.Win32.Sinowal.d ) - infected 21:50:45.0375 2784 System memory - detected MEM:Backdoor.Win32.Sinowal.d (0) 21:50:45.0375 2784 ================ Scan services ============================= 21:50:45.0484 2784 [ F7EABCA8375EA2DC6F35C4BCA4757515 ] A2DDA D:\Downloads\Emisoft\Run\a2ddax86.sys 21:50:45.0484 2784 A2DDA - ok 21:50:45.0640 2784 [ 8E617F0AF5FDD0A76566D042EA8CD4B7 ] A4SII300 C:\WINDOWS\System32\drivers\A4SII300.SYS 21:50:45.0640 2784 A4SII300 - ok 21:50:45.0640 2784 Abiosdsk - ok 21:50:45.0671 2784 abp480n5 - ok 21:50:45.0781 2784 [ 20BC7169B76BFD41CA21B3B82D501922 ] Acer Media Server C:\Program Files\Acer\Acer eConsole\MediaServerService.exe 21:50:45.0796 2784 Acer Media Server - ok 21:50:45.0859 2784 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 21:50:45.0859 2784 ACPI - ok 21:50:45.0890 2784 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 21:50:45.0890 2784 ACPIEC - ok 21:50:45.0984 2784 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 21:50:45.0984 2784 AdobeFlashPlayerUpdateSvc - ok 21:50:46.0000 2784 adpu160m - ok 21:50:46.0015 2784 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 21:50:46.0031 2784 aec - ok 21:50:46.0078 2784 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys 21:50:46.0078 2784 Afc - ok 21:50:46.0140 2784 [ 355556D9E580915118CD7EF736653A89 ] AFD C:\WINDOWS\System32\drivers\afd.sys 21:50:46.0140 2784 AFD - ok 21:50:46.0156 2784 Aha154x - ok 21:50:46.0171 2784 aic78u2 - ok 21:50:46.0187 2784 aic78xx - ok 21:50:46.0218 2784 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll 21:50:46.0218 2784 Alerter - ok 21:50:46.0250 2784 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe 21:50:46.0250 2784 ALG - ok 21:50:46.0265 2784 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys 21:50:46.0265 2784 AliIde - ok 21:50:46.0281 2784 amsint - ok 21:50:46.0343 2784 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 21:50:46.0343 2784 AntiVirSchedulerService - ok 21:50:46.0406 2784 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 21:50:46.0406 2784 AntiVirService - ok 21:50:46.0421 2784 AppMgmt - ok 21:50:46.0484 2784 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 21:50:46.0484 2784 Arp1394 - ok 21:50:46.0500 2784 asc - ok 21:50:46.0515 2784 asc3350p - ok 21:50:46.0531 2784 asc3550 - ok 21:50:46.0640 2784 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 21:50:46.0656 2784 aspnet_state - ok 21:50:46.0671 2784 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 21:50:46.0687 2784 AsyncMac - ok 21:50:46.0703 2784 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 21:50:46.0718 2784 atapi - ok 21:50:46.0718 2784 Atdisk - ok 21:50:46.0781 2784 [ 2C450E1E3442F3B776B301A67E8C47F0 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 21:50:46.0781 2784 Ati HotKey Poller - ok 21:50:46.0843 2784 [ B8142104502F794689C1C0BCBFB53B98 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 21:50:46.0890 2784 ati2mtag - ok 21:50:46.0921 2784 [ 4F013BA024474ED7375B3014A0D58EA7 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 21:50:46.0921 2784 Atmarpc - ok 21:50:46.0953 2784 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 21:50:46.0953 2784 AudioSrv - ok 21:50:46.0984 2784 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 21:50:46.0984 2784 audstub - ok 21:50:47.0031 2784 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 21:50:47.0031 2784 avgntflt - ok 21:50:47.0062 2784 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 21:50:47.0078 2784 avipbb - ok 21:50:47.0109 2784 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 21:50:47.0109 2784 avkmgr - ok 21:50:47.0125 2784 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 21:50:47.0125 2784 Beep - ok 21:50:47.0171 2784 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll 21:50:47.0187 2784 BITS - ok 21:50:47.0234 2784 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 21:50:47.0234 2784 Bonjour Service - ok 21:50:47.0281 2784 [ 69EAA7501F53A40E8C04C69F2391224F ] Browser C:\WINDOWS\System32\browser.dll 21:50:47.0281 2784 Browser - ok 21:50:47.0296 2784 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 21:50:47.0296 2784 cbidf2k - ok 21:50:47.0312 2784 cd20xrnt - ok 21:50:47.0328 2784 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 21:50:47.0328 2784 Cdaudio - ok 21:50:47.0375 2784 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 21:50:47.0375 2784 Cdfs - ok 21:50:47.0390 2784 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 21:50:47.0390 2784 Cdrom - ok 21:50:47.0406 2784 Changer - ok 21:50:47.0453 2784 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe 21:50:47.0453 2784 CiSvc - ok 21:50:47.0500 2784 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 21:50:47.0500 2784 ClipSrv - ok 21:50:47.0531 2784 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:50:47.0546 2784 clr_optimization_v2.0.50727_32 - ok 21:50:47.0546 2784 CmdIde - ok 21:50:47.0562 2784 COMSysApp - ok 21:50:47.0609 2784 Cpqarray - ok 21:50:47.0640 2784 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 21:50:47.0640 2784 CryptSvc - ok 21:50:47.0656 2784 dac2w2k - ok 21:50:47.0656 2784 dac960nt - ok 21:50:47.0718 2784 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 21:50:47.0718 2784 DcomLaunch - ok 21:50:47.0765 2784 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 21:50:47.0765 2784 Dhcp - ok 21:50:47.0796 2784 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 21:50:47.0812 2784 Disk - ok 21:50:47.0812 2784 dmadmin - ok 21:50:47.0890 2784 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 21:50:47.0906 2784 dmboot - ok 21:50:47.0921 2784 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys 21:50:47.0921 2784 dmio - ok 21:50:47.0968 2784 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 21:50:47.0968 2784 dmload - ok 21:50:48.0000 2784 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll 21:50:48.0000 2784 dmserver - ok 21:50:48.0031 2784 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 21:50:48.0031 2784 DMusic - ok 21:50:48.0062 2784 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 21:50:48.0062 2784 Dnscache - ok 21:50:48.0125 2784 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 21:50:48.0125 2784 Dot3svc - ok 21:50:48.0140 2784 dpti2o - ok 21:50:48.0171 2784 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 21:50:48.0171 2784 drmkaud - ok 21:50:48.0203 2784 [ 30E8AFFED744EC4C79B4961F5FE10134 ] e.dentifier2 C:\WINDOWS\system32\DRIVERS\aabed2.sys 21:50:48.0203 2784 e.dentifier2 - ok 21:50:48.0218 2784 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll 21:50:48.0218 2784 EapHost - ok 21:50:48.0265 2784 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll 21:50:48.0265 2784 ERSvc - ok 21:50:48.0312 2784 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe 21:50:48.0312 2784 Eventlog - ok 21:50:48.0359 2784 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll 21:50:48.0359 2784 EventSystem - ok 21:50:48.0375 2784 e_rdmbe.sys - ok 21:50:48.0390 2784 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 21:50:48.0406 2784 Fastfat - ok 21:50:48.0437 2784 [ 2D5D4156292150FE571872C1B88E9299 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 21:50:48.0453 2784 FastUserSwitchingCompatibility - ok 21:50:48.0484 2784 [ 4914736E61F561DAD588AF2AAA0DF0F0 ] Fax C:\WINDOWS\system32\fxssvc.exe 21:50:48.0484 2784 Fax - ok 21:50:48.0656 2784 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 21:50:48.0656 2784 Fdc - ok 21:50:48.0703 2784 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 21:50:48.0718 2784 Fips - ok 21:50:48.0812 2784 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 21:50:48.0828 2784 FLEXnet Licensing Service - ok 21:50:48.0859 2784 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 21:50:48.0859 2784 Flpydisk - ok 21:50:48.0906 2784 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 21:50:48.0906 2784 FltMgr - ok 21:50:49.0000 2784 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 21:50:49.0000 2784 FontCache3.0.0.0 - ok 21:50:49.0062 2784 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 21:50:49.0062 2784 Fs_Rec - ok 21:50:49.0078 2784 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 21:50:49.0078 2784 Ftdisk - ok 21:50:49.0109 2784 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 21:50:49.0109 2784 Gpc - ok 21:50:49.0203 2784 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 21:50:49.0203 2784 gupdate - ok 21:50:49.0218 2784 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 21:50:49.0218 2784 gupdatem - ok 21:50:49.0250 2784 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 21:50:49.0265 2784 gusvc - ok 21:50:49.0296 2784 [ 2A013E7530BEAB6E569FAA83F517E836 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys 21:50:49.0312 2784 HdAudAddService - ok 21:50:49.0343 2784 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 21:50:49.0343 2784 HDAudBus - ok 21:50:49.0421 2784 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 21:50:49.0421 2784 helpsvc - ok 21:50:49.0453 2784 [ 10003105AAB8D5A7DB51A9CB3D9F55A3 ] HidServ C:\WINDOWS\System32\hidserv.dll 21:50:49.0453 2784 HidServ - ok 21:50:49.0500 2784 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys 21:50:49.0500 2784 hidusb - ok 21:50:49.0562 2784 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 21:50:49.0562 2784 hkmsvc - ok 21:50:49.0578 2784 hpn - ok 21:50:49.0640 2784 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 21:50:49.0640 2784 HTTP - ok 21:50:49.0671 2784 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 21:50:49.0671 2784 HTTPFilter - ok 21:50:49.0687 2784 i2omgmt - ok 21:50:49.0718 2784 i2omp - ok 21:50:49.0734 2784 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 21:50:49.0734 2784 i8042prt - ok 21:50:49.0812 2784 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:50:49.0843 2784 idsvc - ok 21:50:49.0875 2784 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 21:50:49.0875 2784 Imapi - ok 21:50:49.0921 2784 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe 21:50:49.0921 2784 ImapiService - ok 21:50:49.0937 2784 ini910u - ok 21:50:50.0093 2784 [ A30685283F90AE02F1CD50972C6065E3 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 21:50:50.0187 2784 IntcAzAudAddService - ok 21:50:50.0203 2784 IntelIde - ok 21:50:50.0250 2784 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 21:50:50.0250 2784 intelppm - ok 21:50:50.0265 2784 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 21:50:50.0265 2784 Ip6Fw - ok 21:50:50.0296 2784 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 21:50:50.0296 2784 IpFilterDriver - ok 21:50:50.0328 2784 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 21:50:50.0328 2784 IpInIp - ok 21:50:50.0359 2784 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 21:50:50.0359 2784 IpNat - ok 21:50:50.0375 2784 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 21:50:50.0375 2784 IPSec - ok 21:50:50.0421 2784 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 21:50:50.0421 2784 IRENUM - ok 21:50:50.0453 2784 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 21:50:50.0453 2784 isapnp - ok 21:50:50.0500 2784 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 21:50:50.0500 2784 Kbdclass - ok 21:50:50.0531 2784 [ B833B70FE639F01FB36CEDABE57EF031 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 21:50:50.0531 2784 kbdhid - ok 21:50:50.0562 2784 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 21:50:50.0562 2784 kmixer - ok 21:50:50.0609 2784 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 21:50:50.0609 2784 KSecDD - ok 21:50:50.0671 2784 [ C7955E7EDAEA462D04F1C4BE1D340372 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 21:50:50.0687 2784 lanmanserver - ok 21:50:50.0718 2784 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 21:50:50.0718 2784 lanmanworkstation - ok 21:50:50.0765 2784 lbrtfdc - ok 21:50:50.0812 2784 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 21:50:50.0812 2784 LmHosts - ok 21:50:50.0843 2784 [ FC969E4E53C602884958A5FDFFC53526 ] m5287 C:\WINDOWS\system32\drivers\m5287.sys 21:50:50.0843 2784 m5287 - ok 21:50:50.0937 2784 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe 21:50:50.0953 2784 MDM - ok 21:50:50.0968 2784 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll 21:50:50.0984 2784 Messenger - ok 21:50:51.0015 2784 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 21:50:51.0015 2784 mnmdd - ok 21:50:51.0062 2784 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 21:50:51.0062 2784 mnmsrvc - ok 21:50:51.0109 2784 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys 21:50:51.0109 2784 Modem - ok 21:50:51.0125 2784 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys 21:50:51.0125 2784 MODEMCSA - ok 21:50:51.0171 2784 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 21:50:51.0171 2784 Mouclass - ok 21:50:51.0203 2784 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 21:50:51.0203 2784 MountMgr - ok 21:50:51.0218 2784 mraid35x - ok 21:50:51.0234 2784 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 21:50:51.0234 2784 MRxDAV - ok 21:50:51.0281 2784 [ 0DC719E9B15E902346E87E9DCD5751FA ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 21:50:51.0281 2784 MRxSmb - ok 21:50:51.0343 2784 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe 21:50:51.0359 2784 MSDTC - ok 21:50:51.0390 2784 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 21:50:51.0390 2784 Msfs - ok 21:50:51.0406 2784 MSIServer - ok 21:50:51.0468 2784 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 21:50:51.0468 2784 MSKSSRV - ok 21:50:51.0500 2784 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 21:50:51.0500 2784 MSPCLOCK - ok 21:50:51.0531 2784 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 21:50:51.0531 2784 MSPQM - ok 21:50:51.0593 2784 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 21:50:51.0593 2784 mssmbios - ok 21:50:51.0640 2784 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 21:50:51.0640 2784 Mup - ok 21:50:51.0703 2784 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll 21:50:51.0718 2784 napagent - ok 21:50:51.0734 2784 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 21:50:51.0750 2784 NDIS - ok 21:50:51.0781 2784 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 21:50:51.0781 2784 NdisTapi - ok 21:50:51.0812 2784 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 21:50:51.0828 2784 Ndisuio - ok 21:50:51.0828 2784 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 21:50:51.0828 2784 NdisWan - ok 21:50:51.0875 2784 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 21:50:51.0875 2784 NDProxy - ok 21:50:51.0906 2784 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 21:50:51.0906 2784 NetBIOS - ok 21:50:51.0953 2784 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 21:50:51.0953 2784 NetBT - ok 21:50:52.0000 2784 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe 21:50:52.0015 2784 NetDDE - ok 21:50:52.0015 2784 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 21:50:52.0031 2784 NetDDEdsdm - ok 21:50:52.0046 2784 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe 21:50:52.0046 2784 Netlogon - ok 21:50:52.0109 2784 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll 21:50:52.0109 2784 Netman - ok 21:50:52.0156 2784 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:50:52.0156 2784 NetTcpPortSharing - ok 21:50:52.0218 2784 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 21:50:52.0234 2784 NIC1394 - ok 21:50:52.0281 2784 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll 21:50:52.0281 2784 Nla - ok 21:50:52.0312 2784 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 21:50:52.0312 2784 Npfs - ok 21:50:52.0375 2784 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 21:50:52.0390 2784 Ntfs - ok 21:50:52.0437 2784 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys 21:50:52.0437 2784 NTIDrvr - ok 21:50:52.0468 2784 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 21:50:52.0468 2784 NtLmSsp - ok 21:50:52.0515 2784 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 21:50:52.0531 2784 NtmsSvc - ok 21:50:52.0562 2784 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 21:50:52.0562 2784 Null - ok 21:50:52.0609 2784 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 21:50:52.0609 2784 NwlnkFlt - ok 21:50:52.0640 2784 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 21:50:52.0640 2784 NwlnkFwd - ok 21:50:52.0703 2784 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 21:50:52.0718 2784 ohci1394 - ok 21:50:52.0750 2784 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 21:50:52.0750 2784 Parport - ok 21:50:52.0796 2784 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 21:50:52.0796 2784 PartMgr - ok 21:50:52.0828 2784 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 21:50:52.0828 2784 ParVdm - ok 21:50:52.0859 2784 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 21:50:52.0859 2784 PCI - ok 21:50:52.0906 2784 PCIDump - ok 21:50:52.0921 2784 PCIIde - ok 21:50:52.0953 2784 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 21:50:52.0968 2784 Pcmcia - ok 21:50:52.0984 2784 PDCOMP - ok 21:50:53.0015 2784 PDFRAME - ok 21:50:53.0015 2784 PDRELI - ok 21:50:53.0015 2784 PDRFRAME - ok 21:50:53.0031 2784 perc2 - ok 21:50:53.0031 2784 perc2hib - ok 21:50:53.0078 2784 [ 5903FA75200807AD739286BBF40C4904 ] pfc C:\WINDOWS\system32\drivers\pfc.sys 21:50:53.0078 2784 pfc - ok 21:50:53.0109 2784 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe 21:50:53.0109 2784 PlugPlay - ok 21:50:53.0140 2784 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 21:50:53.0140 2784 PolicyAgent - ok 21:50:53.0171 2784 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 21:50:53.0171 2784 PptpMiniport - ok 21:50:53.0203 2784 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 21:50:53.0203 2784 ProtectedStorage - ok 21:50:53.0234 2784 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 21:50:53.0250 2784 PSched - ok 21:50:53.0296 2784 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 21:50:53.0296 2784 Ptilink - ok 21:50:53.0359 2784 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 21:50:53.0359 2784 PxHelp20 - ok 21:50:53.0375 2784 ql1080 - ok 21:50:53.0406 2784 Ql10wnt - ok 21:50:53.0421 2784 ql12160 - ok 21:50:53.0453 2784 ql1240 - ok 21:50:53.0468 2784 ql1280 - ok 21:50:53.0546 2784 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 21:50:53.0546 2784 RasAcd - ok 21:50:53.0593 2784 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll 21:50:53.0593 2784 RasAuto - ok 21:50:53.0625 2784 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 21:50:53.0625 2784 Rasl2tp - ok 21:50:53.0671 2784 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll 21:50:53.0671 2784 RasMan - ok 21:50:53.0703 2784 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 21:50:53.0703 2784 RasPppoe - ok 21:50:53.0718 2784 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 21:50:53.0734 2784 Raspti - ok 21:50:53.0765 2784 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 21:50:53.0765 2784 Rdbss - ok 21:50:53.0828 2784 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 21:50:53.0828 2784 RDPCDD - ok 21:50:53.0890 2784 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 21:50:53.0906 2784 RDPWD - ok 21:50:53.0953 2784 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 21:50:53.0953 2784 RDSessMgr - ok 21:50:53.0953 2784 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 21:50:53.0968 2784 redbook - ok 21:50:54.0015 2784 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 21:50:54.0015 2784 RemoteAccess - ok 21:50:54.0031 2784 [ 246F761E3E48FF86E8733FAFD2B1613B ] RpcLocator C:\WINDOWS\system32\locator.exe 21:50:54.0031 2784 RpcLocator - ok 21:50:54.0093 2784 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\system32\rpcss.dll 21:50:54.0093 2784 RpcSs - ok 21:50:54.0125 2784 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe 21:50:54.0125 2784 RSVP - ok 21:50:54.0156 2784 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe 21:50:54.0156 2784 SamSs - ok 21:50:54.0187 2784 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 21:50:54.0187 2784 SCardSvr - ok 21:50:54.0250 2784 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll 21:50:54.0265 2784 Schedule - ok 21:50:54.0296 2784 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 21:50:54.0296 2784 Secdrv - ok 21:50:54.0328 2784 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll 21:50:54.0343 2784 seclogon - ok 21:50:54.0359 2784 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll 21:50:54.0359 2784 SENS - ok 21:50:54.0484 2784 [ 8627C992B8A80504FC477B2E8FF8EC4F ] Sentinel C:\WINDOWS\System32\Drivers\SENTINEL.SYS 21:50:54.0484 2784 Sentinel - ok 21:50:54.0531 2784 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 21:50:54.0531 2784 serenum - ok 21:50:54.0562 2784 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 21:50:54.0562 2784 Serial - ok 21:50:54.0625 2784 [ EEA80070B7CA0596DDF59160FB4EC5A8 ] SFC4 C:\WINDOWS\system32\drivers\SFC4.sys 21:50:54.0625 2784 SFC4 - ok 21:50:54.0640 2784 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys 21:50:54.0640 2784 Sfloppy - ok 21:50:54.0687 2784 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 21:50:54.0687 2784 SharedAccess - ok 21:50:54.0718 2784 [ 2D5D4156292150FE571872C1B88E9299 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 21:50:54.0734 2784 ShellHWDetection - ok 21:50:54.0734 2784 Simbad - ok 21:50:54.0750 2784 Sparrow - ok 21:50:54.0781 2784 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 21:50:54.0781 2784 splitter - ok 21:50:54.0828 2784 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 21:50:54.0828 2784 Spooler - ok 21:50:54.0859 2784 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 21:50:54.0859 2784 sr - ok 21:50:54.0921 2784 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll 21:50:54.0921 2784 srservice - ok 21:50:54.0953 2784 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 21:50:54.0968 2784 Srv - ok 21:50:55.0000 2784 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 21:50:55.0000 2784 SSDPSRV - ok 21:50:55.0046 2784 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 21:50:55.0046 2784 ssmdrv - ok 21:50:55.0109 2784 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll 21:50:55.0109 2784 stisvc - ok 21:50:55.0156 2784 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 21:50:55.0156 2784 swenum - ok 21:50:55.0187 2784 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 21:50:55.0187 2784 swmidi - ok 21:50:55.0187 2784 SwPrv - ok 21:50:55.0218 2784 symc810 - ok 21:50:55.0234 2784 symc8xx - ok 21:50:55.0250 2784 sym_hi - ok 21:50:55.0265 2784 sym_u3 - ok 21:50:55.0296 2784 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 21:50:55.0296 2784 sysaudio - ok 21:50:55.0328 2784 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 21:50:55.0343 2784 SysmonLog - ok 21:50:55.0375 2784 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 21:50:55.0375 2784 TapiSrv - ok 21:50:55.0421 2784 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 21:50:55.0421 2784 Tcpip - ok 21:50:55.0453 2784 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 21:50:55.0468 2784 TDPIPE - ok 21:50:55.0484 2784 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 21:50:55.0484 2784 TDTCP - ok 21:50:55.0515 2784 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 21:50:55.0515 2784 TermDD - ok 21:50:55.0562 2784 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll 21:50:55.0578 2784 TermService - ok 21:50:55.0593 2784 [ 2D5D4156292150FE571872C1B88E9299 ] Themes C:\WINDOWS\System32\shsvcs.dll 21:50:55.0593 2784 Themes - ok 21:50:55.0609 2784 TosIde - ok 21:50:55.0640 2784 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll 21:50:55.0640 2784 TrkWks - ok 21:50:55.0703 2784 [ E0C67BE430C6DE490D6CCAECFA071F9E ] UBHelper C:\WINDOWS\system32\drivers\UBHelper.sys 21:50:55.0703 2784 UBHelper - ok 21:50:55.0734 2784 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 21:50:55.0734 2784 Udfs - ok 21:50:55.0812 2784 [ 8904797AB560918B115B7EC350B3D2C7 ] UGS License Server (ugslmd) C:\Program Files\UGS\UGSLicensing\lmgrd.exe 21:50:55.0843 2784 UGS License Server (ugslmd) - ok 21:50:55.0859 2784 ultra - ok 21:50:55.0875 2784 Unigraphics License Server (uglmd) - ok 21:50:55.0921 2784 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 21:50:55.0937 2784 Update - ok 21:50:56.0000 2784 [ 0E3477EDD6B6037FDB479DD5B5ADC3EC ] upnphost C:\WINDOWS\System32\upnphost.dll 21:50:56.0000 2784 upnphost - ok 21:50:56.0031 2784 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe 21:50:56.0031 2784 UPS - ok 21:50:56.0062 2784 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 21:50:56.0062 2784 usbccgp - ok 21:50:56.0093 2784 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 21:50:56.0093 2784 usbehci - ok 21:50:56.0109 2784 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 21:50:56.0109 2784 usbhub - ok 21:50:56.0140 2784 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 21:50:56.0140 2784 usbohci - ok 21:50:56.0171 2784 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 21:50:56.0171 2784 usbprint - ok 21:50:56.0203 2784 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 21:50:56.0203 2784 usbscan - ok 21:50:56.0218 2784 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 21:50:56.0234 2784 USBSTOR - ok 21:50:56.0250 2784 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 21:50:56.0250 2784 VgaSave - ok 21:50:56.0265 2784 ViaIde - ok 21:50:56.0296 2784 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 21:50:56.0296 2784 VolSnap - ok 21:50:56.0343 2784 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe 21:50:56.0359 2784 VSS - ok 21:50:56.0390 2784 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll 21:50:56.0390 2784 W32Time - ok 21:50:56.0421 2784 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 21:50:56.0421 2784 Wanarp - ok 21:50:56.0437 2784 WDICA - ok 21:50:56.0453 2784 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 21:50:56.0453 2784 wdmaud - ok 21:50:56.0500 2784 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll 21:50:56.0500 2784 WebClient - ok 21:50:56.0578 2784 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 21:50:56.0578 2784 winmgmt - ok 21:50:56.0640 2784 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 21:50:56.0640 2784 WmdmPmSN - ok 21:50:56.0671 2784 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 21:50:56.0671 2784 WmiApSrv - ok 21:50:56.0750 2784 [ 79A01ACD485687EE602411A06B63A9A5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 21:50:56.0765 2784 WMPNetworkSvc - ok 21:50:56.0828 2784 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll 21:50:56.0828 2784 wscsvc - ok 21:50:56.0843 2784 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 21:50:56.0859 2784 wuauserv - ok 21:50:56.0890 2784 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 21:50:56.0890 2784 WudfPf - ok 21:50:56.0937 2784 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 21:50:56.0937 2784 WudfRd - ok 21:50:56.0968 2784 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 21:50:56.0984 2784 WudfSvc - ok 21:50:57.0046 2784 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 21:50:57.0046 2784 WZCSVC - ok 21:50:57.0062 2784 xcpip - ok 21:50:57.0093 2784 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 21:50:57.0093 2784 xmlprov - ok 21:50:57.0109 2784 xpsec - ok 21:50:57.0156 2784 [ E279C4E1287751DFFA0A1F3EC4097491 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys 21:50:57.0156 2784 yukonwxp - ok 21:50:57.0187 2784 ================ Scan global =============================== 21:50:57.0218 2784 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll 21:50:57.0250 2784 [ C0FF76441BB6E9E66C4909C545FA38EE ] C:\WINDOWS\system32\winsrv.dll 21:50:57.0281 2784 [ C0FF76441BB6E9E66C4909C545FA38EE ] C:\WINDOWS\system32\winsrv.dll 21:50:57.0312 2784 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe 21:50:57.0312 2784 [Global] - ok 21:50:57.0312 2784 ================ Scan MBR ================================== 21:50:57.0328 2784 [ 1FD04AB709CBA1DAC89F3074AB6F9420 ] \Device\Harddisk0\DR0 21:50:57.0328 2784 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected 21:50:57.0328 2784 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0) 21:50:57.0328 2784 ================ Scan VBR ================================== 21:50:57.0343 2784 [ D2D708732E781BC64882B436B92A9CDA ] \Device\Harddisk0\DR0\Partition1 21:50:57.0343 2784 \Device\Harddisk0\DR0\Partition1 - ok 21:50:57.0359 2784 [ 655424E9B73F1B0C64A3C54281AC6220 ] \Device\Harddisk0\DR0\Partition2 21:50:57.0359 2784 \Device\Harddisk0\DR0\Partition2 - ok 21:50:57.0359 2784 ============================================================ 21:50:57.0359 2784 Scan finished 21:50:57.0359 2784 ============================================================ 21:50:57.0375 2776 Detected object count: 2 21:50:57.0375 2776 Actual detected object count: 2 21:52:32.0265 2776 System memory - cured 21:52:32.0265 2776 System memory ( MEM:Backdoor.Win32.Sinowal.d ) - User select action: Cure 21:52:40.0703 2776 \Device\Harddisk0\DR0\# - copied to quarantine 21:52:40.0703 2776 \Device\Harddisk0\DR0 - copied to quarantine 21:52:40.0859 2776 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot 21:52:41.0031 2776 \Device\Harddisk0\DR0 - ok 21:52:41.0031 2776 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure 21:52:47.0812 0404 Deinitialize success Hijackthis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:55:40, on 10-9-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Acer\Acer eConsole\MediaServerService.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\UGS\UGSLicensing\lmgrd.exe C:\Program Files\UGS\UGSLicensing\lmgrd.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\RTHDCPL.EXE C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Documents and Settings\Piet\Application Data\CoSoSys\CarryItEasy\CarryLaunch.exe C:\Program Files\Post-it\PsnLite.exe C:\Documents and Settings\Piet\Bureaublad\Printkey.exe C:\PROGRA~1\Post-it\PSNGive.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Piet\temp\TeamViewer\Version4\TeamViewer.exe C:\drivers\HijackThis.exe C:\WINDOWS\system32\ctfmon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKCU\..\Run: [CarryLaunch] C:\Documents and Settings\Piet\Application Data\CoSoSys\CarryItEasy\CarryLaunch.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Snelkoppeling naar Printkey.lnk = C:\Documents and Settings\Piet\Bureaublad\Printkey.exe O4 - Global Startup: Post-it� Software Notes Lite.lnk = C:\Program Files\Post-it\PsnLite.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorie�n - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe O23 - Service: UGS License Server (ugslmd) - Macrovision Corporation - C:\Program Files\UGS\UGSLicensing\lmgrd.exe O23 - Service: Unigraphics License Server (uglmd) - Unknown owner - C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe (file missing) -- End of file - 7009 bytes

Bij het openen van de instellingen/opties van IE krijg ik de volgende melding: "De bewerking is geannuleerd vanwege op uw systeem geldende beperkingen .Neem contact op met de systeem beheerder op" Ik vermoed dat er een virus/trojan op mijn PC staat. Zou iemand hiernaar kunnen kijken? Alvast bedankt. HijackThis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:06:35, on 26-8-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Piet\Application Data\CoSoSys\CarryItEasy\CarryLaunch.exe C:\Program Files\Post-it\PsnLite.exe C:\Documents and Settings\Piet\Bureaublad\Printkey.exe C:\PROGRA~1\Post-it\PSNGive.exe C:\Documents and Settings\Piet\temp\TeamViewer\Version4\TeamViewer.exe C:\Program Files\Acer\Acer eConsole\MediaServerService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\UGS\UGSLicensing\lmgrd.exe C:\Program Files\UGS\UGSLicensing\lmgrd.exe C:\Program Files\UGS\UGSLicensing\ugslmd.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Downloads\Emisoft\start.exe D:\Downloads\Emisoft\Run\a2emergencykit.exe C:\drivers\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Piet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [CarryLaunch] C:\Documents and Settings\Piet\Application Data\CoSoSys\CarryItEasy\CarryLaunch.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe -update activex O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Snelkoppeling naar Printkey.lnk = C:\Documents and Settings\Piet\Bureaublad\Printkey.exe O4 - Global Startup: Post-it� Software Notes Lite.lnk = C:\Program Files\Post-it\PsnLite.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorie�n - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe O23 - Service: UGS License Server (ugslmd) - Macrovision Corporation - C:\Program Files\UGS\UGSLicensing\lmgrd.exe O23 - Service: Unigraphics License Server (uglmd) - Unknown owner - C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe (file missing) -- End of file - 7916 bytes