Solokan

Members
  • Content Count

    41
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Solokan

  • Rank
    Advanced Member
  1. In the process of performing a full scan with free because I'm poor and can't afford the version that would just fix the problem for me. Haha... Just checking to see if anyone is on to help. Anyone available for the next good while?
  2. Alright well thank you for all your time and effort although I still ended up having to reformat.
  3. cd i386 isn't working for some reason.
  4. And if I wanted to try and go the other way and just fix it?
  5. Alright. Well I have a bunch of stuff I don't want to lose but I think I'll be able to get over it.
  6. Possible to fix without reformatting?
  7. Not working on that one either.
  8. This section is only accessible by certain groups. If you feel that you should have access to this section please contact an administrator.
  9. both of those are getting hung up at 85%.
  10. Tried to upload it twice and both times the percentage uploaded got to about 60% and stopped. The site said it had an internal system error both times. DDS (Ver_09-07-30.01) - NTFSx86 Run by Lee ##notallowed at 3:07:55.83 on Tue 09/08/2009 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.224 [GMT -4:00] ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe c:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Lee ##notallowed\Desktop\dds.scr ============== Pseudo HJT Report =============== uLocal Page = \blank.htm uStart Page = hxxp://www.myspace.com/ uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.myspace.com/ uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search?q=%s TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe mRun: [iyuzuga] rundll32.exe "c:\windows\ixulidupayazada.dll",e mRun: [CPMdb4bdd13] Rundll32.exe "c:\windows\system32\sawubiyi.dll",a mRun: [kikabamoze] Rundll32.exe "c:\windows\system32\lihelani.dll",s StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\client~1.lnk - c:\program files\buffalo\client manager3\cm3_tray.exe IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL Trusted Zone: pcpitstop.com DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\leesch~1\applic~1\mozilla\firefox\profiles\8o3s7wit.default\ FF - prefs.js: browser.startup.homepage - www.myspace.com FF - plugin: c:\documents and settings\lee ##notallowed\application data\mozilla\firefox\profiles\8o3s7wit.default\extensions\[email protected]\platform\winnt_x86-msvc\plugins\npOberonGameHost.dll FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJava11.dll FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJava12.dll FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJava13.dll FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJava14.dll FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJava32.dll FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJPI150_03.dll FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPOJI610.dll FF - HiddenExtension: XUL Cache: {46708313-7E9F-414F-81DF-A09D29743CCB} - c:\documents and settings\lee ##notallowed\local settings\application data\{46708313-7E9F-414F-81DF-A09D29743CCB} FF - HiddenExtension: XUL Cache: {D5DD0884-5CA7-4438-A46C-EC7FEE7D764F} - c:\documents and settings\administrator\local settings\application data\{d5dd0884-5ca7-4438-a46c-ec7fee7d764f}\ ============= SERVICES / DRIVERS =============== R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456] S0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-24 64160] S0 winsy63;winsy63;c:\windows\system32\drivers\winsy63.sys --> c:\windows\system32\drivers\Winsy63.sys [?] S3 CEDRIVER53;CEDRIVER53;\??\c:\program files\cheat engine\dbk32.sys --> c:\program files\cheat engine\dbk32.sys [?] S3 File;File;c:\windows\system32\File.sys [2006-10-31 8320] S3 Ingelirsw;Ingelirsw; [x] S3 mKernel;mKernel;\??\c:\documents and settings\lee ##notallowed\desktop\loa\wmfup.sys --> c:\documents and settings\lee ##notallowed\desktop\loa\WMFUP.sys [?] S3 vtdg46xx;vtdg46xx;c:\progra~1\turtle~1\santac~1\contro~1\vtdg46xx.sys [2006-2-7 19232] S3 XDva008;XDva008;\??\c:\windows\system32\xdva008.sys --> c:\windows\system32\XDva008.sys [?] S3 XDva019;XDva019;\??\c:\windows\system32\xdva019.sys --> c:\windows\system32\XDva019.sys [?] S3 XDva076;XDva076;\??\c:\windows\system32\xdva076.sys --> c:\windows\system32\XDva076.sys [?] S3 XDva190;XDva190;\??\c:\windows\system32\xdva190.sys --> c:\windows\system32\XDva190.sys [?] UnknownUnknown 3c96cf9;3c96cf9; [x] =============== Created Last 30 ================ 2009-09-07 18:49 <DIR> a-dshr-- C:\cmdcons 2009-09-07 18:48 230,912 a------- c:\windows\PEV.exe 2009-09-07 18:48 161,792 a------- c:\windows\SWREG.exe 2009-09-07 18:48 98,816 a------- c:\windows\sed.exe 2009-09-01 18:39 158,208 a------- c:\windows000344.tmp 2009-09-01 18:39 45,056 a------- c:\windows026444.tmp 2009-09-01 18:22 <DIR> --d----- c:\program files\NortonInstaller 2009-09-01 16:22 21,380 a------- c:\windows\system32\AAWService_2009_09_01_16_22_22.dmp 2009-09-01 15:59 23,696 a------- c:\windows\system32\AAWService_2009_09_01_15_59_56.dmp 2009-09-01 15:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PCSettings 2009-09-01 15:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Norton 2009-09-01 15:54 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NortonInstaller 2009-09-01 11:45 24,576 a------- c:\windows\system32\userinit.exe 2009-08-23 16:01 23,163 a------- c:\windows\system32\AAWService_2009_08_23_16_01_39.dmp 2009-08-22 21:49 25,055 a------- c:\windows\system32\AAWService_2009_08_22_21_49_46.dmp ==================== Find3M ==================== 2009-09-01 17:39 158,208 a------- c:\windows\ixulidupayazada.dll 2009-09-01 16:47 88,064 a--sh--- c:\windows\system32\telonapi.dll 2009-09-01 16:47 80,384 a--sh--- c:\windows\system32\wavowibi.dll 2005-11-09 22:04 13 a------- c:\program files\autobans.txt 2005-09-01 17:04 10,156,943 a------- c:\program files\avg70free_289a392.exe 2009-03-28 16:10 61,440 a--sh--- c:\windows\system32\gemuhede.exe 0000-00-00 00:00 49,152 a--sh--- c:\windows\system32\sorusodi.dll.vir ============= FINISH: 3:08:23.18 ===============
  11. ComboFix 09-09-06.06 - Lee ##notallowed 09/07/2009 18:50.1.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.216 [GMT -4:00] Running from: c:\documents and settings\Lee ##notallowed\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Lee ##notallowed\Application Data\Install.dat c:\documents and settings\Lee ##notallowed\reader_s.exe c:\recycler\NPROTECT c:\recycler\S-1-5-21-0243636035-3055115376-381863306-1556 c:\recycler\S-1-5-21-7161548017-0962100167-378416720-2659 c:\windows\Installer\34b798e.msp c:\windows\Installer\ea8b08.msi c:\windows\instsp2.exe c:\windows\system32\ahtn.htm c:\windows\system32\drivers\3c96cf9.sys c:\windows\system32\dumphive.exe c:\windows\system32\lomehuda.dll c:\windows\system32\Process.exe c:\windows\system32\reader_s.exe c:\windows\system32\uacinit.dll c:\windows\wi2tl1ap.dll c:\windows\system32\drivers\ndis.sys . . . is infected!! . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_3c96cf9 ((((((((((((((((((((((((( Files Created from 2009-08-07 to 2009-09-07 ))))))))))))))))))))))))))))))) . 2009-09-02 00:49 . 2009-09-02 00:49 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\{D5DD0884-5CA7-4438-A46C-EC7FEE7D764F} 2009-09-01 22:22 . 2009-09-02 00:50 -------- d-----w- c:\program files\NortonInstaller 2009-09-01 19:56 . 2009-09-01 19:56 -------- d-----w- c:\documents and settings\All Users\Application Data\PCSettings 2009-09-01 19:56 . 2009-09-02 01:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2009-09-01 19:54 . 2009-09-01 22:41 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2009-09-01 15:45 . 2004-08-04 00:56 24576 ----a-w- c:\windows\system32\userinit.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-02 00:52 . 2005-09-05 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2009-09-01 22:39 . 2009-09-01 22:39 45056 ----a-w- c:\windows�026444.tmp 2009-09-01 22:39 . 2009-09-01 22:39 158208 ----a-w- c:\windows�000344.tmp 2009-09-01 22:36 . 2005-09-05 17:49 -------- d-----w- c:\program files\Common Files\Symantec Shared 2009-09-01 21:39 . 2001-08-23 12:00 158208 ----a-w- c:\windows\ixulidupayazada.dll 2009-09-01 20:47 . 2009-06-01 20:47 88064 --sha-w- c:\windows\system32\telonapi.dll 2009-09-01 20:47 . 2009-06-01 20:47 80384 --sha-w- c:\windows\system32\wavowibi.dll 2009-09-01 19:57 . 2005-09-05 17:49 -------- d-----w- c:\documents and settings\Lee ##notallowed\Application Data\Symantec 2005-11-10 02:04 . 2005-11-10 02:04 13 ----a-w- c:\program files\autobans.txt 2005-09-01 21:04 . 2005-09-01 21:04 10156943 ----a-w- c:\program files\avg70free_289a392.exe 2009-03-28 20:10 . 1601-01-01 00:12 61440 --sha-w- c:\windows\system32\gemuhede.exe 1601-01-01 00:12 . 1601-01-01 00:12 49152 --sha-w- c:\windows\system32\sorusodi.dll.vir . ------- Sigcheck ------- [-] 0F7D9C87B0CE1FA520473119752C6F79 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\svchost.exe [-] 8F078AE4ED187AAABC0A305146DE6716 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\svchost.exe [-] 27C6D03BCDB8CFEB96B716F3D8BE3E18 [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe [-] 8F078AE4ED187AAABC0A305146DE6716 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\svchost.exe [-] 1800F293BCCC8EDE8A70E12B88D80036 [5.1.2600.2622 (xpsp.050301-1521)] c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 7AA4F6C00405DFC4B70ED4214E7D687B [5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)] c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] BE57A5C3ABD240514B98F6BCA872FB21 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\user32.dll [-] C72661F8552ACE7C5C85E16A3CF505C4 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB890859$\user32.dll [-] DE2DB164BBB35DB061AF0997E4499054 [5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] c:\windows\$NtUninstallKB925902$\user32.dll [-] C72661F8552ACE7C5C85E16A3CF505C4 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\user32.dll [-] B26B135FF1B9F60C9388B4A7D16F600B [5.1.2600.5512 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\user32.dll [-] B409909F6E2E8A7067076ED748ABF1E7 [5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] c:\windows\system32\user32.dll [-] B409909F6E2E8A7067076ED748ABF1E7 [5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] c:\windows\system32\dllcache\user32.dll [-] 8529C295DF59B564D37A73B5629162B1 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\ws2_32.dll [-] 2ED0B7F12A60F90092081C50FA0EC2B2 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2CCC474EB85CEAA3E1FA1726580A3E5A [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2_32.dll [-] 2ED0B7F12A60F90092081C50FA0EC2B2 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\ws2_32.dll [-] B258C922D22DEEC880B60720531D7627 [6.00.2900.3086 (xpsp_sp2_qfe.070218-2342)] c:\windows\$hf_mig$\KB931768\SP2QFE\wininet.dll [-] 4261BA03AFD659DE04F0A17DFBDD454D [6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)] c:\windows\$hf_mig$\KB933566\SP2QFE\wininet.dll [-] E1A3DD68B5380B360A7310A64D9BB188 [6.00.2900.3164 (xpsp_sp2_qfe.070626-1258)] c:\windows\$hf_mig$\KB937143\SP2QFE\wininet.dll [-] A1BC17EB3758D73C3938B2318820F5B4 [6.00.2900.3199 (xpsp_sp2_qfe.070821-1250)] c:\windows\$hf_mig$\KB939653\SP2QFE\wininet.dll [-] 80D660A49E0D118144423099B2A9F5DA [6.00.2900.3231 (xpsp_sp2_qfe.071010-1316)] c:\windows\$hf_mig$\KB942615\SP2QFE\wininet.dll [-] 085A7C37F9C6EDE1BA870B7DBEC06399 [6.00.2900.3268 (xpsp_sp2_qfe.071206-1251)] c:\windows\$hf_mig$\KB944533\SP2QFE\wininet.dll [-] BB1EACD6AB47E78EBCA02EB781550D55 [6.00.2900.3314 (xpsp_sp2_qfe.080215-1242)] c:\windows\$hf_mig$\KB947864\SP2QFE\wininet.dll [-] 2E7DE1BF9418B071799EB53DE8CC22F5 [6.00.2900.3354 (xpsp_sp2_qfe.080417-1416)] c:\windows\$hf_mig$\KB950759\SP2QFE\wininet.dll [-] 2B0C24AA747A93A28987B6D65A4A74BC [6.00.2900.5583 (xpsp_sp3_gdr.080417-1430)] c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll [-] 26F240C250E5B4B395CB4B178BA75437 [6.00.2900.5583 (xpsp_sp3_qfe.080417-1431)] c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll [-] 611ACE3F4201E9610AF8452F7C268995 [6.00.2900.3395 (xpsp_sp2_qfe.080623-1318)] c:\windows\$hf_mig$\KB953838\SP2QFE\wininet.dll [-] F12FBB673DE9CC802C5DC518FE99AA2F [6.00.2900.5626 (xpsp_sp3_gdr.080623-1315)] c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll [-] 972299B7241EC325D8C7E5638C884925 [6.00.2900.5626 (xpsp_sp3_qfe.080623-1331)] c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll [-] C91E3A6EF094202F6B5CA8960DFCF243 [6.00.2900.3429 (xpsp_sp2_qfe.080819-1244)] c:\windows\$hf_mig$\KB956390\SP2QFE\wininet.dll [-] 9AF5F25124FBDC36E2B510729CBA2674 [6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll [-] 94418F53D2612C26DBADC04DAFBC197C [6.00.2900.5659 (xpsp_sp3_qfe.080819-1352)] c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll [-] 93C9D0A216498EE14EB9B26119BB95EE [6.00.2900.3462 (xpsp_sp2_qfe.081015-1657)] c:\windows\$hf_mig$\KB958215\SP2QFE\wininet.dll [-] 1576318BF08D28CC61D1278114AD8D5B [6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)] c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll [-] E8FCE58A470999350F64C591557F9E42 [6.00.2900.5694 (xpsp_sp3_qfe.081015-1409)] c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll [-] 6626545292428AE1ED5B4237404B346A [6.00.2737.800] c:\windows\$NtServicePackUninstall$\wininet.dll [-] CF9F1EEF71F42EDE71B6F4AA05D5CA1A [6.00.2600.0000 (xpclient.010817-1148)] c:\windows\$NtUninstallKB834707-IE6-20040929.115007$\wininet.dll [-] C0823FC5469663BA63E7DB88F9919D70 [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB931768$\wininet.dll [-] 30D1C47E40EFBB792FF8D3C3B51CE507 [6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] c:\windows\$NtUninstallKB933566$\wininet.dll [-] B7156CD97E739F3014BC4D61758F868A [6.00.2900.3121 (xpsp_sp2_gdr.070418-1302)] c:\windows\$NtUninstallKB937143$\wininet.dll [-] 184E47C8F7B331025E6DC92740DB188F [6.00.2900.3164 (xpsp_sp2_gdr.070626-1259)] c:\windows\$NtUninstallKB939653$\wininet.dll [-] 1901AD51DA8BE9F8B38D5D526E5D1788 [6.00.2900.3199 (xpsp_sp2_gdr.070821-1257)] c:\windows\$NtUninstallKB942615$\wininet.dll [-] 2005AD86A22AEE68E21EE59F9CCB77F2 [6.00.2900.3231 (xpsp_sp2_gdr.071010-1320)] c:\windows\$NtUninstallKB944533$\wininet.dll [-] 57D1B5150CF6331FAC6B3E04C1FCB966 [6.00.2900.3268 (xpsp_sp2_gdr.071206-1518)] c:\windows\$NtUninstallKB947864$\wininet.dll [-] 0C690E77C0E924C45B4D7045B182FFF1 [6.00.2900.3314 (xpsp_sp2_gdr.080215-1241)] c:\windows\$NtUninstallKB950759$\wininet.dll [-] 1EFB8A3EA8454AEC1BB8A240A2845598 [6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)] c:\windows\$NtUninstallKB953838$\wininet.dll [-] 9EEA04BC4C3FA521D256D89940FAB4DB [6.00.2900.3395 (xpsp_sp2_gdr.080623-1307)] c:\windows\$NtUninstallKB956390$\wininet.dll [-] 87E694D09893978F22024FEEEDF35342 [6.00.2900.3429 (xpsp_sp2_gdr.080819-1231)] c:\windows\$NtUninstallKB958215$\wininet.dll [-] C0823FC5469663BA63E7DB88F9919D70 [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\wininet.dll [-] 6B2735ADFF5A5D3B9130CA4A794722F0 [6.00.2900.3020 (xpsp_sp2_gdr.061023-0214)] c:\windows\SoftwareDistribution\Download\4264f7fcfd0444cc62e52f55a4263036\sp2gdr\wininet.dll [-] 231EF4179ACABE486376B5CA893F1076 [6.00.2900.3020 (xpsp.061023-0222)] c:\windows\SoftwareDistribution\Download\4264f7fcfd0444cc62e52f55a4263036\sp2qfe\wininet.dll [-] B7156CD97E739F3014BC4D61758F868A [6.00.2900.3121 (xpsp_sp2_gdr.070418-1302)] c:\windows\SoftwareDistribution\Download\493760be868721503b9abd615f71e312\sp2gdr\wininet.dll [-] 4261BA03AFD659DE04F0A17DFBDD454D [6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)] c:\windows\SoftwareDistribution\Download\493760be868721503b9abd615f71e312\sp2qfe\wininet.dll [-] 7A4F775ABB2F1C97DEF3E73AFA2FAEDD [6.00.2900.5512 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wininet.dll [-] 6F1E4BFD78C4E0D05FF3725D59B72925 [6.00.2900.3462 (xpsp_sp2_gdr.081015-1244)] c:\windows\system32\wininet.dll [-] 6F1E4BFD78C4E0D05FF3725D59B72925 [6.00.2900.3462 (xpsp_sp2_gdr.081015-1244)] c:\windows\system32\dllcache\wininet.dll [-] B2220C618B42A2212A59D91EBD6FC4B4 [5.1.2600.2892 (xpsp.060420-0256)] c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [-] 64798ECFA43D78C7178375FCDD16D8C8 [5.1.2600.3244 (xpsp_sp2_qfe.071030-1255)] c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [-] 744E57C99232201AE98C49168B918F48 [5.1.2600.3394 (xpsp_sp2_qfe.080620-1259)] c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 9AEFA14BD6B182D61E3119FA5F436D3D [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] AD978A1B783B5719720CFF204B666C8E [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] E7774698BB0D14B0710A9A31E209F9B6 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\tcpip.sys [-] 9F4B36614A0FC234525BA224957DE55C [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB917953$\tcpip.sys [-] 1DBF125862891817F374F407626967F4 [5.1.2600.2892 (xpsp_sp2_gdr.060420-0254)] c:\windows\$NtUninstallKB941644$\tcpip.sys [-] 90CAFF4B094573449A0872A0F919B178 [5.1.2600.3244 (xpsp_sp2_gdr.071030-1259)] c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 9F4B36614A0FC234525BA224957DE55C [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\tcpip.sys [-] 93EA8D04EC73A85DB02EB8805988F733 [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys [-] 2A5554FC5B1E04E131230E3CE035C3F9 [5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)] c:\windows\system32\dllcache\tcpip.sys [-] 2A5554FC5B1E04E131230E3CE035C3F9 [5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)] c:\windows\system32\drivers\tcpip.sys [-] 2B0E480E975EE51F2D5CE5F068FED6E2 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\winlogon.exe [-] 01C3346C241652F43AED8E2149881BFE [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\winlogon.exe [-] ED0EF0A136DEC83DF69F04118870003E [5.1.2600.5512 (xpsp.080413-2113)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe [-] 01C3346C241652F43AED8E2149881BFE [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\winlogon.exe [-] 558635D3AF1C7546D26067D5D9B6959E [------] c:\windows\$NtServicePackUninstall$\ndis.sys [-] 558635D3AF1C7546D26067D5D9B6959E [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\ndis.sys [-] 558635D3AF1C7546D26067D5D9B6959E [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ndis.sys [-] 558635D3AF1C7546D26067D5D9B6959E [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\dllcache\ndis.sys [-] 558635D3AF1C7546D26067D5D9B6959E [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\drivers\ndis.sys [-] 4448006B6BC60E6C027932CFC38D6855 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 3BB22519A194418D5FEC05D800A19AD0 [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ip6fw.sys [-] 4448006B6BC60E6C027932CFC38D6855 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\drivers\ip6fw.sys [-] D8ABA3EAB509627E707A3B14F00FBB6B [5.1.2600.2622 (xpsp.050301-1521)] c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe [-] 4D3DBDCCBF97F5BA1E74F322B155C3BA [5.1.2600.3093 (xpsp_sp2_qfe.070227-2300)] c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe [-] 63EC865DFF6CCFC7BEF94B5C50297CAD [5.1.2600.3427 (xpsp_sp2_qfe.080814-1242)] c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe [-] 4AC58F03EB94A72809949D757FC39D80 [5.1.2600.5657 (xpsp_sp3_gdr.080814-1236)] c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe [-] A25E9B86EFFB2AF33BF51E676B68BFB0 [5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)] c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 46E2E3DCF54B819CFB2EBFE48A22B5C9 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [-] 947FB1D86D14AFCFFDB54BF837EC25D0 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe [-] 81013F36B21C7F72CF784CC6731E0002 [5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [-] 515D30E2C90A3665A2739309334C9283 [5.1.2600.3093 (xpsp_sp2_gdr.070227-2254)] c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe [-] BA002228743B6824D87F0551DBC86D45 [5.1.2600.3427 (xpsp_sp2_gdr.080814-1233)] c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 947FB1D86D14AFCFFDB54BF837EC25D0 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [-] 109F8E3E3C82E337BB71B6BC9B895D61 [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntkrnlpa.exe [-] BA002228743B6824D87F0551DBC86D45 [5.1.2600.3427 (xpsp_sp2_gdr.080814-1233)] c:\windows\system32\ntkrnlpa.exe [-] BA002228743B6824D87F0551DBC86D45 [5.1.2600.3427 (xpsp_sp2_gdr.080814-1233)] c:\windows\system32\dllcache\ntkrnlpa.exe [-] 28187802B7C368C0D3AEF7D4C382AABB [5.1.2600.2622 (xpsp.050301-1521)] c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 5A5C8DB4AA962C714C8371FBDF189FC9 [5.1.2600.3093 (xpsp_sp2_qfe.070227-2300)] c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe [-] CE69DBD54221F2D40E49FF6DB77C6507 [5.1.2600.3427 (xpsp_sp2_qfe.080814-1242)] c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe [-] EEAF32F8E15A24F62BECB1BD403BB5C5 [5.1.2600.5657 (xpsp_sp3_gdr.080814-1236)] c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe [-] 31914172342BFF330063F343AC6958FE [5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)] c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] A29222D5281056E497408FCC9062F749 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [-] CE218BC7088681FAA06633E218596CA7 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB890859$\ntoskrnl.exe [-] 4D4CF2C14550A4B7718E94A6E581856E [5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [-] 582A8DBAA58C3B1F176EB2817DAEE77C [5.1.2600.3093 (xpsp_sp2_gdr.070227-2254)] c:\windows\$NtUninstallKB956841$\ntoskrnl.exe [-] 21C91DA9CB53AA8A37041BA9684A8458 [5.1.2600.3427 (xpsp_sp2_gdr.080814-1233)] c:\windows\Driver Cache\i386\ntoskrnl.exe [-] CE218BC7088681FAA06633E218596CA7 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\ntoskrnl.exe [-] 0C89243C7C3EE199B96FCC16990E0679 [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntoskrnl.exe [-] 21C91DA9CB53AA8A37041BA9684A8458 [5.1.2600.3427 (xpsp_sp2_gdr.080814-1233)] c:\windows\system32\ntoskrnl.exe [-] 21C91DA9CB53AA8A37041BA9684A8458 [5.1.2600.3427 (xpsp_sp2_gdr.080814-1233)] c:\windows\system32\dllcache\ntoskrnl.exe [-] 97BD6515465659FF8F3B7BE375B2EA87 [6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] c:\windows\explorer.exe [-] 7712DF0CDDE3A5AC89843E61CD5B3658 [6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)] c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [-] 5A26FC6010886D25B3E412493DD95ED8 [6.00.2600.0000 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\explorer.exe [-] A0732187050030AE399B241436565E64 [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB938828$\explorer.exe [-] A0732187050030AE399B241436565E64 [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\explorer.exe [-] 12896823FB95BFB3DC9B46BCAEDC9923 [6.00.2900.5512 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe [-] 97BD6515465659FF8F3B7BE375B2EA87 [6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] c:\windows\system32\dllcache\explorer.exe [-] E3DF4A0252D287C44606EE55355E1623 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\services.exe [-] C6CE6EEC82F187615D1002BB3BB50ED4 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\services.exe [-] 0E776ED5F7CC9F94299E70461B7B8185 [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe [-] C6CE6EEC82F187615D1002BB3BB50ED4 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\services.exe [-] 8A590EA109B5E0C7629E022F8A6B17C5 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\lsass.exe [-] 84885F9B82F4D55C6146EBF6065D75D2 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\lsass.exe [-] BF2466B3E18E970D8A976FB95FC1CA85 [5.1.2600.5512 (xpsp.080413-2113)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lsass.exe [-] 84885F9B82F4D55C6146EBF6065D75D2 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\lsass.exe [-] 85B1054DB58D13AA42D7DCA778C30F57 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\ctfmon.exe [-] 24232996A38C0B0CF151C2140AE29FC8 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 5F1D5F88303D4A4DBC8E5F97BA967CC3 [5.1.2600.5512 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ctfmon.exe [-] 24232996A38C0B0CF151C2140AE29FC8 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\ctfmon.exe [-] AD3D9D191AEA7B5445FE1D82FFBB4788 [5.1.2600.2696 (xpsp.050610-1527)] c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 9B4155BA58192D4073082B8FC5D42612 [5.1.2600.0 (XPClient.010817-1148)] c:\windows\$NtServicePackUninstall$\spoolsv.exe [-] 7435B108B935E42EA92CA94F59C8E717 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB896423$\spoolsv.exe [-] 7435B108B935E42EA92CA94F59C8E717 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\spoolsv.exe [-] D8E14A61ACC1D4A6CD0D38AEBAC7FA3B [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\spoolsv.exe [-] DA81EC57ACD4CDC3D4C51CF3D409AF9F [5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] c:\windows\system32\spoolsv.exe [-] 585398603F570F9705774D65D292E5D1 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\userinit.exe [-] 39B1FFB03C2296323832ACBAE50D2AFF [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\userinit.exe [-] A93AEE1928A9D7CE3E16D24EC7380F89 [5.1.2600.5512 (xpsp.080413-2113)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe [-] 39B1FFB03C2296323832ACBAE50D2AFF [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\userinit.exe [-] 458635D2E4559526CF9C895340A38702 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\termsrv.dll [-] B60C877D16D9C880B952FDA04ADF16E6 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\termsrv.dll [-] FF3477C03BE7201C294C35F684B3479F [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\termsrv.dll [-] B60C877D16D9C880B952FDA04ADF16E6 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\termsrv.dll [-] 0FDD84928A5DDE2510761B7EC76CCEC9 [5.1.2600.2945 (xpsp.060704-2357)] c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [-] 09F7CB3687F86EDAA4CA081F7AB66C03 [5.1.2600.3119 (xpsp_sp2_qfe.070416-1259)] c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [-] 379B0B31D7F8D2C9F7FF302B454A6C54 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 888190E31455FAD793312F8D087146EB [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB917422$\kernel32.dll [-] D8DB5397DE07577C1CB50BA6D23B3AD4 [5.1.2600.2945 (xpsp_sp2_gdr.060704-2349)] c:\windows\$NtUninstallKB935839$\kernel32.dll [-] 888190E31455FAD793312F8D087146EB [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\kernel32.dll [-] C24B983D211C34DA8FCC1AC38477971D [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\kernel32.dll [-] A01F9CA902A88F7CED06884174D6419D [5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] c:\windows\system32\kernel32.dll [-] A01F9CA902A88F7CED06884174D6419D [5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] c:\windows\system32\dllcache\kernel32.dll [-] 865AD7CCB20856727D5BD994B094DC5E [6.00.2600.0000 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\powrprof.dll [-] 1B5F6923ABB450692E9FE0672C897AED [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\powrprof.dll [-] 50A166237A0FA771261275A405646CC0 [6.00.2900.5512 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\powrprof.dll [-] 1B5F6923ABB450692E9FE0672C897AED [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\powrprof.dll [-] E046037FD5BCDF92CE1A122B749B9B09 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\imm32.dll [-] 87CA7CE6469577F059297B9D6556D66D [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\imm32.dll [-] 0DA85218E92526972A821587E6A8BF8F [5.1.2600.5512 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\imm32.dll [-] 87CA7CE6469577F059297B9D6556D66D [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\imm32.dll [-] 2991727809C7AC3A33E4178CC73244D8 [6.00.2900.3086 (xpsp_sp2_qfe.070218-2342)] c:\windows\$hf_mig$\KB931768\SP2QFE\mshtml.dll [-] 00ADCB32832A10ED9419493BCEA97526 [6.00.2900.3132 (xpsp_sp2_qfe.070504-1301)] c:\windows\$hf_mig$\KB933566\SP2QFE\mshtml.dll [-] 53F3FD772C010622346C39284C4A863B [6.00.2900.3157 (xpsp_sp2_qfe.070614-1244)] c:\windows\$hf_mig$\KB937143\SP2QFE\mshtml.dll [-] 885E3BF99EA4B2213901EBC35B34CF12 [6.00.2900.3199 (xpsp_sp2_qfe.070821-1250)] c:\windows\$hf_mig$\KB939653\SP2QFE\mshtml.dll [-] 79314A0A6B0DA78AFE491FF2D8B117BA [6.00.2900.3243 (xpsp_sp2_qfe.071029-1244)] c:\windows\$hf_mig$\KB942615\SP2QFE\mshtml.dll [-] 8A4DD074DEC1B0C063C8493ABF654CBC [6.00.2900.3268 (xpsp_sp2_qfe.071206-1251)] c:\windows\$hf_mig$\KB944533\SP2QFE\mshtml.dll [-] 701A6798DDF875CAA3A5099EE75FD57F [6.00.2900.3314 (xpsp_sp2_qfe.080215-1242)] c:\windows\$hf_mig$\KB947864\SP2QFE\mshtml.dll [-] 083B967E6B0B2BB539CE6B08D45D631F [6.00.2900.3354 (xpsp_sp2_qfe.080417-1416)] c:\windows\$hf_mig$\KB950759\SP2QFE\mshtml.dll [-] FE406DE0651C9E8201DCB0460609D739 [6.00.2900.5583 (xpsp_sp3_gdr.080417-1430)] c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll [-] 46A61BA430110F00DD990D058AA3D054 [6.00.2900.5583 (xpsp_sp3_qfe.080417-1431)] c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll [-] 1FC693A4EE1D9D9CD78DDA6C87232F6F [6.00.2900.3395 (xpsp_sp2_qfe.080623-1318)] c:\windows\$hf_mig$\KB953838\SP2QFE\mshtml.dll [-] F433136C23D13B120412B300D1324A7E [6.00.2900.5626 (xpsp_sp3_gdr.080623-1315)] c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll [-] 04EEC0FF4DD3C7041628973CA6832C33 [6.00.2900.5626 (xpsp_sp3_qfe.080623-1331)] c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll [-] 20D44D1A5A406CD8E129D3D4F0B5717C [6.00.2900.3429 (xpsp_sp2_qfe.080819-1244)] c:\windows\$hf_mig$\KB956390\SP2QFE\mshtml.dll [-] 507BDA42F7DB8209C0F0B3556A043491 [6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] c:\windows\$hf_mig$\KB956390\SP3GDR\mshtml.dll [-] BD45470B132A0F98596277323D9F2E5A [6.00.2900.5659 (xpsp_sp3_qfe.080819-1352)] c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll [-] C99D8B48FC245D98E1A2BAB6594458C9 [6.00.2900.3462 (xpsp_sp2_qfe.081015-1657)] c:\windows\$hf_mig$\KB958215\SP2QFE\mshtml.dll [-] B846C2DE341CF32B42AD297437233742 [6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)] c:\windows\$hf_mig$\KB958215\SP3GDR\mshtml.dll [-] CC5A2205D37AE67CE23AB7FD3E1FDACA [6.00.2900.5694 (xpsp_sp3_qfe.081015-1409)] c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll [-] 6D1D493622EA050DBAABD0C4C1DFADB5 [6.00.2900.3492 (xpsp_sp2_qfe.081212-1622)] c:\windows\$hf_mig$\KB960714\SP2QFE\mshtml.dll [-] C828AA1C5469E72251F3D367005E589F [6.00.2900.5726 (xpsp_sp3_gdr.081212-1450)] c:\windows\$hf_mig$\KB960714\SP3GDR\mshtml.dll [-] B6DAA74E2ED36C71B502945589A683AE [6.00.2900.5726 (xpsp_sp3_qfe.081212-1451)] c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll [-] 306671C2A286B50A8FD13D61CCC688E8 [6.00.2745.2800] c:\windows\$NtServicePackUninstall$\mshtml.dll [-] 2C8725BBC943212B349B34D11153E5F6 [6.00.2600.0000 (xpclient.010817-1148)] c:\windows\$NtUninstallKB834707-IE6-20040929.115007$\mshtml.dll [-] 376E0843B2356CA91CEC8D9837A56FF7 [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB931768$\mshtml.dll [-] 6B9D083C0D4C4555FE011B01A98872DA [6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)] c:\windows\$NtUninstallKB933566$\mshtml.dll [-] 4D92717B5BBCE85F1254BAD23B0D357C [6.00.2900.3132 (xpsp_sp2_gdr.070504-1301)] c:\windows\$NtUninstallKB937143$\mshtml.dll [-] F049C52772FC86FD5F6C16D77A2A6204 [6.00.2900.3157 (xpsp_sp2_gdr.070614-1242)] c:\windows\$NtUninstallKB939653$\mshtml.dll [-] 591449BD8F2C8090B9259E88C78AE61D [6.00.2900.3199 (xpsp_sp2_gdr.070821-1257)] c:\windows\$NtUninstallKB942615$\mshtml.dll [-] DA077E334961230C12E3E4D62626286E [6.00.2900.3243 (xpsp_sp2_gdr.071029-1246)] c:\windows\$NtUninstallKB944533$\mshtml.dll [-] DA9377A57A277170C78095C0E8BD8C85 [6.00.2900.3268 (xpsp_sp2_gdr.071206-1518)] c:\windows\$NtUninstallKB947864$\mshtml.dll [-] 77DBF6075405494AD6B6A99E2C732F86 [6.00.2900.3314 (xpsp_sp2_gdr.080215-1241)] c:\windows\$NtUninstallKB950759$\mshtml.dll [-] C75C6AD32C28BCE0D14E1CA2AB4862DC [6.00.2900.3354 (xpsp_sp2_gdr.080417-1412)] c:\windows\$NtUninstallKB953838$\mshtml.dll [-] 74B5A84AC8FCF52C249B74C3D2A3E7B8 [6.00.2900.3395 (xpsp_sp2_gdr.080623-1307)] c:\windows\$NtUninstallKB956390$\mshtml.dll [-] B83EB71C2052E05D13D690A224357441 [6.00.2900.3429 (xpsp_sp2_gdr.080819-1231)] c:\windows\$NtUninstallKB958215$\mshtml.dll [-] 9C2C058E341E6B627789EF88D3B98445 [6.00.2900.3462 (xpsp_sp2_gdr.081015-1244)] c:\windows\$NtUninstallKB960714$\mshtml.dll [-] 376E0843B2356CA91CEC8D9837A56FF7 [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\mshtml.dll [-] 5FC7DE1195C8E9B5360FD65DBE95E5B0 [6.00.2900.3020 (xpsp_sp2_gdr.061023-0214)] c:\windows\SoftwareDistribution\Download\4264f7fcfd0444cc62e52f55a4263036\sp2gdr\mshtml.dll [-] 88E1C15BB1A9ED3CBA4D6F2F408D5010 [6.00.2900.3020 (xpsp.061023-0222)] c:\windows\SoftwareDistribution\Download\4264f7fcfd0444cc62e52f55a4263036\sp2qfe\mshtml.dll [-] 4D92717B5BBCE85F1254BAD23B0D357C [6.00.2900.3132 (xpsp_sp2_gdr.070504-1301)] c:\windows\SoftwareDistribution\Download\493760be868721503b9abd615f71e312\sp2gdr\mshtml.dll [-] 00ADCB32832A10ED9419493BCEA97526 [6.00.2900.3132 (xpsp_sp2_qfe.070504-1301)] c:\windows\SoftwareDistribution\Download\493760be868721503b9abd615f71e312\sp2qfe\mshtml.dll [-] A706E122B398FE1AB85CB9B75D044223 [6.00.2900.5512 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mshtml.dll [-] C8169B4320AC0CB8D1ED20454322E839 [6.00.2900.3492 (xpsp_sp2_gdr.081212-1610)] c:\windows\system32\mshtml.dll [-] C8169B4320AC0CB8D1ED20454322E839 [6.00.2900.3492 (xpsp_sp2_gdr.081212-1610)] c:\windows\system32\dllcache\mshtml.dll [-] 9C30CD464D87102497FD7C32910E6253 [5.1.2600.0 (XPClient.010817-1148)] c:\windows\$NtServicePackUninstall$\kbdclass.sys [-] EBDEE8A2EE5393890A1ACEE971C4C246 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 463C1EC80CD17420A542B7F36A36F128 [5.1.2600.5512 (xpsp.080413-2108)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\kbdclass.sys [-] EBDEE8A2EE5393890A1ACEE971C4C246 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\drivers\kbdclass.sys [-] 1F51839ECCF908FD86558198909262E4 [2001.12.4414.42] c:\windows\$NtServicePackUninstall$\comres.dll [-] 6728270CB7DBB776ED086F5AC4C82310 [2001.12.4414.258] c:\windows\ServicePackFiles\i386\comres.dll [-] 1280A158C722FA95A80FB7AEBE78FA7D [2001.12.4414.700] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\comres.dll [-] 6728270CB7DBB776ED086F5AC4C82310 [2001.12.4414.258] c:\windows\system32\comres.dll [-] 55990CA08692E2739A8DDCE0B04352AC [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\lpk.dll [-] 74D66B3DE265E8789153414E75175F26 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\lpk.dll [-] 012DF358CEBAA23ACB26D82077820817 [5.1.2600.5512 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lpk.dll [-] 74D66B3DE265E8789153414E75175F26 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\lpk.dll [-] DA1F27D85E0D1525F6621372E7B685E9 [5.1.2600.0 (XPClient.010817-1148)] c:\windows\system32\dllcache\beep.sys [-] DA1F27D85E0D1525F6621372E7B685E9 [5.1.2600.0 (XPClient.010817-1148)] c:\windows\system32\drivers\beep.sys [-] 73C1E1F395918BC2C6DD67AF7591A3AD [5.1.2600.0 (XPClient.010817-1148)] c:\windows\system32\dllcache\null.sys [-] 73C1E1F395918BC2C6DD67AF7591A3AD [5.1.2600.0 (XPClient.010817-1148)] c:\windows\system32\drivers\null.sys [-] DDF8D47ACF8FC3FE5F7F2B95C4D4D136 [4.1.6140] c:\windows\$NtUninstallKB924667$\mfc40u.dll [-] CDDD4416B2B4C7295FE3FDB6DDE57E4E [4.1.0.61] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mfc40u.dll [-] 925F8B61ED301A317BA850EBEECBDAA0 [4.1.0.61] c:\windows\system32\mfc40u.dll [-] 925F8B61ED301A317BA850EBEECBDAA0 [4.1.0.61] c:\windows\system32\dllcache\mfc40u.dll [-] DA383FB39A6F1C445F3AFC94B3EB1248 [5.1.2600.2665 (xpsp.050427-1553)] c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll [-] C369DF215D352B6F3A0B8C3469AA34F8 [5.1.2600.2726 (xpsp.050725-1531)] c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll [-] A8ECCC0674E43497E0A425A03A12F654 [5.1.2600.135 (xpclnt_qfe.021108-2107)] c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 3F1C4DC5F03535E544996968DD225837 [5.1.2600.0 (XPClient.010817-1148)] c:\windows\$NtUninstallKB828741$\rpcss.dll [-] 5C83A4408604F737717AB96371201680 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB894391$\rpcss.dll [-] C8061F289E000703E7672916B7FE1571 [5.1.2600.2665 (xpsp_sp2_gdr.050427-1553)] c:\windows\$NtUninstallKB902400$\rpcss.dll [-] 4EA08A8BBDF8DDEE0F173BB999C153C3 [5.1.2600.1361 (xpsp2.040109-1800)] c:\windows\$xpsp1hfm$\KB828741\rpcss.dll [-] 5C83A4408604F737717AB96371201680 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2589FE6015A316C0F5D5112B4DA7B509 [5.1.2600.5512 (xpsp.080413-2108)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\rpcss.dll [-] CE94A2BD25E3E9F4D46A7373FF455C6D [5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] c:\windows\system32\rpcss.dll [-] A81487520F11F65BF270D50EE29887B2 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\msgsvc.dll [-] 95FD808E4AC22ABA025A7B3EAC0375D2 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 986B1FF5814366D71E0AC5755C88F2D3 [5.1.2600.5512 (xpsp.080413-2113)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\msgsvc.dll [-] 95FD808E4AC22ABA025A7B3EAC0375D2 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\msgsvc.dll [-] 1C38C4D90DD3C07A1946E4D5005EE928 [5.82 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\comctl32.dll [-] A77DFB85FAEE49D66C74DA6024EBC69B [5.82 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB923191$\comctl32.dll [-] A77DFB85FAEE49D66C74DA6024EBC69B [5.82 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\comctl32.dll [-] E48A8A28835914878C9716E71032A10C [6.0 (xpsp2.060713-0016)] c:\windows\SoftwareDistribution\Download\25d72ef1acc6d7256eb94ad3d6a21e9b\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll [-] 06F247492BC786CE5C24A23E178C711A [5.82 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\comctl32.dll [-] BD38D1EBE24A46BD3EDA059560AFBA12 [6.0 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asms\60\msft\windows\common\controls\comctl32.dll [-] B0124CB21D28B1C9F678B566B6B57D92 [5.82 (xpsp.060825-0040)] c:\windows\system32\comctl32.dll [-] B0124CB21D28B1C9F678B566B6B57D92 [5.82 (xpsp.060825-0040)] c:\windows\system32\dllcache\comctl32.dll [-] AEF3D788DBF40C7C4D204EA45EB0C505 [6.0 (xpclient.010817-1148)] c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 5AF68A5E44734A082442668E9C787743 [6.0 (xpsp_sp2_rtm.040803-2158)] c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll [-] C4E80875C1CF1222FC5EFD0314AE5C01 [6.0 (xpsp.060825-0040)] c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [-] 9859C0F6936E723E4892D7141B1327D5 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\system32\drivers\acpiec.sys [-] 52BB2A508CB3EB8AAA5F6F142F5B73D6 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\sfc.dll [-] E8A12A12EA9088B4327D49EDCA3ADD3E [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\sfc.dll [-] 96E1C926F22EE1BFBAE82901A35F6BF3 [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sfc.dll [-] E8A12A12EA9088B4327D49EDCA3ADD3E [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\sfc.dll [-] F41C1602DC79AB72035F2388FCA0255F [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\netlogon.dll [-] 96353FCECBA774BB8DA74A1C6507015A [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\netlogon.dll [-] 1B7F071C51B77C272875C3A23E1E4550 [5.1.2600.5512 (xpsp.080413-2113)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll [-] 96353FCECBA774BB8DA74A1C6507015A [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\netlogon.dll [-] 696AC82FB290A03F205901442E0E9589 [6.6.2600.1569 (xpsp2_gdr.040517-1325)] c:\windows\$NtServicePackUninstall$\qmgr.dll [-] 3E6ACF2CD2E8C19B16E4B42D08CA3838 [6.0.2600.0 (xpclient.010817-1148)] c:\windows\$NtUninstallKB842773$\qmgr.dll [-] 2C69EC7E5A311334D10DD95F338FCCEA [6.6.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\qmgr.dll [-] 574738F61FCA2935F5265DC4E5691314 [6.7.2600.5512 (xpsp.080413-2108)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\qmgr.dll [-] 2C69EC7E5A311334D10DD95F338FCCEA [6.6.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\qmgr.dll [-] 696AC82FB290A03F205901442E0E9589 [6.6.2600.1569 (xpsp2_gdr.040517-1325)] c:\windows\system32\bits\qmgr.dll [-] 73968C834C316ADC7A2F07DC4B5F3665 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\scecli.dll [-] 0F78E27F563F2AAF74B91A49E2ABF19A [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\scecli.dll [-] A86BB5E61BF3E39B62AB4C7E7085A084 [5.1.2600.5512 (xpsp.080413-2113)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll [-] 0F78E27F563F2AAF74B91A49E2ABF19A [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\scecli.dll [-] A510B91253544D56B5712D66BE8371E9 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\eventlog.dll [-] 82B24CB70E5944E6E34662205A2A5B78 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\eventlog.dll [-] 6D4FEB43EE538FC5428CC7F0565AA656 [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll [-] 82B24CB70E5944E6E34662205A2A5B78 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\eventlog.dll [-] 03F403B07A884FC2AA54A0916C410931 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\asyncmac.sys [-] 02000ABF34AF4C218C35D257024807D6 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\asyncmac.sys [-] B153AFFAC761E7F5FCFA822B9C4E97BC [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asyncmac.sys [-] 02000ABF34AF4C218C35D257024807D6 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\drivers\asyncmac.sys [-] 05AB81909514BFD69CBB1F2C147CF6B9 [5.1.2600.3081 (xpsp_sp2_qfe.070209-0034)] c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys [-] 70FAE0DCFDFAA0838D6778FCA028CE01 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\ntfs.sys [-] B78BE402C3F63DD55521F73876951CDD [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB930916$\ntfs.sys [-] B78BE402C3F63DD55521F73876951CDD [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\ntfs.sys [-] 78A08DD6A8D65E697C18E1DB01C5CDCA [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntfs.sys [-] 19A811EF5F1ED5C926A028CE107FF1AF [5.1.2600.3081 (xpsp_sp2_gdr.070209-0028)] c:\windows\system32\dllcache\ntfs.sys [-] 19A811EF5F1ED5C926A028CE107FF1AF [5.1.2600.3081 (xpsp_sp2_gdr.070209-0028)] c:\windows\system32\drivers\ntfs.sys [-] C086483E3DBA8C1C0A687EC8D5B3D4C1 [9.0.1.56] c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] C086483E3DBA8C1C0A687EC8D5B3D4C1 [9.0.1.56] c:\windows\ServicePackFiles\i386\mspmsnsv.dll [-] C7E39EA41233E9F5B86C8DA3A9F1E4A8 [9.0.1.56] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mspmsnsv.dll [-] C51B4A5C05A5475708E3C81C7765B71D [11.0.5721.5145] c:\windows\system32\mspmsnsv.dll [-] EEF46DAB68229A14DA3D8E73C99E2959 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 295D21F14C335B53CB8154E5B1F892B9 [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\xmlprov.dll [-] EEF46DAB68229A14DA3D8E73C99E2959 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\xmlprov.dll [-] C1B26CE5483DD20D59BCF608331413E6 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\cryptsvc.dll [-] 10654F9DDCEA9C46CFB77554231BE73B [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 3D4E199942E29207970E04315D02AD3B [5.1.2600.5512 (xpsp.080413-2113)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cryptsvc.dll [-] 10654F9DDCEA9C46CFB77554231BE73B [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\cryptsvc.dll [-] 34B4B8B9BC07449E9B340C93C468F92A [5.1.2600.105 (xpclnt_qfe.021108-2107)] c:\windows\$NtServicePackUninstall$\browser.dll [-] 1C9CDCAD17F23BB7206451802307C529 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtUninstallKB835732$\browser.dll [-] E3CFCCDDA4EDD1D0DC9168B2E18F27B8 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\browser.dll [-] A06CE3399D16DB864F55FAEB1F1927A9 [5.1.2600.5512 (xpsp.080413-2113)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\browser.dll [-] E3CFCCDDA4EDD1D0DC9168B2E18F27B8 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\browser.dll [-] 1418A3A6E76E5A2E3F5E43866E793A8B [5.1.2600.2716 (xpsp.050707-1657)] c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [-] 9CD079C25A94D6AB600E0C1C4361281F [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\tapisrv.dll [-] EB4A4187D74A8EFDCBEA3EA2CB1BDFBD [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB893756$\tapisrv.dll [-] EB4A4187D74A8EFDCBEA3EA2CB1BDFBD [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 3CB78C17BB664637787C9A1C98F79C38 [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tapisrv.dll [-] FB78839B36025AA286A51289ED28B73E [5.1.2600.2716 (xpsp_sp2_gdr.050707-1657)] c:\windows\system32\tapisrv.dll [-] 1DFCA7713EA5A70D5D93B436AEA0317A [5.1.2600.3394 (xpsp_sp2_qfe.080620-1259)] c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 832E4DD8964AB7ACC880B2837CB1ED20 [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] FCEE5FCB99F7C724593365C706D28388 [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 18A8BE5A66B93F9C9615F7D4C148EDE2 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\mswsock.dll [-] 4E74AF063C3271FBEA20DD940CFD1184 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB951748$\mswsock.dll [-] 4E74AF063C3271FBEA20DD940CFD1184 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\mswsock.dll [-] B4138E99236F0F57D4CF49BAE98A0746 [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mswsock.dll [-] 097722F235A1FB698BF9234E01B52637 [5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)] c:\windows\system32\mswsock.dll [-] 097722F235A1FB698BF9234E01B52637 [5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)] c:\windows\system32\dllcache\mswsock.dll [-] 3516D8A18B36784B1005B950B84232E1 [5.1.2600.2743 (xpsp.050819-1528)] c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll [-] 2B150D3A00137588EB4D68BB30C25214 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\netman.dll [-] DAB9E6C7105D2EF49876FE92C524F565 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB905414$\netman.dll [-] DAB9E6C7105D2EF49876FE92C524F565 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\netman.dll [-] 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netman.dll [-] 36739B39267914BA69AD0610A0299732 [5.1.2600.2743 (xpsp_sp2_gdr.050819-1525)] c:\windows\system32\netman.dll [-] 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 [2001.12.4414.308] c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll [-] A4AB3DCA4A383F0DF4988ABDEB84F9A4 [2001.12.4414.320] c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] D4991D98F2DB73C60D042F1AEF79EFAE [2001.12.4414.706] c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] F17F6226BDC0CD5F0BEF0DAF84D29BEC [2001.12.4414.706] c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 08A859AA98E5991E05E92C3893FD3439 [2001.12.4414.53] c:\windows\$NtServicePackUninstall$\es.dll [-] F5963768CFD62FDB926FDB588EE69315 [2001.12.4414.42] c:\windows\$NtUninstallKB828741$\es.dll [-] ACD36A2DD7D1E9D8A060AA651DC07E63 [2001.12.4414.258] c:\windows\$NtUninstallKB902400$\es.dll [-] 34BBD9ACC1538818F2C878898C64E793 [2001.12.4414.308] c:\windows\$NtUninstallKB950974$\es.dll [-] B748D0ABBACD362052D4D61DCD562289 [2001.12.4414.53] c:\windows\$xpsp1hfm$\KB828741\es.dll [-] ACD36A2DD7D1E9D8A060AA651DC07E63 [2001.12.4414.258] c:\windows\ServicePackFiles\i386\es.dll [-] 19A799805B24990867B00C120D300C3A [2001.12.4414.701] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\es.dll [-] 60D1A6342238378BFB7545C81EE3606C [2001.12.4414.320] c:\windows\system32\es.dll [-] 60D1A6342238378BFB7545C81EE3606C [2001.12.4414.320] c:\windows\system32\dllcache\es.dll [-] 648BF0B4DDE4F7A1156DAE7174D36EFA [5.1.2600.2751 (xpsp.050831-1531)] c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll [-] 7D8C58C0CBB7331E9296A7357827CA8E [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\linkinfo.dll [-] C2BBD044C741EA4292016C36F718D2E4 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB900725$\linkinfo.dll [-] C2BBD044C741EA4292016C36F718D2E4 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2DC5A8019E2387987905F77C664E4BE2 [5.1.2600.5512 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\linkinfo.dll [-] A1A688EE56CF3BBD24EDEB815D48E9BA [5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)] c:\windows\system32\linkinfo.dll [-] 126D90EE937FFEBACEE30BCA13D92F97 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\ssdpsrv.dll [-] 4B8D61792F7175BED48859CC18CE4E38 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 0A5679B3714EDAB99E357057EE88FCA6 [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ssdpsrv.dll [-] 4B8D61792F7175BED48859CC18CE4E38 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\ssdpsrv.dll [-] 36ACA6CDC19C95FF468A1426EB7F32F0 [5.1.2600.3077 (xpsp_sp2_qfe.070205-0007)] c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll [-] 6FB00F87EA0CDE9A5657F4E800997440 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\upnphost.dll [-] 0546477BDE979E33294FE97F6B3DE84A [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB931261$\upnphost.dll [-] 0546477BDE979E33294FE97F6B3DE84A [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\upnphost.dll [-] 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\upnphost.dll [-] ACA5D98663D879C6BAAFCEA7E2F1B710 [5.1.2600.3077 (xpsp_sp2_gdr.070204-2255)] c:\windows\system32\upnphost.dll [-] ACA5D98663D879C6BAAFCEA7E2F1B710 [5.1.2600.3077 (xpsp_sp2_gdr.070204-2255)] c:\windows\system32\dllcache\upnphost.dll [-] E305E78536FA6649299F71FD8EA9A84D [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\srsvc.dll [-] 92BDF74F12D6CBEC43C94D4B7F804838 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\srsvc.dll [-] 3805DF0AC4296A34BA4BF93B346CC378 [5.1.2600.5512 (xpsp.080413-2108)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\srsvc.dll [-] 92BDF74F12D6CBEC43C94D4B7F804838 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\srsvc.dll [-] 49911DD39E023BB6C45E4E436CFBD297 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\wscntfy.exe [-] F92E1076C42FCD6DB3D72D8CFE9816D5 [5.1.2600.5512 (xpsp.080413-2108)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wscntfy.exe [-] 49911DD39E023BB6C45E4E436CFBD297 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\wscntfy.exe [-] C63415DEFA08D7BD244E636C97B32F3D [5.1.2400.1] c:\windows\$NtServicePackUninstall$\ntmssvc.dll [-] B62F29C00AC55A761B2E45877D85EA0F [5.1.2400.2180] c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 156F64A3345BD23C600655FB4D10BC08 [5.1.2400.5512] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntmssvc.dll [-] B62F29C00AC55A761B2E45877D85EA0F [5.1.2400.2180] c:\windows\system32\ntmssvc.dll [-] 442ED09256E1D55D128219CF1AB27554 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\rasauto.dll [-] 44DB7A9BDD2FB58747D123FBF1D35ADB [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\rasauto.dll [-] AD188BE7BDF94E8DF4CA0A55C00A5073 [5.1.2600.5512 (xpsp.080413-0852)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\rasauto.dll [-] 44DB7A9BDD2FB58747D123FBF1D35ADB [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\rasauto.dll [-] 9E415EFDF50F26BCBC97C80F4E6C30CC [5.1.2600.0 (XPClient.010817-1148)] c:\windows\$NtServicePackUninstall$\sfcfiles.dll [-] 30A609E00BD1D4FFC49D6B5A432BE7F2 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 9DD07AF82244867CA36681EA2D29CE79 [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sfcfiles.dll [-] 30A609E00BD1D4FFC49D6B5A432BE7F2 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\sfcfiles.dll [-] F6E2095CBC14522CEACD2853620FAF4D [4.71.2600.1 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\schedsvc.dll [-] 92360854316611F6CC471612213C3D92 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 0A9A7365A1CA4319AA7C1D6CD8E4EAFA [5.1.2600.5512 (xpsp.080413-2108)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\schedsvc.dll [-] 92360854316611F6CC471612213C3D92 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\schedsvc.dll [-] 9DF4527D53613601D3F79946EAA1DCB1 [5.1.2600.0 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\regsvc.dll [-] 3151427DB7D87107D1C5BE58FAC53960 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\regsvc.dll [-] 5B19B557B0C188210A56A6B699D90B8F [5.1.2600.5512 (xpsp.080413-2111)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\regsvc.dll [-] 3151427DB7D87107D1C5BE58FAC53960 [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\system32\regsvc.dll [-] 53D9184A21C5CBF600D918E51EF3A7E5 [6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)] c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [-] AB2F114874D9D990A16EBC9372628489 [6.00.2600.0000 (xpclient.010817-1148)] c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] E7518DC542D3EBDCB80EDD98462C7821 [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\$NtUninstallKB928255$\shsvcs.dll [-] E7518DC542D3EBDCB80EDD98462C7821 [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 1926899BF9FFE2602B63074971700412 [6.00.2900.5512 (xpsp.080413-2105)] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\shsvcs.dll [-] 6815DEF9B810AEFAC107EEAF72DA6F82 [6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)] c:\windows\system32\shsvcs.dll [-] 6815DEF9B810AEFAC107EEAF72DA6F82 [6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)] c:\windows\system32\dllcache\shsvcs.dll [-] 1EE7B434BA961EF845DE136224C30FEC [5.1.2601.2180] c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys [-] B45A744CA0A15A59D8B0307CE9741E92 [5.1.2520.0 (WindowsXP.000424-1359)] c:\windows\$NtServicePackUninstall$\aec.sys [-] 841F385C6CFAF66B58FBD898722BB4F0 [5.1.2601.2078] c:\windows\$NtUninstallKB900485$\aec.sys [-] 1EE7B434BA961EF845DE136224C30FEC [5.1.2601.2180] c:\windows\Driver Cache\i386\aec.sys [-] 841F385C6CFAF66B58FBD898722BB4F0 [5.1.2601.2078] c:\windows\ServicePackFiles\i386\aec.sys [-] 8BED39E3C35D6A489438B8141717A557 [5.1.2601.3142] c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\aec.sys [-] 1EE7B434BA961EF845DE136224C30FEC [5.1.2601.2180] c:\windows\system32\drivers\aec.sys . ((((((((((((((((((((((((((((((((((((((((((((( AWF )))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2006-05-10 00:24 . 2006-05-10 00:24 50760 c:\program files\Common Files\AOL\1135649648\ee\bak\AOLSoftware.exe 2006-02-17 16:59 . 2006-02-17 16:59 124520 c:\program files\Common Files\AOL\IPHSend\bak\IPHSend.exe 2004-09-14 18:16 . 2004-09-14 18:16 1212416 c:\program files\D-Link\AirPlus G\bak\AirGCFG.exe 2006-01-01 02:47 . 2005-04-13 08:48 36975 c:\program files\Java\jre1.5.0_03\bin\bak\jusched.exe 2006-12-06 01:44 . 2006-12-06 01:44 366400 c:\program files\Picasa2\bak\PicasaMediaDetector.exe 2008-02-26 01:23 . 2008-02-26 01:23 443968 c:\program files\Picasa2\PicasaMediaDetector.exe 2006-10-11 00:18 . 2006-08-30 16:46 183367 c:\program files\Plaxo\2.11.1.5\bak\PlaxoHelper.exe 2006-07-18 18:21 . 2006-07-18 18:24 1249280 c:\program files\Steam\bak\steam.exe 2006-07-18 18:21 . 2009-03-23 21:41 1410296 c:\program files\Steam\steam.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-10-29 4620288] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-09-07 520024] "Iyuzuga"="c:\windows\ixulidupayazada.dll" [2009-09-01 158208] "CPMdb4bdd13"="c:\windows\system32\sawubiyi.dll" [N/A] "kikabamoze"="c:\windows\system32\lihelani.dll" [N/A] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-1-2 113664] ClientManager3.lnk - c:\program files\BUFFALO\Client Manager3\cm3_tray.exe [2007-10-12 471040] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\winsy63.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Starcraft\\StarCraft.exe"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "c:\\Program Files\\Common Files\\AOL\\1135649648\\ee\\aim6.exe"= "c:\\Program Files\\Xfire\\Xfire.exe"= "c:\\StubInstaller.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\WINDOWS\\system32\\java.exe"= "c:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\VentSrv\\ventrilo_srv.exe"= "c:\\Program Files\\Steam\\steamapps\\thelastcryptic\\counter-strike\\hl.exe"= "c:\\Program Files\\AIM\\AIM Pro\\aimpro.exe"= "c:\\Program Files\\BUFFALO\\Client Manager3\\BWSVC\\bwsvc.exe"= "c:\\Program Files\\BUFFALO\\Client Manager3\\AOSS\\aoss.exe"= "c:\\Program Files\\Steam\\steam.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\Steam1\\steamapps\\murderousassassin\\counter-strike\\hl.exe"= "c:\\Program Files\\DNA\\btdna.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "20367:TCP"= 20367:TCP:BitComet 20367 TCP "20367:UDP"= 20367:UDP:BitComet 20367 UDP R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 5:34 PM 1029456] S0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2/24/2009 1:43 AM 64160] S0 winsy63;winsy63;c:\windows\system32\Drivers\Winsy63.sys --> c:\windows\system32\Drivers\Winsy63.sys [?] S3 CEDRIVER53;CEDRIVER53;\??\c:\program files\Cheat Engine\dbk32.sys --> c:\program files\Cheat Engine\dbk32.sys [?] S3 File;File;c:\windows\system32\File.sys [10/31/2006 11:20 PM 8320] S3 Ingelirsw;Ingelirsw; [x] S3 mKernel;mKernel;\??\c:\documents and settings\Lee ##notallowed\Desktop\LoA\WMFUP.sys --> c:\documents and settings\Lee ##notallowed\Desktop\LoA\WMFUP.sys [?] S3 vtdg46xx;vtdg46xx;c:\progra~1\TURTLE~1\SANTAC~1\CONTRO~1\vtdg46xx.sys [2/7/2006 8:42 PM 19232] S3 XDva008;XDva008;\??\c:\windows\system32\XDva008.sys --> c:\windows\system32\XDva008.sys [?] S3 XDva019;XDva019;\??\c:\windows\system32\XDva019.sys --> c:\windows\system32\XDva019.sys [?] S3 XDva076;XDva076;\??\c:\windows\system32\XDva076.sys --> c:\windows\system32\XDva076.sys [?] S3 XDva190;XDva190;\??\c:\windows\system32\XDva190.sys --> c:\windows\system32\XDva190.sys [?] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{0A26381C-3AD2-7AE5-7CB4-8CBD2EEA1ECE}] c:\windows\system32\javaup.exe 2 . Contents of the 'Scheduled Tasks' folder 2009-09-07 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 04:49] . - - - - ORPHANS REMOVED - - - - BHO-{761e780a-8778-4154-b000-e6467f8c5033} - c:\windows\system32\kosojebi.dll . ------- Supplementary Scan ------- . uLocal Page = \blank.htm uStart Page = hxxp://www.myspace.com/ uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.myspace.com/ uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: pcpitstop.com FF - ProfilePath - c:\documents and settings\Lee ##notallowed\Application Data\Mozilla\Firefox\Profiles\8o3s7wit.default\ FF - prefs.js: browser.startup.homepage - www.myspace.com FF - plugin: c:\documents and settings\Lee ##notallowed\Application Data\Mozilla\Firefox\Profiles\8o3s7wit.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJPI150_03.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPOJI610.dll FF - HiddenExtension: XUL Cache: {46708313-7E9F-414F-81DF-A09D29743CCB} - c:\documents and settings\Lee ##notallowed\Local Settings\Application Data\{46708313-7E9F-414F-81DF-A09D29743CCB} FF - HiddenExtension: XUL Cache: {D5DD0884-5CA7-4438-A46C-EC7FEE7D764F} - c:\documents and settings\Administrator\Local Settings\Application Data\{D5DD0884-5CA7-4438-A46C-EC7FEE7D764F}\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-07 18:59 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2616) c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL c:\windows\System32\shdoclc.dll c:\windows\IME\SPGRMR.DLL c:\program files\Common Files\Microsoft Shared\INK\SKCHUI.DLL c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Belkin\Belkin Wireless Network Utility\WLService.exe c:\program files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe c:\program files\BUFFALO\Client Manager3\bwsvc\Bwsvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2009-09-07 19:04 - machine was rebooted ComboFix-quarantined-files.txt 2009-09-07 23:04 Pre-Run: 101,835,165,696 bytes free Post-Run: 101,864,427,520 bytes free WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4 604 --- E O F --- 2009-03-11 18:21
  12. I'm going to do that combofix here in a little bit.
  13. You raise a good point but I can't help but be curious about what might end up happening. What are the risks of using it?