emails to myself recently

[MOMBO]

HELLO ALL,,Seems I have a problems here,I'm getting emails to myself recenty I never knew
it since this computer was giving to me in 2004 but my virus software never detected it so I ran
SUPER ANTI SPYWARE few days ago And it came up with this Worm.Win32-Chir,,,need help cause it looks likeit is spreading on my machine,I took a HJ log file,,thanks people
-------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:27:37 PM, on 2/18/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
F:FProgramsavastAvastSvc.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSBCMSMMSG.exe
F:FProgramsavastavastUI.exe
F:FProgramsPower VCR IIAgent.exe
F:FProgramsSUPERAntiSpywareSASCORE.EXE
F:FProgramsRoxDirectCDDirectCD.exe
C:WINDOWSSystem32dllhost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
F:FProgramsjavabinjqs.exe
C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions50binOWSTIMER.EXE
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32dmadmin.exe
C:WINDOWSsystem32inetsrvinetinfo.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32NOTEPAD.EXE
F:FProgramsFFfirefox.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSSoftwareDistributionDownload8bb5f1c638778df6b77d80bc61ffc63cupdateupdate.exe
F:FProgramsHJHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:FProgramsjavabinssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:FProgramsavastaswWebRepIE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:FProgramsjavabinjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:FProgramsjavalibdeployjqsiejqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:FProgramsavastaswWebRepIE.dll
O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesCommon FilesJavaJava Updatejusched.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [igfxTray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [bCMSMMSG] BCMSMMSG.exe
O4 - HKLM..Run: [avast] "F:FProgramsavastavastUI.exe" /nogui
O4 - HKLM..Run: [Agent] F:FProgramsPower VCR IIAgent.exe
O4 - HKLM..Run: [AdaptecDirectCD] F:FProgramsRoxDirectCDDirectCD.exe
O4 - HKLM..Run: [Adobe ARM] "C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = F:FProgramsOffice 2002Office10OSA.EXE
O8 - Extra context menu item: &ieSpell Options - res://F:FProgramsieSpelliespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://F:FProgramsieSpelliespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:FPROGR~1OFFICE~1Office10EXCEL.EXE/3000
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - F:FProgramsieSpelliespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - F:FProgramsieSpelliespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - F:FProgramsieSpelliespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - F:FProgramsieSpelliespell.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1358558327875
O17 - HKLMSystemCCSServicesTcpip..{0F24E88E-529F-4DD2-8D15-F6EA48F028E1}: NameServer = 66.81.0.251 66.81.0.252
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - F:FProgramsSUPERAntiSpywareSASCORE.EXE
O23 - Service: avast! Antivirus - AVAST Software - F:FProgramsavastAvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:FProgramsjavabinjqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
O23 - Service: MySql - Unknown owner - F:/apache/mysql/bin/mysqld-nt.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:Program FilesWinPcaprpcapd.exe

--
End of file - 6558 bytes

 

 

[Tomk_]

Hi MOMBO,



My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:

• [*]I will be working on your Malware issues, this may or may not, solve other issues you have with your machine. [*]The fixes are specific to

your problem and should only be used for the issues on this machine. [*]Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. [*]It's often worth reading through these instructions and printing them for ease of reference. [*]If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. [*]Please reply to this thread. Do not start a new topic.

 

 

Let's give this a try:

Download ComboFix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

* IMPORTANT !!! Save ComboFix.exe to your Desktop

• [*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link -->

http://forums.whatthetech.com/How_Disable_your_Security_Programs_t96260.html
[*]Double click on ComboFix.exe & follow the prompts.
[*]As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
[*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

 

 

 

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:ComboFix.txt in your next reply.


Notes:

1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
4. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
5. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

 

 

 

 

 

[MOMBO]

Thank you Tom for the help here,,here is a log file ComboFix

-----------------------------------------------------

ComboFix 13-02-18.02 - mombo 02/19/2013 7:16.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.305 [GMT -8:00]
Running from: c:documents and settingsmomboDesktopComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:documents and settingsAll UsersApplication DataDirectCDUserName.txt
c:documents and settingsAll UsersApplication DataDirectCDUserNameE.txt
c:documents and settingsAll UsersApplication DataTEMP
c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensions{96600fe6-b728-47ab-8599-2632bfb38f7c}
c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensions{96600fe6-b728-47ab-8599-2632bfb38f7c}chromexulcache.jar
c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensions{96600fe6-b728-47ab-8599-2632bfb38f7c}defaultspreferencesxulcache.js
c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensions{96600fe6-b728-47ab-8599-2632bfb38f7c}install.rdf
c:documents and settingsmomboWINDOWS
c:program filesWinPCap
c:program filesWinPCapdaemon_mgm.exe
c:program filesWinPCapINSTALL.LOG
c:program filesWinPCapnpf_mgm.exe
c:program filesWinPCaprpcapd.exe
c:program filesWinPCapUninstall.exe
c:windowsexplorer(2).exe
c:windowssystem32Cache
c:windowssystem32ctfmon(2).exe
c:windowssystem32Packet.dll
c:windowssystem32PowerToyReadme.htm
c:windowssystem32pthreadVC.dll
c:windowssystem32SysWoW32
c:windowssystem32SysWoW32wu2063555176v0
c:windowssystem32SysWoW32wu2063555176v0.kwd
c:windowssystem32SysWoW32wu2063555176v1
c:windowssystem32SysWoW32wu2063555176v1.kwd
c:windowssystem32SysWoW32wu2063555176v2
c:windowssystem32SysWoW32wu2063555176v2.kwd
c:windowssystem32SysWoW32wu2063555176v3
c:windowssystem32SysWoW32wu2063555176v3.kwd
c:windowssystem32usp10(2).dll
c:windowssystem32w32apiw.dll
c:windowssystem32wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------Legacy_FAD
-------Legacy_NPF
-------Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2013-01-19 to 2013-02-19 )))))))))))))))))))))))))))))))
.
.
2013-02-18 21:35 . 2013-01-10 19:33 759296 -c----w- c:windowssystem32dllcachevgx.dll
2013-02-18 17:38 . 2013-02-18 17:38 -------- d-----w- c:windowssystem32wbemRepository
2013-02-13 17:36 . 2013-02-13 17:36 -------- d-----w- c:program filesMicrosoft.NET
2013-02-13 17:30 . 2013-02-13 17:48 -------- d-----w- C:c1e08ede32f082b1efea
2013-02-11 21:52 . 2001-08-30 10:30 138752 -c--a-w- c:windowssystem32dllcachesndvol32.exe
2013-02-11 21:51 . 2001-08-30 10:30 138752 ----a-w- c:windowssystem32sndvol32.exe
2013-01-26 03:55 . 2013-01-26 03:55 552448 -c----w- c:windowssystem32dllcacheoleaut32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 03:55 . 2003-03-31 12:00 552448 ----a-w- c:windowssystem32oleaut32.dll
2013-01-07 01:16 . 2012-05-28 23:10 2193024 ----a-w- c:windowssystem32ntoskrnl.exe
2013-01-07 00:36 . 2012-05-28 23:10 2069760 ----a-w- c:windowssystem32ntkrnlpa.exe
2013-01-04 01:20 . 2012-05-28 23:10 1867264 ----a-w- c:windowssystem32win32k.sys
2013-01-02 06:49 . 2005-07-28 18:53 148992 ----a-w- c:windowssystem32mpg2splt.ax
2013-01-02 06:49 . 2005-07-28 18:53 1292288 ----a-w- c:windowssystem32quartz.dll
2012-12-16 12:23 . 2003-03-31 12:00 290560 ----a-w- c:windowssystem32atmfd.dll
2012-11-22 17:28 . 2012-11-22 17:28 1409 ----a-w- c:windowsQTFont.for
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:windowssystem32driversatapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:windowssystem32ReinstallBackups0005DriverFilesi386atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:windowssystem32driversasyncmac.sys
.
[-] 2003-03-31 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:windowssystem32driversbeep.sys
.
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:windowssystem32driverskbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:windowssystem32driversndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:windowssystem32driversntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:windows$hf_mig$KB930916SP2QFEntfs.sys
.
[-] 2003-03-31 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:windowssystem32driversnull.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:windows$hf_mig$KB2509553SP3QFEtcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:windows$hf_mig$KB951748SP3QFEtcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:windowssystem32driverstcpip.sys
[-] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:windows$hf_mig$KB917953SP2QFEtcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:windows$hf_mig$KB913446SP2QFEtcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:windows$hf_mig$KB893066SP2QFEtcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:windows$hf_mig$KB893066SP2GDRtcpip.sys
.
[-] 2012-07-06 . CFD4E51402DA9838B5A04AE680AF54A0 . 78336 . . [5.1.2600.6260] . . c:windowssystem32browser.dll
[-] 2012-07-06 . FC6D1D80588D371F0321E15A75B2F8F2 . 78336 . . [5.1.2600.6260] . . c:windows$hf_mig$KB2705219SP3QFEbrowser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386browser.dll
.
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:windowssystem32lsass.exe
.
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:windowssystem32netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:windows$hf_mig$KB905414SP2QFEnetman.dll
.
[-] 2008-04-14 12:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:windowsServicePackFilesi386comres.dll
[-] 2008-04-14 12:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:windowssystem32comres.dll
.
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:windowsServicePackFilesi386qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:windowssystem32qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:windowssystem32bitsqmgr.dll
.
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:windowssystem32rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:windows$hf_mig$KB956572SP3QFErpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:windows$hf_mig$KB902400SP2QFErpcss.dll
[-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:windows$hf_mig$KB894391SP2QFErpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:windows$hf_mig$KB873333SP2GDRrpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:windows$hf_mig$KB873333SP2QFErpcss.dll
.
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:windowssystem32services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:windows$hf_mig$KB956572SP3QFEservices.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:windows$hf_mig$KB2347290SP3QFEspoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:windowssystem32spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:windows$hf_mig$KB896423SP2QFEspoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:windows$hf_mig$KB896423SP2GDRspoolsv.exe
.
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:windowssystem32winlogon.exe
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:windowssystem32driversipsec.sys
.
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:windowsWinSxSInstallTemp944905comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:windowsServicePackFilesi386comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03comctl32.dll
[-] 2005-03-11 . F6A21D5476C7B4CA9873D97BD246D6EB . 925184 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1643_x-ww_7c3a9bc6comctl32.dll
[-] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9comctl32.dll
[-] 2003-03-31 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70acomctl32.dll
[-] 2003-03-31 . 76B90BD220F1B1CC9E183C6B1AE9FBB4 . 921600 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805comctl32.dll
.
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:windowssystem32cryptsvc.dll
.
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:windowssystem32es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:windows$hf_mig$KB950974SP3QFEes.dll
[-] 2008-04-14 12:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:windowsServicePackFilesi386es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:windows$hf_mig$KB902400SP2QFEes.dll
.
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:windowssystem32imm32.dll
.
[-] 2012-10-03 . 6FE42512AB1B89F32A7407F261B1D2D0 . 990208 . . [5.1.2600.6293] . . c:windowssystem32kernel32.dll
[-] 2012-10-03 . 6FE42512AB1B89F32A7407F261B1D2D0 . 990208 . . [5.1.2600.6293] . . c:windowssystem32dllcachekernel32.dll
[-] 2012-10-03 . 6CBFEEB384F04681AF75F495AA48DD32 . 991744 . . [5.1.2600.6293] . . c:windows$hf_mig$KB2758857SP3QFEkernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:windows$NtUninstallKB2758857$kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:windows$hf_mig$KB959426SP3QFEkernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:windows$hf_mig$KB935839SP2QFEkernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:windows$hf_mig$KB917422SP2QFEkernel32.dll
.
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:windowssystem32linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:windows$hf_mig$KB900725SP2QFElinkinfo.dll
.
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:windowssystem32lpk.dll
.
[-] 2013-01-06 . BDF6CC938C0644FE3643BC0D6A678E26 . 6009856 . . [8.00.6001.19394] . . c:windowssystem32mshtml.dll
[-] 2013-01-06 . BDF6CC938C0644FE3643BC0D6A678E26 . 6009856 . . [8.00.6001.19394] . . c:windowssystem32dllcachemshtml.dll
[-] 2013-01-06 . 14FD1CAEFB6D2749019AC2F54859568C . 6011392 . . [8.00.6001.23462] . . c:windows$hf_mig$KB2799329-IE8SP3QFEmshtml.dll
[-] 2012-08-28 . DF3C3CA94CBC9DE07AC3EB49440A8D45 . 6008832 . . [8.00.6001.19328] . . c:windowsie8updatesKB2799329-IE8mshtml.dll
[-] 2012-08-28 . CF6B381C3518AB328382429CAE206D64 . 6010368 . . [8.00.6001.23415] . . c:windows$hf_mig$KB2744842-IE8SP3QFEmshtml.dll
[-] 2012-03-01 . DADE53318D8E5335EE2E1745F1C3FC4D . 5978624 . . [8.00.6001.19222] . . c:windowsie8updatesKB2744842-IE8mshtml.dll
[-] 2012-03-01 . 5DBB0C997AD276BCE9D30CD609BDBF67 . 5980672 . . [8.00.6001.23318] . . c:windows$hf_mig$KB2675157-IE8SP3QFEmshtml.dll
[-] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:windowsie8updatesKB2675157-IE8mshtml.dll
[-] 2011-11-04 . 699421E2E1313C18671A703953CAE14B . 5978624 . . [8.00.6001.23266] . . c:windows$hf_mig$KB2618444-IE8SP3QFEmshtml.dll
[-] 2011-07-25 . 23B3C8E9F3F280180573569253CE98AB . 5969920 . . [8.00.6001.19120] . . c:windowsie8updatesKB2618444-IE8mshtml.dll
[-] 2011-07-25 . BCE7CCEBAD6C8955D2B4C3B246BD0E57 . 5971456 . . [8.00.6001.23216] . . c:windows$hf_mig$KB2559049-IE8SP3QFEmshtml.dll
[-] 2010-12-20 . 1EDCEC5D649DBAC37ED9FFB5A14CEB0C . 5961216 . . [8.00.6001.19019] . . c:windowsie8updatesKB2559049-IE8mshtml.dll
[-] 2010-12-20 . 2A2C070EC691CE410533A1DA7AA3CD86 . 5962240 . . [8.00.6001.23111] . . c:windows$hf_mig$KB2482017-IE8SP3QFEmshtml.dll
[-] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:windows$hf_mig$KB2416400-IE8SP3QFEmshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:windowsie8updatesKB2482017-IE8mshtml.dll
[-] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:windowsie8updatesKB2416400-IE8mshtml.dll
[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:windows$hf_mig$KB978207-IE8SP3QFEmshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:windowsie8updatesKB978207-IE8mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:windowsServicePackFilesi386mshtml.dll
[-] 2007-05-08 . 1D4E3B86C601A2497C99790CC4D7DF26 . 3584000 . . [7.00.6000.20591] . . c:windows$hf_mig$KB933566-IE7SP2QFEmshtml.dll
[-] 2007-05-08 . 5D90A7200F72DACE663EE78DE234FCC7 . 3583488 . . [7.00.6000.16481] . . c:windowsie8mshtml.dll
[-] 2007-05-08 . 5D90A7200F72DACE663EE78DE234FCC7 . 3583488 . . [7.00.6000.16481] . . c:windowsSoftwareDistributionDownloada1b272167f1c6b6636fd2e2a091bf287backupsp3gdrmshtml.dll
[-] 2007-05-08 . 5D90A7200F72DACE663EE78DE234FCC7 . 3583488 . . [7.00.6000.16481] . . c:windowsSoftwareDistributionDownloada1b272167f1c6b6636fd2e2a091bf287backupsp3qfemshtml.dll
[-] 2007-03-07 . DA297A862E5F093A07D37C05F608C686 . 3582976 . . [7.00.6000.20544] . . c:windows$hf_mig$KB931768-IE7SP2QFEmshtml.dll
[-] 2007-03-07 . 190E1AE9B973049B12A67BAD478C770C . 3581952 . . [7.00.6000.16441] . . c:windowsie7updatesKB933566-IE7mshtml.dll
[-] 2007-01-12 . 5D45318804A30CE9D6EA83066E84B4A7 . 3580416 . . [7.00.6000.16414] . . c:windowsie7updatesKB931768-IE7mshtml.dll
[-] 2006-11-08 . CBF04597F9CF7739E572276A2698FDD3 . 3577856 . . [7.00.5730.11] . . c:windowsie7updatesKB928090-IE7mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:windows$hf_mig$KB925454SP2QFEmshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:windowsie7mshtml.dll
[-] 2006-05-19 . 8687E029BE63C77D4919485068C54D77 . 3055104 . . [6.00.2900.2912] . . c:windows$hf_mig$KB916281SP2QFEmshtml.dll
[-] 2006-03-23 . ABCD123F888E4E97C8751378CCCC4F26 . 3055616 . . [6.00.2900.2873] . . c:windows$hf_mig$KB912812SP2QFEmshtml.dll
[-] 2005-11-24 . D3F037F5DA702AE9DDD7663EC9D78BA7 . 3018240 . . [6.00.2900.2802] . . c:windows$hf_mig$KB905915SP2QFEmshtml.dll
[-] 2005-10-05 . 3394299FBF1CD0B24089FC762611360B . 3017728 . . [6.00.2900.2769] . . c:windows$hf_mig$KB896688SP2QFEmshtml.dll
[-] 2005-07-20 . A14A7A206AE22DE4FE563E44CFC7DDF5 . 3016192 . . [6.00.2900.2722] . . c:windows$hf_mig$KB896727SP2QFEmshtml.dll
.
[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:windowsWinSxSx86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:windowsServicePackFilesi386msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:windowssystem32msvcrt.dll
[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:windowsWinSxSx86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9msvcrt.dll
[-] 2003-03-31 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:windowsWinSxSx86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76amsvcrt.dll
[-] 2003-03-31 . 70630CAD245477F8DB02B79D9A92834C . 323072 . . [7.0.2600.1106] . . c:windowsWinSxSx86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3msvcrt.dll
.
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:windows$hf_mig$KB2509553SP3QFEmswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:windows$hf_mig$KB951748SP3QFEmswsock.dll
[-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:windowssystem32mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386mswsock.dll
.
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:windowssystem32netlogon.dll
.
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:windowsServicePackFilesi386powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:windowssystem32powrprof.dll
.
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:windowssystem32scecli.dll
.
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:windowssystem32sfc.dll
.
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:windowssystem32svchost.exe
.
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:windowssystem32tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:windows$hf_mig$KB893756SP2QFEtapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:windows$hf_mig$KB893756SP2GDRtapisrv.dll
.
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:windows$hf_mig$KB925902SP2QFEuser32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:windows$hf_mig$KB890859SP2QFEuser32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:windows$hf_mig$KB890859SP2GDRuser32.dll
.
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:windowssystem32userinit.exe
.
[-] 2012-08-28 . FF1C14BCA1A797CE45DD359FA2C9EDA8 . 916992 . . [8.00.6001.19328] . . c:windowssystem32wininet.dll
[-] 2012-08-28 . DCEA3B3193B7181CF818ECC4EAB30A66 . 920064 . . [8.00.6001.23415] . . c:windows$hf_mig$KB2744842-IE8SP3QFEwininet.dll
[-] 2012-03-01 . 009E7B4C284F080608D7286484015EE5 . 916992 . . [8.00.6001.19222] . . c:windowsie8updatesKB2744842-IE8wininet.dll
[-] 2012-03-01 . 4EC67FAB39F37626AD6D9895FC094ABF . 919552 . . [8.00.6001.23318] . . c:windows$hf_mig$KB2675157-IE8SP3QFEwininet.dll
[-] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:windowsie8updatesKB2675157-IE8wininet.dll
[-] 2011-11-04 . 4E4716CAF514717814D07113AD0425B6 . 919552 . . [8.00.6001.23261] . . c:windows$hf_mig$KB2618444-IE8SP3QFEwininet.dll
[-] 2011-06-23 . AF4EDDC6C0446FCE5681B5DED52B8F0E . 916480 . . [8.00.6001.19098] . . c:windowsie8updatesKB2618444-IE8wininet.dll
[-] 2011-06-23 . 509CF67AE762A38E23A5455A0053853C . 919552 . . [8.00.6001.23192] . . c:windows$hf_mig$KB2559049-IE8SP3QFEwininet.dll
[-] 2010-12-20 . 88014D62B5E3CDB0AC67948D86C926C8 . 916480 . . [8.00.6001.19019] . . c:windowsie8updatesKB2559049-IE8wininet.dll
[-] 2010-12-20 . 5504B4ECCE892EB82CD2C5FA71940AC1 . 919552 . . [8.00.6001.23111] . . c:windows$hf_mig$KB2482017-IE8SP3QFEwininet.dll
[-] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:windows$hf_mig$KB2416400-IE8SP3QFEwininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:windowsie8updatesKB2482017-IE8wininet.dll
[-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:windowsie8updatesKB2416400-IE8wininet.dll
[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:windows$hf_mig$KB978207-IE8SP3QFEwininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:windowsie8updatesKB978207-IE8wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:windowsServicePackFilesi386wininet.dll
[-] 2007-04-25 . 431DEFBB4A3D7B0DC062C1B064623A2F . 823808 . . [7.00.6000.20583] . . c:windows$hf_mig$KB933566-IE7SP2QFEwininet.dll
[-] 2007-04-25 . 0586A7F0B2FDB94D624F399D4728E7C8 . 822784 . . [7.00.6000.16473] . . c:windowsie8wininet.dll
[-] 2007-04-25 . 0586A7F0B2FDB94D624F399D4728E7C8 . 822784 . . [7.00.6000.16473] . . c:windowsSoftwareDistributionDownloada1b272167f1c6b6636fd2e2a091bf287backupsp3gdrwininet.dll
[-] 2007-04-25 . 0586A7F0B2FDB94D624F399D4728E7C8 . 822784 . . [7.00.6000.16473] . . c:windowsSoftwareDistributionDownloada1b272167f1c6b6636fd2e2a091bf287backupsp3qfewininet.dll
[-] 2007-03-07 . 5B35DAE6E4886F64D1DA58C4E3E01EB9 . 822784 . . [7.00.6000.16441] . . c:windowsie7updatesKB933566-IE7wininet.dll
[-] 2007-03-07 . B8F4DB39CA7353752F245379D285C80E . 823296 . . [7.00.6000.20544] . . c:windows$hf_mig$KB931768-IE7SP2QFEwininet.dll
[-] 2007-01-12 . BE43D00D802C92F01C8CC952C6F483F8 . 822784 . . [7.00.6000.16414] . . c:windowsie7updatesKB931768-IE7wininet.dll
[-] 2006-11-08 . 92995334F993E6E49C25C6D02EC04401 . 818688 . . [7.00.5730.11] . . c:windowsie7updatesKB928090-IE7wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:windows$hf_mig$KB925454SP2QFEwininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:windowsie7wininet.dll
[-] 2006-05-10 . D94CFFDB53E7AC867438E2DFD50E7CBC . 663552 . . [6.00.2900.2904] . . c:windows$hf_mig$KB916281SP2QFEwininet.dll
[-] 2006-03-04 . C0845ECBF4F9164E618EE381B79C9032 . 663552 . . [6.00.2900.2861] . . c:windows$hf_mig$KB912812SP2QFEwininet.dll
[-] 2005-10-21 . AF785C4947676A7FC1673FDC5C8D0B5B . 661504 . . [6.00.2900.2781] . . c:windows$hf_mig$KB905915SP2QFEwininet.dll
[-] 2005-09-02 . 97A6FD7CAFD688CF2C78939EBAF0CD0C . 660480 . . [6.00.2900.2753] . . c:windows$hf_mig$KB896688SP2QFEwininet.dll
[-] 2005-07-03 . 6E533D155B259EB2363D3E04B5BE309F . 659456 . . [6.00.2900.2713] . . c:windows$hf_mig$KB896727SP2QFEwininet.dll
[-] 1996-08-26 16:39 . BC06EB9D08AA7080B650A71914607A07 . 289552 . . [4.70.1157] . . c:windowssystemWININET.DLL
.
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:windowssystem32ws2_32.dll
.
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:windowssystem32ws2help.dll
.
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:windowsServicePackFilesi386explorer.exe
.
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:windowsregedit.exe
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386regedit.exe
.
[-] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:windowssystem32ole32.dll
[-] 2011-11-01 . 7D9DDE1AB4B00DDB173F5A16E9206517 . 1289216 . . [5.1.2600.6168] . . c:windows$hf_mig$KB2624667SP3QFEole32.dll
[-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:windows$hf_mig$KB979687SP3QFEole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ole32.dll
[-] 2005-07-26 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:windows$hf_mig$KB902400SP2QFEole32.dll
[-] 2005-04-28 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:windows$hf_mig$KB894391SP2QFEole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:windows$hf_mig$KB873333SP2GDRole32.dll
[-] 2005-01-14 . 2E752611C9A9AE1B6BFD0DA03CF7F17E . 1284608 . . [5.1.2600.2595] . . c:windows$hf_mig$KB873333SP2QFEole32.dll
.
[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:windowssystem32usp10.dll
[-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:windows$hf_mig$KB981322SP3QFEusp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:windowsServicePackFilesi386usp10.dll
.
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:windowsServicePackFilesi386ksuser.dll
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:windowssystem32ksuser.dll
[-] 2002-12-12 05:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:windowsRegisteredPackages{44BBA855-CC51-11CF-AAFA-00AA00B6015C}ksuser.dll
.
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
.
[-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:windowssystem32shsvcs.dll
[-] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:windows$hf_mig$KB971029SP3QFEshsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:windowsServicePackFilesi386shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:windows$hf_mig$KB928255SP2QFEshsvcs.dll
.
[-] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386msimg32.dll
[-] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:windowssystem32msimg32.dll
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:windowssystem32srsvc.dll
.
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:windowssystem32wscntfy.exe
.
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:windowssystem32xmlprov.dll
.
[-] 2010-12-09 . 15CE4DBC22FAB90B3CA5352AF1FFF81C . 718336 . . [5.1.2600.6055] . . c:windows$hf_mig$KB2393802SP3QFEntdll.dll
[-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:windowssystem32ntdll.dll
[-] 2009-02-09 . B0913005EE3FC15D7F72472D0B8A30EB . 715264 . . [5.1.2600.5755] . . c:windows$hf_mig$KB956572SP3QFEntdll.dll
[-] 2008-04-14 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ntdll.dll
[-] 2003-03-31 . 983940F6627F77C250BE0AE398FC53FB . 668672 . . [5.1.2600.1106] . . c:windows$NtUninstallQ815021$ntdll.dll
.
[-] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386msctfime.ime
[-] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:windowssystem32msctfime.ime
.
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:windowssystem32eventlog.dll
.
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:windowssystem32sfcfiles.dll
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:windowssystem32driversipsec.sys
.
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:windowssystem32regsvc.dll
.
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:windowssystem32schedsvc.dll
.
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:windowssystem32ssdpsrv.dll
.
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:windowssystem32termsrv.dll
.
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386hnetcfg.dll
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:windowssystem32hnetcfg.dll
.
[-] 2003-03-31 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:windowssystem32driversacpiec.sys
.
[-] 2008-04-14 05:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:windowsServicePackFilesi386aec.sys
[-] 2008-04-14 05:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:windowssystem32driversaec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:windows$hf_mig$KB900485SP2QFEaec.sys
.
[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386agp440.sys
[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:windowssystem32driversagp440.sys
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:windowssystem32driversip6fw.sys
.
[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:windows$hf_mig$KB2387149SP3QFEmfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:windowssystem32mfc40u.dll
[-] 2008-04-14 12:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:windowsServicePackFilesi386mfc40u.dll
.
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:windowssystem32msgsvc.dll
.
[-] 2006-10-19 04:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:windowssystem32mspmsnsv.dll
[-] 2005-01-28 18:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:windows$NtUninstallWMFDist11$mspmsnsv.dll
[-] 2005-01-28 18:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:windowsRegisteredPackages{30C7234B-6482-4A55-A11D-ECD9030313F2}MsPMSNSv.dll
[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:windowsRegisteredPackages{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$SystemMsPMSNSv.dll
[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:windowsServicePackFilesi386mspmsnsv.dll
.
[-] 2008-04-14 12:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:windowsServicePackFilesi386ntmssvc.dll
[-] 2008-04-14 12:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:windowssystem32ntmssvc.dll
.
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:windowssystem32upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:windows$hf_mig$KB931261SP2QFEupnphost.dll
.
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:windowsServicePackFilesi386dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:windowssystem32dsound.dll
[-] 2002-12-12 05:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:windowsRegisteredPackages{44BBA855-CC51-11CF-AAFA-00AA00B6015C}dsound.dll
.
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:windowsServicePackFilesi386d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:windowssystem32d3d9.dll
.
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:windowsServicePackFilesi386ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:windowssystem32ddraw.dll
[-] 2002-12-12 05:14 . 61CC64C43BEC193100E3722F6CF4B1E1 . 284160 . . [5.3.0000000.900 built by: DIRECTX] . . c:windowsRegisteredPackages{44BBA855-CC51-11CF-AAFA-00AA00B6015C}ddraw.dll
.
[-] 2008-04-14 12:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386olepro32.dll
[-] 2008-04-14 12:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:windowssystem32olepro32.dll
.
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:windowssystem32perfctrs.dll
.
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:windowssystem32version.dll
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:windowssystem32srsvc.dll
.
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:windowssystem32w32time.dll
.
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:windowssystem32wiaservc.dll
[-] 2006-12-19 . D9F097AA3B97034D3358A01B43E635B2 . 333824 . . [5.1.2600.3051] . . c:windows$hf_mig$KB927802SP2QFEwiaservc.dll
.
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386midimap.dll
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:windowssystem32midimap.dll
.
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386rasadhlp.dll
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:windowssystem32rasadhlp.dll
[-] 2006-06-26 . B5D08C96B2DADAF5171FB69E341B272B . 7680 . . [5.1.2600.2938] . . c:windows$hf_mig$KB920683SP2QFErasadhlp.dll
.
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386wshtcpip.dll
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:windowssystem32wshtcpip.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- f:fprogramsavastashShell.dll
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:program filesQuickTimeqttask.exe" [2006-01-11 155648]
"IgfxTray"="c:windowssystem32igfxtray.exe" [2004-02-10 155648]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 122880]
"avast"="f:fprogramsavastavastUI.exe" [2012-10-30 4297136]
"Agent"="f:fprogramsPower VCR IIAgent.exe" [2001-03-08 94208]
"AdaptecDirectCD"="f:fprogramsRoxDirectCDDirectCD.exe" [2010-05-12 684032]
"Adobe ARM"="c:program filesCommon FilesAdobeARM1.0AdobeARM.exe" [2012-12-18 946352]
.
c:documents and settingsAll UsersStart MenuProgramsStartup
Adobe Gamma Loader.lnk - c:program filesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe [2010-5-2 113664]
Microsoft Office.lnk - f:fprogramsOffice 2002Office10OSA.EXE [2001-2-13 83360]
.
[hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "f:fprogramsSUPERAntiSpywareSASSEH.DLL" [2013-02-18 113024]
.
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal!SASCORE]
@=""
.
[HKLM~startupfolderC:^Documents and Settings^mombo^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=c:windowspssLimeWire On Startup.lnkStartup
HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSmcService
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun-disabled]
"CapFax"=f:fprogramsBSVPCapFax.EXE
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
"AntiVirusOverride"=dword:00000001
.
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
"f:apacheApache.exe"=
"c:WINDOWSsystem32sessmgr.exe"=
.
R0 FGXSCSI;FGXSCSI;c:windowssystem32driversfgxscsi.sys [6/10/2010 4:57 AM 71680]
R1 aswSnx;aswSnx;c:windowssystem32driversaswSnx.sys [5/15/2011 12:27 PM 738504]
R1 aswSP;aswSP;c:windowssystem32driversaswSP.sys [5/15/2011 12:27 PM 361032]
R1 SASDIFSV;SASDIFSV;f:fprogramsSUPERAntiSpywareSASDIFSV.SYS [2/17/2010 10:25 AM 12880]
R1 SASKUTIL;SASKUTIL;f:fprogramsSUPERAntiSpywareSASKUTIL.SYS [5/6/2010 4:10 PM 67664]
R2 !SASCORE;SAS Core Service;f:fprogramsSUPERAntiSpywareSASCORE.EXE [8/27/2010 12:34 PM 116608]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [5/15/2011 12:27 PM 21256]
R2 SPTimer;SharePoint Timer Service;c:program filesCommon FilesMicrosoft Sharedweb server extensions50binOWSTIMER.EXE [2/16/2001 1:42 AM 345504]
R3 HCWBT8XX;Hauppauge WinTV 848/9 WDM Video Driver;c:windowssystem32driversHCWBT8xx.sys [5/30/2010 9:33 AM 472644]
S3 iscFlash;iscFlash;??c:windowsSYSTEM32DRIVERSiscflash.sys --> c:windowsSYSTEM32DRIVERSiscflash.sys [?]
S3 Pcouffin;Low level access layer for CD devices;c:windowssystem32DriversPcouffin.sys --> c:windowssystem32DriversPcouffin.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-19 c:windowsTasksavast! Emergency Update.job
- f:fprogramsavastAvastEmUpdate.exe [2012-07-04 23:50]
.
2013-02-19 c:windowsTasksGoogleUpdateTaskMachineCore.job
- c:program filesGoogleUpdateGoogleUpdate.exe [2012-07-04 22:53]
.
2013-02-19 c:windowsTasksGoogleUpdateTaskMachineUA.job
- c:program filesGoogleUpdateGoogleUpdate.exe [2012-07-04 22:53]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &ieSpell Options - f:fprogramsieSpelliespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - f:fprogramsieSpelliespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - f:fprogr~1OFFICE~1Office10EXCEL.EXE/3000
TCP: Interfaces{0F24E88E-529F-4DD2-8D15-F6EA48F028E1}: NameServer = 66.81.0.251 66.81.0.252
FF - ProfilePath - c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.default
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.pch.com/search?ourmark=3&nfsp=tbrsp&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-01-12 10:14; {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}; c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensions{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - ExtSQL: 2013-01-12 10:42; donottrackplus@abine.com; c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensionsdonottrackplus@abine.com
FF - ExtSQL: 2013-02-16 11:52; wikilook@testpilot; c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensionswikilook@testpilot.xpi
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-HotKeysCmds - c:windowssystem32hkcmd.exe
Notify-NavLogon - (no file)
AddRemove-WinPcapInst - c:program filesWinPcapUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-19 07:27
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINESystemControlSet002ServicesMySql]
"ImagePath"="F:/apache/mysql/bin/mysqld-nt.exe"
.
[HKEY_LOCAL_MACHINESystemControlSet002ServicesMySql]
"ImagePath"="F:/apache/mysql/bin/mysqld-nt.exe"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERSS-1-5-21-1454471165-842925246-839522115-1006SoftwareMicrosoftSystemCertificatesAddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3684)
c:windowssystem32WININET.dll
c:windowssystem32webcheck.dll
c:windowssystem32IEFRAME.dll
c:windowssystem32WPDShServiceObj.dll
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
f:fprogramsavastAvastSvc.exe
c:program filesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
f:fprogramsjavabinjqs.exe
c:windowssystem32inetsrvinetinfo.exe
c:windowssystem32wscntfy.exe
c:windowsBCMSMMSG.exe
.
**************************************************************************
.
Completion time: 2013-02-19 07:34:52 - machine was rebooted
ComboFix-quarantined-files.txt 2013-02-19 15:34
.
Pre-Run: 49,583,104,000 bytes free
Post-Run: 49,530,347,520 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 1ED0EE3E7416A5B84ACAD1446E8F7C7B

[Tomk_]

Limewire

You have Limewire, a P2P/file sharing programs installed on your computer. P2P applications like it are the largest source of malware we see. You'll be doing yourself a favor by removing it.

 

References for the risk of these programs can be found in these links:

http://www.microsoft.com/windows/ie/commun...protection.mspx

http://www.techweb.com/wire/160500554

http://www.internetworldstats.com/articles/art053.htm

 

 

I would recommend that you uninstall Limewire, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

 

If you wish to keep it, please do not use it until your computer is cleaned.

 

It looks like your Catroot may be broken. Let's rebuild it.

 

Please open Notepad

[*]Click Start , then Run

[*]Type notepad.exe in the Run Box.

Copy and Paste everything from the Quote box into Notepad:

net stop wuauserv

cd %systemroot%SoftwareDistribution

ren Download Download.old

net start wuauserv

net stop bits

net start bits

net stop cryptsvc

cd %systemroot%system32

ren catroot2 catroot2old

net start cryptsvc

Save the file to your DESKTOP as "fix.bat". Make sure to save it with the quotes. Once saved, the icon to click should look like this on your desktop:

[*]Double click fix.bat.

After that is complete:

 

COMBOFIX-Script

[*]Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

ClearJavaCache::Driver::iscFlash

[*]Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

 

[*]Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

[*]Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.

[*]ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.

[*]When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

[*]CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

[MOMBO]

ComboFix 13-02-18.02 - mombo 02/19/2013 15:21:37.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.12 [GMT -8:00]
Running from: c:documents and settingsmomboDesktopComboFix.exe
Command switches used :: c:documents and settingsmomboDesktopCFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------Legacy_ISCFLASH
-------Service_iscFlash
.
.
((((((((((((((((((((((((( Files Created from 2013-01-19 to 2013-02-19 )))))))))))))))))))))))))))))))
.
.
2013-02-19 22:53 . 2013-02-19 22:53 -------- d-----w- c:windowssystem32CatRoot2
2013-02-18 21:35 . 2013-01-10 19:33 759296 -c----w- c:windowssystem32dllcachevgx.dll
2013-02-18 17:38 . 2013-02-18 17:38 -------- d-----w- c:windowssystem32wbemRepository
2013-02-13 17:36 . 2013-02-13 17:36 -------- d-----w- c:program filesMicrosoft.NET
2013-02-13 17:30 . 2013-02-13 17:48 -------- d-----w- C:c1e08ede32f082b1efea
2013-02-11 21:52 . 2001-08-30 10:30 138752 -c--a-w- c:windowssystem32dllcachesndvol32.exe
2013-02-11 21:51 . 2001-08-30 10:30 138752 ----a-w- c:windowssystem32sndvol32.exe
2013-01-26 03:55 . 2013-01-26 03:55 552448 -c----w- c:windowssystem32dllcacheoleaut32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 03:55 . 2003-03-31 12:00 552448 ----a-w- c:windowssystem32oleaut32.dll
2013-01-07 01:16 . 2012-05-28 23:10 2193024 ----a-w- c:windowssystem32ntoskrnl.exe
2013-01-07 00:36 . 2012-05-28 23:10 2069760 ----a-w- c:windowssystem32ntkrnlpa.exe
2013-01-04 01:20 . 2012-05-28 23:10 1867264 ----a-w- c:windowssystem32win32k.sys
2013-01-02 06:49 . 2005-07-28 18:53 148992 ----a-w- c:windowssystem32mpg2splt.ax
2013-01-02 06:49 . 2005-07-28 18:53 1292288 ----a-w- c:windowssystem32quartz.dll
2012-12-26 20:16 . 2005-06-18 04:49 916480 ----a-w- c:windowssystem32wininet.dll
2012-12-26 20:16 . 2003-03-31 12:00 43520 ----a-w- c:windowssystem32licmgr10.dll
2012-12-26 20:16 . 2003-03-31 12:00 1469440 ----a-w- c:windowssystem32inetcpl.cpl
2012-12-24 06:40 . 2004-08-04 05:59 385024 ----a-w- c:windowssystem32html.iec
2012-12-16 12:23 . 2003-03-31 12:00 290560 ----a-w- c:windowssystem32atmfd.dll
2012-11-22 17:28 . 2012-11-22 17:28 1409 ----a-w- c:windowsQTFont.for
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:windowssystem32driversatapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:windowssystem32ReinstallBackups0005DriverFilesi386atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:windowssystem32driversasyncmac.sys
.
[-] 2003-03-31 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:windowssystem32driversbeep.sys
.
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:windowssystem32driverskbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:windowssystem32driversndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:windowssystem32driversntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:windows$hf_mig$KB930916SP2QFEntfs.sys
.
[-] 2003-03-31 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:windowssystem32driversnull.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:windows$hf_mig$KB2509553SP3QFEtcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:windows$hf_mig$KB951748SP3QFEtcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:windowssystem32driverstcpip.sys
[-] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:windows$hf_mig$KB917953SP2QFEtcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:windows$hf_mig$KB913446SP2QFEtcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:windows$hf_mig$KB893066SP2QFEtcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:windows$hf_mig$KB893066SP2GDRtcpip.sys
.
[-] 2012-07-06 . CFD4E51402DA9838B5A04AE680AF54A0 . 78336 . . [5.1.2600.6260] . . c:windowssystem32browser.dll
[-] 2012-07-06 . FC6D1D80588D371F0321E15A75B2F8F2 . 78336 . . [5.1.2600.6260] . . c:windows$hf_mig$KB2705219SP3QFEbrowser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386browser.dll
.
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:windowssystem32lsass.exe
.
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:windowssystem32netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:windows$hf_mig$KB905414SP2QFEnetman.dll
.
[-] 2008-04-14 12:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:windowsServicePackFilesi386comres.dll
[-] 2008-04-14 12:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:windowssystem32comres.dll
.
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:windowsServicePackFilesi386qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:windowssystem32qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:windowssystem32bitsqmgr.dll
.
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:windowssystem32rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:windows$hf_mig$KB956572SP3QFErpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:windows$hf_mig$KB902400SP2QFErpcss.dll
[-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:windows$hf_mig$KB894391SP2QFErpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:windows$hf_mig$KB873333SP2GDRrpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:windows$hf_mig$KB873333SP2QFErpcss.dll
.
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:windowssystem32services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:windows$hf_mig$KB956572SP3QFEservices.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:windows$hf_mig$KB2347290SP3QFEspoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:windowssystem32spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:windows$hf_mig$KB896423SP2QFEspoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:windows$hf_mig$KB896423SP2GDRspoolsv.exe
.
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:windowssystem32winlogon.exe
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:windowssystem32driversipsec.sys
.
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:windowsWinSxSInstallTemp944905comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:windowsServicePackFilesi386comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03comctl32.dll
[-] 2005-03-11 . F6A21D5476C7B4CA9873D97BD246D6EB . 925184 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1643_x-ww_7c3a9bc6comctl32.dll
[-] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9comctl32.dll
[-] 2003-03-31 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70acomctl32.dll
[-] 2003-03-31 . 76B90BD220F1B1CC9E183C6B1AE9FBB4 . 921600 . . [6.0] . . c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805comctl32.dll
.
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:windowssystem32cryptsvc.dll
.
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:windowssystem32es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:windows$hf_mig$KB950974SP3QFEes.dll
[-] 2008-04-14 12:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:windowsServicePackFilesi386es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:windows$hf_mig$KB902400SP2QFEes.dll
.
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:windowssystem32imm32.dll
.
[-] 2012-10-03 . 6FE42512AB1B89F32A7407F261B1D2D0 . 990208 . . [5.1.2600.6293] . . c:windowssystem32kernel32.dll
[-] 2012-10-03 . 6FE42512AB1B89F32A7407F261B1D2D0 . 990208 . . [5.1.2600.6293] . . c:windowssystem32dllcachekernel32.dll
[-] 2012-10-03 . 6CBFEEB384F04681AF75F495AA48DD32 . 991744 . . [5.1.2600.6293] . . c:windows$hf_mig$KB2758857SP3QFEkernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:windows$NtUninstallKB2758857$kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:windows$hf_mig$KB959426SP3QFEkernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:windows$hf_mig$KB935839SP2QFEkernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:windows$hf_mig$KB917422SP2QFEkernel32.dll
.
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:windowssystem32linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:windows$hf_mig$KB900725SP2QFElinkinfo.dll
.
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:windowssystem32lpk.dll
.
[-] 2013-01-09 . 99E9E2606FB13ADB711935FE8E8E29C1 . 6011904 . . [8.00.6001.23468] . . c:windows$hf_mig$KB2792100-IE8SP3QFEmshtml.dll
[-] 2013-01-09 . 99E9E2606FB13ADB711935FE8E8E29C1 . 6011904 . . [8.00.6001.23468] . . c:windowsSoftwareDistributionDownload.old4cb6ecfc18c5f0010f3d7f2229fd3c6cSP3QFEmshtml.dll
[-] 2013-01-08 . 727C9E97CB26879C17A30484C2C76E98 . 6010368 . . [8.00.6001.19400] . . c:windowsSoftwareDistributionDownload.old4cb6ecfc18c5f0010f3d7f2229fd3c6cSP3GDRmshtml.dll
[-] 2013-01-08 . 727C9E97CB26879C17A30484C2C76E98 . 6010368 . . [8.00.6001.19400] . . c:windowssystem32mshtml.dll
[-] 2013-01-08 . 727C9E97CB26879C17A30484C2C76E98 . 6010368 . . [8.00.6001.19400] . . c:windowssystem32dllcachemshtml.dll
[-] 2013-01-06 . BDF6CC938C0644FE3643BC0D6A678E26 . 6009856 . . [8.00.6001.19394] . . c:windowsie8updatesKB2792100-IE8mshtml.dll
[-] 2013-01-06 . 14FD1CAEFB6D2749019AC2F54859568C . 6011392 . . [8.00.6001.23462] . . c:windows$hf_mig$KB2799329-IE8SP3QFEmshtml.dll
[-] 2012-08-28 . DF3C3CA94CBC9DE07AC3EB49440A8D45 . 6008832 . . [8.00.6001.19328] . . c:windowsie8updatesKB2799329-IE8mshtml.dll
[-] 2012-08-28 . CF6B381C3518AB328382429CAE206D64 . 6010368 . . [8.00.6001.23415] . . c:windows$hf_mig$KB2744842-IE8SP3QFEmshtml.dll
[-] 2012-03-01 . DADE53318D8E5335EE2E1745F1C3FC4D . 5978624 . . [8.00.6001.19222] . . c:windowsie8updatesKB2744842-IE8mshtml.dll
[-] 2012-03-01 . 5DBB0C997AD276BCE9D30CD609BDBF67 . 5980672 . . [8.00.6001.23318] . . c:windows$hf_mig$KB2675157-IE8SP3QFEmshtml.dll
[-] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:windowsie8updatesKB2675157-IE8mshtml.dll
[-] 2011-11-04 . 699421E2E1313C18671A703953CAE14B . 5978624 . . [8.00.6001.23266] . . c:windows$hf_mig$KB2618444-IE8SP3QFEmshtml.dll
[-] 2011-07-25 . 23B3C8E9F3F280180573569253CE98AB . 5969920 . . [8.00.6001.19120] . . c:windowsie8updatesKB2618444-IE8mshtml.dll
[-] 2011-07-25 . BCE7CCEBAD6C8955D2B4C3B246BD0E57 . 5971456 . . [8.00.6001.23216] . . c:windows$hf_mig$KB2559049-IE8SP3QFEmshtml.dll
[-] 2010-12-20 . 1EDCEC5D649DBAC37ED9FFB5A14CEB0C . 5961216 . . [8.00.6001.19019] . . c:windowsie8updatesKB2559049-IE8mshtml.dll
[-] 2010-12-20 . 2A2C070EC691CE410533A1DA7AA3CD86 . 5962240 . . [8.00.6001.23111] . . c:windows$hf_mig$KB2482017-IE8SP3QFEmshtml.dll
[-] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:windows$hf_mig$KB2416400-IE8SP3QFEmshtml.dll
[-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:windowsie8updatesKB2482017-IE8mshtml.dll
[-] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:windowsie8updatesKB2416400-IE8mshtml.dll
[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:windows$hf_mig$KB978207-IE8SP3QFEmshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:windowsie8updatesKB978207-IE8mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:windowsServicePackFilesi386mshtml.dll
[-] 2007-05-08 . 1D4E3B86C601A2497C99790CC4D7DF26 . 3584000 . . [7.00.6000.20591] . . c:windows$hf_mig$KB933566-IE7SP2QFEmshtml.dll
[-] 2007-05-08 . 5D90A7200F72DACE663EE78DE234FCC7 . 3583488 . . [7.00.6000.16481] . . c:windowsie8mshtml.dll
[-] 2007-05-08 . 5D90A7200F72DACE663EE78DE234FCC7 . 3583488 . . [7.00.6000.16481] . . c:windowsSoftwareDistributionDownload.olda1b272167f1c6b6636fd2e2a091bf287backupsp3gdrmshtml.dll
[-] 2007-05-08 . 5D90A7200F72DACE663EE78DE234FCC7 . 3583488 . . [7.00.6000.16481] . . c:windowsSoftwareDistributionDownload.olda1b272167f1c6b6636fd2e2a091bf287backupsp3qfemshtml.dll
[-] 2007-03-07 . DA297A862E5F093A07D37C05F608C686 . 3582976 . . [7.00.6000.20544] . . c:windows$hf_mig$KB931768-IE7SP2QFEmshtml.dll
[-] 2007-03-07 . 190E1AE9B973049B12A67BAD478C770C . 3581952 . . [7.00.6000.16441] . . c:windowsie7updatesKB933566-IE7mshtml.dll
[-] 2007-01-12 . 5D45318804A30CE9D6EA83066E84B4A7 . 3580416 . . [7.00.6000.16414] . . c:windowsie7updatesKB931768-IE7mshtml.dll
[-] 2006-11-08 . CBF04597F9CF7739E572276A2698FDD3 . 3577856 . . [7.00.5730.11] . . c:windowsie7updatesKB928090-IE7mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:windows$hf_mig$KB925454SP2QFEmshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:windowsie7mshtml.dll
[-] 2006-05-19 . 8687E029BE63C77D4919485068C54D77 . 3055104 . . [6.00.2900.2912] . . c:windows$hf_mig$KB916281SP2QFEmshtml.dll
[-] 2006-03-23 . ABCD123F888E4E97C8751378CCCC4F26 . 3055616 . . [6.00.2900.2873] . . c:windows$hf_mig$KB912812SP2QFEmshtml.dll
[-] 2005-11-24 . D3F037F5DA702AE9DDD7663EC9D78BA7 . 3018240 . . [6.00.2900.2802] . . c:windows$hf_mig$KB905915SP2QFEmshtml.dll
[-] 2005-10-05 . 3394299FBF1CD0B24089FC762611360B . 3017728 . . [6.00.2900.2769] . . c:windows$hf_mig$KB896688SP2QFEmshtml.dll
[-] 2005-07-20 . A14A7A206AE22DE4FE563E44CFC7DDF5 . 3016192 . . [6.00.2900.2722] . . c:windows$hf_mig$KB896727SP2QFEmshtml.dll
.
[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:windowsWinSxSx86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:windowsServicePackFilesi386msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:windowssystem32msvcrt.dll
[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:windowsWinSxSx86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9msvcrt.dll
[-] 2003-03-31 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:windowsWinSxSx86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76amsvcrt.dll
[-] 2003-03-31 . 70630CAD245477F8DB02B79D9A92834C . 323072 . . [7.0.2600.1106] . . c:windowsWinSxSx86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3msvcrt.dll
.
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:windows$hf_mig$KB2509553SP3QFEmswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:windows$hf_mig$KB951748SP3QFEmswsock.dll
[-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:windowssystem32mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386mswsock.dll
.
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:windowssystem32netlogon.dll
.
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:windowsServicePackFilesi386powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:windowssystem32powrprof.dll
.
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:windowssystem32scecli.dll
.
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:windowssystem32sfc.dll
.
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:windowssystem32svchost.exe
.
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:windowssystem32tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:windows$hf_mig$KB893756SP2QFEtapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:windows$hf_mig$KB893756SP2GDRtapisrv.dll
.
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:windows$hf_mig$KB925902SP2QFEuser32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:windows$hf_mig$KB890859SP2QFEuser32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:windows$hf_mig$KB890859SP2GDRuser32.dll
.
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:windowssystem32userinit.exe
.
[-] 2012-12-26 . D175F91A4C98B8848818C9B5089F88A2 . 916480 . . [8.00.6001.19394] . . c:windowsSoftwareDistributionDownload.old4cb6ecfc18c5f0010f3d7f2229fd3c6cSP3GDRwininet.dll
[-] 2012-12-26 . D175F91A4C98B8848818C9B5089F88A2 . 916480 . . [8.00.6001.19394] . . c:windowssystem32wininet.dll
[-] 2012-12-26 . D175F91A4C98B8848818C9B5089F88A2 . 916480 . . [8.00.6001.19394] . . c:windowssystem32dllcachewininet.dll
[-] 2012-12-26 . B8BEF9519A1B124DEAF94081F6C5A767 . 920064 . . [8.00.6001.23462] . . c:windows$hf_mig$KB2792100-IE8SP3QFEwininet.dll
[-] 2012-12-26 . B8BEF9519A1B124DEAF94081F6C5A767 . 920064 . . [8.00.6001.23462] . . c:windowsSoftwareDistributionDownload.old4cb6ecfc18c5f0010f3d7f2229fd3c6cSP3QFEwininet.dll
[-] 2012-08-28 . FF1C14BCA1A797CE45DD359FA2C9EDA8 . 916992 . . [8.00.6001.19328] . . c:windowsie8updatesKB2792100-IE8wininet.dll
[-] 2012-08-28 . DCEA3B3193B7181CF818ECC4EAB30A66 . 920064 . . [8.00.6001.23415] . . c:windows$hf_mig$KB2744842-IE8SP3QFEwininet.dll
[-] 2012-03-01 . 009E7B4C284F080608D7286484015EE5 . 916992 . . [8.00.6001.19222] . . c:windowsie8updatesKB2744842-IE8wininet.dll
[-] 2012-03-01 . 4EC67FAB39F37626AD6D9895FC094ABF . 919552 . . [8.00.6001.23318] . . c:windows$hf_mig$KB2675157-IE8SP3QFEwininet.dll
[-] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:windowsie8updatesKB2675157-IE8wininet.dll
[-] 2011-11-04 . 4E4716CAF514717814D07113AD0425B6 . 919552 . . [8.00.6001.23261] . . c:windows$hf_mig$KB2618444-IE8SP3QFEwininet.dll
[-] 2011-06-23 . AF4EDDC6C0446FCE5681B5DED52B8F0E . 916480 . . [8.00.6001.19098] . . c:windowsie8updatesKB2618444-IE8wininet.dll
[-] 2011-06-23 . 509CF67AE762A38E23A5455A0053853C . 919552 . . [8.00.6001.23192] . . c:windows$hf_mig$KB2559049-IE8SP3QFEwininet.dll
[-] 2010-12-20 . 88014D62B5E3CDB0AC67948D86C926C8 . 916480 . . [8.00.6001.19019] . . c:windowsie8updatesKB2559049-IE8wininet.dll
[-] 2010-12-20 . 5504B4ECCE892EB82CD2C5FA71940AC1 . 919552 . . [8.00.6001.23111] . . c:windows$hf_mig$KB2482017-IE8SP3QFEwininet.dll
[-] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:windows$hf_mig$KB2416400-IE8SP3QFEwininet.dll
[-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:windowsie8updatesKB2482017-IE8wininet.dll
[-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:windowsie8updatesKB2416400-IE8wininet.dll
[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:windows$hf_mig$KB978207-IE8SP3QFEwininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:windowsie8updatesKB978207-IE8wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:windowsServicePackFilesi386wininet.dll
[-] 2007-04-25 . 431DEFBB4A3D7B0DC062C1B064623A2F . 823808 . . [7.00.6000.20583] . . c:windows$hf_mig$KB933566-IE7SP2QFEwininet.dll
[-] 2007-04-25 . 0586A7F0B2FDB94D624F399D4728E7C8 . 822784 . . [7.00.6000.16473] . . c:windowsie8wininet.dll
[-] 2007-04-25 . 0586A7F0B2FDB94D624F399D4728E7C8 . 822784 . . [7.00.6000.16473] . . c:windowsSoftwareDistributionDownload.olda1b272167f1c6b6636fd2e2a091bf287backupsp3gdrwininet.dll
[-] 2007-04-25 . 0586A7F0B2FDB94D624F399D4728E7C8 . 822784 . . [7.00.6000.16473] . . c:windowsSoftwareDistributionDownload.olda1b272167f1c6b6636fd2e2a091bf287backupsp3qfewininet.dll
[-] 2007-03-07 . 5B35DAE6E4886F64D1DA58C4E3E01EB9 . 822784 . . [7.00.6000.16441] . . c:windowsie7updatesKB933566-IE7wininet.dll
[-] 2007-03-07 . B8F4DB39CA7353752F245379D285C80E . 823296 . . [7.00.6000.20544] . . c:windows$hf_mig$KB931768-IE7SP2QFEwininet.dll
[-] 2007-01-12 . BE43D00D802C92F01C8CC952C6F483F8 . 822784 . . [7.00.6000.16414] . . c:windowsie7updatesKB931768-IE7wininet.dll
[-] 2006-11-08 . 92995334F993E6E49C25C6D02EC04401 . 818688 . . [7.00.5730.11] . . c:windowsie7updatesKB928090-IE7wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:windows$hf_mig$KB925454SP2QFEwininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:windowsie7wininet.dll
[-] 2006-05-10 . D94CFFDB53E7AC867438E2DFD50E7CBC . 663552 . . [6.00.2900.2904] . . c:windows$hf_mig$KB916281SP2QFEwininet.dll
[-] 2006-03-04 . C0845ECBF4F9164E618EE381B79C9032 . 663552 . . [6.00.2900.2861] . . c:windows$hf_mig$KB912812SP2QFEwininet.dll
[-] 2005-10-21 . AF785C4947676A7FC1673FDC5C8D0B5B . 661504 . . [6.00.2900.2781] . . c:windows$hf_mig$KB905915SP2QFEwininet.dll
[-] 2005-09-02 . 97A6FD7CAFD688CF2C78939EBAF0CD0C . 660480 . . [6.00.2900.2753] . . c:windows$hf_mig$KB896688SP2QFEwininet.dll
[-] 2005-07-03 . 6E533D155B259EB2363D3E04B5BE309F . 659456 . . [6.00.2900.2713] . . c:windows$hf_mig$KB896727SP2QFEwininet.dll
[-] 1996-08-26 16:39 . BC06EB9D08AA7080B650A71914607A07 . 289552 . . [4.70.1157] . . c:windowssystemWININET.DLL
.
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:windowssystem32ws2_32.dll
.
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:windowssystem32ws2help.dll
.
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:windowsServicePackFilesi386explorer.exe
.
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:windowsregedit.exe
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386regedit.exe
.
[-] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:windowssystem32ole32.dll
[-] 2011-11-01 . 7D9DDE1AB4B00DDB173F5A16E9206517 . 1289216 . . [5.1.2600.6168] . . c:windows$hf_mig$KB2624667SP3QFEole32.dll
[-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:windows$hf_mig$KB979687SP3QFEole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ole32.dll
[-] 2005-07-26 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:windows$hf_mig$KB902400SP2QFEole32.dll
[-] 2005-04-28 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:windows$hf_mig$KB894391SP2QFEole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:windows$hf_mig$KB873333SP2GDRole32.dll
[-] 2005-01-14 . 2E752611C9A9AE1B6BFD0DA03CF7F17E . 1284608 . . [5.1.2600.2595] . . c:windows$hf_mig$KB873333SP2QFEole32.dll
.
[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:windowssystem32usp10.dll
[-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:windows$hf_mig$KB981322SP3QFEusp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:windowsServicePackFilesi386usp10.dll
.
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:windowsServicePackFilesi386ksuser.dll
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:windowssystem32ksuser.dll
[-] 2002-12-12 05:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:windowsRegisteredPackages{44BBA855-CC51-11CF-AAFA-00AA00B6015C}ksuser.dll
.
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
.
[-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:windowssystem32shsvcs.dll
[-] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:windows$hf_mig$KB971029SP3QFEshsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:windowsServicePackFilesi386shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:windows$hf_mig$KB928255SP2QFEshsvcs.dll
.
[-] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386msimg32.dll
[-] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:windowssystem32msimg32.dll
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:windowssystem32srsvc.dll
.
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:windowssystem32wscntfy.exe
.
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:windowssystem32xmlprov.dll
.
[-] 2010-12-09 . 15CE4DBC22FAB90B3CA5352AF1FFF81C . 718336 . . [5.1.2600.6055] . . c:windows$hf_mig$KB2393802SP3QFEntdll.dll
[-] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:windowssystem32ntdll.dll
[-] 2009-02-09 . B0913005EE3FC15D7F72472D0B8A30EB . 715264 . . [5.1.2600.5755] . . c:windows$hf_mig$KB956572SP3QFEntdll.dll
[-] 2008-04-14 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ntdll.dll
[-] 2003-03-31 . 983940F6627F77C250BE0AE398FC53FB . 668672 . . [5.1.2600.1106] . . c:windows$NtUninstallQ815021$ntdll.dll
.
[-] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386msctfime.ime
[-] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:windowssystem32msctfime.ime
.
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:windowssystem32eventlog.dll
.
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:windowssystem32sfcfiles.dll
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:windowssystem32driversipsec.sys
.
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:windowssystem32regsvc.dll
.
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:windowssystem32schedsvc.dll
.
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:windowssystem32ssdpsrv.dll
.
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:windowssystem32termsrv.dll
.
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386hnetcfg.dll
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:windowssystem32hnetcfg.dll
.
[-] 2003-03-31 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:windowssystem32driversacpiec.sys
.
[-] 2008-04-14 05:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:windowsServicePackFilesi386aec.sys
[-] 2008-04-14 05:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:windowssystem32driversaec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:windows$hf_mig$KB900485SP2QFEaec.sys
.
[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386agp440.sys
[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:windowssystem32driversagp440.sys
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:windowssystem32driversip6fw.sys
.
[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:windows$hf_mig$KB2387149SP3QFEmfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:windowssystem32mfc40u.dll
[-] 2008-04-14 12:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:windowsServicePackFilesi386mfc40u.dll
.
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:windowssystem32msgsvc.dll
.
[-] 2006-10-19 04:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:windowssystem32mspmsnsv.dll
[-] 2005-01-28 18:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:windows$NtUninstallWMFDist11$mspmsnsv.dll
[-] 2005-01-28 18:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:windowsRegisteredPackages{30C7234B-6482-4A55-A11D-ECD9030313F2}MsPMSNSv.dll
[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:windowsRegisteredPackages{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$SystemMsPMSNSv.dll
[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:windowsServicePackFilesi386mspmsnsv.dll
.
[-] 2008-04-14 12:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:windowsServicePackFilesi386ntmssvc.dll
[-] 2008-04-14 12:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:windowssystem32ntmssvc.dll
.
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:windowssystem32upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:windows$hf_mig$KB931261SP2QFEupnphost.dll
.
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:windowsServicePackFilesi386dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:windowssystem32dsound.dll
[-] 2002-12-12 05:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:windowsRegisteredPackages{44BBA855-CC51-11CF-AAFA-00AA00B6015C}dsound.dll
.
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:windowsServicePackFilesi386d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:windowssystem32d3d9.dll
.
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:windowsServicePackFilesi386ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:windowssystem32ddraw.dll
[-] 2002-12-12 05:14 . 61CC64C43BEC193100E3722F6CF4B1E1 . 284160 . . [5.3.0000000.900 built by: DIRECTX] . . c:windowsRegisteredPackages{44BBA855-CC51-11CF-AAFA-00AA00B6015C}ddraw.dll
.
[-] 2008-04-14 12:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386olepro32.dll
[-] 2008-04-14 12:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:windowssystem32olepro32.dll
.
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:windowssystem32perfctrs.dll
.
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:windowssystem32version.dll
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:windowssystem32srsvc.dll
.
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:windowssystem32w32time.dll
.
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:windowssystem32wiaservc.dll
[-] 2006-12-19 . D9F097AA3B97034D3358A01B43E635B2 . 333824 . . [5.1.2600.3051] . . c:windows$hf_mig$KB927802SP2QFEwiaservc.dll
.
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386midimap.dll
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:windowssystem32midimap.dll
.
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386rasadhlp.dll
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:windowssystem32rasadhlp.dll
[-] 2006-06-26 . B5D08C96B2DADAF5171FB69E341B272B . 7680 . . [5.1.2600.2938] . . c:windows$hf_mig$KB920683SP2QFErasadhlp.dll
.
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:windowsServicePackFilesi386wshtcpip.dll
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:windowssystem32wshtcpip.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- f:fprogramsavastashShell.dll
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:program filesQuickTimeqttask.exe" [2006-01-11 155648]
"IgfxTray"="c:windowssystem32igfxtray.exe" [2004-02-10 155648]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 122880]
"avast"="f:fprogramsavastavastUI.exe" [2012-10-30 4297136]
"Agent"="f:fprogramsPower VCR IIAgent.exe" [2001-03-08 94208]
"AdaptecDirectCD"="f:fprogramsRoxDirectCDDirectCD.exe" [2010-05-12 684032]
"Adobe ARM"="c:program filesCommon FilesAdobeARM1.0AdobeARM.exe" [2012-12-18 946352]
.
c:documents and settingsAll UsersStart MenuProgramsStartup
Adobe Gamma Loader.lnk - c:program filesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe [2010-5-2 113664]
Microsoft Office.lnk - f:fprogramsOffice 2002Office10OSA.EXE [2001-2-13 83360]
.
[hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "f:fprogramsSUPERAntiSpywareSASSEH.DLL" [2013-02-18 113024]
.
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal!SASCORE]
@=""
.
[HKLM~startupfolderC:^Documents and Settings^mombo^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=c:windowspssLimeWire On Startup.lnkStartup
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun-disabled]
"CapFax"=f:fprogramsBSVPCapFax.EXE
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
"AntiVirusOverride"=dword:00000001
.
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
"f:apacheApache.exe"=
"c:WINDOWSsystem32sessmgr.exe"=
.
R0 FGXSCSI;FGXSCSI;c:windowssystem32driversfgxscsi.sys [6/10/2010 4:57 AM 71680]
R1 aswSnx;aswSnx;c:windowssystem32driversaswSnx.sys [5/15/2011 12:27 PM 738504]
R1 aswSP;aswSP;c:windowssystem32driversaswSP.sys [5/15/2011 12:27 PM 361032]
R1 SASDIFSV;SASDIFSV;f:fprogramsSUPERAntiSpywareSASDIFSV.SYS [2/17/2010 10:25 AM 12880]
R1 SASKUTIL;SASKUTIL;f:fprogramsSUPERAntiSpywareSASKUTIL.SYS [5/6/2010 4:10 PM 67664]
R2 !SASCORE;SAS Core Service;f:fprogramsSUPERAntiSpywareSASCORE.EXE [8/27/2010 12:34 PM 116608]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [5/15/2011 12:27 PM 21256]
R2 SPTimer;SharePoint Timer Service;c:program filesCommon FilesMicrosoft Sharedweb server extensions50binOWSTIMER.EXE [2/16/2001 1:42 AM 345504]
R3 HCWBT8XX;Hauppauge WinTV 848/9 WDM Video Driver;c:windowssystem32driversHCWBT8xx.sys [5/30/2010 9:33 AM 472644]
S3 Pcouffin;Low level access layer for CD devices;c:windowssystem32DriversPcouffin.sys --> c:windowssystem32DriversPcouffin.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-19 c:windowsTasksavast! Emergency Update.job
- f:fprogramsavastAvastEmUpdate.exe [2012-07-04 23:50]
.
2013-02-19 c:windowsTasksGoogleUpdateTaskMachineCore.job
- c:program filesGoogleUpdateGoogleUpdate.exe [2012-07-04 22:53]
.
2013-02-19 c:windowsTasksGoogleUpdateTaskMachineUA.job
- c:program filesGoogleUpdateGoogleUpdate.exe [2012-07-04 22:53]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &ieSpell Options - f:fprogramsieSpelliespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - f:fprogramsieSpelliespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - f:fprogr~1OFFICE~1Office10EXCEL.EXE/3000
TCP: Interfaces{0F24E88E-529F-4DD2-8D15-F6EA48F028E1}: NameServer = 66.81.0.251 66.81.0.252
FF - ProfilePath - c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.default
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.pch.com/search?ourmark=3&nfsp=tbrsp&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-01-12 10:14; {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}; c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensions{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - ExtSQL: 2013-01-12 10:42; donottrackplus@abine.com; c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensionsdonottrackplus@abine.com
FF - ExtSQL: 2013-02-16 11:52; wikilook@testpilot; c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensionswikilook@testpilot.xpi
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-19 15:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINESystemControlSet002ServicesMySql]
"ImagePath"="F:/apache/mysql/bin/mysqld-nt.exe"
.
[HKEY_LOCAL_MACHINESystemControlSet002ServicesMySql]
"ImagePath"="F:/apache/mysql/bin/mysqld-nt.exe"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERSS-1-5-21-1454471165-842925246-839522115-1006SoftwareMicrosoftSystemCertificatesAddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3716)
c:windowssystem32WININET.dll
c:windowssystem32ieframe.dll
c:windowssystem32webcheck.dll
c:windowssystem32WPDShServiceObj.dll
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
f:fprogramsavastAvastSvc.exe
c:program filesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
f:fprogramsjavabinjqs.exe
c:windowssystem32inetsrvinetinfo.exe
c:windowsBCMSMMSG.exe
.
**************************************************************************
.
Completion time: 2013-02-19 15:40:41 - machine was rebooted
ComboFix-quarantined-files.txt 2013-02-19 23:40
ComboFix2.txt 2013-02-19 15:34
.
Pre-Run: 48,775,491,584 bytes free
Post-Run: 48,788,721,664 bytes free
.
- - End Of File - - 08A6E7419E13CD9E2981EBB915414CA3

-------------------------------------------------------------------------------------

Thank you Tom for the help,, This computer was giving to me 7 yrs ago and I thought I uninstalled
limewire yrs ago,,if it is still on here I don't see it in add remove programs I would like to get rid
of it if you can help me do that too would be great,,I don't use stuff like that.I think limewire
stopped there service awhile back ,anyway I know it's not from there...

[Tomk_]

That didn't work. Let's re-install Service pack 3.

 

Please uninstall Service Pack 3. See here for instructions: http://support.microsoft.com/kb/950249

 

 

Then download and re-install Service Pack 3. See here for instructions: http://www.microsoft.com/download/en/details.aspx?id=24

 

After all of that is done... please do the following:

 

COMBOFIX-Script

[*]Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

Registry::[HKLM~startupfolderC:^Documents and Settings^mombo^Start Menu^Programs^Startup^LimeWire On Startup.lnk]backup=-

[*]Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

 

[*]Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

[*]Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.

[*]ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.

[*]When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

[*]CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

[MOMBO]

Hello Tomk,,Thats allright,,Im good here,,it runs fine,no sign of the infected(hkcmd.exe) files,.

..if things get worse I will bb.Thanks for all your professional help!

[MOMBO]

Hello Tomk,,I installed ser pak 3 ,,it copied over the old files and
added some new,,maybe you can check this out and see if all is ok here...log file below...

---------------------------------------------

ComboFix 13-02-18.02 - mombo 02/20/2013 16:11:09.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.286 [GMT -8:00]
Running from: c:documents and settingsmomboDesktopComboFix.exe
Command switches used :: c:documents and settingsmomboDesktopCFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2013-01-21 to 2013-02-21 )))))))))))))))))))))))))))))))
.
.
2013-02-20 19:23 . 2012-06-05 15:50 1172480 -c----w- c:windowssystem32dllcachemsxml3.dll
2013-02-20 19:06 . 2008-04-21 12:08 215552 -c----w- c:windowssystem32dllcachewordpad.exe
2013-02-20 18:57 . 2013-02-20 18:57 -------- d-----w- c:windowsLastGood
2013-02-20 17:26 . 2013-02-20 17:26 -------- d-sh--w- c:windowssystem32configsystemprofileIETldCache
2013-02-20 17:16 . 2008-04-14 06:57 79872 -c----w- c:windowssystem32dllcachemsxml6r.dll
2013-02-20 17:16 . 2008-04-14 13:41 81920 ------w- c:windowssystem32ieencode.dll
2013-02-20 17:16 . 2007-04-03 08:12 1327320 ------w- c:program filesMSNmsncorefilesinstallmsnsusii.exe
2013-02-20 17:16 . 2007-04-03 08:04 884712 ------w- c:program filesMSNmsncorefilesinstallmsn9componentsdigcore.exe
2013-02-20 17:16 . 2007-04-03 08:09 11053008 ------w- c:program filesMSNmsncorefilesinstallmsn9componentsmsncli.exe
2013-02-20 17:16 . 2008-04-14 13:40 966656 ------w- c:program filesMSNmsncorefilesoobeobemetal.dll
2013-02-20 17:16 . 2008-04-14 13:40 86016 ------w- c:program filesMSNmsncorefilesoobeobepopc.dll
2013-02-20 17:16 . 2008-04-14 13:40 229376 ------w- c:program filesMSNmsncorefilesoobeobelog.dll
2013-02-20 17:16 . 2007-04-03 08:14 77824 ------w- c:program filesMSNmsncorefilesoobeobemtllc.dll
2013-02-20 17:15 . 2006-12-29 08:31 19569 ----a-w- c:windows000001_.tmp
2013-02-19 22:53 . 2013-02-20 18:18 -------- d-----w- c:windowssystem32CatRoot2
2013-02-18 21:35 . 2013-01-10 19:33 759296 -c----w- c:windowssystem32dllcachevgx.dll
2013-02-18 17:38 . 2013-02-18 17:38 -------- d-----w- c:windowssystem32wbemRepository
2013-02-13 17:36 . 2013-02-13 17:36 -------- d-----w- c:program filesMicrosoft.NET
2013-02-13 17:30 . 2013-02-13 17:48 -------- d-----w- C:c1e08ede32f082b1efea
2013-02-11 21:52 . 2001-08-30 10:30 138752 -c--a-w- c:windowssystem32dllcachesndvol32.exe
2013-02-11 21:51 . 2001-08-30 10:30 138752 ----a-w- c:windowssystem32sndvol32.exe
2013-01-26 03:55 . 2013-01-26 03:55 552448 -c----w- c:windowssystem32dllcacheoleaut32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 03:55 . 2003-03-31 12:00 552448 ----a-w- c:windowssystem32oleaut32.dll
2013-01-07 01:16 . 2012-05-28 23:10 2193024 ----a-w- c:windowssystem32ntoskrnl.exe
2013-01-07 00:36 . 2012-05-28 23:10 2069760 ----a-w- c:windowssystem32ntkrnlpa.exe
2013-01-04 01:20 . 2012-05-28 23:10 1867264 ----a-w- c:windowssystem32win32k.sys
2013-01-02 06:49 . 2005-07-28 18:53 148992 ----a-w- c:windowssystem32mpg2splt.ax
2013-01-02 06:49 . 2005-07-28 18:53 1292288 ----a-w- c:windowssystem32quartz.dll
2012-12-26 20:16 . 2005-06-18 04:49 916480 ----a-w- c:windowssystem32wininet.dll
2012-12-26 20:16 . 2003-03-31 12:00 43520 ----a-w- c:windowssystem32licmgr10.dll
2012-12-26 20:16 . 2003-03-31 12:00 1469440 ----a-w- c:windowssystem32inetcpl.cpl
2012-12-24 06:40 . 2004-08-04 05:59 385024 ----a-w- c:windowssystem32html.iec
2012-12-16 12:23 . 2003-03-31 12:00 290560 ----a-w- c:windowssystem32atmfd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- f:fprogramsavastashShell.dll
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:program filesQuickTimeqttask.exe" [2006-01-11 155648]
"IgfxTray"="c:windowssystem32igfxtray.exe" [2004-02-10 155648]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 122880]
"avast"="f:fprogramsavastavastUI.exe" [2012-10-30 4297136]
"Agent"="f:fprogramsPower VCR IIAgent.exe" [2001-03-08 94208]
"AdaptecDirectCD"="f:fprogramsRoxDirectCDDirectCD.exe" [2010-05-12 684032]
"Adobe ARM"="c:program filesCommon FilesAdobeARM1.0AdobeARM.exe" [2012-12-18 946352]
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOnce]
"KB923561"="apphelp.dll" [2008-04-14 125952]
.
c:documents and settingsAll UsersStart MenuProgramsStartup
Adobe Gamma Loader.lnk - c:program filesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe [2010-5-2 113664]
Microsoft Office.lnk - f:fprogramsOffice 2002Office10OSA.EXE [2001-2-13 83360]
.
[hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "f:fprogramsSUPERAntiSpywareSASSEH.DLL" [2013-02-18 113024]
.
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal!SASCORE]
@=""
.
[HKLM~startupfolderC:^Documents and Settings^mombo^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=c:windowspssLimeWire On Startup.lnkStartup
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun-disabled]
"CapFax"=f:fprogramsBSVPCapFax.EXE
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
"AntiVirusOverride"=dword:00000001
.
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
"f:apacheApache.exe"=
"c:WINDOWSsystem32sessmgr.exe"=
"%windir%Network Diagnosticxpnetdiag.exe"=
"%windir%system32sessmgr.exe"=
.
R0 FGXSCSI;FGXSCSI;c:windowssystem32driversfgxscsi.sys [6/10/2010 4:57 AM 71680]
R1 aswSnx;aswSnx;c:windowssystem32driversaswSnx.sys [5/15/2011 12:27 PM 738504]
R1 aswSP;aswSP;c:windowssystem32driversaswSP.sys [5/15/2011 12:27 PM 361032]
R1 SASDIFSV;SASDIFSV;f:fprogramsSUPERAntiSpywareSASDIFSV.SYS [2/17/2010 10:25 AM 12880]
R1 SASKUTIL;SASKUTIL;f:fprogramsSUPERAntiSpywareSASKUTIL.SYS [5/6/2010 4:10 PM 67664]
R2 !SASCORE;SAS Core Service;f:fprogramsSUPERAntiSpywareSASCORE.EXE [8/27/2010 12:34 PM 116608]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [5/15/2011 12:27 PM 21256]
R2 SPTimer;SharePoint Timer Service;c:program filesCommon FilesMicrosoft Sharedweb server extensions50binOWSTIMER.EXE [2/16/2001 1:42 AM 345504]
R3 HCWBT8XX;Hauppauge WinTV 848/9 WDM Video Driver;c:windowssystem32driversHCWBT8xx.sys [5/30/2010 9:33 AM 472644]
S3 Pcouffin;Low level access layer for CD devices;c:windowssystem32DriversPcouffin.sys --> c:windowssystem32DriversPcouffin.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-20 c:windowsTasksavast! Emergency Update.job
- f:fprogramsavastAvastEmUpdate.exe [2012-07-04 23:50]
.
2013-02-20 c:windowsTasksGoogleUpdateTaskMachineCore.job
- c:program filesGoogleUpdateGoogleUpdate.exe [2012-07-04 22:53]
.
2013-02-20 c:windowsTasksGoogleUpdateTaskMachineUA.job
- c:program filesGoogleUpdateGoogleUpdate.exe [2012-07-04 22:53]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &ieSpell Options - f:fprogramsieSpelliespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - f:fprogramsieSpelliespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - f:fprogr~1OFFICE~1Office10EXCEL.EXE/3000
TCP: Interfaces{0F24E88E-529F-4DD2-8D15-F6EA48F028E1}: NameServer = 66.81.0.251 66.81.0.252
FF - ProfilePath - c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.default
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.pch.com/search?ourmark=3&nfsp=tbrsp&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-01-12 10:14; {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}; c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensions{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - ExtSQL: 2013-01-12 10:42; donottrackplus@abine.com; c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensionsdonottrackplus@abine.com
FF - ExtSQL: 2013-02-16 11:52; wikilook@testpilot; c:documents and settingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensionswikilook@testpilot.xpi
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-20 16:20
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINESystemControlSet002ServicesMySql]
"ImagePath"="F:/apache/mysql/bin/mysqld-nt.exe"
.
[HKEY_LOCAL_MACHINESystemControlSet002ServicesMySql]
"ImagePath"="F:/apache/mysql/bin/mysqld-nt.exe"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERSS-1-5-21-1454471165-842925246-839522115-1006SoftwareMicrosoftSystemCertificatesAddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(412)
c:windowssystem32WININET.dll
c:windowssystem32ieframe.dll
c:windowssystem32webcheck.dll
c:windowssystem32WPDShServiceObj.dll
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
.
Completion time: 2013-02-20 16:23:41
ComboFix-quarantined-files.txt 2013-02-21 00:23
ComboFix2.txt 2013-02-19 23:40
ComboFix3.txt 2013-02-19 15:34
.
Pre-Run: 48,484,544,512 bytes free
Post-Run: 48,647,892,992 bytes free
.
- - End Of File - - 7D4BBB4D6B43991A6C784196ADCAB748

[Tomk_]

That worked perfectly.

 

I'd now like you to run an online scan as sort of a double check on things.

 

Then I have some housekeeping procedures for you.

 

Go here to run an online scanner from ESET.

[*]Turn off the real time scanner of any existing antivirus program while performing the online scan

[*]Tick the box next to YES, I accept the Terms of Use.

[*]Click Start

[*]When asked, allow the activeX control to install

[*]Click Start

[*]Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.

[*]Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

[*]Click Scan

[*]Wait for the scan to finish

[*]When the scan completes, press the LIST OF THREATS FOUND button

[*]Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop

[*]Include the contents of this report in your next reply.

[*]Press the BACK button.

[*]Press Finish

[MOMBO]

OK done all that,,good thing I did,found more crap,,I thought things were fine,,scan took long on this free dial up 56 modem but I let it go all night just to wake another virus,,if they are really active I don't know,,,,log below...Thanks!!

 

C:QooboxQuarantineCDocuments and SettingsmomboApplication DataMozillaFirefoxProfilesz7czw9g6.defaultextensions{96600fe6-b728-47ab-8599-2632bfb38f7c}chromexulcache.jar.vir JS/Agent.NCP trojan

Edited February 21, 2013 by MOMBO

[Tomk_]

The good news is that that is not an active virus. That is noting that we put that infected file in quarantine where it cannot harm your system anymore. The file will be removed as part of our housekeeping. Speaking of which...

 

 

Time for some housekeeping

• [*]Click

START then RUN [*] [*]Now type ComboFix /Uninstall in the runbox and click OK. [*]Note the space between the X and the U, it needs to be there. [*]

The above procedure will:

• [*]Implement some cleanup procedures. [*]Reset System Restore.
  

 

 

Now to remove most of the tools that we have used in fixing your machine:

• [*]Make sure you have an Internet Connection. [*]Download

OTC to your desktop and run it [*]A list of tool components used in the cleanup of malware will be downloaded. [*]If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so. [*]Click Yes to begin the cleanup process and remove these components, including this application. [*]You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.

Please re-enable any security that was disabled.

 

 

The following is my standard advice for the future. Use what you can and pat yourself on the back for what you're already doing.

Please take time to read Preventing Malware - Tools and Practices for Safe Computing. Very important information for your consideration is contained therein.

I would also suggest you read this:
So how did I get infected in the first place?
by Tony Klein


Also: "How to prevent malware"
by miekiemoes

Please respond back that you understand the above and let me know if you have any questions. Otherwise, this thread will be closed Resolved.

 

[MOMBO]

OK done,,OTC Rebooted my machine,I guess it did it's job. excellent!!!this machine is running so much better,,used to take me so much time to open a web page,,I always thought it was this old modem going out...Thanks so much for your help Tomk....

[Tomk_]

You are very welcome.

 

You may now return to your regularly scheduled life.

 

Good luck and be well.

[Tomk_]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.Everyone else please begin a New Topic.