Prev
Prev
Uploaded by
Mohsin MohammedCopyright:
Available Formats
Prev
Prev
Uploaded by
Mohsin MohammedCopyright
Available Formats
Share this document
Did you find this document useful?
Is this content inappropriate?
Copyright:
Available Formats
Prev
Prev
Uploaded by
Mohsin MohammedCopyright:
Available Formats
User Privileges
SeChangeNotifyPrivilege SeSecurityPrivilege SeBackupPrivilege SeRestorePrivilege SeSystemtimePrivilege SeShutdownPrivilege SeRemoteShutdownPrivilege SeTakeOwnershipPrivilege SeDebugPrivilege SeSystemEnvironmentPrivilege SeSystemProfilePrivilege SeProfileSingleProcessPrivilege SeIncreaseBasePriorityPrivilege SeLoadDriverPrivilege SeCreatePagefilePrivilege SeIncreaseQuotaPrivilege SeUndockPrivilege SeManageVolumePrivilege SeImpersonatePrivilege SeCreateGlobalPrivilege
+----------------------------------------------|System Information
+-----------------------------------------------
General Information:
Operating System Windows Folder System Folder
: Microsoft Windows XP Family version 5.1 (Build 2600) Service Pack 3 : C:\WINDOWS : C:\WINDOWS\system32
User Path : C:\Program Files\Real\RealPlayer;C:\Program Files\Real\RealPlayer\common\;C:\Program Files\Real\RealPlayer;C:\Program Files\Real\RealPlayer\common\;C:\Program Files\PC Connectivity Solution\;C:\Program Files\ThinkPad\Utilities;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Progr am Files\IBM\Infoprint Select;C:\Notes;C:\Program Files\XLView;C:\lotus\compnent;C:\Utilities;C:\Program Files\IBM\Personal Communications\;C:\Program Files\IBM\Trace Facility\;C:\WINDOWS\Downloaded Program Files;C:\Program Files\ThinkPad\ConnectUtilities;C:\Program Files\Intel\WiFi\bin\;c:\progra~1\VIAVOI~1;C:\Program Files\websm\bin User TEMP : C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
Memory Information:
Memory In Use
: 49 Percent
Total Physical Mem (RAM): 2095468 KBytes Free Physical Mem (RAM) : 1067340 KBytes Total Virtual Mem Free Virtual Mem Total Paging File Free Paging File : 2097024 KBytes : 2031764 KBytes : 3500624 KBytes : 2801660 KBytes
Processor Information:
Processor Architecture : Intel(R) Pentium Model 14 Stepping 8 Number Of Processor Page Size : 4096 :2
MAX Application Address : 0x7ffeffff MIN Application Address : 0x10000
Drive Information:
C:\ Fixed Drive D:\ CD-ROM Drive Q:\ Fixed Drive
+----------------------------------------------|Network Shares +-----------------------------------------------
Share Name Share Type Current Uses Share Path Remarks
: Q$ : Administrative :0 : Q:\ : Default share
Share Name Share Type
: IPC$ : IPC
Current Uses Share Path Remarks :
:0
: Remote IPC
Share Name Share Type Current Uses Share Path Remarks
: ADMIN$ : Administrative :0 : C:\WINDOWS : Remote Admin
Share Name Share Type Current Uses Share Path Remarks
: C$ : Administrative :0 : C:\ : Default share
+----------------------------------------------|AutoStart Programs +-----------------------------------------------
-= Registry Vectors =-
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run stgclean = [CHECK]c:\sdwork\w32maing.exe /cleanup Tpam.exe = [CHECK]"C:\Program Files\IBM\Personal Communications\tpam.exe"
ccApp = [CHECK]"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" vptray = [CHECK]C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe IgfxTray = [CHECK]C:\WINDOWS\system32\igfxtray.exe HotKeysCmds = [CHECK]C:\WINDOWS\system32\hkcmd.exe Persistence = [CHECK]C:\WINDOWS\system32\igfxpers.exe SoundMAXPnP = [CHECK]C:\Program Files\Analog Devices\Core\smax4pnp.exe SynTPLpr = [CHECK]C:\Program Files\Synaptics\SynTP\SynTPLpr.exe SynTPEnh = [CHECK]C:\Program Files\Synaptics\SynTP\SynTPEnh.exe TPHOTKEY = [CHECK]C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe PWRMGRTR = [CHECK]rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor BLOG = [CHECK]rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog (Default) = TpShocks = [CHECK]TpShocks.exe TP4EX = [CHECK]tp4ex.exe TPKMAPHELPER = [CHECK]C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper pmonmh = C:\Program Files\IBM\My Help\workspace\..\plugins\com.ibm.myhelp.common_1.3.14/pmonmh.exe C4EBReg = [CHECK]"C:\Program Files\c4ebreg\c4ebreg.exe" /q Isamtray = [CHECK]"C:\Program Files\c4ebreg\isamtray.exe" ISSI Service = [CHECK]"c:\sdwork\issimsvc.exe" LENOVO.TPFNF6R = [CHECK]C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe ACTray = [CHECK]C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe TkBellExe = [CHECK]"C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot SODCPreLoad = [CHECK]C:\notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0. 20090922-1655\preload.exe C:\notes\data\workspace\.sodc\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = [CHECK]C:\WINDOWS\system32\ctfmon.exe Friendly Clock = [CHECK]C:\Documents and Settings\Administrator\My Documents\Mohsin\downloads\FClock.exe googletalk = [CHECK]"C:\Program Files\Google\Google Talk\googletalk.exe" /autostart SODCPreLoad = [CHECK]C:\Program Files\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.wi n32_3.5.0.20090605-2002\preload.exe C:\DOCUME~1\ADMINI~1\IBM\Lotus\Symphony\.sodc\
-= Registry Shell Spawning =-
HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %*
HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %*
HKEY_CLASSES_ROOT\htafile\Shell\Open\Command (Default) = [CHECK]C:\WINDOWS\system32\mshta.exe "%1" %*
HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %*
HKEY_LOCAL_MACHINE\Software\CLASSES\batfile\shell\open\command (Default) = "%1" %*
HKEY_LOCAL_MACHINE\Software\CLASSES\comfile\shell\open\command (Default) = "%1" %*
HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command (Default) = "%1" %*
HKEY_LOCAL_MACHINE\Software\CLASSES\htafile\Shell\Open\Command (Default) = [CACHE]C:\WINDOWS\system32\mshta.exe "%1" %*
HKEY_LOCAL_MACHINE\Software\CLASSES\piffile\shell\open\command (Default) = "%1" %*
-= Application Initialization DLLs (AppInit_DLLs) =-
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs =
-= Image File Execution Options =-
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path Debugger = ntsd -d
-= ShellExecuteHooks =-
CLSIDs below are retrieved from:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
ClSID: {AEB6717E-7E19-11d0-97EE-00C04FD91972} HKEY_CLASSES_ROOT\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} (Default) = URL Exec Hook
HKEY_CLASSES_ROOT\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\InProcServer32 (Default) = [CHECK]shell32.dll ThreadingModel = Apartment
-= Browser Helper Objects =-
CLSIDs below are retrieved from: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ClSID: {3049C3E9-B461-4BC5-8870-4C09146192CA} HKEY_CLASSES_ROOT\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} (Default) = RealPlayer Download and Record Plugin for Internet Explorer AppID = {333A04DC-E916-463C-9658-00CAF7A01728}
HKEY_CLASSES_ROOT\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\InprocServer32 (Default) = [CHECK]C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll ThreadingModel = apartment
HKEY_CLASSES_ROOT\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ProgID (Default) = rpbrowserrecordplugin.CRPRecordBrowse.1
HKEY_CLASSES_ROOT\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\TypeLib (Default) = {333A04DC-E916-463C-9658-00CAF7A01728}
HKEY_CLASSES_ROOT\CLSID\{3049C3E9-B461-4BC5-88704C09146192CA}\VersionIndependentProgID (Default) = rpbrowserrecordplugin.CRPRecordBrowserH
ClSID: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Default) = Java(tm) Plug-In SSV Helper
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InprocServer32 (Default) = [CHECK]C:\Program Files\IBM\Java60\jre\bin\ssv.dll ThreadingModel = Apartment
ClSID: {DBC80044-A445-435b-BC74-9C25C1C588A9} HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} (Default) = Java(tm) Plug-In 2 SSV Helper
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InprocServer32 (Default) = [CHECK]C:\Program Files\IBM\Java60\jre\bin\jp2ssv.dll ThreadingModel = Apartment
ClSID: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} HKEY_CLASSES_ROOT\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (Default) = JQSIEStartDetectorImpl Class AppID = {E311BFF9-7280-40D3-AE0B-2D3651C37EC8}
HKEY_CLASSES_ROOT\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\InprocServer32 (Default) = [CHECK]C:\Program Files\IBM\Java60\jre\lib\deploy\jqs\ie\jqs_plugin.dll ThreadingModel = Apartment
HKEY_CLASSES_ROOT\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ProgID (Default) = ieplugin.JQSIEStartDetectorImpl.1
HKEY_CLASSES_ROOT\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\TypeLib (Default) = {D85100D8-894D-4F80-9697-C220AF4202EB}
HKEY_CLASSES_ROOT\CLSID\{E7E6F031-17CE-4C07-BC86EABFE594F69C}\VersionIndependentProgID (Default) = ieplugin.JQSIEStartDetectorImpl
-= Shell Service Object Delay Load =-
CLSIDs below are retrieved from: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelay Load
Object: PostBootReminder
ClSID: {7849596a-48ea-486e-8937-a2a3009f31a9} HKEY_CLASSES_ROOT\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9} (Default) = PostBootReminder object
HKEY_CLASSES_ROOT\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9}\InProcServer32 (Default) = [CACHE]%SystemRoot%\system32\SHELL32.dll ThreadingModel = Apartment
Object: CDBurn ClSID: {fbeb8a05-beee-4442-804e-409d6c4515e9} HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} (Default) = ShellFolder for CD Burning
HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32 (Default) = [CACHE]%SystemRoot%\system32\SHELL32.dll ThreadingModel = Apartment
HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\MergedFolder Attributes = 0x0 AttributeMask = 0xffffffff Location = @shell32.dll,-12589 ConflictOverlayIcon = [CACHE]%SystemRoot%\system32\SHELL32.dll,-232
Object: WebCheck ClSID: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
HKEY_CLASSES_ROOT\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} (Default) = WebCheck
HKEY_CLASSES_ROOT\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InProcServer32 (Default) = [CHECK]C:\WINDOWS\system32\webcheck.dll ThreadingModel = Apartment
Object: SysTray ClSID: {35CEC8A3-2BE6-11D2-8773-92E220524153} HKEY_CLASSES_ROOT\CLSID\{35CEC8A3-2BE6-11D2-8773-92E220524153} (Default) = SysTray
HKEY_CLASSES_ROOT\CLSID\{35CEC8A3-2BE6-11D2-8773-92E220524153}\InprocServer32 (Default) = [CHECK]C:\WINDOWS\system32\stobject.dll ThreadingModel = Both
-= Winlogon Notify =-
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent DLLName = [CHECK]Ati2evxx.dll Asynchronous = 0x00000000 (0) Impersonate = 0x00000001 (1) Lock = AtiLockEvent Logoff = AtiLogoffEvent Logon = AtiLogonEvent
Disconnect = AtiDisConnectEvent Reconnect = AtiReConnectEvent Safe = 0x00000000 (0) Shutdown = AtiShutdownEvent StartScreenSaver = AtiStartScreenSaverEvent StartShell = AtiStartShellEvent Startup = AtiStartupEvent StopScreenSaver = AtiStopScreenSaverEvent Unlock = AtiUnLockEvent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain Asynchronous = 0x00000000 (0) Impersonate = 0x00000000 (0) DllName = [CHECK]crypt32.dll Logoff = ChainWlxLogoffEvent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet Asynchronous = 0x00000000 (0) Impersonate = 0x00000000 (0) DllName = [CHECK]cryptnet.dll Logoff = CryptnetWlxLogoffEvent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll DLLName = [CHECK]cscdll.dll
Logon = WinlogonLogonEvent Logoff = WinlogonLogoffEvent ScreenSaver = WinlogonScreenSaverEvent Startup = WinlogonStartupEvent Shutdown = WinlogonShutdownEvent StartShell = WinlogonStartShellEvent Impersonate = 0x00000000 (0) Asynchronous = 0x00000001 (1)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp DLLName = [CHECK]wlnotify.dll Logon = SCardStartCertProp Logoff = SCardStopCertProp Lock = SCardSuspendCertProp Unlock = SCardResumeCertProp Enabled = 0x00000001 (1) Impersonate = 0x00000001 (1) Asynchronous = 0x00000001 (1)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule Asynchronous = 0x00000000 (0) DllName = [CACHE]wlnotify.dll Impersonate = 0x00000000 (0) StartShell = SchedStartShell
Logoff = SchedEventLogOff
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy Logoff = WLEventLogoff Impersonate = 0x00000000 (0) Asynchronous = 0x00000001 (1) DllName = [CHECK]sclgntfy.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn DLLName = [CACHE]WlNotify.dll Lock = SensLockEvent Logon = SensLogonEvent Logoff = SensLogoffEvent Safe = 0x00000001 (1) MaxWait = 0x00000258 (600) StartScreenSaver = SensStartScreenSaverEvent StopScreenSaver = SensStopScreenSaverEvent Startup = SensStartupEvent Shutdown = SensShutdownEvent StartShell = SensStartShellEvent PostShell = SensPostShellEvent Disconnect = SensDisconnectEvent Reconnect = SensReconnectEvent Unlock = SensUnlockEvent
Impersonate = 0x00000001 (1) Asynchronous = 0x00000001 (1)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv Asynchronous = 0x00000000 (0) DllName = [CACHE]wlnotify.dll Impersonate = 0x00000000 (0) Logoff = TSEventLogoff Logon = TSEventLogon PostShell = TSEventPostShell Shutdown = TSEventShutdown StartShell = TSEventStartShell Startup = TSEventStartup MaxWait = 0x00000258 (600) Reconnect = TSEventReconnect Disconnect = TSEventDisconnect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2 (Default) = DllName = [CHECK]C:\Program Files\Lenovo\HOTKEY\notifyf2.dll Asynchronous = 0x00000000 (0) Impersonate = 0x00000000 (0) Unlock = Unlock_Notify_fnf2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon DLLName = [CACHE]wlnotify.dll Logon = RegisterTicketExpiredNotificationEvent Logoff = UnregisterTicketExpiredNotificationEvent Impersonate = 0x00000001 (1) Asynchronous = 0x00000001 (1)
-= Scrap Object Information =-
HKEY_LOCAL_MACHINE\Software\CLASSES\ShellScrap (Default) = Scrap object NeverShowExt = FriendlyTypeName = [CHECK]@%SystemRoot%\system32\shscrap.dll,-258
HKEY_LOCAL_MACHINE\Software\CLASSES\ShellScrap\DefaultIcon (Default) = [CACHE]%SystemRoot%\system32\shscrap.dll,-100
HKEY_LOCAL_MACHINE\Software\CLASSES\ShellScrap\shell\open\command (Default) = [CACHE]rundll32 %SystemRoot%\system32\shscrap.dll,OpenScrap_RunDLL %1
HKEY_LOCAL_MACHINE\Software\CLASSES\ShellScrap\shellex\DataHandler (Default) = {56117100-C0CD-101B-81E2-00AA004AE837}
-= Startup Folders=-
Folder: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup Contents: [ESKIP]desktop.ini [CHECK]Stardock ObjectDock.lnk
Folder: C:\Documents and Settings\All Users\Start Menu\Programs\Startup Contents: [CHECK]Adobe Gamma Loader.lnk [ESKIP]desktop.ini [CHECK]WordWeb.lnk
-= SYSTEM.INI Configuration File =-
[boot] shell=Explorer.exe [FMISS]C:\WINDOWS\WININIT.INI -= Explorer.exe Path =--[Windows NT based]-The Windows Shell is the familiar desktop that's used for interacting with Windows. During system startup, Windows NT 4.0 and Windows 2000 consult the "Shell" registry entry:
- "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell"
to determine the name of the executable that should be loaded as the Shell. By default, this value specifies EXPLORER.EXE. If not found, it checks other registry entries in this order: - "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\Path" - "HKEY_CURRENT_USER\Environment\Path"
Registry Dump: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Shell = [CHECK]Explorer.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = [CHECK]C:\WINDOWS\system32\userinit.exe,
-= ICQ Net Info =-
-= Active Setup Installed Components =-
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\<{12d0ed0d0ee0-4f90-8827-78cefb8f4988} StubPath = [CHECK]C:\WINDOWS\system32\ieudinit.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{26923b434d38-484f-9b9e-de460746276c} StubPath = [CHECK]C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{60B49E34C7CC-11D0-8953-00A0C90347FF} StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{881dd1c53dcf-431b-b061-f3f88e8be88a} StubPath = [CHECK]%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{2179C5D3EBFF-11CF-B6FD-00AA00B4E220} StubPath =
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{22d6f312b0f6-11d0-94ab-0080c74c7e95} StubPath =
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{2C7339CF2B09-4501-B3F3-F3508C9228ED} StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{44BBA840CC51-11CF-AAFA-00AA00B6015C} StubPath = [CHECK]"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{44BBA842CC51-11CF-AAFA-00AA00B6015B}
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{5945c0461e7d-11d1-bc44-00c04fd912be} StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{6BF52A52394A-11d3-B153-00C04F79FAA6} StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{73FA19D02D75-11D2-995D-00C04F98BBC9} StubPath =
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{7790769C0471-11d2-AF11-00C04FA35D02} StubPath = [CACHE]"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{89820200ECBD-11cf-8B85-00AA005B4340} StubPath = regsvr32.exe /s /n /i:U shell32.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{89820200ECBD-11cf-8B85-00AA005B4383} StubPath = [CACHE]C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{89B4C1CDB018-4511-B0A1-5476DBF70820} StubPath = c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-= Safeboot Minimal Info =-
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base (Default) = Driver Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender (Default) = Driver Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system (Default) = Driver Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys (Default) = Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys (Default) = Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys (Default) = Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system (Default) = Driver Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter (Default) = Driver Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc
(Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration (Default) = Driver Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter (Default) = Driver Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk (Default) = Driver Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class (Default) = Driver Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys (Default) = Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys (Default) = FSFilter System Recovery
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender (Default) = Driver Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys (Default) = Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys (Default) = Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys (Default) = Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt (Default) = Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60C465-11CF-8056-444553540000} (Default) = Universal Serial Bus controllers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965E325-11CE-BFC1-08002BE10318} (Default) = CD-ROM Drive
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967E325-11CE-BFC1-08002BE10318} (Default) = DiskDrive
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969E325-11CE-BFC1-08002BE10318} (Default) = Standard floppy disk controller
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96AE325-11CE-BFC1-08002BE10318} (Default) = Hdc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96BE325-11CE-BFC1-08002BE10318} (Default) = Keyboard
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96FE325-11CE-BFC1-08002BE10318} (Default) = Mouse
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977E325-11CE-BFC1-08002BE10318} (Default) = PCMCIA Adapters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97BE325-11CE-BFC1-08002BE10318} (Default) = SCSIAdapter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97DE325-11CE-BFC1-08002BE10318} (Default) = System
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980E325-11CE-BFC1-08002BE10318} (Default) = Floppy disk drive
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84EC70-11D2-9505-00C04F79DEAF} (Default) = Volume shadow copy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD812A-11D0-BEC7-08002BE2092F} (Default) = Volume
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A074D3-11D0-B6FE-00A0C90F57DA} (Default) = Human Interface Devices
-= Registry Services =-
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\abp480n5 ImagePath = [CHECK]system32\DRIVERS\ABP480N5.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ACPI ImagePath = [CHECK]system32\DRIVERS\ACPI.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ACPIEC ImagePath = [CHECK]system32\DRIVERS\ACPIEC.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AcPrfMgrSvc ImagePath = [CHECK]C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\acs ImagePath = [CHECK]system32\acs.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AcSvc ImagePath = [CHECK]C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ADIHdAudAddService ImagePath = [CHECK]system32\drivers\ADIHdAud.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\adpu160m ImagePath = [CHECK]system32\DRIVERS\adpu160m.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AEAudioService ImagePath = [CHECK]system32\drivers\AEAudio.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aec ImagePath = [CHECK]system32\drivers\aec.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD ImagePath = [CHECK]\SystemRoot\System32\drivers\afd.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\agnfilt ImagePath = [CHECK]system32\DRIVERS\agnfilt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\agnwifi ImagePath = [CHECK]system32\DRIVERS\agnwifi.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\agp440 ImagePath = [CHECK]system32\DRIVERS\agp440.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\agpCPQ ImagePath = [CHECK]system32\DRIVERS\agpCPQ.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Aha154x ImagePath = [CHECK]system32\DRIVERS\aha154x.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aic78u2 ImagePath = [CHECK]system32\DRIVERS\aic78u2.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aic78xx ImagePath = [CHECK]system32\DRIVERS\aic78xx.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Alerter ImagePath = [CHECK]%SystemRoot%\system32\svchost.exe -k LocalService
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Alerter\Parameters ServiceDll = [CHECK]%SystemRoot%\system32\alrsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALG ImagePath = [CHECK]%SystemRoot%\System32\alg.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AliIde ImagePath = [CHECK]system32\DRIVERS\aliide.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\alim1541 ImagePath = [CHECK]system32\DRIVERS\alim1541.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\amdagp ImagePath = [CHECK]system32\DRIVERS\amdagp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\amsint
ImagePath = [CHECK]system32\DRIVERS\amsint.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ANC ImagePath = [CHECK]System32\drivers\ANC.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Anydlc ImagePath = [CHECK]\SystemRoot\System32\drivers\anydlc.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AppMgmt ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AppMgmt\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\appmgmts.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Appn ImagePath = [CHECK]\SystemRoot\System32\drivers\appn.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AppnApi ImagePath = [CHECK]\SystemRoot\System32\drivers\appnapi.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AppnBase ImagePath = [CHECK]\SystemRoot\System32\drivers\AppnBase.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AppnNode ImagePath = [CHECK]C:\WINDOWS\system32\Drivers\appnnode.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AR5211 ImagePath = [CHECK]system32\DRIVERS\ar5211.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\artour ImagePath = [CHECK]system32\DRIVERS\artndint.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ArtourService ImagePath = [CHECK]"C:\Program Files\IBM\Mobility Client\artsvc.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\artstartsvc ImagePath = [CHECK]"C:\Program Files\IBM\Mobility Client\artstartsvc.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\asc ImagePath = [CHECK]system32\DRIVERS\asc.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\asc3350p ImagePath = [CHECK]system32\DRIVERS\asc3350p.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\asc3550 ImagePath = [CHECK]system32\DRIVERS\asc3550.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aspnet_state ImagePath = [CHECK]%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AsyncMac ImagePath = [CHECK]system32\DRIVERS\asyncmac.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\atapi ImagePath = [CHECK]system32\DRIVERS\atapi.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Ati HotKey Poller ImagePath = [CHECK]%SystemRoot%\system32\Ati2evxx.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ati2mtag ImagePath = [CHECK]system32\DRIVERS\ati2mtag.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Atmarpc ImagePath = [CHECK]system32\DRIVERS\atmarpc.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\atmeltpm ImagePath = [CHECK]system32\DRIVERS\atmeltpm.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AudioSrv ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AudioSrv\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\audiosrv.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\audstub
ImagePath = [CHECK]system32\DRIVERS\audstub.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\avpnnic ImagePath = [CHECK]system32\DRIVERS\avpnnic.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\b57w2k ImagePath = [CHECK]system32\DRIVERS\b57xp32.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\Parameters ServiceDll = [CHECK]C:\WINDOWS\system32\qmgr.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Browser ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Browser\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\browser.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BTDriver ImagePath = [CHECK]system32\DRIVERS\btport.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BTKRNL ImagePath = [CHECK]system32\DRIVERS\btkrnl.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\btwdins ImagePath = [CHECK]C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BTWUSB ImagePath = [CHECK]System32\Drivers\btwusb.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\cbidf ImagePath = [CHECK]system32\DRIVERS\cbidf2k.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ccEvtMgr ImagePath = [CHECK]"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ccProxy ImagePath = [CHECK]"C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ccSetMgr ImagePath = [CHECK]"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\cd20xrnt ImagePath = [CHECK]system32\DRIVERS\cd20xrnt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Cdrom ImagePath = [CHECK]system32\DRIVERS\cdrom.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CiSvc ImagePath = [CHECK]%SystemRoot%\system32\cisvc.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ClipSrv ImagePath = [CHECK]%SystemRoot%\system32\clipsrv.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\clr_optimization_v2.0.50727_32 ImagePath = [CHECK]C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CmBatt ImagePath = [CHECK]system32\DRIVERS\CmBatt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CmdIde ImagePath = [CHECK]system32\DRIVERS\cmdide.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Compbatt ImagePath = [CHECK]system32\DRIVERS\compbatt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\COMSysApp ImagePath = [CHECK]C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD8811D1-960D-00805FC79235}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Cpqarray ImagePath = [CHECK]system32\DRIVERS\cpqarray.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CryptSvc ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CryptSvc\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\cryptsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\cvhsvc ImagePath = [CHECK]"C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dac2w2k ImagePath = [CHECK]system32\DRIVERS\dac2w2k.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dac960nt ImagePath = [CHECK]system32\DRIVERS\dac960nt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DCDClient-ISSI ImagePath = [CHECK]C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DcomLaunch ImagePath = %SystemRoot%\system32\svchost -k DcomLaunch
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DcomLaunch\Parameters ServiceDll = [CHECK]%SystemRoot%\system32\rpcss.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DefWatch
ImagePath = [CHECK]"C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dhcp ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dhcp\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\dhcpcsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Disk ImagePath = [CHECK]system32\DRIVERS\disk.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dmadmin ImagePath = [CHECK]%SystemRoot%\System32\dmadmin.exe /com
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dmboot ImagePath = [CHECK]System32\drivers\dmboot.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dmio ImagePath = [CHECK]System32\drivers\dmio.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dmload ImagePath = [CHECK]System32\drivers\dmload.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dmserver ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dmserver\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\dmserver.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DMusic ImagePath = [CHECK]system32\drivers\DMusic.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k NetworkService
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\dnsrslvr.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dot3svc ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k dot3svc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dot3svc\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\dot3svc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dpti2o ImagePath = [CHECK]system32\DRIVERS\dpti2o.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\drmkaud ImagePath = [CHECK]system32\drivers\drmkaud.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\e1express ImagePath = [CHECK]system32\DRIVERS\e1e5132.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EapHost ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k eapsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EapHost\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\eapsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\eeCtrl ImagePath = [CHECK]\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EGATHDRV ImagePath = [CHECK]\??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EraserUtilRebootDrv ImagePath = [CHECK]\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ERSvc ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ERSvc\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\ersvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog ImagePath = [CHECK]%SystemRoot%\system32\services.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventSystem ImagePath = [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventSystem\Parameters ServiceDll = [CHECK]C:\WINDOWS\system32\es.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EvtEng ImagePath = [CHECK]C:\Program Files\Intel\WiFi\bin\EvtEng.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\FastUserSwitchingCompatibility ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\FastUserSwitchingCompatibility\Pa rameters ServiceDll = [CHECK]%SystemRoot%\System32\shsvcs.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Fdc ImagePath = [CHECK]system32\DRIVERS\fdc.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Flpydisk ImagePath = [CHECK]system32\DRIVERS\flpydisk.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\FltMgr
ImagePath = [CHECK]system32\drivers\fltmgr.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\FontCache3.0.0.0 ImagePath = [CHECK]c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Ftdisk ImagePath = [CHECK]system32\DRIVERS\ftdisk.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Gpc ImagePath = [CHECK]system32\DRIVERS\msgpc.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HDAudBus ImagePath = [CHECK]system32\DRIVERS\HDAudBus.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\helpsvc ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\helpsvc\Parameters ServiceDll = [CHECK]%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HidServ ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HidServ\Parameters ServiceDll = %SystemRoot%\System32\hidserv.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HidUsb ImagePath = [CHECK]system32\DRIVERS\hidusb.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\hkmsvc ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\hkmsvc\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\kmsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\hpn ImagePath = [CHECK]system32\DRIVERS\hpn.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HSF_DPV ImagePath = [CHECK]system32\DRIVERS\hsx_dpv.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HSXHWAZL ImagePath = [CHECK]system32\DRIVERS\hsxhwazl.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP ImagePath = [CHECK]System32\Drivers\HTTP.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTPFilter ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k HTTPFilter
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTPFilter\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\w3ssl.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\hwdatacard ImagePath = [CHECK]system32\DRIVERS\ewusbmdm.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\hwusbdev ImagePath = [CHECK]system32\DRIVERS\ewusbdev.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\i2omp ImagePath = [CHECK]system32\DRIVERS\i2omp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\i8042prt ImagePath = [CHECK]system32\DRIVERS\i8042prt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ialm ImagePath = [CHECK]system32\DRIVERS\igxpmp32.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\iastor ImagePath = [CHECK]System32\Drivers\iaStor.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IBMPMDRV ImagePath = [CHECK]system32\DRIVERS\ibmpmdrv.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IBMPMSVC
ImagePath = [CHECK]%SystemRoot%\system32\ibmpmsvc.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IBMTPCHK ImagePath = [CHECK]\??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IBM_LLC2 ImagePath = [CHECK]system32\DRIVERS\llc2.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IDriverT ImagePath = [CHECK]"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\idsvc ImagePath = [CHECK]"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Imapi ImagePath = [CHECK]system32\DRIVERS\imapi.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ImapiService ImagePath = [CHECK]C:\WINDOWS\system32\imapi.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ini910u ImagePath = [CHECK]system32\DRIVERS\ini910u.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IntelIde
ImagePath = [CHECK]system32\DRIVERS\intelide.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\intelppm ImagePath = [CHECK]system32\DRIVERS\intelppm.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Ip6Fw ImagePath = [CHECK]system32\drivers\ip6fw.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IpFilterDriver ImagePath = [CHECK]system32\DRIVERS\ipfltdrv.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IpInIp ImagePath = [CHECK]system32\DRIVERS\ipinip.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IpNat ImagePath = [CHECK]system32\DRIVERS\ipnat.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IPSec ImagePath = [CHECK]system32\DRIVERS\ipsec.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\irda ImagePath = [CHECK]system32\DRIVERS\irda.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IRENUM ImagePath = [CHECK]system32\DRIVERS\irenum.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Irmon ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Irmon\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\irmon.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IsamFilter ImagePath = [CHECK]system32\DRIVERS\isamfilter.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ISAMsmt ImagePath = C:\Program Files\C4ebreg\isamsmt.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ISAMSvc ImagePath = [CACHE]"C:\Program Files\c4ebreg\c4ebreg.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\isapnp ImagePath = [CHECK]system32\DRIVERS\isapnp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ISSIMon ImagePath = [CACHE]"c:\sdwork\issimsvc.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ISSVC ImagePath = [CHECK]"C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\JavaQuickStarterService ImagePath = [CHECK]"C:\Program Files\IBM\Java60\jre\bin\jqs.exe" -service -config "C:\Program Files\IBM\Java60\jre\lib\deploy\jqs\jqs.conf"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Kbdclass ImagePath = [CHECK]system32\DRIVERS\kbdclass.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\KLOGNT ImagePath = [CHECK]\SystemRoot\System32\drivers\klognt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kmixer ImagePath = [CHECK]system32\drivers\kmixer.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanserver ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanserver\parameters ServiceDll = [CHECK]%SystemRoot%\System32\srvsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanworkstation ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanworkstation\parameters ServiceDll = [CHECK]%SystemRoot%\System32\wkssvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ldlcserv
ImagePath = [CHECK]C:\WINDOWS\system32\Drivers\ldlcserv.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LENOVO.MICMUTE ImagePath = [CHECK]C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LiveUpdate ImagePath = [CHECK]"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LmHosts ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k LocalService
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LmHosts\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\lmhsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Lotus Notes Diagnostics ImagePath = [CHECK]c:\notes\nsd.exe -svcinvoke -ini "c:\notes\notes.ini"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mdmxsdk ImagePath = [CHECK]system32\DRIVERS\mdmxsdk.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Messenger ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Messenger\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\msgsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mnmsrvc ImagePath = [CHECK]C:\WINDOWS\system32\mnmsrvc.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Mouclass ImagePath = [CHECK]system32\DRIVERS\mouclass.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mouhid ImagePath = [CHECK]system32\DRIVERS\mouhid.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mraid35x ImagePath = [CHECK]system32\DRIVERS\mraid35x.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MRxDAV ImagePath = [CHECK]system32\DRIVERS\mrxdav.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MRxSmb ImagePath = [CHECK]system32\DRIVERS\mrxsmb.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSDTC ImagePath = [CHECK]C:\WINDOWS\system32\msdtc.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSIServer ImagePath = [CHECK]C:\WINDOWS\system32\msiexec.exe /V
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSKSSRV ImagePath = [CHECK]system32\drivers\MSKSSRV.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSPCLOCK ImagePath = [CHECK]system32\drivers\MSPCLOCK.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSPQM ImagePath = [CHECK]system32\drivers\MSPQM.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mssmbios ImagePath = [CHECK]system32\DRIVERS\mssmbios.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Multi-user Cleanup Service ImagePath = [CHECK]c:\notes\ntmulti.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MyHelp ImagePath = C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\napagent ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\napagent\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\qagentrt.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NAVENG
ImagePath = [CHECK]\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110202.002\naveng.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NAVEX15 ImagePath = [CHECK]\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110202.002\navex15.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NdisTapi ImagePath = [CHECK]system32\DRIVERS\ndistapi.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Ndisuio ImagePath = [CHECK]system32\DRIVERS\ndisuio.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NdisWan ImagePath = [CHECK]system32\DRIVERS\ndiswan.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetBIOS ImagePath = [CHECK]system32\DRIVERS\netbios.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetBT ImagePath = [CHECK]system32\DRIVERS\netbt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetCfgSvr ImagePath = [CHECK]C:\Program Files\AT&T Network Client\NetCfgSv.EXE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetDDE
ImagePath = [CHECK]%SystemRoot%\system32\netdde.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetDDEdsdm ImagePath = [CACHE]%SystemRoot%\system32\netdde.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon ImagePath = [CHECK]%SystemRoot%\system32\lsass.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netman ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netman\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\netman.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetTcpPortSharing ImagePath = [CHECK]"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NETw5x32 ImagePath = [CHECK]system32\DRIVERS\NETw5x32.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Nla ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Nla\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\mswsock.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\nmwcd ImagePath = [CHECK]system32\drivers\ccdcmb.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\nmwcdc ImagePath = [CHECK]system32\drivers\ccdcmbo.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NPF ImagePath = [CHECK]system32\drivers\npf.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NSCIRDA ImagePath = [CHECK]system32\DRIVERS\nscirda.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NsTrcNT ImagePath = [CHECK]\SystemRoot\System32\drivers\nstrcnt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtLmSsp ImagePath = [CACHE]%SystemRoot%\system32\lsass.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtmsSvc ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtmsSvc\Parameters ServiceDll = [CHECK]%SystemRoot%\system32\ntmssvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NwlnkFlt ImagePath = [CHECK]system32\DRIVERS\nwlnkflt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NwlnkFwd ImagePath = [CHECK]system32\DRIVERS\nwlnkfwd.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ose ImagePath = [CHECK]"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\osppsvc ImagePath = [CHECK]"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Parport ImagePath = [CHECK]system32\DRIVERS\parport.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pccsmcfd ImagePath = [CHECK]system32\DRIVERS\pccsmcfd.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PCI ImagePath = [CHECK]system32\DRIVERS\pci.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PCIIde ImagePath = [CHECK]system32\DRIVERS\pciide.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Pcmcia ImagePath = [CHECK]system32\DRIVERS\pcmcia.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnacom ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnacom.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnafac ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnafac.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnatcm ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnatcm.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnatdl ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnatdl.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlncbas ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlncbas.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlncfwk ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlncfwk.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnctdl ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnctdl.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlndint
ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlndint.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlndldl ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlndldl.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlndlpb ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlndlpb.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlndoem ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlndoem.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlndqll ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlndqll.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlndsdl ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlndsdl.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlndtdl ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlndtdl.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnebas ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnebas.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnecfg ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnecfg.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnemap ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnemap.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnemsg ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnemsg.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnepkt ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnepkt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnshay ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnshay.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnslea ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnslea.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnsv25 ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnsv25.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pdlnsx25 ImagePath = [CHECK]\SystemRoot\System32\drivers\pdlnsx25.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\perc2 ImagePath = [CHECK]system32\DRIVERS\perc2.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\perc2hib ImagePath = [CHECK]system32\DRIVERS\perc2hib.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PlugPlay ImagePath = [CACHE]%SystemRoot%\system32\services.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PMEM ImagePath = [CHECK]\??\C:\WINDOWS\system32\drivers\PMEMNT.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PolicyAgent ImagePath = [CACHE]%SystemRoot%\system32\lsass.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PptpMiniport ImagePath = [CHECK]system32\DRIVERS\raspptp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ProtectedStorage ImagePath = [CACHE]%SystemRoot%\system32\lsass.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\prwnys ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\prwnys\Parameters ServiceDll = C:\WINDOWS\system32\jydit.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Ptilink
ImagePath = [CHECK]system32\DRIVERS\ptilink.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PxHelp20 ImagePath = [CHECK]System32\Drivers\PxHelp20.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ql1080 ImagePath = [CHECK]system32\DRIVERS\ql1080.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Ql10wnt ImagePath = [CHECK]system32\DRIVERS\ql10wnt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ql12160 ImagePath = [CHECK]system32\DRIVERS\ql12160.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ql1240 ImagePath = [CHECK]system32\DRIVERS\ql1240.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ql1280 ImagePath = [CHECK]system32\DRIVERS\ql1280.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasAcd ImagePath = [CHECK]system32\DRIVERS\rasacd.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasAuto ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasAuto\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\rasauto.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasirda ImagePath = [CHECK]system32\DRIVERS\rasirda.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasl2tp ImagePath = [CHECK]system32\DRIVERS\rasl2tp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasMan ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasMan\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\rasmans.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasPppoe ImagePath = [CHECK]system32\DRIVERS\raspppoe.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Raspti ImagePath = [CHECK]system32\DRIVERS\raspti.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rdbss ImagePath = [CHECK]system32\DRIVERS\rdbss.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RDPCDD ImagePath = [CHECK]System32\DRIVERS\RDPCDD.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\rdpdr ImagePath = [CHECK]system32\DRIVERS\rdpdr.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RDSessMgr ImagePath = [CHECK]C:\WINDOWS\system32\sessmgr.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\redbook ImagePath = [CHECK]system32\DRIVERS\redbook.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RegSrvc ImagePath = [CHECK]C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RemoteAccess ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RemoteAccess\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\mprdim.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RemoteRegistry ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k LocalService
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RemoteRegistry\Parameters
ServiceDll = [CHECK]%SystemRoot%\system32\regsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ROOTMODEM ImagePath = [CHECK]System32\Drivers\RootMdm.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\rpcapd ImagePath = [CHECK]"%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RpcLocator ImagePath = [CHECK]%SystemRoot%\system32\locator.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RpcSs ImagePath = %SystemRoot%\system32\svchost -k rpcss
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RpcSs\Parameters ServiceDll = [CACHE]%SystemRoot%\system32\rpcss.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RSVP ImagePath = [CHECK]%SystemRoot%\system32\rsvp.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\S24EventMonitor ImagePath = [CHECK]C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\s24trans ImagePath = [CHECK]system32\DRIVERS\s24trans.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SamSs ImagePath = [CACHE]%SystemRoot%\system32\lsass.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SavRoam ImagePath = [CHECK]"c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SAVRT ImagePath = [CHECK]\??\C:\Program Files\Symantec Client Security\Symantec AntiVirus\savrt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SAVRTPEL ImagePath = [CHECK]\??\C:\Program Files\Symantec Client Security\Symantec AntiVirus\Savrtpel.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SCardSvr ImagePath = [CHECK]%SystemRoot%\System32\SCardSvr.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Schedule ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Schedule\Parameters ServiceDll = [CHECK]%SystemRoot%\system32\schedsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ScsiPort ImagePath = [CHECK]%SystemRoot%\system32\drivers\scsiport.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Secdrv ImagePath = [CHECK]system32\DRIVERS\secdrv.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\seclogon ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\seclogon\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\seclogon.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SENS ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SENS\Parameters ServiceDll = [CHECK]%SystemRoot%\system32\sens.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\serenum ImagePath = [CHECK]system32\DRIVERS\serenum.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Serial ImagePath = [CHECK]system32\DRIVERS\serial.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ServiceLayer ImagePath = [CHECK]"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Sftfs ImagePath = [CHECK]system32\DRIVERS\Sftfsxp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sftlist ImagePath = [CHECK]"C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Sftplay ImagePath = [CHECK]system32\DRIVERS\Sftplayxp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Sftredir ImagePath = [CHECK]system32\DRIVERS\Sftredirxp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Sftvol ImagePath = [CHECK]system32\DRIVERS\Sftvolxp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sftvsa ImagePath = [CHECK]"C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\ipnathlp.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ShellHWDetection ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ShellHWDetection\Parameters ServiceDll = [CACHE]%SystemRoot%\System32\shsvcs.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Shockprf ImagePath = [CHECK]System32\DRIVERS\Apsx86.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sisagp ImagePath = [CHECK]system32\DRIVERS\sisagp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Smapint ImagePath = [CHECK]System32\drivers\Smapint.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SNDSrvc ImagePath = [CHECK]"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Sparrow ImagePath = [CHECK]system32\DRIVERS\sparrow.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SPBBCDrv ImagePath = [CHECK]\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SPBBCSvc
ImagePath = [CHECK]"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\splitter ImagePath = [CHECK]system32\drivers\splitter.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Spooler ImagePath = [CHECK]%SystemRoot%\system32\spoolsv.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sr ImagePath = [CHECK]system32\DRIVERS\sr.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\srservice ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\srservice\Parameters ServiceDll = [CHECK]C:\WINDOWS\system32\srsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Srv ImagePath = [CHECK]system32\DRIVERS\srv.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSDPSRV ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k LocalService
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSDPSRV\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\ssdpsrv.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\stisvc ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k imgsvc
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\stisvc\Parameters ServiceDll = [CHECK]%SystemRoot%\system32\wiaservc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\swenum ImagePath = [CHECK]system32\DRIVERS\swenum.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\swmidi ImagePath = [CHECK]system32\drivers\swmidi.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SwPrv ImagePath = [CACHE]C:\WINDOWS\system32\dllhost.exe /Processid:{70BEF680-FB0F4516-A343-97C83A5A78F6}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Symantec AntiVirus ImagePath = [CHECK]"C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\symc810 ImagePath = [CHECK]system32\DRIVERS\symc810.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\symc8xx ImagePath = [CHECK]system32\DRIVERS\symc8xx.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SYMDNS ImagePath = [CHECK]\SystemRoot\System32\Drivers\SYMDNS.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SymEvent ImagePath = [CHECK]\??\C:\Program Files\Symantec\SYMEVENT.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SYMFW ImagePath = [CHECK]\SystemRoot\System32\Drivers\SYMFW.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SYMIDS ImagePath = [CHECK]\SystemRoot\System32\Drivers\SYMIDS.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SYMIDSCO ImagePath = [CHECK]\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\SCFIDS~1\20110126.001\symidsco.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SYMNDIS ImagePath = [CHECK]\SystemRoot\System32\Drivers\SYMNDIS.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SYMREDRV ImagePath = [CHECK]\SystemRoot\System32\Drivers\SYMREDRV.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SymSecurePort ImagePath = [CHECK]"C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SYMTDI ImagePath = [CHECK]\SystemRoot\System32\Drivers\SYMTDI.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sym_hi ImagePath = [CHECK]system32\DRIVERS\sym_hi.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sym_u3 ImagePath = [CHECK]system32\DRIVERS\sym_u3.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SynTP ImagePath = [CHECK]system32\DRIVERS\SynTP.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sysaudio ImagePath = [CHECK]system32\drivers\sysaudio.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SysmonLog ImagePath = [CHECK]%SystemRoot%\system32\smlogsvc.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TapiSrv ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TapiSrv\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\tapisrv.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip ImagePath = [CHECK]system32\DRIVERS\tcpip.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TDSMAPI ImagePath = [CHECK]System32\drivers\TDSMAPI.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TermDD ImagePath = [CHECK]system32\DRIVERS\termdd.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TermService ImagePath = %SystemRoot%\System32\svchost -k DComLaunch
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TermService\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\termsrv.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Themes ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Themes\Parameters ServiceDll = [CACHE]%SystemRoot%\System32\shsvcs.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TlntSvr ImagePath = [CHECK]C:\WINDOWS\system32\tlntsvr.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tmcomm
ImagePath = [CHECK]\??\C:\WINDOWS\system32\drivers\tmcomm.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TosIde ImagePath = [CHECK]system32\DRIVERS\toside.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TPDIGIMN ImagePath = [CHECK]System32\DRIVERS\ApsHM86.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TPHDEXLGSVC ImagePath = [CHECK]System32\TPHDEXLG.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TPHKDRV ImagePath = [CHECK]system32\DRIVERS\TPHKDRV.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TPHKSVC ImagePath = [CHECK]C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TpKmpSVC ImagePath = [CHECK]C:\WINDOWS\system32\TpKmpSVC.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TPPWRIF ImagePath = [CHECK]System32\drivers\Tppwrif.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TrcBoot ImagePath = [CHECK]C:\WINDOWS\system32\Drivers\trcboot.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TrkWks ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TrkWks\Parameters ServiceDll = [CHECK]%SystemRoot%\system32\trkwks.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TSMAPIP ImagePath = [CHECK]System32\drivers\TSMAPIP.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ultra ImagePath = [CHECK]system32\DRIVERS\ultra.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Update ImagePath = [CHECK]system32\DRIVERS\update.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\upnphost ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k LocalService
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\upnphost\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\upnphost.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\upperdev ImagePath = [CHECK]system32\DRIVERS\usbser_lowerflt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\UPS ImagePath = [CHECK]%SystemRoot%\System32\ups.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\usbccgp ImagePath = [CHECK]system32\DRIVERS\usbccgp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\usbehci ImagePath = [CHECK]system32\DRIVERS\usbehci.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\usbhub ImagePath = [CHECK]system32\DRIVERS\usbhub.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\usbprint ImagePath = [CHECK]system32\DRIVERS\usbprint.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\usbser ImagePath = [CHECK]system32\drivers\usbser.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\UsbserFilt ImagePath = [CHECK]system32\DRIVERS\usbser_lowerfltj.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\USBSTOR ImagePath = [CHECK]system32\DRIVERS\USBSTOR.SYS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\usbuhci
ImagePath = [CHECK]system32\DRIVERS\usbuhci.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VgaSave ImagePath = [CHECK]\SystemRoot\System32\drivers\vga.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\viaagp ImagePath = [CHECK]system32\DRIVERS\viaagp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ViaIde ImagePath = [CHECK]system32\DRIVERS\viaide.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VSS ImagePath = [CHECK]%SystemRoot%\System32\vssvc.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\W32Time ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\W32Time\Parameters ServiceDll = [CHECK]C:\WINDOWS\system32\w32time.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Wanarp ImagePath = [CHECK]system32\DRIVERS\wanarp.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wcndis ImagePath = [CHECK]system32\DRIVERS\wcndis.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Wdf01000 ImagePath = [CHECK]System32\Drivers\wdf01000.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wdmaud ImagePath = [CHECK]system32\drivers\wdmaud.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WebClient ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k LocalService
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WebClient\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\webclnt.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\winachsf ImagePath = [CHECK]system32\DRIVERS\hsx_cnxt.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\winmgmt ImagePath = [CACHE]%systemroot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\winmgmt\Parameters ServiceDll = [CHECK]%SystemRoot%\system32\wbem\WMIsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WmdmPmSN ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WmdmPmSN\Parameters ServiceDll = [CHECK]C:\WINDOWS\system32\MsPMSNSv.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Wmi ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Wmi\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\advapi32.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WmiApSrv ImagePath = [CHECK]C:\WINDOWS\system32\wbem\wmiapsrv.exe
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WMPNetworkSvc ImagePath = [CHECK]"C:\Program Files\Windows Media Player\WMPNetwk.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WpdUsb ImagePath = [CHECK]system32\DRIVERS\wpdusb.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wscsvc ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wscsvc\Parameters ServiceDll = [CHECK]%SYSTEMROOT%\system32\wscsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WSIMD
ImagePath = [CHECK]system32\DRIVERS\wsimd.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv ImagePath = [CACHE]%systemroot%\system32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\Parameters ServiceDll = [CHECK]C:\WINDOWS\system32\wuauserv.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WudfPf ImagePath = [CHECK]system32\DRIVERS\WudfPf.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WudfRd ImagePath = [CHECK]system32\DRIVERS\wudfrd.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WudfSvc ImagePath = [CACHE]%SystemRoot%\system32\svchost.exe -k WudfServiceGroup
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WudfSvc\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\WUDFSvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WZCSVC ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WZCSVC\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\wzcsvc.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\xmlprov ImagePath = [CACHE]%SystemRoot%\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\xmlprov\Parameters ServiceDll = [CHECK]%SystemRoot%\System32\xmlprov.dll
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ztemtusbser ImagePath = system32\DRIVERS\CT_ZTEMT_U_USBSER.sys
-= Custom Registry Dump =-
[Coreflood Auto-Start entry] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOve rlayIdentifiers\Offline Files (Default) = {750fdf0e-2a26-11d1-a3ea-080036587f03}
[Terminal Server Service Autostart] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run (Default) =
[Driver32 Autostart] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 midimapper = [CHECK]midimap.dll msacm.imaadpcm = imaadp32.acm
msacm.msadpcm = msadp32.acm msacm.msg711 = msg711.acm msacm.msgsm610 = msgsm32.acm msacm.trspch = tssoft32.acm vidc.cvid = [CHECK]iccvid.dll vidc.I420 = [CHECK]msh263.drv vidc.iv31 = [CHECK]ir32_32.dll vidc.iv32 = [CACHE]ir32_32.dll vidc.iv41 = ir41_32.ax vidc.iyuv = [CHECK]iyuv_32.dll vidc.mrle = [CHECK]msrle32.dll vidc.msvc = [CHECK]msvidc32.dll vidc.uyvy = [CHECK]msyuv.dll vidc.yuy2 = [CACHE]msyuv.dll vidc.yvu9 = [CHECK]tsbyuv.dll vidc.yvyu = [CACHE]msyuv.dll wavemapper = [CHECK]msacm32.drv msacm.msg723 = msg723.acm vidc.M263 = [CACHE]msh263.drv vidc.M261 = [CHECK]msh261.drv msacm.msaudio1 = msaud32.acm msacm.sl_anet = sl_anet.acm msacm.iac2 = [ESKIP]C:\WINDOWS\system32\iac25_32.ax vidc.iv50 = [CHECK]ir50_32.dll msacm.l3acm = [ESKIP]C:\WINDOWS\system32\l3codeca.acm
wave = [CHECK]wdmaud.drv midi = [CACHE]wdmaud.drv mixer = [CACHE]wdmaud.drv aux = [CACHE]wdmaud.drv vidc.tscc = [CHECK]C:\WINDOWS\system32\tsccvid.dll
[Windows NT\Winlogon Autostart] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon System = VmApplet = rundll32 shell32,Control_RunDLL "sysdm.cpl"
[Standard Profile] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewal lPolicy\StandardProfile\AuthorizedApplications\List %windir%\system32\sessmgr.exe = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 %windir%\Network Diagnostic\xpnetdiag.exe = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe = [CHECK]C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger C:\Program Files\Google\Google Talk\googletalk.exe = [CACHE]C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk C:\Program Files\Skype\Plugin Manager\skypePM.exe = [CHECK]C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe = [CHECK]C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin
C:\Program Files\Skype\Phone\Skype.exe = [CHECK]C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
[DomainProfile] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Firewal lPolicy\DomainProfile\AuthorizedApplications\List %windir%\system32\sessmgr.exe = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 %windir%\Network Diagnostic\xpnetdiag.exe = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
+----------------------------------------------|Scheduled Tasks Information +-----------------------------------------------
Task: RealUpgradeScheduledTaskS-1-5-21-189123497-2070932348-2804965741-500.job Account Name Creator Comment Exit Code Status Idle Minutes : MOUMOHAM\administrator : administrator : :0 : UNKNOWN : 10 minutes : 60 minutes 0:00
Deadline Minutes
Most Recent Run Time : 0/0/0 Next Run Time Next RunTimes
: 2/11/2011 12:28 : 5 times 12:28
1 - 2/11/2011
2 - 2/18/2011 3 - 2/25/2011 4 - 3/4/2011 5 - 3/11/2011
12:28 12:28 12:28 12:28
Task: RealUpgradeLogonTaskS-1-5-21-189123497-2070932348-2804965741-500.job Account Name Creator Comment Exit Code Status Idle Minutes : MOUMOHAM\administrator : administrator : :0 : SCHED_S_TASK_READY : 10 minutes : 60 minutes 13:21
Deadline Minutes
Most Recent Run Time : 2/4/2011 Next Run Time Next RunTimes : 0/0/0 : 0 times 0:00
Task: PMTask.job Account Name Creator Comment Exit Code Status Idle Minutes : : Administrator : :0 : UNKNOWN : 0 minutes : 990 minutes
Deadline Minutes
Most Recent Run Time : 10/17/2010 Next Run Time Next RunTimes : 0/0/0 : 0 times 0:00
22:59
+----------------------------------------------|File Dump +----------------------------------------------[FMISS]C:\WINDOWS\WINSTART.BAT -= Local DNS HOSTS File =# Copyright (c) 1993-1999 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server
38.25.63.10
x.acme.com
# x client host
127.0.0.1
localhost
+----------------------------------------------|Browser History Information +-----------------------------------------------
-= Typed URLs =-
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs url1 = http://9.124.103.241/ url2 = http://9.184.66.100/ url3 = americanexpress. url4 = https://americanexpress.com/ url5 = https://www99.americanexpress.com/myca/logon/japa/action?request_type=LogonHandler&DestPage =https%3A%2F%2Fwww99.americanexpress.com url6 = americanexpress url7 = hdfc
-= Internet Explorer History =-
Reference Date: 02-05-2011
Yesterday: http://9.184.66.100
Yesterday: http://in.my.yahoo.com/p/1.html?_pckpartner=tatadial&_top=1
Yesterday: http://9.124.103.241/private/remote_graphics.ssi
Yesterday: http://9.124.103.241/private/welcome.ssi
Yesterday: http://www.tataindicom.com/photonredirect
Yesterday: http://w3.ibm.com/w3odw/spg/index_default.html
Yesterday: http://9.124.103.241/private/hwvpd.ssi
Yesterday: http://9.124.103.241/private/main.ssi
Yesterday:
http://w3.ibm.com
Yesterday: http://w3.ibm.com/jct03001pt/wps/portal
Yesterday: http://www.tataindicom.com/EC1260
Yesterday: http://9.124.103.241/private/terminate_and_start_new
Yesterday: http://9.124.103.241/favicon.ico
2 Days ago: http://9.184.66.100/private/terminate_and_start_new
2 Days ago: http://9.184.66.100/private/save_remote_owner
2 Days ago: http://9.184.66.100/favicon.ico
2 Days ago: https://channel.skype.com/facebook/channel/?uiversion=5.1.0.104&language=en
2 Days ago: http://9.184.66.100/private/remote_graphics4.ssi
2 Days ago: http://www.freeware995.com/promo/sponsor3.htm
2 Days ago: http://9.184.66.100/private/remote_graphics.ssi
2 Days ago: https://9.184.66.100/favicon.ico
2 Days ago: http://9.184.66.100/private/saa_diff_client.ssi
2 Days ago: https://9.184.66.100
2 Days ago: https://www.regnow.com/softsell/nph-softsell.cgi?currency=USD&item=9059-1
2 Days ago: https://channel.skype.com/facebook/channel/?uiversion=5.1.0.112&language=en
2 Days ago: http://9.184.66.100/private/welcome.ssi
2 Days ago: http://9.184.66.100/private/main.ssi
3 Days ago:
https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continu e=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=llya694le36z&scc=1< mpl=default<mplcache=2
3 Days ago: https://infinity.icicibank.co.in/favicon.ico
3 Days ago: https://www.americanexpress.com/india/homepage.shtml
3 Days ago: https://online.americanexpress.com/favicon.ico
3 Days ago: https://www99.americanexpress.com/favicon.ico
3 Days ago: http://www.hdfcbank.com/personal/default.htm
3 Days ago: https://americanexpress.com
3 Days ago: http://www.bing.com/search?q=americanexpress.&src=IE-Address&format=rss
3 Days ago: https://global.americanexpress.com/favicon.ico
3 Days ago:
https://sso.americanexpress.com/SSO/request?request_type=un_logon&ssolang=en_IN&ssobra nd=INTERALERTS&TYPE=33554432&REALMOID=06-5e4c047a-bfa6-1002-9e0080f7dddcfd44&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$xouynl%2bXwy6Zw cZt%2fKhjp57lZZiRivl4nQ0BcVA3aE0TApn4CdNpCbtj6AHoHENT&TARGET=$SM$HTTPS%3a%2f%2fwww2 01%2eamericanexpress%2ecom%2fintlocc%2fauthreg%2fen_IN%2fcem_summary%2edo%3fFace%3den _IN
3 Days ago: http://www.bing.com/search?q=americanexpress.&src=IE-Address
3 Days ago:
https://www99.americanexpress.com/myca/logon/japa/action?request_type=LogonHandler&D estPage=https%3A%2F%2Fwww99.americanexpress.com%2Fmyca%2Festatement%2Fjapa%2Faction%3 Frequest_type%3Dauthreg_CardsList%26Face%3Den_IN%26india_nav%3DCTA_MycaLogoff_Login&Face =en_IN
3 Days ago:
https://infinity.icicibank.co.in/BANKAWAY;jsessionid=0000kywMB40uunm1A0pkF2xOmTU:1567 60do6?bwayparam=da0%2BCcRhcJfLjtYCXCZuARrnhMYei0G7D%2FyjdL1LXSFkUnut
3 Days ago:
https://online.americanexpress.com/myca/logon/us/action?request_type=LogLogonHandler&lo cation=us_pre1_cards
3 Days ago:
https://online.americanexpress.com/myca/acctsumm/us/action?request_type=authreg_acctAcc ountSummary&entry_point=lnk_homepage&aexp_nav=sc_checkbill&referrer=ushome§ion=login
3 Days ago: http://www.hdfcbank.com
3 Days ago: https://www.billdesk.com/favicon.ico
3 Days ago:
https://www.billdesk.com/pgidsk/servlet/com.pgidsk.controller.PGIMerchantRequestHandler
3 Days ago:
https://infinity.icicibank.co.in/BANKAWAYTRAN;jsessionid=0000kywMB40uunm1A0pkF2xOmTU :156760do6?bwayparam=YKcvEf9gHtA%3D
3 Days ago: https://www212.americanexpress.com/dsmlive/dsm/int/in/en/personal/creditknowhow.do?vgnextoid=8ed10a06f0274210VgnVCM200000d0faad94RCRD
3 Days ago: https://www.billdesk.com/pgidsk/servlet/PGICardPayHandler
3 Days ago:
https://www99.americanexpress.com/myca/logon/japa/action?request_type=LogLogoffHandler &Face=en_IN
3 Days ago: https://netbanking.hdfcbank.com/netbanking/entry
3 Days ago:
https://www99.americanexpress.com/myca/estatement/japa/action?request_type=authreg_Ca rdsList&Face=en_IN&india_nav=TEXTLINK_PersCards_Login
3 Days ago: https://netbanking.hdfcbank.com/favicon.ico
3 Days ago:
http://www.americanexpress.com/links/myca/en_IN/?india_nav=CTA_MycaLogoff_Login
3 Days ago:
https://global.americanexpress.com/intlocc/authreg/en_IN/cem_summary.do?Face=en_IN
3 Days ago:
https://infinity.icicibank.co.in/BANKAWAY;jsessionid=0000kywMB40uunm1A0pkF2xOmTU:1567 60do6?bwayparam=Z6spFdlqDbHBjM88TiNtQRnvkckcgAiHW5KfMY5WSh9YVCv0P3cMyu%2BJ5DZbvVHf qMBh%2BXsqL8IA%0D%0AbodeBg%3D%3D
3 Days ago: http://www.tataindicom.com/favicon.ico
3 Days ago:
https://infinity.icicibank.co.in/BANKAWAY?IWQRYTASKOBJNAME=bay_mc_login&BAY_BANKID= ICI
3 Days ago: https://home.americanexpress.com/home/mt_personal_cm.shtml
3 Days ago: http://www.bing.com/search?q=americanexpress&src=IE-Address
3 Days ago: http://www.americanexpress.com/india/myaccount/logoff.shtml
3 Days ago: https://www99.americanexpress.com/myca/logon/japa/action
3 Days ago: https://sso.americanexpress.com/SSO/logon.fcc
3 Days ago: https://netbanking.hdfcbank.com/netbanking
3 Days ago: http://www.bing.com/search?q=americanexpress&src=IE-Address&format=rss
3 Days ago:
https://netbanking.hdfcbank.com/netbanking/entry?selCard=4617862000866434&fldCodDrCr= B&firstSeqNo=00002&lastSeqNo=00011&fldCardNo=4617862000866434&fldInitialSwitch=I&fldLastTxnS eqNo=0&fldAppId=RS&fldTxnId=UNB&fldSessionId=128177436PMBNQZLFR&fldScrnSeqNbr=02
3 Days ago: https://www.billdesk.com/pgmerc/amexcard/index.htm
3 Days ago:
https://www201.americanexpress.com/intlocc/authreg/en_IN/cem_summary.do?Face=en_IN
3 Days ago: https://www.americanexpress.com/india/campaigns/pay_your_bill/payNow.htm
3 Days ago:
http://www.bing.com/search?q=hdfc&src=IE-Address
3 Days ago: https://www99.americanexpress.com/myca/estatement/japa/action?
3 Days ago: https://www.americanexpress.com/india/campaigns/pay_your_bill/index.html
3 Days ago: http://www.bing.com/search?q=hdfc&src=IE-Address&format=rss
3 Days ago: https://www212.americanexpress.com/favicon.ico
3 Days ago: https://global.americanexpress.com/intlocc/authreg/en_IN/cem_confirmDetails.do
3 Days ago: https://www.billdesk.com/pgidsk/pgmerc/amexcard/amex_card.jsp
3 Days ago: https://www.billdesk.com/pgidsk/pgmerc/amexcard/amex_cardResponse.jsp
3 Days ago:
https://infinity.icicibank.co.in/BANKAWAYTRAN;jsessionid=0000kywMB40uunm1A0pkF2xOmTU :156760do6?bwayparam=YKcvEf9gHtE%3D
3 Days ago: https://apps.skype.com/skypehome/?uiversion=5.1.0.104
3 Days ago: https://sso.americanexpress.com/favicon.ico
3 Days ago:
https://netbanking.hdfcbank.com/netbanking/entry?selCard=4617862000866434&fldCardNo=4 617862000866434&fldAppId=RS&fldTxnId=ACI&fldSessionId=218277813EWAHSIOVP&fldScrnSeqNbr=0 2
4 Days ago:
http://switchboard.real.com/player/downloader.html?cd=webmessage&PT=FREE&OS=WinNT% 205.1.2600&LP=en%2DUS&OC=RN30DL&PV=12.0.1.609&PBR=393216&LI=en&PN=RealPlayer%20Downl oader&DC=R61ENDF&DT=040111
4 Days ago: http://clientsoftware.real.com/free/windows/installer/infopanel/14_0/downloader_en_us.html
-= Temporary Internet Files =-
Temporary Internet Files folder : C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
Folder: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files Contents: [ESKIP]desktop.ini
Folder: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 Contents: [ESKIP]desktop.ini [ESKIP]index.dat
Folder: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3H9PQGV0 Contents: [ESKIP]desktop.ini [ESKIP]WMP12f6f321-92d3-443d-8129-a7baeb07a404[1]..jpg [ESKIP]WMP2ae43d8b-4639-4d3d-94aa-d82ede275050[1]..jpg [ESKIP]WMP364fd9f1-6880-4061-8353-a3b302a17648[1]..jpg [ESKIP]WMP68ce304b-dc37-4139-98da-49615b385589[1]..jpg [ESKIP]WMP86dfdf3a-01fb-499f-8ba7-bec5ec05feb0[1]..jpg [ESKIP]WMPb17b7257-bc20-424b-a84a-e2e73453bc74[1]..jpg [ESKIP]WMPbe1617e2-4b9a-4e02-a352-a9f2c024813e[1]..jpg [ESKIP]WMPc640fa36-1c6f-4ff1-9ae1-7ec8aab518d2[1]..jpg
Folder: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6HYDQQVE Contents: [ESKIP]desktop.ini [ESKIP]SamiCaptioning[1] [ESKIP]WMP1168584e-ab23-4086-a352-a625de0962f3[1]..jpg [ESKIP]WMP2de58593-cfbd-403d-a1d4-decc844dbc8b[1]..jpg [ESKIP]WMP6e2426fc-a6f2-48c0-aabb-9cf5493de6bf[1]..jpg [ESKIP]WMP85857fea-123c-4607-be3b-208ee8b59072[1]..jpg [ESKIP]WMP85aa0450-0398-4ee3-a88f-57a4a058b030[1]..jpg [ESKIP]WMPc8557b8b-67e3-44c4-bebd-c4c5d1586124[1]..jpg [ESKIP]WMPcaa224fa-8c53-4098-87a6-574c5b2e0054[1]..jpg [ESKIP]WMPd8534a06-90ac-462c-a8ff-af821e9c45b6[1]..jpg [ESKIP]WMPfa77d2f0-b38b-4094-8c34-b20990e549fb[1]..jpg
Folder: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\88MRCTEV Contents: [ESKIP]desktop.ini [ESKIP]WMP1206fd49-0e7e-4a18-a660-046713aa3b18[1]..jpg [ESKIP]WMP280a6b99-e6fc-457f-9566-abd7f69e883d[1]..jpg [ESKIP]WMP3565f36b-892d-49af-8128-36619782d9b9[1]..jpg [ESKIP]WMP4a569b7c-8a7e-4632-93e9-b5570bf44d8f[1]..jpg [ESKIP]WMP5a82be07-092f-472a-8ba5-1d414dff252b[1]..jpg [ESKIP]WMP5dbfe1c4-804f-40bf-a6e9-945d86bff713[1]..jpg [ESKIP]WMP8d212f28-0300-487b-b8b2-ad2df6c27f13[1]..jpg
[ESKIP]WMPd14a5f72-e60a-431e-ae4b-a7b7c1c9dc3a[1]..jpg [ESKIP]WMPe2952ff7-106a-4352-ae51-3dab6d847035[1]..jpg [ESKIP]WMPed2d896c-aa0c-4e5e-8044-d7d2f8644129[1]..jpg
Folder: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\PYASHUMF Contents: [ESKIP]desktop.ini [ESKIP]WMP220759c9-2885-423d-b00b-9667afd23fd4[1]..jpg [ESKIP]WMPa2914ff7-7b9b-477b-9b4a-c73f47a5d67b[1]..jpg [ESKIP]WMPbd926388-eca1-458e-b53e-c6ef944ad577[1]..jpg [ESKIP]WMPd4044b73-0e41-4685-8d2e-1ebc3469b404[1]..jpg [ESKIP]WMPdebb9ee3-8f6b-47b6-91db-23a8a6293026[1]..jpg
Folder: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.MSO Contents: [ESKIP]1064F1CB.emf [ESKIP]18D6C489.emf [ESKIP]1965819F.emf [ESKIP]2E297148.wmf [ESKIP]52A9384C.emf [ESKIP]54F493A3.wmf [ESKIP]5CB54BAA.wmf [ESKIP]6453EF14.emf [ESKIP]6ABE45FD.wmf
[ESKIP]733219B7.emf [ESKIP]7DCD6A42.wmf [ESKIP]8B65510D.wmf [ESKIP]9C36B15B.emf [ESKIP]9DEB0E96.wmf [ESKIP]A2A15ED7.wmf [ESKIP]B5443A0.emf [ESKIP]C0D92F21.emf [ESKIP]C8446B67.wmf [ESKIP]CED1B57E.wmf [ESKIP]D0FA7AEC.wmf [ESKIP]E2791C05.wmf [ESKIP]EB4570A9.wmf [ESKIP]EB537E3C.wmf [ESKIP]EE078AAE.wmf
-= ActiveX Cache =-
Folder: C:\WINDOWS\Downloaded Program Files Contents: [CHECK]AvctActXLauncher.ocx [CHECK]AvctDSView3InterfaceVieweru.dll [CHECK]AvctDSViewAppTracker.dll [CHECK]AvctInterfaceViewerImpl.dll [CHECK]AvctInterfaceVieweru.dll
[CHECK]AvctKeyboard.dll [CHECK]AvctPuttyTel.exe [CHECK]avctRdpViewer.exe [CHECK]avctRdpViewerJA.dll [CHECK]avctRdpViewerKO.dll [CHECK]avctRdpViewerZH.dll [CHECK]AvctSerialViewer.exe [CHECK]AvctSerialViewerJA.dll [CHECK]AvctSerialViewerKO.dll [CHECK]AvctSerialViewerZH.dll [CHECK]AvctVideoViewer.exe [CHECK]AvctVideoViewerJA.dll [CHECK]AvctVideoViewerKO.dll [CHECK]AvctVideoViewerZH.dll [CHECK]AvctVirtualMedia.exe [CHECK]AvctVirtualMediaJA.dll [CHECK]AvctVirtualMediaKO.dll [CHECK]AvctVirtualMediaZH.dll [CHECK]avctVncViewer.exe [CHECK]avctVncViewerJA.dll [CHECK]avctVncViewerZH.dll [ESKIP]desktop.ini [CHECK]DynHTTP.dll [CHECK]erma.inf [CHECK]gpwsx.INF
[CHECK]gpwsx.ocx [CHECK]jinstall-1_4_2_19.inf [CHECK]JuniperExt.exe [CHECK]launchEXE.dll [CHECK]LegitCheckControl.inf [ESKIP]Microsoft XML Parser for Java.osd [CHECK]ViewerLauncher.inf [CHECK]vpclient.dll [CHECK]vpclient.exe [CHECK]vpfilexfer.dll
+----------------------------------------------|LSP Chain Information +-----------------------------------------------
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpac e_Catalog5\Catalog_Entries\000000000001 LibraryPath = [CACHE]%SystemRoot%\System32\mswsock.dll DisplayString = Tcpip
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpac e_Catalog5\Catalog_Entries\000000000002 LibraryPath = [CHECK]%SystemRoot%\System32\winrnr.dll DisplayString = NTDS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpac e_Catalog5\Catalog_Entries\000000000003
LibraryPath = [CACHE]%SystemRoot%\System32\mswsock.dll DisplayString = Network Location Awareness (NLA) Namespace
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000001 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000002 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000003 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000004 PackedCatalogItem = [CHECK]%SystemRoot%\system32\rsvpsp.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000005 PackedCatalogItem = [CACHE]%SystemRoot%\system32\rsvpsp.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000006 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000007 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000008 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000009 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000010 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000011 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000012 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000013 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000014 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000015 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000016 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000017 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000018 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000019 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000020 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000021 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000022 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000023 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_C atalog9\Catalog_Entries\000000000024 PackedCatalogItem = [CACHE]%SystemRoot%\system32\mswsock.dll
+----------------------------------------------|Network Status +-----------------------------------------------
ARP Table Internet Address Physical Address Type
[TCP] PSName: svchost.exe PID: 1216 State: Local: LISTENING moumoham:epmap
Remote:
0.0.0.0:39070
[TCP] PSName: [System] PID: 4 State: Local: Remote: LISTENING moumoham:microsoft-ds 0.0.0.0:2208
[TCP] PSName: Rtvscan.exe PID: 2776 State: Local: Remote: LISTENING moumoham:2967 0.0.0.0:45228
[TCP] PSName: java.exe PID: 1852 State: Local: Remote: LISTENING moumoham:3802 0.0.0.0:16567
[TCP] PSName: spoolsv.exe PID: 676 State: Local: Remote: LISTENING moumoham:6160 0.0.0.0:20492
[TCP] PSName: java.exe PID: 1852 State: Local: LISTENING moumoham:21100
Remote:
0.0.0.0:37107
[TCP] PSName: ccProxy.exe PID: 280 State: Local: Remote: LISTENING moumoham:1025 0.0.0.0:24637
[TCP] PSName: ccApp.exe PID: 812 State: Local: Remote: LISTENING moumoham:1027 0.0.0.0:8340
[TCP] PSName: alg.exe PID: 4368 State: Local: Remote: LISTENING moumoham:1041 0.0.0.0:37000
[TCP] PSName: java.exe PID: 1852 State: Local: Remote: ESTABLISHED moumoham:3803 localhost:3804
[TCP] PSName: java.exe PID: 1852 State: Local: ESTABLISHED moumoham:3804
Remote:
localhost:3803
[TCP] PSName: jqs.exe PID: 2632 State: Local: Remote: LISTENING moumoham:5152 0.0.0.0:61596
[TCP] PSName: jqs.exe PID: 2632 State: Local: Remote: CLOSE_WAIT moumoham:5152 localhost:3824
[TCP] PSName: java.exe PID: 1852 State: Local: Remote: LISTENING moumoham:21018 0.0.0.0:30929
[TCP] PSName: java.exe PID: 1852 State: Local: Remote: LISTENING moumoham:21235 0.0.0.0:12348
[TCP] PSName: [System] PID: 4 State: Local: LISTENING MOUMOHAM:netbios-ssn
Remote:
0.0.0.0:34922
[UDP] PSName: [System] PID: 4 State: Local: moumoham:microsoft-ds Remote: *.*.*.*:* [UDP] PSName: lsass.exe PID: 920 State: Local: moumoham:isakmp Remote: *.*.*.*:* [UDP] PSName: spoolsv.exe PID: 676 State: Local: moumoham:1028 Remote: *.*.*.*:* [UDP] PSName: svchost.exe PID: 1308 State: Local: moumoham:1043 Remote: *.*.*.*:* [UDP] PSName: lsass.exe PID: 920 State: Local: moumoham:4500
Remote: *.*.*.*:* [UDP] PSName: svchost.exe PID: 1308 State: Local: moumoham:ntp Remote: *.*.*.*:* [UDP] PSName: svchost.exe PID: 1308 State: Local: moumoham:1044 Remote: *.*.*.*:* [UDP] PSName: svchost.exe PID: 1308 State: Local: MOUMOHAM:ntp Remote: *.*.*.*:* [UDP] PSName: [System] PID: 4 State: Local: MOUMOHAM:netbios-ns Remote: *.*.*.*:* [UDP] PSName: [System] PID: 4 State: Local: MOUMOHAM:netbios-dgm
Remote: *.*.*.*:*
+----------------------------------------------|Rootkit Information +-----------------------------------------------
Service Win32 API Hook List (01450250) (0031) (80584d73-8a75e558) [ZwConnectPort] hooked by []. (0065) (805983a2-a8ead350) [ZwDeleteValueKey] hooked by [C:\Program Files\Symantec\SYMEVENT.SYS]. (0247) (8057fce0-a8ead580) [ZwSetValueKey] hooked by [C:\Program Files\Symantec\SYMEVENT.SYS].
Dump Hidden Driver TrueAPI No any hidden driver module found
Meanings of flags of hidden processes: Flag: 0x00000020 --- NOT_FOUND_BY_TrueSystemInformationAPI Flag: 0x00000010 --- NOT_FOUND_BY_SystemInformationAPI Flag: 0x00010000 --- NOT_FOUND_BY_TraverseHandleTable Flag: 0x00010000 --- NOT_FOUND_BY_TraverseHandleTable Flag: 0x00000001 --- NOT_FOUND_BY_ToolHelp
Dump Hidden Process Flag: 0x00000001, ProcessId: 0x00000004, ImageName: System, Filename:
+----------------------------------------------|Active Processes +-----------------------------------------------
Process:PID - Modules
SICWin.exe:1164 -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll
wmpenc.exe:4800 -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL
-[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\COMCTL32.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\setupapi.DLL -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\ws2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll
POWERPNT.EXE:4412 -[CACHE]C:\WINDOWS\system32\ntdll.dll
-[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\MSVCRT.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\Comctl32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\OLEAUT32.DLL -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll
-[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\System32\mswsock.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\System32\winrnr.dll -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\System32\CSCDLL.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\MSVFW32.dll -[CACHE]C:\WINDOWS\system32\AVIFIL32.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll
-[CACHE]C:\WINDOWS\system32\mlang.dll -[CACHE]C:\WINDOWS\system32\quartz.dll -[CACHE]C:\WINDOWS\system32\DDRAW.DLL -[CACHE]C:\WINDOWS\system32\DCIMAN32.dll -[CACHE]C:\WINDOWS\system32\devenum.dll -[CACHE]C:\WINDOWS\system32\D3DIM700.DLL -[CACHE]C:\WINDOWS\system32\wdmaud.drv -[CACHE]C:\WINDOWS\system32\msacm32.drv -[CACHE]C:\WINDOWS\system32\midimap.dll -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]C:\WINDOWS\system32\WMVCore.DLL -[CACHE]C:\WINDOWS\system32\WMASF.DLL -[CACHE]C:\WINDOWS\system32\sti.dll -[CACHE]C:\WINDOWS\system32\CFGMGR32.dll -[CACHE]C:\WINDOWS\system32\urlmon.dll
wmplayer.exe:4892 -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll
-[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\MSVFW32.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\MFPlat.DLL
-[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\wmvcore.dll -[CACHE]C:\WINDOWS\system32\WMASF.DLL -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\mlang.dll [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_xww_f0b4c2df\gdiplus.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\WINDOWS\system32\quartz.dll -[CACHE]C:\WINDOWS\system32\msdmo.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\l3codeca.acm -[CACHE]C:\WINDOWS\system32\devenum.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\wdmaud.drv -[CACHE]C:\WINDOWS\system32\ieframe.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\msacm32.drv -[CACHE]C:\WINDOWS\system32\midimap.dll
-[CACHE]C:\WINDOWS\system32\DSOUND.DLL -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\KsUser.dll -[CACHE]C:\WINDOWS\system32\urlmon.dll -[CACHE]C:\WINDOWS\system32\appHelp.dll -[CACHE]C:\WINDOWS\system32\mshtml.dll -[CACHE]C:\WINDOWS\system32\msls31.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\MSIMG32.dll -[CACHE]C:\WINDOWS\system32\wmpps.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\Program Files\Common Files\Nokia\Codecs\EmzAMRNBEnc.DLL -[CACHE]C:\Program Files\Common Files\Nokia\Codecs\EmzAMRWBEnc.DLL -[CACHE]C:\WINDOWS\system32\wmadmoe.dll -[CACHE]C:\Program Files\Common Files\Nokia\Codecs\EmzMP3EncDMO.DLL -[CACHE]C:\WINDOWS\system32\wmspdmoe.dll -[CACHE]C:\WINDOWS\system32\imaadp32.acm -[CACHE]C:\WINDOWS\system32\msadp32.acm -[CACHE]C:\WINDOWS\system32\msg711.acm -[CACHE]C:\WINDOWS\system32\msgsm32.acm -[CACHE]C:\WINDOWS\system32\tssoft32.acm -[CACHE]C:\WINDOWS\system32\tsd32.dll
-[CACHE]C:\WINDOWS\system32\msg723.acm -[CACHE]C:\WINDOWS\system32\msaud32.acm -[CACHE]C:\WINDOWS\system32\sl_anet.acm -[CACHE]C:\WINDOWS\system32\iac25_32.ax -[CACHE]C:\WINDOWS\system32\wmvdmoe.dll -[CACHE]C:\WINDOWS\system32\WMVXENCD.dll -[CACHE]C:\WINDOWS\system32\wmsdmoe.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\WMVSENCD.dll -[CACHE]C:\WINDOWS\system32\WMVENCOD.dll -[CACHE]C:\WINDOWS\system32\wmpencen.dll -[CACHE]C:\WINDOWS\system32\AVIFIL32.dll
java.exe:1852 -[CACHE]C:\Program Files\IBM\tivoli\dcd\client\ISSI\_jvm\jre\bin\java.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\MSVCRT.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll
-[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\System32\mswsock.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\System32\winrnr.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\rasadhlp.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll -[CACHE]C:\WINDOWS\system32\MFC42u.DLL -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\ATL.DLL -[CACHE]C:\WINDOWS\system32\rtutils.dll -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll
cmd.exe:2772
-[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll
SvcGuiHlpr.exe:6060 -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll
-[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSIMG32.dll -[CACHE]C:\WINDOWS\WinSxS\X86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\MPRAPI.dll -[CACHE]C:\WINDOWS\system32\ACTIVEDS.dll -[CACHE]C:\WINDOWS\system32\adsldpc.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\ATL.DLL -[CACHE]C:\WINDOWS\system32\rtutils.dll -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\RASAPI32.dll -[CACHE]C:\WINDOWS\system32\rasman.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\TAPI32.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\CFGMGR32.dll
-[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll
AcSvc.exe:4616 -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll
-[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\CFGMGR32.dll -[CACHE]C:\WINDOWS\system32\setupapi.dll -[CACHE]C:\WINDOWS\system32\RASAPI32.dll -[CACHE]C:\WINDOWS\system32\rasman.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\TAPI32.dll -[CACHE]C:\WINDOWS\system32\rtutils.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll
-[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACNewBiosHelper.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\tpwrpc.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\COMDLG32.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll
-[CACHE]C:\WINDOWS\system32\OLEACC.dll -[CACHE]C:\WINDOWS\system32\MSDART.DLL -[CACHE]C:\Program Files\Common Files\System\Ole DB\oledb32.dll -[CACHE]C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL -[CACHE]C:\WINDOWS\system32\ODBC32.dll -[CACHE]C:\WINDOWS\system32\odbcint.dll -[CACHE]C:\WINDOWS\system32\DHCPCSVC.DLL
igfxsrvc.exe:360 -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll
-[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\winspool.drv
AvaFind.EXE:5912 -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\version.dll -[CACHE]C:\WINDOWS\system32\shell32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll
-[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\oleaut32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.DLL -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\appHelp.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\System32\cscui.dll -[CACHE]C:\WINDOWS\System32\CSCDLL.dll -[CACHE]C:\WINDOWS\system32\LINKINFO.dll -[CACHE]C:\WINDOWS\system32\ntshrui.dll -[CACHE]C:\WINDOWS\system32\ATL.DLL
-[CACHE]C:\WINDOWS\system32\NETAPI32.dll [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_xww_e6967989\MSVCR80.dll -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\urlmon.dll -[CACHE]C:\WINDOWS\system32\ieframe.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\Program Files\Lenovo\HOTKEY\hkvolkey.dll -[CACHE]C:\WINDOWS\system32\SHDOCVW.dll -[CACHE]C:\WINDOWS\system32\CRYPTUI.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\ws2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]C:\WINDOWS\system32\MLANG.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\browseui.dll -[CACHE]C:\WINDOWS\system32\shimgvw.dll
[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_xww_f0b4c2df\gdiplus.dll -[CACHE]C:\WINDOWS\system32\mscms.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV
alg.exe:4368 -[CACHE]C:\WINDOWS\System32\alg.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\System32\ATL.DLL -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\System32\WSOCK32.dll -[CACHE]C:\WINDOWS\System32\WS2_32.dll -[CACHE]C:\WINDOWS\System32\WS2HELP.dll -[CACHE]C:\WINDOWS\System32\MSWSOCK.DLL -[CACHE]C:\WINDOWS\System32\ShimEng.dll -[CACHE]C:\WINDOWS\System32\WINMM.dll -[CACHE]C:\WINDOWS\System32\MSACM32.dll
-[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\System32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\System32\LPK.DLL -[CACHE]C:\WINDOWS\System32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\System32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\System32\COMRes.dll -[CACHE]C:\WINDOWS\System32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll
wmiprvse.exe:2160 -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll
-[CACHE]C:\WINDOWS\system32\wbem\wbemcomn.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\wbem\FastProx.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\NTDSAPI.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll
-[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemsvc.dll -[CACHE]C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll -[CACHE]C:\WINDOWS\system32\OLEACC.dll -[CACHE]C:\WINDOWS\system32\MSDART.DLL -[CACHE]C:\Program Files\Common Files\System\Ole DB\oledb32.dll -[CACHE]C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL -[CACHE]C:\WINDOWS\system32\odbcint.dll -[CACHE]C:\WINDOWS\system32\odbccp32.dll
ldlcserv.exe:3828 -[CACHE]C:\WINDOWS\system32\Drivers\ldlcserv.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll
-[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll
TpKmpSVC.exe:1944 -[CACHE]C:\WINDOWS\system32\TpKmpSVC.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll
TPHDEXLG.exe:3008 -[CACHE]C:\WINDOWS\System32\TPHDEXLG.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll
-[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\System32\LPK.DLL -[CACHE]C:\WINDOWS\System32\USP10.dll -[CACHE]C:\WINDOWS\System32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\System32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll
SymSPort.exe:3004 -[CACHE]C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll
-[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\Crypt32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\WinTrust.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\userenv.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL
-[CACHE]C:\WINDOWS\system32\wbem\wbemprox.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemcomn.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemsvc.dll -[CACHE]C:\WINDOWS\system32\wbem\fastprox.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\NTDSAPI.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll
Rtvscan.exe:2776 -[CACHE]C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll
-[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\MSWSOCK.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\ACTIVEDS.dll -[CACHE]C:\WINDOWS\system32\adsldpc.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\ATL.DLL -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\WTSAPI32.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccL40.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll
-[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemprox.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemcomn.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemsvc.dll -[CACHE]C:\WINDOWS\system32\wbem\fastprox.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\NTDSAPI.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll -[CACHE]C:\WINDOWS\System32\winrnr.dll -[CACHE]C:\WINDOWS\system32\rasadhlp.dll -[CACHE]C:\WINDOWS\system32\msv1_0.dll -[CACHE]C:\WINDOWS\system32\cryptdll.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\WININET.dll
-[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\RASAPI32.dll -[CACHE]C:\WINDOWS\system32\rasman.dll -[CACHE]C:\WINDOWS\system32\TAPI32.dll -[CACHE]C:\WINDOWS\system32\rtutils.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\sensapi.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll
svchost.exe:2664 -[CACHE]C:\WINDOWS\system32\svchost.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll
-[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]c:\windows\system32\wiaservc.dll -[CACHE]c:\windows\system32\CFGMGR32.dll -[CACHE]c:\windows\system32\setupapi.DLL -[CACHE]c:\windows\system32\mscms.dll -[CACHE]c:\windows\system32\WINSPOOL.DRV -[CACHE]c:\windows\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll
-[CACHE]C:\WINDOWS\system32\sti.dll
sftvsa.exe:2564 -[CACHE]C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll
SavRoam.exe:356
-[CACHE]c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\CBA.DLL -[CACHE]C:\WINDOWS\system32\MsgSys.dll -[CACHE]C:\WINDOWS\system32\NTS.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll
-[CACHE]C:\WINDOWS\system32\MSWSOCK.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\PDS.DLL -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\wininet.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]c:\program files\common files\symantec shared\ssc\ScsComms.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\System32\winrnr.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\rasadhlp.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll
RegSrvc.exe:4032 -[CACHE]C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll
-[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\system32\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll
NetCfgSv.EXE:2468 -[CACHE]C:\Program Files\AT&T Network Client\NetCfgSv.EXE -[CACHE]C:\WINDOWS\system32\ntdll.dll
-[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\CFGMGR32.dll -[CACHE]C:\WINDOWS\system32\setupapi.dll -[CACHE]C:\WINDOWS\system32\RASAPI32.dll -[CACHE]C:\WINDOWS\system32\rasman.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\TAPI32.dll -[CACHE]C:\WINDOWS\system32\rtutils.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHFOLDER.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\MFC71.DLL -[CACHE]C:\WINDOWS\system32\SHELL32.dll
-[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_xww_e6967989\MSVCP80.dll [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_xww_e6967989\MSVCR80.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\MPRAPI.dll -[CACHE]C:\WINDOWS\system32\ACTIVEDS.dll -[CACHE]C:\WINDOWS\system32\adsldpc.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\ATL.DLL -[CACHE]C:\WINDOWS\system32\SAMLIB.dll
nsd.exe:3096 -[CACHE]c:\notes\nsd.exe
-[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\psapi.dll
jqs.exe:2632
-[CACHE]C:\Program Files\IBM\Java60\jre\bin\jqs.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\psapi.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\system32\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\ODBC32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll
-[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\odbcint.dll -[CACHE]C:\WINDOWS\system32\mswsock.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll
issimsvc.exe:2448 -[CACHE]c:\sdwork\issimsvc.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\RASAPI32.dll -[CACHE]C:\WINDOWS\system32\rasman.dll
-[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\TAPI32.dll -[CACHE]C:\WINDOWS\system32\rtutils.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\wtsapi32.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\msv1_0.dll -[CACHE]C:\WINDOWS\system32\cryptdll.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\System32\mswsock.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\System32\winrnr.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\rasadhlp.dll
DefWatch.exe:4088 -[CACHE]C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
-[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccL40.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll
-[CACHE]C:\WINDOWS\system32\userenv.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL
CDSWinSrv.exe:4076 -[CACHE]C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL
-[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\mswsock.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\System32\winrnr.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\rasadhlp.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll
acs.exe:3964 -[CACHE]C:\WINDOWS\system32\acs.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\CFGMGR32.dll -[CACHE]C:\WINDOWS\system32\setupapi.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll
-[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\MFC42u.DLL -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\pdh.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\WinSxS\X86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\ODBC32.dll -[CACHE]C:\WINDOWS\system32\odbcbcp.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\odbcint.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll
-[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\MFC71U.DLL -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\WINDOWS\system32\WTSAPI32.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll
AcPrfMgrSvc.exe:3880 -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll
-[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\CFGMGR32.dll -[CACHE]C:\WINDOWS\system32\setupapi.dll -[CACHE]C:\WINDOWS\system32\RASAPI32.dll -[CACHE]C:\WINDOWS\system32\rasman.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\TAPI32.dll -[CACHE]C:\WINDOWS\system32\rtutils.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll
-[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACNewBiosHelper.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\tpwrpc.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll
PCS_AGNT.EXE:3644 -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\MSVCRT.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV
-[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\MFC42.DLL -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\ole32.dll
TPHKSVC.exe:3448 -[CACHE]C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\WTSAPI32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll
-[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll -[CACHE]C:\WINDOWS\system32\msv1_0.dll -[CACHE]C:\WINDOWS\system32\cryptdll.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll
-[CACHE]C:\WINDOWS\system32\WS2HELP.dll
ObjectDock.exe:3384 -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\ObjectDock.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_xww_f0b4c2df\gdiplus.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL
-[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\appHelp.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\System32\cscui.dll -[CACHE]C:\WINDOWS\System32\CSCDLL.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll -[CACHE]C:\WINDOWS\system32\mscms.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\MsImg32.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\ntshrui.dll -[CACHE]C:\WINDOWS\system32\ATL.DLL -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\psapi.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\imagehlp.dll -[CACHE]C:\WINDOWS\system32\Wintrust.dll
-[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\cryptnet.dll -[CACHE]C:\WINDOWS\system32\SensApi.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_xww_e6967989\MSVCR80.dll
wweb32.exe:3332 -[CACHE]C:\Program Files\WordWeb\wweb32.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\advapi32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\user32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\oleaut32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\version.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\winspool.drv -[CACHE]C:\WINDOWS\system32\shell32.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll
-[CACHE]C:\WINDOWS\system32\winmm.dll -[CACHE]C:\WINDOWS\system32\oleacc.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\Program Files\Lenovo\HOTKEY\hkvolkey.dll
svchost.exe:3228 -[CACHE]C:\WINDOWS\system32\svchost.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll
-[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]c:\windows\system32\webclnt.dll -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll
-[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]c:\windows\system32\WS2_32.dll -[CACHE]c:\windows\system32\WS2HELP.dll
FClock.exe:2816 -[CACHE]C:\Documents and Settings\Administrator\My Documents\Mohsin\downloads\FClock.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\user32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\advapi32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\oleaut32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\version.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\winspool.drv -[CACHE]C:\WINDOWS\system32\shell32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll
-[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll -[CACHE]C:\Program Files\Lenovo\HOTKEY\hkvolkey.dll
ctfmon.exe:2704 -[CACHE]C:\WINDOWS\system32\ctfmon.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll
-[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime
ACTray.exe:2544 -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll
-[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MFC71U.DLL -[CACHE]C:\WINDOWS\system32\MSIMG32.dll -[CACHE]C:\WINDOWS\WinSxS\X86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\Res\US\GUIHlprRes.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll
isamtray.exe:2372 -[CACHE]C:\Program Files\c4ebreg\isamtray.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll
-[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\WinSxS\X86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\urlmon.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL
-[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\wtsapi32.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\mshtml.dll -[CACHE]C:\WINDOWS\system32\msls31.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\msimtf.dll -[CACHE]C:\WINDOWS\system32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\SAMLIB.dll
pmonmh.exe:2288 -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll
-[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll
TpScrex.exe:2224 -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\DDRAW.dll -[CACHE]C:\WINDOWS\system32\DCIMAN32.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL
-[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll
TpShocks.exe:2164 -[CACHE]C:\WINDOWS\system32\TpShocks.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll
-[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll
TPONSCR.exe:2168 -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
-[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll
TPOSDSVC.exe:2080 -[CACHE]C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\IMM32.dll -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\wtsapi32.dll
-[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\urlmon.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll -[CACHE]C:\Program Files\Lenovo\HOTKEY\hkvolkey.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\wdmaud.drv -[CACHE]C:\WINDOWS\system32\msacm32.drv -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\midimap.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll
SynTPEnh.exe:1960 -[CACHE]C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
-[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll
-[CACHE]C:\WINDOWS\system32\urlmon.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll
SynTPLpr.exe:1604 -[CACHE]C:\Program Files\Synaptics\SynTP\SynTPLpr.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\ole32.dll
-[CACHE]C:\WINDOWS\system32\MSCTF.dll
smax4pnp.exe:1592 -[CACHE]C:\Program Files\Analog Devices\Core\smax4pnp.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\MFC42.DLL -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime
-[CACHE]C:\WINDOWS\system32\DSound.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\wdmaud.drv -[CACHE]C:\WINDOWS\system32\msacm32.drv -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\midimap.dll -[CACHE]C:\WINDOWS\system32\KsUser.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll
VPTray.exe:1180 -[CACHE]C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll
-[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccL40.dll -[CACHE]C:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\Crypt32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\WinTrust.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\userenv.dll
-[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccProSub.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]C:\WINDOWS\system32\shfolder.dll -[CACHE]C:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVNTUTL.DLL -[CACHE]C:\WINDOWS\system32\SFC.DLL -[CACHE]C:\WINDOWS\system32\sfc_os.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccSet.dll -[CACHE]C:\WINDOWS\system32\MSWSOCK.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll
ccApp.exe:812 -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccApp.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll
-[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccL40.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\DBGHELP.DLL -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\WinTrust.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll
-[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\userenv.dll -[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccSet.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\WINDOWS\system32\MSWSOCK.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SymNeti.DLL -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccProSub.dll -[CACHE]C:\WINDOWS\system32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\System32\winrnr.dll
-[CACHE]C:\WINDOWS\system32\rasadhlp.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll
tpam.exe:572 -[CACHE]C:\Program Files\IBM\Personal Communications\tpam.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\MSVCRT.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll
Explorer.EXE:1836 -[CACHE]C:\WINDOWS\Explorer.EXE
-[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\BROWSEUI.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\SHDOCVW.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\CRYPTUI.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll
-[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\appHelp.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\System32\cscui.dll -[CACHE]C:\WINDOWS\System32\CSCDLL.dll -[CACHE]C:\WINDOWS\system32\MSIMG32.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]C:\WINDOWS\system32\LINKINFO.dll -[CACHE]C:\WINDOWS\system32\ntshrui.dll -[CACHE]C:\WINDOWS\system32\ATL.DLL -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\ieframe.dll
-[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\urlmon.dll -[CACHE]C:\WINDOWS\system32\mshtml.dll -[CACHE]C:\WINDOWS\system32\msls31.dll -[CACHE]C:\WINDOWS\system32\ws2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\MSCTF.dll -[CACHE]C:\WINDOWS\system32\SynTPFcs.dll -[CACHE]C:\WINDOWS\system32\POWRPROF.DLL -[CACHE]C:\WINDOWS\system32\MLANG.dll -[CACHE]C:\WINDOWS\System32\drprov.dll -[CACHE]C:\WINDOWS\System32\ntlanman.dll -[CACHE]C:\WINDOWS\System32\NETUI0.dll -[CACHE]C:\WINDOWS\System32\NETUI1.dll -[CACHE]C:\WINDOWS\System32\NETRAP.dll -[CACHE]C:\WINDOWS\System32\davclnt.dll -[CACHE]C:\Documents and Settings\Administrator\My Documents\Official\ObjectDock\DockShellHook.dll -[CACHE]C:\WINDOWS\system32\wdmaud.drv -[CACHE]C:\WINDOWS\system32\msacm32.drv -[CACHE]C:\WINDOWS\system32\midimap.dll -[CACHE]C:\WINDOWS\system32\RASAPI32.dll -[CACHE]C:\WINDOWS\system32\rasman.dll
-[CACHE]C:\WINDOWS\system32\TAPI32.dll -[CACHE]C:\WINDOWS\system32\rtutils.dll -[CACHE]C:\WINDOWS\system32\msv1_0.dll -[CACHE]C:\WINDOWS\system32\cryptdll.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\sensapi.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\webcheck.dll -[CACHE]C:\WINDOWS\system32\stobject.dll -[CACHE]C:\WINDOWS\system32\WTSAPI32.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\msimtf.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\Program Files\Lenovo\HOTKEY\hkvolkey.dll -[CACHE]C:\WINDOWS\system32\wmvcore.dll -[CACHE]C:\WINDOWS\system32\WMASF.DLL [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_xww_f0b4c2df\gdiplus.dll -[CACHE]C:\WINDOWS\system32\mscms.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_xww_e6967989\MSVCR80.dll -[CACHE]C:\WINDOWS\system32\igfxsrvc.dll -[CACHE]C:\WINDOWS\system32\MSGINA.dll
-[CACHE]C:\WINDOWS\system32\ODBC32.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\system32\odbcint.dll -[CACHE]C:\WINDOWS\system32\wbtapi.dll -[CACHE]C:\WINDOWS\system32\MFC42.DLL -[CACHE]C:\WINDOWS\system32\btosif.dll -[CACHE]C:\WINDOWS\system32\OLEPRO32.DLL -[CACHE]C:\WINDOWS\system32\RICHED20.dll -[CACHE]C:\WINDOWS\system32\DDRAW.dll -[CACHE]C:\WINDOWS\system32\DCIMAN32.dll -[CACHE]C:\WINDOWS\system32\jscript.dll [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_xww_e6967989\MSVCP80.dll -[CACHE]C:\WINDOWS\system32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\icm32.dll -[CACHE]C:\WINDOWS\system32\wmp.dll -[CACHE]C:\WINDOWS\system32\MSVFW32.dll -[CACHE]C:\WINDOWS\system32\dbghelp.dll -[CACHE]C:\WINDOWS\system32\wmploc.dll -[CACHE]C:\WINDOWS\system32\wmpps.dll [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_xww_d495ac4e\MSVCR90.dll [CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_xww_d495ac4e\MSVCP90.dll -[CACHE]C:\Program Files\WinRAR\rarext.dll
-[CACHE]C:\Program Files\Notepad++\NppShell_01.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\DWRCSh32.DLL -[CACHE]C:\WINDOWS\system32\actxprxy.dll
spoolsv.exe:676 -[CACHE]C:\WINDOWS\system32\spoolsv.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll
-[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\rasadhlp.dll -[CACHE]C:\WINDOWS\system32\sfc_os.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\winspool.drv -[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\WINDOWS\system32\WidcommSdk.dll -[CACHE]C:\WINDOWS\system32\wbtapi.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\MFC42.DLL -[CACHE]C:\WINDOWS\system32\MSVCP60.dll
-[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\system32\mswsock.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll -[CACHE]C:\WINDOWS\System32\winrnr.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\NETRAP.dll -[CACHE]C:\WINDOWS\system32\NTDSAPI.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime
SNDSrvc.exe:464 -[CACHE]C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll
-[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\RASAPI32.DLL -[CACHE]C:\WINDOWS\system32\rasman.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\TAPI32.dll -[CACHE]C:\WINDOWS\system32\rtutils.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\SymNeti.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll
-[CACHE]C:\WINDOWS\system32\userenv.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\MPRAPI.dll -[CACHE]C:\WINDOWS\system32\ACTIVEDS.dll -[CACHE]C:\WINDOWS\system32\adsldpc.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\ATL.DLL -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL
ISSVC.exe:320 -[CACHE]C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\SymNeti.DLL -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll
-[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccL40.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\DBGHELP.DLL -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\Crypt32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\WinTrust.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll
-[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\userenv.dll -[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccSet.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccProSub.dll
ccProxy.exe:280 -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\SYMREDIR.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll
-[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\SymNeti.DLL -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccL40.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\DBGHELP.DLL -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\mswsock.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\Crypt32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\WinTrust.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll
-[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\userenv.dll -[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccProSub.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccLogin.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
ccEvtMgr.exe:2024 -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll
-[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccL40.dll -[CACHE]C:\WINDOWS\system32\DBGHELP.DLL -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\Crypt32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\WinTrust.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\userenv.dll -[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccSet.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll
-[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\SymNeti.DLL -[CACHE]C:\Program Files\Symantec Client Security\Symantec Client Firewall\NisEvt.dll -[CACHE]C:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliproxy.dll -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]C:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVNTUTL.DLL -[CACHE]c:\program files\common files\symantec shared\ssc\ScsComms.dll -[CACHE]C:\WINDOWS\system32\nts.dll -[CACHE]C:\WINDOWS\system32\MSWSOCK.dll -[CACHE]C:\WINDOWS\system32\cba.dll -[CACHE]C:\WINDOWS\system32\MsgSys.dll -[CACHE]C:\WINDOWS\system32\PDS.DLL
ccSetMgr.exe:1976 -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll
-[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccL40.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\DBGHELP.DLL -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\Crypt32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\WinTrust.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll
-[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\userenv.dll -[CACHE]C:\WINDOWS\system32\netapi32.dll -[CACHE]C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
svchost.exe:1804 -[CACHE]C:\WINDOWS\system32\svchost.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll
-[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]c:\windows\system32\lmhsvc.dll -[CACHE]c:\windows\system32\iphlpapi.dll -[CACHE]c:\windows\system32\WS2_32.dll -[CACHE]c:\windows\system32\WS2HELP.dll -[CACHE]c:\windows\system32\regsvc.dll
svchost.exe:1740 -[CACHE]C:\WINDOWS\system32\svchost.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll
-[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]c:\windows\system32\dnsrslvr.dll -[CACHE]c:\windows\system32\DNSAPI.dll -[CACHE]c:\windows\system32\WS2_32.dll -[CACHE]c:\windows\system32\WS2HELP.dll -[CACHE]c:\windows\system32\iphlpapi.dll
S24EvMon.exe:1700 -[CACHE]C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\Program Files\Intel\WiFi\bin\IntStngs.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\system32\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\NETAPI32.dll
-[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL -[CACHE]C:\WINDOWS\system32\OLEACC.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll -[CACHE]C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\wtsapi32.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\CLUSAPI.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\USERENV.dll
-[CACHE]C:\WINDOWS\system32\WinSCard.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\Program Files\Common Files\System\ado\msado15.dll -[CACHE]C:\WINDOWS\system32\MSDART.DLL -[CACHE]C:\Program Files\Common Files\System\Ole DB\oledb32.dll -[CACHE]C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL -[CACHE]C:\Program Files\Common Files\System\Ole DB\msdasql.dll -[CACHE]C:\Program Files\Common Files\System\Ole DB\MSDATL3.dll -[CACHE]C:\WINDOWS\system32\ODBC32.dll -[CACHE]C:\WINDOWS\system32\odbcint.dll -[CACHE]C:\Program Files\Common Files\System\Ole DB\MSDASQLR.DLL -[CACHE]C:\WINDOWS\system32\comsvcs.dll -[CACHE]C:\WINDOWS\system32\colbact.DLL -[CACHE]C:\WINDOWS\system32\MTXCLU.DLL -[CACHE]C:\WINDOWS\system32\RESUTILS.DLL -[CACHE]C:\WINDOWS\system32\odbcjt32.dll -[CACHE]C:\WINDOWS\system32\msjet40.dll -[CACHE]C:\WINDOWS\system32\mswstr10.dll -[CACHE]C:\WINDOWS\system32\odbcji32.dll -[CACHE]C:\WINDOWS\system32\msjter40.dll -[CACHE]C:\WINDOWS\system32\MSJINT40.DLL -[CACHE]C:\WINDOWS\system32\odbccp32.dll -[CACHE]C:\Program Files\Common Files\System\msadc\msadce.dll -[CACHE]C:\Program Files\Common Files\System\msadc\msadcer.dll
-[CACHE]C:\WINDOWS\system32\msv1_0.dll -[CACHE]C:\WINDOWS\system32\cryptdll.dll -[CACHE]C:\WINDOWS\system32\msi.dll -[CACHE]C:\WINDOWS\system32\SXS.DLL
svchost.exe:1388 -[CACHE]C:\WINDOWS\system32\svchost.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll
-[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]c:\windows\system32\wudfsvc.dll -[CACHE]c:\windows\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll
Ati2evxx.exe:1380 -[CACHE]C:\WINDOWS\system32\Ati2evxx.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll
-[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\wtsapi32.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\userenv.dll -[CACHE]C:\WINDOWS\system32\powrprof.dll -[CACHE]C:\WINDOWS\system32\psapi.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\msv1_0.dll -[CACHE]C:\WINDOWS\system32\cryptdll.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\ati2evxx.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll
btwdins.exe:1336 -[CACHE]C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll
-[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll
svchost.exe:1308 -[CACHE]C:\WINDOWS\System32\svchost.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\System32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\System32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\System32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\System32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\System32\LPK.DLL -[CACHE]C:\WINDOWS\System32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
-[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\System32\NTMARTA.DLL -[CACHE]C:\WINDOWS\System32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\System32\xpsp2res.dll -[CACHE]c:\windows\system32\shsvcs.dll -[CACHE]C:\WINDOWS\System32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\System32\rsaenh.dll -[CACHE]c:\windows\system32\dhcpcsvc.dll -[CACHE]c:\windows\system32\DNSAPI.dll -[CACHE]c:\windows\system32\WS2_32.dll -[CACHE]c:\windows\system32\WS2HELP.dll -[CACHE]c:\windows\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\mswsock.dll -[CACHE]C:\WINDOWS\System32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll -[CACHE]c:\windows\system32\wzcsvc.dll -[CACHE]c:\windows\system32\rtutils.dll -[CACHE]c:\windows\system32\WMI.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]c:\windows\system32\ATL.DLL -[CACHE]c:\windows\system32\MSVCP60.dll -[CACHE]c:\windows\system32\dot3api.dll
-[CACHE]c:\windows\system32\WTSAPI32.dll -[CACHE]c:\windows\system32\irmon.dll -[CACHE]C:\WINDOWS\system32\msv1_0.dll -[CACHE]C:\WINDOWS\System32\cryptdll.dll -[CACHE]C:\WINDOWS\System32\wshirda.dll -[CACHE]C:\WINDOWS\System32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\System32\COMRes.dll -[CACHE]C:\WINDOWS\system32\CRYPTUI.dll -[CACHE]C:\WINDOWS\system32\WININET.dll -[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\System32\MPRAPI.dll -[CACHE]C:\WINDOWS\System32\ACTIVEDS.dll -[CACHE]C:\WINDOWS\System32\adsldpc.dll -[CACHE]C:\WINDOWS\System32\SETUPAPI.dll -[CACHE]C:\WINDOWS\System32\RASAPI32.dll -[CACHE]C:\WINDOWS\System32\rasman.dll -[CACHE]C:\WINDOWS\System32\TAPI32.dll -[CACHE]C:\WINDOWS\System32\WinSCard.dll -[CACHE]C:\WINDOWS\System32\PSAPI.DLL -[CACHE]c:\windows\system32\schedsvc.dll -[CACHE]c:\windows\system32\NTDSAPI.dll -[CACHE]c:\windows\system32\audiosrv.dll
-[CACHE]c:\windows\system32\wkssvc.dll -[CACHE]c:\windows\system32\qmgr.dll -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]c:\windows\system32\SHFOLDER.dll -[CACHE]c:\windows\system32\WINHTTP.dll -[CACHE]c:\windows\system32\cryptsvc.dll -[CACHE]c:\windows\system32\dmserver.dll -[CACHE]c:\windows\system32\es.dll -[CACHE]C:\WINDOWS\System32\netman.dll -[CACHE]C:\WINDOWS\System32\netshell.dll -[CACHE]C:\WINDOWS\System32\credui.dll -[CACHE]C:\WINDOWS\System32\dot3dlg.dll -[CACHE]C:\WINDOWS\System32\OneX.DLL -[CACHE]C:\WINDOWS\System32\eappcfg.dll -[CACHE]C:\WINDOWS\System32\eappprxy.dll -[CACHE]C:\WINDOWS\System32\WZCSAPI.DLL -[CACHE]C:\WINDOWS\System32\rasmans.dll -[CACHE]C:\WINDOWS\System32\Sens.dll -[CACHE]C:\WINDOWS\System32\netcfgx.dll -[CACHE]C:\WINDOWS\System32\CLUSAPI.dll -[CACHE]c:\windows\pchealth\helpctr\binaries\pchsvc.dll -[CACHE]c:\windows\system32\srvsvc.dll -[CACHE]c:\windows\system32\seclogon.dll -[CACHE]c:\windows\system32\srsvc.dll -[CACHE]c:\windows\system32\POWRPROF.dll
-[CACHE]c:\windows\system32\trkwks.dll -[CACHE]c:\windows\system32\w32time.dll -[CACHE]c:\windows\system32\wuauserv.dll -[CACHE]C:\WINDOWS\System32\WINSPOOL.DRV -[CACHE]c:\windows\system32\browser.dll -[CACHE]c:\windows\system32\wbem\wmisvc.dll -[CACHE]C:\WINDOWS\System32\SXS.DLL -[CACHE]C:\WINDOWS\system32\comsvcs.dll -[CACHE]C:\WINDOWS\system32\colbact.DLL -[CACHE]C:\WINDOWS\system32\MTXCLU.DLL -[CACHE]C:\WINDOWS\system32\WSOCK32.dll -[CACHE]C:\WINDOWS\System32\RESUTILS.DLL -[CACHE]C:\WINDOWS\System32\sfc.dll -[CACHE]C:\WINDOWS\System32\sfc_os.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll -[CACHE]c:\windows\system32\ipnathlp.dll -[CACHE]c:\windows\system32\wscsvc.dll -[CACHE]c:\windows\system32\msi.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemcomn.dll -[CACHE]C:\WINDOWS\System32\Wbem\esscli.dll -[CACHE]C:\WINDOWS\System32\Wbem\FastProx.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemsvc.dll -[CACHE]C:\WINDOWS\system32\wbem\wmiutils.dll -[CACHE]C:\WINDOWS\system32\NCObjAPI.DLL -[CACHE]c:\windows\system32\tapisrv.dll
-[CACHE]C:\WINDOWS\System32\rasadhlp.dll -[CACHE]C:\WINDOWS\System32\HID.DLL -[CACHE]C:\WINDOWS\System32\RASDLG.dll
svchost.exe:1216 -[CACHE]C:\WINDOWS\system32\svchost.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll
-[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]c:\windows\system32\rpcss.dll -[CACHE]c:\windows\system32\WS2_32.dll -[CACHE]c:\windows\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\mswsock.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\System32\winrnr.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\rasadhlp.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\msi.dll
svchost.exe:1136 -[CACHE]C:\WINDOWS\system32\svchost.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll
-[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\SAMLIB.dll
-[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]c:\windows\system32\rpcss.dll -[CACHE]c:\windows\system32\WS2_32.dll -[CACHE]c:\windows\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]c:\windows\system32\termsrv.dll -[CACHE]c:\windows\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]c:\windows\system32\AUTHZ.dll -[CACHE]c:\windows\system32\ACTIVEDS.dll -[CACHE]c:\windows\system32\adsldpc.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]c:\windows\system32\ATL.DLL -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll -[CACHE]C:\WINDOWS\system32\WTSAPI32.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\msv1_0.dll -[CACHE]C:\WINDOWS\system32\cryptdll.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll
-[CACHE]C:\WINDOWS\system32\msi.dll
Ati2evxx.exe:1108 -[CACHE]C:\WINDOWS\system32\Ati2evxx.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\wtsapi32.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\userenv.dll -[CACHE]C:\WINDOWS\system32\powrprof.dll -[CACHE]C:\WINDOWS\system32\psapi.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\msv1_0.dll
-[CACHE]C:\WINDOWS\system32\cryptdll.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\Ati2edxx.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll
ibmpmsvc.exe:1076 -[CACHE]C:\WINDOWS\system32\ibmpmsvc.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll
lsass.exe:920 -[CACHE]C:\WINDOWS\system32\lsass.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll
-[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\NTDSAPI.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\cryptdll.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\AppPatch\AcGenral.DLL -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll
-[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\UxTheme.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\comctl32.dll -[CACHE]C:\WINDOWS\system32\kerberos.dll -[CACHE]C:\WINDOWS\system32\msv1_0.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\w32time.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\schannel.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\wdigest.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll -[CACHE]C:\WINDOWS\system32\MSVCP71.dll -[CACHE]C:\WINDOWS\system32\MSVCR71.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll -[CACHE]C:\WINDOWS\system32\WININET.dll
-[CACHE]C:\WINDOWS\system32\Normaliz.dll -[CACHE]C:\WINDOWS\system32\iertutil.dll -[CACHE]C:\WINDOWS\system32\CFGMGR32.dll -[CACHE]C:\WINDOWS\system32\RASAPI32.dll -[CACHE]C:\WINDOWS\system32\rasman.dll -[CACHE]C:\WINDOWS\system32\TAPI32.dll -[CACHE]C:\WINDOWS\system32\rtutils.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\ACNewBiosHelper.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll -[CACHE]C:\WINDOWS\system32\AUTHZ.dll -[CACHE]C:\WINDOWS\system32\WINIPSEC.DLL -[CACHE]C:\WINDOWS\system32\mswsock.dll -[CACHE]C:\WINDOWS\system32\hnetcfg.dll -[CACHE]C:\WINDOWS\System32\wshtcpip.dll
services.exe:908 -[CACHE]C:\WINDOWS\system32\services.exe -[CACHE]C:\WINDOWS\system32\ntdll.dll -[CACHE]C:\WINDOWS\system32\kernel32.dll
-[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\NCObjAPI.DLL -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\AUTHZ.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\ShimEng.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\wtsapi32.dll
winlogon.exe:864 -[CACHE]C:\WINDOWS\system32\ntdll.dll
-[CACHE]C:\WINDOWS\system32\kernel32.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\AUTHZ.dll -[CACHE]C:\WINDOWS\system32\msvcrt.dll -[CACHE]C:\WINDOWS\system32\CRYPT32.dll -[CACHE]C:\WINDOWS\system32\MSASN1.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\NETAPI32.dll -[CACHE]C:\WINDOWS\system32\USERENV.dll -[CACHE]C:\WINDOWS\system32\PSAPI.DLL -[CACHE]C:\WINDOWS\system32\REGAPI.dll -[CACHE]C:\WINDOWS\system32\SETUPAPI.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll -[CACHE]C:\WINDOWS\system32\WINSTA.dll -[CACHE]C:\WINDOWS\system32\WINTRUST.dll -[CACHE]C:\WINDOWS\system32\IMAGEHLP.dll -[CACHE]C:\WINDOWS\system32\WS2_32.dll -[CACHE]C:\WINDOWS\system32\WS2HELP.dll -[CACHE]C:\WINDOWS\system32\IMM32.DLL -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\MSGINA.dll
-[CACHE]C:\WINDOWS\system32\COMCTL32.dll -[CACHE]C:\WINDOWS\system32\ODBC32.dll -[CACHE]C:\WINDOWS\system32\comdlg32.dll -[CACHE]C:\WINDOWS\system32\SHELL32.dll -[CACHE]C:\WINDOWS\system32\SHLWAPI.dll -[CACHE]C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CommonControls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll -[CACHE]C:\WINDOWS\system32\odbcint.dll -[CACHE]C:\WINDOWS\system32\SHSVCS.dll -[CACHE]C:\WINDOWS\system32\sfc.dll -[CACHE]C:\WINDOWS\system32\sfc_os.dll -[CACHE]C:\WINDOWS\system32\ole32.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll -[CACHE]C:\WINDOWS\system32\msctfime.ime -[CACHE]C:\WINDOWS\system32\WINSCARD.DLL -[CACHE]C:\WINDOWS\system32\WTSAPI32.dll -[CACHE]C:\WINDOWS\system32\sxs.dll -[CACHE]C:\WINDOWS\system32\WINMM.dll -[CACHE]C:\WINDOWS\system32\uxtheme.dll -[CACHE]C:\WINDOWS\system32\Ati2evxx.dll -[CACHE]C:\WINDOWS\system32\cscdll.dll -[CACHE]C:\WINDOWS\system32\rsaenh.dll -[CACHE]C:\WINDOWS\system32\WlNotify.dll -[CACHE]C:\WINDOWS\system32\MPR.dll -[CACHE]C:\WINDOWS\system32\WINSPOOL.DRV -[CACHE]C:\WINDOWS\system32\msv1_0.dll
-[CACHE]C:\WINDOWS\system32\cryptdll.dll -[CACHE]C:\WINDOWS\system32\iphlpapi.dll -[CACHE]C:\WINDOWS\system32\SAMLIB.dll -[CACHE]C:\WINDOWS\system32\cscui.dll -[CACHE]C:\WINDOWS\system32\xpsp2res.dll -[CACHE]C:\WINDOWS\system32\NTMARTA.DLL -[CACHE]C:\WINDOWS\system32\WLDAP32.dll -[CACHE]C:\WINDOWS\system32\wdmaud.drv -[CACHE]C:\WINDOWS\system32\msacm32.drv -[CACHE]C:\WINDOWS\system32\MSACM32.dll -[CACHE]C:\WINDOWS\system32\midimap.dll -[CACHE]C:\WINDOWS\system32\COMRes.dll -[CACHE]C:\WINDOWS\system32\OLEAUT32.dll -[CACHE]C:\WINDOWS\system32\CLBCATQ.DLL -[CACHE]C:\Program Files\Lenovo\HOTKEY\notifyf2.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemprox.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemcomn.dll -[CACHE]C:\WINDOWS\system32\wbem\wbemsvc.dll -[CACHE]C:\WINDOWS\system32\wbem\fastprox.dll -[CACHE]C:\WINDOWS\system32\MSVCP60.dll -[CACHE]C:\WINDOWS\system32\NTDSAPI.dll -[CACHE]C:\WINDOWS\system32\DNSAPI.dll
csrss.exe:836 -[CACHE]C:\WINDOWS\system32\ntdll.dll
-[CACHE]C:\WINDOWS\system32\GDI32.dll -[CACHE]C:\WINDOWS\system32\KERNEL32.dll -[CACHE]C:\WINDOWS\system32\USER32.dll -[CACHE]C:\WINDOWS\system32\LPK.DLL -[CACHE]C:\WINDOWS\system32\USP10.dll -[CACHE]C:\WINDOWS\system32\ADVAPI32.dll -[CACHE]C:\WINDOWS\system32\RPCRT4.dll -[CACHE]C:\WINDOWS\system32\Secur32.dll -[CACHE]C:\WINDOWS\system32\sxs.dll -[CACHE]C:\WINDOWS\system32\Apphelp.dll -[CACHE]C:\WINDOWS\system32\VERSION.dll
smss.exe:780 -[CACHE]C:\WINDOWS\system32\ntdll.dll -------Process Tree-------(4)System (780)smss.exe (836)csrss.exe (864)winlogon.exe (908)services.exe (1076)ibmpmsvc.exe (1108)ati2evxx.exe (1136)svchost.exe (2160)wmiprvse.exe (360)igfxsrvc.exe
(4800)wmpenc.exe (1216)svchost.exe (1308)svchost.exe (1336)btwdins.exe (1388)svchost.exe (1700)S24EvMon.exe (1740)svchost.exe (1804)svchost.exe (1976)ccSetMgr.exe (2024)ccEvtMgr.exe (280)ccProxy.exe (320)ISSVC.exe (464)SNDSrvc.exe (676)spoolsv.exe (3228)svchost.exe (3448)TPHKSVC.exe (3880)AcPrfMgrSvc.exe (3964)acs.exe (4076)CDSWinSrv.exe (2772)cmd.exe (1852)java.exe (4088)DefWatch.exe (2448)issimsvc.exe (2632)jqs.exe (3096)nsd.exe
(2468)NetCfgSv.EXE (4032)RegSrvc.exe (356)SavRoam.exe (2564)sftvsa.exe (2664)svchost.exe (2776)Rtvscan.exe (3004)SymSPort.exe (3008)TPHDEXLG.exe (1944)TpKmpSvc.exe (3828)ldlcserv.exe (4368)alg.exe (4616)AcSvc.exe (6060)SvcGuiHlpr.exe (920)lsass.exe (1380)ati2evxx.exe (1836)explorer.exe (572)tpam.exe (812)ccApp.exe (1180)VPTray.exe (1592)smax4pnp.exe (1604)SynTPLpr.exe (1960)SynTPEnh.exe (2080)TPOSDSVC.exe (2168)TPONSCR.exe (2224)TpScrex.exe
(2164)TpShocks.exe (2288)pmonmh.exe (2372)isamtray.exe (2544)ACTray.exe (2704)ctfmon.exe (2816)FClock.exe (3332)wweb32.exe (3384)ObjectDock.exe (5912)AvaFind.EXE (4892)wmplayer.exe (4412)POWERPNT.EXE (1164)SICWin.exe (5736)Sep_SupportTool.exe (2812)ST_Gui.exe (3644)PCS_AGNT.EXE
+----------------------------------------------|Windows Services +-----------------------------------------------
Service Name Command Line AcPrfMgrSvc AUTOMATIC
Display Name
State
Startup Type
Ac Profile Manager Service RUNNING [CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe RUNNING AUTOMATIC
acs ACU Configuration Service [FLOCK]system32\acs.exe
AcSvc Access Connections Main Service [CACHE]C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe Alerter Alerter [CACHE]C:\WINDOWS\system32\svchost.exe -k LocalService ALG Application Layer Gateway Service DEMAND_START [CACHE]C:\WINDOWS\System32\alg.exe AppMgmt Application Management DEMAND_START [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs AppnNode AppnNode [CACHE]C:\WINDOWS\system32\Drivers\appnnode.exe ArtourService Mobility Client [CACHE]"C:\Program Files\IBM\Mobility Client\artsvc.exe" artstartsvc AUTOMATIC
RUNNING AUTOMATIC
STOPPED DISABLED
RUNNING
STOPPED
STOPPED DEMAND_START
STOPPED DEMAND_START
Mobility Client Administration Service [CACHE]"C:\Program Files\IBM\Mobility Client\artstartsvc.exe"
STOPPED
aspnet_state ASP.NET State Service STOPPED DEMAND_START [CACHE]C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe Ati HotKey Poller Ati HotKey Poller [CACHE]C:\WINDOWS\system32\Ati2evxx.exe AudioSrv Windows Audio [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs BITS AUTOMATIC Background Intelligent Transfer Service [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs RUNNING AUTOMATIC
RUNNING AUTOMATIC
RUNNING
Browser Computer Browser [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs
RUNNING AUTOMATIC
btwdins Bluetooth Service RUNNING AUTOMATIC [CACHE]C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe ccEvtMgr Symantec Event Manager [CACHE]"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" ccProxy Symantec Network Proxy [CACHE]"C:\Program Files\Common Files\Symantec Shared\ccProxy.exe" ccSetMgr Symantec Settings Manager [CACHE]"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" RUNNING AUTOMATIC
RUNNING AUTOMATIC
RUNNING AUTOMATIC
CiSvc Indexing Service [CACHE]C:\WINDOWS\system32\cisvc.exe ClipSrv ClipBook [CACHE]C:\WINDOWS\system32\clipsrv.exe
STOPPED DEMAND_START
STOPPED DISABLED
clr_optimization_v2.0.50727_32 .NET Runtime Optimization Service v2.0.50727_X86 STOPPED DEMAND_START [CACHE]C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe COMSysApp COM+ System Application STOPPED DEMAND_START [CACHE]C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D00805FC79235} CryptSvc Cryptographic Services [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs RUNNING AUTOMATIC
cvhsvc Client Virtualization Handler STOPPED AUTOMATIC [CACHE]"C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" DCDClient-ISSI IBM DCD Standard Client (DCDClient-ISSI) RUNNING AUTOMATIC [CACHE]C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe DcomLaunch AUTOMATIC DefWatch AUTOMATIC DCOM Server Process Launcher C:\WINDOWS\system32\svchost -k DcomLaunch RUNNING
Symantec AntiVirus Definition Watcher RUNNING [CACHE]"C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe" RUNNING AUTOMATIC
Dhcp DHCP Client [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs
dmadmin Logical Disk Manager Administrative Service DEMAND_START [CACHE]C:\WINDOWS\System32\dmadmin.exe /com dmserver Logical Disk Manager [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs Dnscache DNS Client [CACHE]C:\WINDOWS\system32\svchost.exe -k NetworkService Dot3svc Wired AutoConfig [CACHE]C:\WINDOWS\System32\svchost.exe -k dot3svc
STOPPED
RUNNING AUTOMATIC
RUNNING AUTOMATIC
STOPPED DEMAND_START
EapHost Extensible Authentication Protocol Service DEMAND_START [CACHE]C:\WINDOWS\System32\svchost.exe -k eapsvcs
STOPPED
ERSvc Error Reporting Service [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs Eventlog Event Log [CACHE]C:\WINDOWS\system32\services.exe
STOPPED DISABLED
RUNNING AUTOMATIC
EventSystem COM+ Event System DEMAND_START [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs EvtEng AUTOMATIC Intel(R) PROSet/Wireless Event Log [CACHE]C:\Program Files\Intel\WiFi\bin\EvtEng.exe
RUNNING
STOPPED
FastUserSwitchingCompatibility Fast User Switching Compatibility DEMAND_START [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs FontCache3.0.0.0 Windows Presentation Foundation Font Cache 3.0.0.0 STOPPED DEMAND_START [CACHE]c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe helpsvc Help and Support [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs HidServ Human Interface Device Access [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs hkmsvc Health Key and Certificate Management Service DEMAND_START [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs HTTPFilter HTTP SSL [CACHE]C:\WINDOWS\System32\svchost.exe -k HTTPFilter IBMPMSVC ThinkPad PM Service [CACHE]C:\WINDOWS\system32\ibmpmsvc.exe
STOPPED
RUNNING AUTOMATIC
STOPPED DISABLED
STOPPED
STOPPED DEMAND_START
RUNNING AUTOMATIC
IDriverT InstallDriver Table Manager STOPPED DEMAND_START [CACHE]"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe" idsvc Windows CardSpace STOPPED DEMAND_START [CACHE]"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" ImapiService IMAPI CD-Burning COM Service DEMAND_START [CACHE]C:\WINDOWS\system32\imapi.exe Irmon Infrared Monitor [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs STOPPED
RUNNING AUTOMATIC
ISAMsmt ISAM SMT Service [FMISS]C:\Program Files\C4ebreg\isamsmt.exe ISAMSvc AUTOMATIC IBM Standard Asset Manager Service [CACHE]"C:\Program Files\c4ebreg\c4ebreg.exe"
STOPPED AUTOMATIC
STOPPED
ISSIMon ISSI [CACHE]"c:\sdwork\issimsvc.exe"
RUNNING AUTOMATIC
ISSVC IS Service RUNNING AUTOMATIC [CACHE]"C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe" JavaQuickStarterService Java Quick Starter RUNNING AUTOMATIC [CACHE]"C:\Program Files\IBM\Java60\jre\bin\jqs.exe" -service -config "C:\Program Files\IBM\Java60\jre\lib\deploy\jqs\jqs.conf" lanmanserver Server [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs lanmanworkstation Workstation [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs ldlcserv IBM Enterprise Extender [CACHE]C:\WINDOWS\system32\Drivers\ldlcserv.exe LENOVO.MICMUTE Lenovo Microphone Mute AUTOMATIC [CACHE]C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe LiveUpdate LiveUpdate [CACHE]"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" LmHosts TCP/IP NetBIOS Helper [CACHE]C:\WINDOWS\system32\svchost.exe -k LocalService Lotus Notes Diagnostics Lotus Notes Diagnostics AUTOMATIC [CACHE]c:\notes\nsd.exe -svcinvoke -ini "c:\notes\notes.ini" Messenger Messenger [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs mnmsrvc NetMeeting Remote Desktop Sharing DEMAND_START [CACHE]C:\WINDOWS\system32\mnmsrvc.exe MSDTC Distributed Transaction Coordinator DEMAND_START [CACHE]C:\WINDOWS\system32\msdtc.exe RUNNING AUTOMATIC
RUNNING AUTOMATIC
RUNNING AUTOMATIC
STOPPED
STOPPED DEMAND_START
RUNNING AUTOMATIC
RUNNING
STOPPED DISABLED
STOPPED
STOPPED
MSIServer Windows Installer [CACHE]C:\WINDOWS\system32\msiexec.exe /V Multi-user Cleanup Service Multi-user Cleanup Service AUTOMATIC [CACHE]c:\notes\ntmulti.exe
STOPPED DEMAND_START
STOPPED
MyHelp My Help STOPPED AUTOMATIC [FLOCK]C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe napagent Network Access Protection Agent DEMAND_START [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs NetCfgSvr AUTOMATIC Network Configuration Service [CACHE]C:\Program Files\AT&T Network Client\NetCfgSv.EXE STOPPED
RUNNING
NetDDE Network DDE [CACHE]C:\WINDOWS\system32\netdde.exe NetDDEdsdm Network DDE DSDM [CACHE]C:\WINDOWS\system32\netdde.exe Netlogon Net Logon [CACHE]C:\WINDOWS\system32\lsass.exe
STOPPED DISABLED
STOPPED DISABLED
STOPPED DEMAND_START
Netman Network Connections DEMAND_START [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs
RUNNING
NetTcpPortSharing Net.Tcp Port Sharing Service STOPPED DISABLED [CACHE]"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" Nla Network Location Awareness (NLA) DEMAND_START [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs NtLmSsp NT LM Security Support Provider DEMAND_START [CACHE]C:\WINDOWS\system32\lsass.exe NtmsSvc Removable Storage [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs RUNNING
STOPPED
STOPPED DEMAND_START
ose Office Source Engine STOPPED DEMAND_START [CACHE]"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" osppsvc Office Software Protection Platform DEMAND_START [CACHE]"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" STOPPED
PlugPlay Plug and Play [CACHE]C:\WINDOWS\system32\services.exe PolicyAgent IPSEC Services [CACHE]C:\WINDOWS\system32\lsass.exe ProtectedStorage Protected Storage [CACHE]C:\WINDOWS\system32\lsass.exe prwnys Shell Universal [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs RasAuto DISABLED Remote Access Auto Connection Manager [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs
RUNNING AUTOMATIC
RUNNING AUTOMATIC
RUNNING AUTOMATIC
STOPPED AUTOMATIC
STOPPED
RasMan Remote Access Connection Manager DEMAND_START [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs RDSessMgr Remote Desktop Help Session Manager DEMAND_START [CACHE]C:\WINDOWS\system32\sessmgr.exe RegSrvc AUTOMATIC
RUNNING
STOPPED
Intel(R) PROSet/Wireless Registry Service RUNNING [CACHE]C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe STOPPED DISABLED
RemoteAccess Routing and Remote Access [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs RemoteRegistry Remote Registry [CACHE]C:\WINDOWS\system32\svchost.exe -k LocalService
RUNNING AUTOMATIC
rpcapd Remote Packet Capture Protocol v.0 (experimental) DEMAND_START [CACHE]"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini" RpcLocator Remote Procedure Call (RPC) Locator DEMAND_START [CACHE]C:\WINDOWS\system32\locator.exe RpcSs Remote Procedure Call (RPC) C:\WINDOWS\system32\svchost -k rpcss RSVP QoS RSVP [CACHE]C:\WINDOWS\system32\rsvp.exe
STOPPED
STOPPED
RUNNING AUTOMATIC
STOPPED DEMAND_START
S24EventMonitor Intel(R) PROSet/Wireless WiFi Service AUTOMATIC [CACHE]C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
RUNNING
SamSs Security Accounts Manager [CACHE]C:\WINDOWS\system32\lsass.exe
RUNNING AUTOMATIC
SavRoam SavRoam RUNNING AUTOMATIC [CACHE]"c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe" SCardSvr Smart Card [CACHE]C:\WINDOWS\System32\SCardSvr.exe Schedule Task Scheduler [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs seclogon Secondary Logon [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs SENS System Event Notification [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs ServiceLayer ServiceLayer [CACHE]"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" STOPPED DISABLED
RUNNING AUTOMATIC
RUNNING AUTOMATIC
RUNNING AUTOMATIC
STOPPED DEMAND_START
sftlist Application Virtualization Client STOPPED AUTOMATIC [CACHE]"C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe" sftvsa Application Virtualization Service Agent RUNNING DEMAND_START [CACHE]"C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe" SharedAccess Windows Firewall/Internet Connection Sharing (ICS) AUTOMATIC [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs ShellHWDetection Shell Hardware Detection AUTOMATIC [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs SNDSrvc AUTOMATIC RUNNING
RUNNING
Symantec Network Drivers Service RUNNING [CACHE]"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
SPBBCSvc Symantec SPBBCSvc STOPPED DEMAND_START [CACHE]"C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe" Spooler Print Spooler [CACHE]C:\WINDOWS\system32\spoolsv.exe srservice System Restore Service [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs SSDPSRV SSDP Discovery Service [CACHE]C:\WINDOWS\system32\svchost.exe -k LocalService RUNNING AUTOMATIC
RUNNING AUTOMATIC
STOPPED DISABLED
stisvc Windows Image Acquisition (WIA) [CACHE]C:\WINDOWS\system32\svchost.exe -k imgsvc
RUNNING AUTOMATIC
SwPrv MS Software Shadow Copy Provider STOPPED DEMAND_START [CACHE]C:\WINDOWS\system32\dllhost.exe /Processid:{70BEF680-FB0F-4516-A34397C83A5A78F6} Symantec AntiVirus Symantec AntiVirus RUNNING AUTOMATIC [CACHE]"C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe" SymSecurePort Symantec SecurePort RUNNING AUTOMATIC [CACHE]"C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe" SysmonLog Performance Logs and Alerts DEMAND_START [CACHE]C:\WINDOWS\system32\smlogsvc.exe TapiSrv Telephony [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs TermService Terminal Services C:\WINDOWS\System32\svchost -k DComLaunch Themes Themes [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs TlntSvr Telnet [CACHE]C:\WINDOWS\system32\tlntsvr.exe TPHDEXLGSVC ThinkPad HDD APS Logging Service AUTOMATIC [FLOCK]System32\TPHDEXLG.exe TPHKSVC On Screen Display [CACHE]C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe TpKmpSVC IBM KCU Service [CACHE]C:\WINDOWS\system32\TpKmpSVC.exe TrcBoot IBM Trace Facility [CACHE]C:\WINDOWS\system32\Drivers\trcboot.exe TrkWks Distributed Link Tracking Client [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs upnphost Universal Plug and Play Device Host [CACHE]C:\WINDOWS\system32\svchost.exe -k LocalService STOPPED
RUNNING DEMAND_START
RUNNING DEMAND_START
RUNNING AUTOMATIC
STOPPED DISABLED
RUNNING
RUNNING AUTOMATIC
RUNNING AUTOMATIC
STOPPED AUTOMATIC
RUNNING AUTOMATIC
STOPPED DISABLED
UPS Uninterruptible Power Supply DEMAND_START [CACHE]C:\WINDOWS\System32\ups.exe VSS Volume Shadow Copy [CACHE]C:\WINDOWS\System32\vssvc.exe W32Time Windows Time [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs WebClient WebClient [CACHE]C:\WINDOWS\system32\svchost.exe -k LocalService winmgmt AUTOMATIC Windows Management Instrumentation [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs
STOPPED
STOPPED DEMAND_START
RUNNING AUTOMATIC
RUNNING AUTOMATIC
RUNNING
WmdmPmSN Portable Media Serial Number Service DEMAND_START [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs Wmi Windows Management Instrumentation Driver Extensions DEMAND_START [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs WmiApSrv WMI Performance Adapter DEMAND_START [CACHE]C:\WINDOWS\system32\wbem\wmiapsrv.exe
STOPPED
STOPPED
STOPPED
WMPNetworkSvc Windows Media Player Network Sharing Service DEMAND_START [CACHE]"C:\Program Files\Windows Media Player\WMPNetwk.exe" wscsvc Security Center [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs wuauserv Automatic Updates [CACHE]C:\WINDOWS\system32\svchost.exe -k netsvcs WudfSvc RUNNING AUTOMATIC
STOPPED
RUNNING AUTOMATIC
RUNNING AUTOMATIC
Windows Driver Foundation - User-mode Driver Framework [CACHE]C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup RUNNING AUTOMATIC
WZCSVC Wireless Zero Configuration [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs xmlprov Network Provisioning Service DEMAND_START [CACHE]C:\WINDOWS\System32\svchost.exe -k netsvcs
STOPPED
+----------------------------------------------|Application Uninstall Information
+-----------------------------------------------
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\504244733 D18C8F63FF584AEB290E3904E791693 UninstallString = [CHECK]C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccs mcfd.inf DisplayName = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) DisplayVersion = 08/22/2008 7.0.0.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX DisplayName = Adobe Flash Player 10 ActiveX DisplayVersion = 10.1.102.64 UninstallString = [CHECK]C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin DisplayName = Adobe Flash Player 10 Plugin DisplayVersion = 10.1.102.64 UninstallString = [CHECK]C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Photoshop 7.0 UninstallString = C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" DisplayName = Adobe Photoshop 7.0
DisplayVersion = 7.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ARTourCLI UninstallString = [CHECK]C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{73F1BDB7-11E111D5-9DC6-00C04F2FC33B} /l1033 AnyText
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ATI Display Driver DisplayName = ATI Display Driver UninstallString = [CHECK]rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean DisplayVersion = 8.293.1-060913a-036475C-Lenovo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CiscoSecure Authentication Agent UninstallString = [CHECK]C:\WINDOWS\aaremove.exe DisplayName = CiscoSecure Authentication Agent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_MOD EM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588 DisplayName = ThinkPad Modem UninstallString = [CHECK]C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588\HXFSETUP.EXE -U -ITkp0588p.inf DisplayVersion = 7.39.00.50
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Convert Excel to HTML_is1 DisplayName = Convert Excel to HTML V1.21 UninstallString = [CHECK]"C:\Program Files\Convert Excel to HTML\unins000.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dbd22105c7 f7ea1354d4a7606bd7cfdf DisplayName = Web-based System Manager Remote Client UninstallString = [CHECK]C:\Program Files\websm\_uninst\uninstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\E8A6D621B 6D3FC5D43C68C549D959DE76EEF5D84 UninstallString = [CHECK]C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\no kia_bluetooth.inf DisplayName = Windows Driver Package - Nokia Modem (06/01/2009 4.1) DisplayVersion = 06/01/2009 4.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\F779F5541A BD99C95C03B0FD5E3C058B22DA0FF7 UninstallString = [CACHE]C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nok btmdm.inf DisplayName = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3) DisplayVersion = 06/01/2009 7.01.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fe29d7d6aaf 324b1964e31be6d7ce1981815068445 DisplayName = IBM Dynamic Content Delivery (DCDClient-ISSI)
UninstallString = [CHECK]C:\Program Files\IBM\tivoli\dcd\client\ISSI\_uninst\uninstaller.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileZilla Client UninstallString = [CHECK]C:\Program Files\FileZilla FTP Client\uninstall.exe DisplayName = FileZilla Client 3.3.4.1 DisplayVersion = 3.3.4.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HDMI DisplayName = Intel(R) Graphics Media Accelerator Driver UninstallString = [CHECK]C:\WINDOWS\system32\igxpun.exe -uninstall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Huawei Access Manager DisplayName = Huawei Access Manager UninstallString = [CHECK]C:\Program Files\Huawei Access Manager\uninst.exe DisplayVersion = UTPS_HWEC1260DT05
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IDNMitigati onAPIs DisplayName = Microsoft Internationalized Domain Names Mitigation APIs UninstallString = [CHECK]"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" InstallDate = 20101006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie7
DisplayName = Windows Internet Explorer 7 UninstallString = [CHECK]"C:\WINDOWS\ie7\spuninst\spuninst.exe" InstallDate = 20101006 DisplayVersion = 20070813.185237
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield _{4F3AFB85-B972-4621-AEB6-6C22317E145B} UninstallString = [CHECK]C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4F3AFB85-B972-4621AEB6-6C22317E145B} /l1033 DisplayName = IBM 32-bit Runtime Environment for Java 2, v5.0 DisplayVersion = 5.0 InstallDate = 20070222
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield _{73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B} UninstallString = [CACHE]C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{73F1BDB7-11E111D5-9DC6-00C04F2FC33B} /l1033 AnyText DisplayName = IBM Mobility Client InstallDate = 20101213 DisplayVersion = 6.1.10103
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield _{75E7FEE8-16B1-4B1D-82B4-9594A38EDF76} UninstallString = [CHECK]"C:\Program Files\InstallShield Installation Information\{75E7FEE8-16B1-4B1D-82B4-9594A38EDF76}\setup.exe" -runfromtemp -l0x0409 removeonly DisplayName = IBM 32-bit Runtime Environment for Java v6
DisplayVersion = 6 InstallDate = 20101209
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield _{E922961C-6DB6-41DE-9FEA-426DF3E9F81C} UninstallString = [CHECK]C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E922961C-6DB641DE-9FEA-426DF3E9F81C} /l1033 DisplayName = IBM 32-bit Runtime Environment for Java 2, v1.4.2 DisplayVersion = 1.4.2 InstallDate = 20101110
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISSI DisplayName = IBM Standard Software Installer UninstallString = [ESKIP]C:\WINDOWS\issiunin.bat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2079403 DisplayName = Security Update for Windows XP (KB2079403) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" InstallDate = 20100902 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2115168 DisplayName = Security Update for Windows XP (KB2115168) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
InstallDate = 20100902 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2121546 DisplayName = Security Update for Windows XP (KB2121546) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2141007 DisplayName = Update for Windows XP (KB2141007) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2158563 DisplayName = Hotfix for Windows XP (KB2158563) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe" InstallDate = 20101103 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2160329 DisplayName = Security Update for Windows XP (KB2160329)
UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2183461 DisplayName = Security Update for Windows XP (KB2183461) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2183461$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2183461IE7 DisplayName = Security Update for Windows Internet Explorer 7 (KB2183461) UninstallString = [CHECK]"C:\WINDOWS\ie7updates\KB2183461IE7\spuninst\spuninst.exe" InstallDate = 20101006 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2229593 DisplayName = Security Update for Windows XP (KB2229593) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2259922 DisplayName = Security Update for Windows XP (KB2259922) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2279986 DisplayName = Security Update for Windows XP (KB2279986) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2286198 DisplayName = Security Update for Windows XP (KB2286198) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2296011 DisplayName = Security Update for Windows XP (KB2296011) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2296199 DisplayName = Security Update for Windows XP (KB2296199) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe" InstallDate = 20101215 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2345886 DisplayName = Update for Windows XP (KB2345886) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2347290 DisplayName = Security Update for Windows XP (KB2347290) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2360131IE7 DisplayName = Security Update for Windows Internet Explorer 7 (KB2360131) UninstallString = [CHECK]"C:\WINDOWS\ie7updates\KB2360131IE7\spuninst\spuninst.exe"
InstallDate = 20101017 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2360937 DisplayName = Security Update for Windows XP (KB2360937) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2378111_ WM9 DisplayName = Security Update for Windows Media Player (KB2378111) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe" InstallDate = 20101104
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2387149 DisplayName = Security Update for Windows XP (KB2387149) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2416400IE7 DisplayName = Security Update for Windows Internet Explorer 7 (KB2416400)
UninstallString = [CHECK]"C:\WINDOWS\ie7updates\KB2416400IE7\spuninst\spuninst.exe" InstallDate = 20101215 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2419632 DisplayName = Security Update for Windows XP (KB2419632) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe" InstallDate = 20110113 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2423089 DisplayName = Security Update for Windows XP (KB2423089) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe" InstallDate = 20101215 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2436673 DisplayName = Security Update for Windows XP (KB2436673) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe" InstallDate = 20101215 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2440591
DisplayName = Security Update for Windows XP (KB2440591) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe" InstallDate = 20101215 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2443105 DisplayName = Security Update for Windows XP (KB2443105) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe" InstallDate = 20101215 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2443685 DisplayName = Hotfix for Windows XP (KB2443685) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe" InstallDate = 20101215 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB2467659 DisplayName = Update for Windows XP (KB2467659) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe" InstallDate = 20101215 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB892130 DisplayName = Windows Genuine Advantage Validation Tool (KB892130) UninstallString = InstallDate = 20070906
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB911564 DisplayName = Security Update for Windows Media Player (KB911564) InstallDate = 20060222
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB923561 DisplayName = Security Update for Windows XP (KB923561) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB923689 DisplayName = Security Update for Windows XP (KB923689) InstallDate = 20070220
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB925398_ WMP64 DisplayName = Security Update for Windows Media Player 6.4 (KB925398) InstallDate = 20070220
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB931906
DisplayName = Security Update for CAPICOM (KB931906) DisplayVersion = 2.1.0.2 UninstallString = [CACHE]MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB932471.T 301_380ToU433_380 UninstallString = [CACHE]C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840} DisplayVersion = 1 DisplayName = Hotfix for Microsoft .NET Framework 3.0 (KB932471)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB936782_ WMP9 DisplayName = Security Update for Windows Media Player 9 (KB936782) InstallDate = 20070905
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB938127v2-IE7 DisplayName = Security Update for Windows Internet Explorer 7 (KB938127-v2) UninstallString = [CHECK]"C:\WINDOWS\ie7updates\KB938127-v2IE7\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB938464 DisplayName = Security Update for Windows XP (KB938464) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB946648 DisplayName = Security Update for Windows XP (KB946648) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950759 DisplayName = Security Update for Windows XP (KB950759) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950762 DisplayName = Security Update for Windows XP (KB950762) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950974 DisplayName = Security Update for Windows XP (KB950974)
UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951072v2 DisplayName = Update for Windows XP (KB951072-v2) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB951072v2$\spuninst\spuninst.exe" InstallDate = 20090505 DisplayVersion = 2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951376v2 DisplayName = Security Update for Windows XP (KB951376-v2) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB951376v2$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951698 DisplayName = Security Update for Windows XP (KB951698) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951748 DisplayName = Security Update for Windows XP (KB951748) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951978 DisplayName = Update for Windows XP (KB951978) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952004 DisplayName = Security Update for Windows XP (KB952004) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952011 DisplayName = Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe" InstallDate = 20101117 DisplayVersion = 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952069_ WM9 DisplayName = Security Update for Windows Media Player (KB952069) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" InstallDate = 20090505
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952287 DisplayName = Hotfix for Windows XP (KB952287) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952954 DisplayName = Security Update for Windows XP (KB952954) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB953838 DisplayName = Security Update for Windows XP (KB953838) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" InstallDate = 20100818
DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954155_ WM9 DisplayName = Security Update for Windows Media Player (KB954155) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" InstallDate = 20100823
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954459 DisplayName = Security Update for Windows XP (KB954459) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954550v5 DisplayName = Hotfix for Windows XP (KB954550-v5) UninstallString = InstallDate = 20101106 DisplayVersion = 5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954600 DisplayName = Security Update for Windows XP (KB954600) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955069 DisplayName = Security Update for Windows XP (KB955069) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955759 DisplayName = Update for Windows XP (KB955759) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955839 DisplayName = Update for Windows XP (KB955839) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" InstallDate = 20090513 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956390 DisplayName = Security Update for Windows XP (KB956390)
UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956572 DisplayName = Security Update for Windows XP (KB956572) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956744 DisplayName = Security Update for Windows XP (KB956744) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956802 DisplayName = Security Update for Windows XP (KB956802) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956803
DisplayName = Security Update for Windows XP (KB956803) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956844 DisplayName = Security Update for Windows XP (KB956844) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958215 DisplayName = Security Update for Windows XP (KB958215) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958644 DisplayName = Security Update for Windows XP (KB958644) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958687 DisplayName = Security Update for Windows XP (KB958687) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958690 DisplayName = Security Update for Windows XP (KB958690) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958869 DisplayName = Security Update for Windows XP (KB958869) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB959426 DisplayName = Security Update for Windows XP (KB959426) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960714 DisplayName = Security Update for Windows XP (KB960714) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960803 DisplayName = Security Update for Windows XP (KB960803) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960859 DisplayName = Security Update for Windows XP (KB960859) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961118 DisplayName = Hotfix for Windows XP (KB961118) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" InstallDate = 20101111
DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961373 DisplayName = Security Update for Windows XP (KB961373) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961501 DisplayName = Security Update for Windows XP (KB961501) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB963027 DisplayName = Security Update for Windows XP (KB963027) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB967715 DisplayName = Update for Windows XP (KB967715) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968389 DisplayName = Update for Windows XP (KB968389) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968816_ WM9 DisplayName = Security Update for Windows Media Player (KB968816) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" InstallDate = 20100823
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969059 DisplayName = Security Update for Windows XP (KB969059) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969947 DisplayName = Security Update for Windows XP (KB969947)
UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970430 DisplayName = Security Update for Windows XP (KB970430) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971468 DisplayName = Security Update for Windows XP (KB971468) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971557 DisplayName = Security Update for Windows XP (KB971557) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971657
DisplayName = Security Update for Windows XP (KB971657) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971737 DisplayName = Update for Windows XP (KB971737) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971961 DisplayName = Security Update for Windows XP (KB971961) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB972270 DisplayName = Security Update for Windows XP (KB972270) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973354 DisplayName = Security Update for Windows XP (KB973354) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" InstallDate = 20100902 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973507 DisplayName = Security Update for Windows XP (KB973507) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973525 DisplayName = Security Update for Windows XP (KB973525) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973540_ WM9 DisplayName = Security Update for Windows Media Player (KB973540) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" InstallDate = 20100823
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973687 DisplayName = Update for Windows XP (KB973687) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" InstallDate = 20101215 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973815 DisplayName = Update for Windows XP (KB973815) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973869 DisplayName = Security Update for Windows XP (KB973869) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973904 DisplayName = Security Update for Windows XP (KB973904) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" InstallDate = 20100818
DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974112 DisplayName = Security Update for Windows XP (KB974112) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974318 DisplayName = Security Update for Windows XP (KB974318) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974392 DisplayName = Security Update for Windows XP (KB974392) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974455 DisplayName = Security Update for Windows XP (KB974455) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974571 DisplayName = Security Update for Windows XP (KB974571) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975025 DisplayName = Security Update for Windows XP (KB975025) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975467 DisplayName = Security Update for Windows XP (KB975467) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975558_ WM8 DisplayName = Security Update for Windows Media Player (KB975558)
UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" InstallDate = 20100924
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975560 DisplayName = Security Update for Windows XP (KB975560) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975561 DisplayName = Security Update for Windows XP (KB975561) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975562 DisplayName = Security Update for Windows XP (KB975562) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975713 DisplayName = Security Update for Windows XP (KB975713)
UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976098v2 DisplayName = Hotfix for Windows XP (KB976098-v2) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB976098v2$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976325 DisplayName = Security Update for Windows XP (KB976325) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977816 DisplayName = Security Update for Windows XP (KB977816) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977914 DisplayName = Security Update for Windows XP (KB977914) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978037 DisplayName = Security Update for Windows XP (KB978037) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978207 DisplayName = Update for Windows XP (KB978207) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978251 DisplayName = Security Update for Windows XP (KB978251) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978262 DisplayName = Security Update for Windows XP (KB978262) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978338 DisplayName = Security Update for Windows XP (KB978338) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978542 DisplayName = Security Update for Windows XP (KB978542) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" InstallDate = 20100903 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978601 DisplayName = Security Update for Windows XP (KB978601) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" InstallDate = 20100818
DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978695_ WM9 DisplayName = Security Update for Windows Media Player (KB978695) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" InstallDate = 20100823
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978706 DisplayName = Security Update for Windows XP (KB978706) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979309 DisplayName = Security Update for Windows XP (KB979309) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979402_ WM9 DisplayName = Security Update for Windows Media Player (KB979402) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe"
InstallDate = 20100823
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979482 DisplayName = Security Update for Windows XP (KB979482) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979687 DisplayName = Security Update for Windows XP (KB979687) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB980182 DisplayName = Update for Windows XP (KB980182) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB980182$\spuninst\spuninst.exe" InstallDate = 20100818 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB980195 DisplayName = Security Update for Windows XP (KB980195) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
InstallDate = 20100824 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB980218 DisplayName = Security Update for Windows XP (KB980218) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB980232 DisplayName = Security Update for Windows XP (KB980232) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB980436 DisplayName = Security Update for Windows XP (KB980436) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" InstallDate = 20100902 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981322 DisplayName = Security Update for Windows XP (KB981322)
UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981349 DisplayName = Security Update for Windows XP (KB981349) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981793 DisplayName = Hotfix for Windows XP (KB981793) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981852 DisplayName = Security Update for Windows XP (KB981852) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981957
DisplayName = Security Update for Windows XP (KB981957) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB981997 DisplayName = Security Update for Windows XP (KB981997) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" InstallDate = 20100924 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB982132 DisplayName = Security Update for Windows XP (KB982132) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe" InstallDate = 20101104 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB982214 DisplayName = Security Update for Windows XP (KB982214) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB982381 DisplayName = Security Update for Windows XP (KB982381) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe" InstallDate = 20100823 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB982381IE7 DisplayName = Security Update for Windows Internet Explorer 7 (KB982381) UninstallString = [CHECK]"C:\WINDOWS\ie7updates\KB982381IE7\spuninst\spuninst.exe" InstallDate = 20101006 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB982665 DisplayName = Security Update for Windows XP (KB982665) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" InstallDate = 20100902 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB982802 DisplayName = Security Update for Windows XP (KB982802) UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe" InstallDate = 20100924
DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdate UninstallString = [CHECK]"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U DisplayName = LiveUpdate 3.1 (Symantec Corporation) DisplayVersion = 3.1.0.90
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\M2416447 DisplayName = Microsoft .NET Framework 1.1 Security Update (KB2416447) UninstallString = [CHECK]"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\M979906 DisplayName = Microsoft .NET Framework 1.1 Security Update (KB979906) UninstallString = [CACHE]"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 1.1 (1033) UninstallString = [CACHE]msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} DisplayName = Microsoft .NET Framework 1.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 3.5 SP1 DisplayName = Microsoft .NET Framework 3.5 SP1
UninstallString = [CHECK]C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual J# 2.0 Redistributable Package - SE DisplayName = Microsoft Visual J# 2.0 Redistributable Package - SE UninstallString = [CHECK]C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package - SE\install.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox (3.6.13) DisplayName = Mozilla Firefox (3.6.13) DisplayVersion = 3.6.13 (en-US) UninstallString = [CHECK]C:\Program Files\Mozilla Firefox\uninstall\helper.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSCompPac kV1 DisplayName = Microsoft Compression Client Pack 1.0 for Windows XP UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" InstallDate = 20101017 DisplayVersion = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\nbiglassfish-mod-sun-3.0.0.74.2 DisplayName = Sun GlassFish Enterprise Server v3 UninstallString = [CHECK]"C:\Program Files\sges-v3\uninstall.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\nbi-nb-base6.8.0.0.0 DisplayName = NetBeans IDE 6.8 UninstallString = [CHECK]"C:\Program Files\NetBeans 6.8\uninstall.exe" DisplayVersion = 6.8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NLSDownlev elMapping DisplayName = Microsoft National Language Support Downlevel APIs UninstallString = [CHECK]"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" InstallDate = 20101006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Nokia PC Internet Access UninstallString = [CHECK]C:\Documents and Settings\All Users\Application Data\Installations\{653A52D8-127C-476D-BAD9-27117A3A4959}\Installer.exe DisplayName = Nokia PC Internet Access DisplayVersion = 2.0.1.3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Nokia PC Suite UninstallString = [CHECK]C:\Documents and Settings\All Users\Application Data\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Nokia_PC_Suite_7_1_30_8_ALL.exe DisplayName = Nokia PC Suite DisplayVersion = 7.1.30.8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Notepad++
DisplayName = Notepad++ UninstallString = [CHECK]C:\Program Files\Notepad++\uninstall.exe DisplayVersion = 5.6.4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Office14.Clic k2Run DisplayName = Microsoft Office Click-to-Run 2010 DisplayVersion = 14.0.4763.1000 UninstallString = [CHECK]"C:\PROGRA~1\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OnScreenDi splay DisplayName = On Screen Display UninstallString = [CHECK]rundll32.exe "C:\Program Files\Lenovo\HOTKEY\cleanup.dll",InfUninstall DefaultUninstall.XP 132 C:\Program Files\Lenovo\HOTKEY\tphk_tp.inf DisplayVersion = 5.32.00
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\P2P GUI DisplayName = IBM ISMA Peer-To-Peer UninstallString = rundll32.exe syssetup.dll,SetupInfObjectInstallAction DefaultUninstall 132 C:\WINDOWS\inf\p2pgui.inf
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCHealth UninstallString = rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pdf995 DisplayName = Pdf995 UninstallString = [CHECK]c:\pdf995\setup.exe uninstall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Power Management Driver DisplayName = ThinkPad Power Management Driver DisplayVersion = 1.60.0.4 UninstallString = RunDll32.exe tpinspm.dll,Uninstall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Presentatio n Director UninstallString = C:\WINDOWS\IsUninst.exe fC:\PROGRA~1\ThinkPad\UTILIT~1\UNNPDR.isu -c"C:\Program Files\ThinkPad\Utilities\Tpinsnpd.dll" DisplayVersion = 2.57 DisplayName = ThinkPad Presentation Director
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 12.0 UninstallString = [CHECK]C:\Program Files\Real\RealPlayer\Update\r1puninst.exe RealNetworks|RealPlayer|12.0 DisplayName = RealPlayer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RecordNow. exe UninstallString = C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96EF57EF622F19}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Snapshot Viewer DisplayName = Snapshot Viewer UninstallString = [CHECK]C:\Program Files\Snapshot Viewer\Setup\Setup.exe /T snap90.stf
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinst Key UninstallString = [CHECK]rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall DisplayVersion = 7.5.17.25 DisplayName = ThinkPad UltraNav Driver
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tata Photon+ DisplayName = Tata Photon+ UninstallString = [CHECK]C:\Program Files\Tata Photon+\Huawei\uninst.exe DisplayVersion = 11.030.01.09.628
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ThinkPad FullScreen Magnifier DisplayVersion = 2.10 DisplayName = ThinkPad FullScreen Magnifier UninstallString = [CHECK]rundll32.exe "C:\Program Files\Lenovo\ZOOM\cleanup.dll",InfUninstall DefaultUninstall 132 C:\Program Files\Lenovo\Zoom\TpScrex.inf
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player
DisplayName = VLC media player 1.1.5 UninstallString = [CHECK]C:\Program Files\VideoLAN\VLC\uninstall.exe DisplayVersion = 1.1.5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wdf01007 DisplayName = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe" InstallDate = 20101201
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WGA DisplayName = Windows Genuine Advantage Validation Tool (KB892130) UninstallString = InstallDate = 20060322 DisplayVersion = 1.7.0059.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WgaNotify DisplayName = Windows Genuine Advantage Notifications (KB905474) UninstallString = InstallDate = 20100925 DisplayVersion = 1.9.0040.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime DisplayName = Windows Media Format 11 runtime UninstallString = [CHECK]"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player DisplayName = Windows Media Player 11 UninstallString = [CHECK]"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows XP Service Pack DisplayName = Windows XP Service Pack 3 UninstallString = InstallDate = 20100818 DisplayVersion = 20080414.031525
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinPcapInst DisplayName = WinPcap 4.1.2 UninstallString = [CHECK]C:\Program Files\WinPcap\uninstall.exe DisplayVersion = 4.1.0.2001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver DisplayName = WinRAR archiver UninstallString = [CHECK]C:\Program Files\WinRAR\uninstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WMFDist11 DisplayName = Windows Media Format 11 runtime
UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" InstallDate = 20101017
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wmp11 DisplayName = Windows Media Player 11 UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" InstallDate = 20101017
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WordWeb UninstallString = [CHECK]C:\Program Files\WordWeb\uninst.exe DisplayName = WordWeb DisplayVersion = 5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Workstation Security Tool_is1 DisplayName = Workstation Security Tool 2.5 UninstallString = [CHECK]"C:\Program Files\wst\unins000.exe" InstallDate = 20101223
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wudf01007 DisplayName = Microsoft User-Mode Driver Framework Feature Pack 1.7 UninstallString = [CHECK]"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe" InstallDate = 20101201
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XpsEPSC
DisplayName = XML Paper Specification Shared Components Pack 1.0 UninstallString = InstallDate = 20070220
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Messenger DisplayName = Yahoo! Messenger UninstallString = [CHECK]C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{00BA866CF2A2-4BB9-A308-3DFA695B6F7C} DisplayVersion = 10.5.3.0 InstallDate = 20101228 UninstallString = [CACHE]MsiExec.exe /X{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C} DisplayName = Java DB 10.5.3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0698CECB9072-47B1-AEA1-94CA350989B8} DisplayVersion = 10.1.5000.5 InstallDate = 20070305 UninstallString = [CACHE]MsiExec.exe /I{0698CECB-9072-47B1-AEA1-94CA350989B8} DisplayName = Symantec Client Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C9735947DDF-4BD0-84ED-3517F7622037} DisplayVersion = 9.23.3.0
InstallDate = 20101201 UninstallString = [CACHE]MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037} DisplayName = PC Connectivity Solution
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0EFDF2F9836D-4EB7-A32D-038BD3F1FB2A} DisplayVersion = 2.1.0.2 InstallDate = 20070905 UninstallString = [CACHE]MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} DisplayName = Security Update for CAPICOM (KB931906)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1A5286906A2D-4BC5-B143-8C4AE8D19D96} DisplayVersion = 6.20.1099.0 InstallDate = 20090505 UninstallString = [CACHE]MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96} DisplayName = MSXML 6 Service Pack 2 (KB954459)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2111B23F7FDA-4A41-8309-E5A1663CA296} UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2111B23F-7FDA-4A41-8309-E5A1663CA296}\setup.exe" l0x9 anything DisplayName = ThinkPad Keyboard Customizer Utility DisplayVersion = 1.3.53.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{212748BB0DA5-46DE-82A1-403736DC9F27} DisplayVersion = 1.0.1.0 InstallDate = 20101201 UninstallString = [CACHE]MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} DisplayName = MSVC80_x86
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{226b64e8dc75-4eea-a6c8-abcb496320f2}-Google Talk DisplayName = Google Talk (remove only) UninstallString = [CHECK]"C:\Program Files\Google\Google Talk\uninstall.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4039D-4CA4-87B4-2F83216020FF} DisplayVersion = 6.0.200 InstallDate = 20100901 UninstallString = [CACHE]MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} DisplayName = Java(TM) 6 Update 20
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{28C2DED6325B-4CC7-983A-1777C8F7FBAB} DisplayVersion = 1.1.0 InstallDate = 20110104 UninstallString = [CACHE]MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB} DisplayName = RealUpgrade 1.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2E21CBDA1EDF-4C18-A561-DB53D683229F} DisplayVersion = 6.9.0.3006 InstallDate = 20080725 UninstallString = [CACHE]MsiExec.exe /I{2E21CBDA-1EDF-4C18-A561-DB53D683229F} DisplayName = AT&T Network Client
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{32A3A4F4B792-11D6-A78A-00B0D0160180} DisplayVersion = 1.6.0.180 InstallDate = 20101228 UninstallString = [CACHE]MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160180} DisplayName = Java(TM) SE Development Kit 6 Update 18
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{350C97B03D7C-4EE8-BAA9-00BCB3D54227} DisplayVersion = 9.50.7523 InstallDate = 20050404 DisplayName = WebFldrs XP
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37477865A3F1-4772-AD43-AAFC6BCFF99F} DisplayVersion = 4.20.9841.0 InstallDate = 20070905 UninstallString = [CACHE]MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} DisplayName = MSXML 4.0 SP2 (KB927978)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37C22E24B794-4265-A38E-711BBF1C637A} DisplayVersion = 5.7.0400 InstallDate = 20060718 UninstallString = [CACHE]MsiExec.exe /I{37C22E24-B794-4265-A38E-711BBF1C637A} DisplayName = IBM Personal Communications
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{43507E5B94A0-4E56-9C7B-FAAAFBDB5904} DisplayVersion = 13.00.0000 InstallDate = 20100907 DisplayName = Intel(R) PROSet/Wireless WiFi Software
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{43DCF7666838-4F9A-8C91-D92DA586DFA7} DisplayVersion = 1.5.2315.3 InstallDate = 20050404 UninstallString = [CACHE]MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} DisplayName = Microsoft Windows Journal Viewer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{46A8469459EC-48F0-964C-7E76E9F8A2ED} DisplayVersion = 1.54 InstallDate = 20080725 UninstallString = [CACHE]MsiExec.exe /X{46A84694-59EC-48F0-964C-7E76E9F8A2ED} DisplayName = ThinkVantage Active Protection System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{48FCFD2CC07D-4820-9F20-85F7F188A784} DisplayVersion = 3.8.1.76 InstallDate = 20101004 UninstallString = [CACHE]MsiExec.exe /X{48FCFD2C-C07D-4820-9F20-85F7F188A784} DisplayName = Avocent Viewer Plugin v3.8.1.76
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{49471DB87F3C-42DB-89C2-AC50FA0C5290} DisplayVersion = 7.1.0 InstallDate = 20101216 UninstallString = [CACHE]MsiExec.exe /I{49471DB8-7F3C-42DB-89C2-AC50FA0C5290} DisplayName = Camtasia Studio 7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F666A-4037-7777-5F2748764D10} DisplayVersion = 2.0.2.1 InstallDate = 20100901 DisplayName = Java Auto Updater
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4E381AF84B14-46C7-941E-8BA5FFA804CF} DisplayVersion = 1.2.0000 InstallDate = 20101110 UninstallString = [CACHE]MsiExec.exe /I{4E381AF8-4B14-46C7-941E-8BA5FFA804CF} DisplayName = IBM Accessibility Speech Interface v1.2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F3AFB85B972-4621-AEB6-6C22317E145B} DisplayVersion = 5.0 InstallDate = 20070222 DisplayName = IBM 32-bit Runtime Environment for Java 2, v5.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{52D02A2B03D2-4E34-A358-DC5D951FD296} DisplayVersion = 7.1.17.0 InstallDate = 20101201 UninstallString = [CACHE]MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296} DisplayName = Nokia Connectivity Cable Driver
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{536D61727453-7569-7465-392E38300409} DisplayVersion = 9.8.0 InstallDate = 20050405 UninstallString = [CACHE]MsiExec.exe /I{536D6172-7453-7569-7465-392E38300409} DisplayName = Lotus SmartSuite - English
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53A937806073-4207-A729-A99A30AFDE40} DisplayVersion = 1.58 InstallDate = 20050405 UninstallString = [CACHE]MsiExec.exe /X{53A93780-6073-4207-A729-A99A30AFDE40} DisplayName = AFP Workbench for Windows
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{55495E657C5B-48E4-BC7D-DE54F3DE5ED6} DisplayVersion = 7.1.30.8 InstallDate = 20101201 UninstallString = [CACHE]MsiExec.exe /I{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6} DisplayName = Nokia PC Suite
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{57F1AB5A0B9A-4229-B231-B1516A33DCD4} DisplayVersion = 2.5.0.64227 InstallDate = 20101220 DisplayName = VMware Infrastructure Client 2.5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{58F581588DFE-31DA-AC1F-7E5D89A0F74F} DisplayVersion = 1.5.1.0 InstallDate = 20101013 UninstallString = [CACHE]MsiExec.exe /I{58F58158-8DFE-31DA-AC1F-7E5D89A0F74F} DisplayName = Google Talk Plugin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B26747ADE21-4FE9-9E59-27114F1938E5} UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B26747A-DE21-4FE9-9E59-27114F1938E5}\Setup.exe" -l0x9 DisplayName = SeaCOM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{63569CE9FA00-469C-AF5C-E5D4D93ACF91} DisplayVersion = 1.3.0254.0 InstallDate = 20050818 UninstallString = [CACHE]MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} DisplayName = Windows Genuine Advantage v1.3.0254.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{653A52D8127C-476D-BAD9-27117A3A4959} DisplayVersion = 2.0.1.3 InstallDate = 20101215 UninstallString = [CACHE]MsiExec.exe /I{653A52D8-127C-476D-BAD9-27117A3A4959} DisplayName = Nokia PC Internet Access
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A86813-11D6-A77B-00B0D0142030} DisplayVersion = 1.4.2_03 InstallDate = 20080729 UninstallString = [CACHE]MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030} DisplayName = Java 2 Runtime Environment, SE v1.4.2_03
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A86813-11D6-A77B-00B0D0142190} DisplayVersion = 1.4.2_19 InstallDate = 20110120 UninstallString = [CACHE]MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142190} DisplayName = Java 2 Runtime Environment, SE v1.4.2_19
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{73F1BDB711E1-11D5-9DC6-00C04F2FC33B} DisplayVersion = 6.1.10103 InstallDate = 20101213 DisplayName = Mobility Client
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{757debef635e-4076-b82b-dac22feb3c9c} DisplayVersion = 1.3.09157 InstallDate = 20100823 UninstallString = [CACHE]MsiExec.exe /X{757debef-635e-4076-b82b-dac22feb3c9c} DisplayName = IBM Lotus Symphony
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75E7FEE816B1-4B1D-82B4-9594A38EDF76} DisplayVersion = 6 InstallDate = 20101209 UninstallString = [CACHE]MsiExec.exe /X{75E7FEE8-16B1-4B1D-82B4-9594A38EDF76} DisplayName = IBM 32-bit Runtime Environment for Java v6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7770E71B2D43-4800-9CB3-5B6CAAEBEBEA} DisplayVersion = 9.0 InstallDate = 20110104 UninstallString = [CACHE]MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA} DisplayName = RealNetworks - Microsoft Visual C++ 2008 Runtime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D968F83A23F-40F7-937C-A3B5A0C44048} UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7D968F83-A23F-40F7-937CA3B5A0C44048}\setup.exe" -l0x9 -removeonly DisplayName = My Help - Workstation Setup Wizard InstallDate = 20080725 DisplayVersion = 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7EB114D8207F-45AE-BABD-1669715F2630} UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7EB114D8-207F-45AE-BABD-1669715F2630}\Setup.exe" l0x9 anything DisplayName = ThinkVantage Access Connections DisplayVersion = 5.50
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7F87DF1C6B8F-49F4-8EEF-7600128D99AE} DisplayVersion = 05.02.0210 InstallDate = 20050405 UninstallString = [CACHE]MsiExec.exe /I{7F87DF1C-6B8F-49F4-8EEF-7600128D99AE} DisplayName = IBM Tivoli Storage Manager Client
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82512BC9BD5D-4C50-BE4D-B98E7DF78687}
UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}\setup.exe" l0x9 UNINSTALL DisplayName = ThinkPad UltraNav Wizard DisplayVersion = 3.05
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{836670E961EB-4D47-9EF8-CFE936C3FE32} DisplayVersion = 8.51.9271 InstallDate = 20100823 UninstallString = [CACHE]MsiExec.exe /X{836670E9-61EB-4D47-9EF8-CFE936C3FE32} DisplayName = Lotus Notes 8.5.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e37c30-493c-8f6a-2b0f04e2912c} DisplayVersion = 8.0.59193 InstallDate = 20100821 UninstallString = [CACHE]MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} DisplayName = Microsoft Visual C++ 2005 Redistributable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{84814E6B2581-46EC-926A-823BD1C670F6} DisplayVersion = 5.1.0.4700 InstallDate = 20080725 UninstallString = [CACHE]MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6} DisplayName = ThinkPad Bluetooth with Enhanced Data Rate Software
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD824D-4B8E-BD72-8C5DCDC52A71} DisplayVersion = 4.20.9870.0 InstallDate = 20090505 UninstallString = [CACHE]MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} DisplayName = MSXML 4.0 SP2 (KB954430)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8C8ADD9C1F30-4B1A-927E-B72CC4AADB91} DisplayName = IBM Lotus Sametime Connect 7.5.1 UninstallString = [CACHE]MsiExec.exe /X{8C8ADD9C-1F30-4B1A-927E-B72CC4AADB91} InstallDate = 20070905 DisplayVersion = 7.5.70413
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000001C-0409-0000-0000000FF1CE} DisplayVersion = 12.0.6425.1000 InstallDate = 20110108 UninstallString = [CACHE]MsiExec.exe /X{90120000-001C-0409-0000-0000000FF1CE} DisplayName = Microsoft Office Access Runtime (English) 2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{901200000020-0409-0000-0000000FF1CE} DisplayVersion = 12.0.6514.5001 InstallDate = 20101111 UninstallString = [CACHE]MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} DisplayName = Compatibility Pack for the 2007 Office system
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{901204096000-11D3-8CFE-0150048383C9} DisplayVersion = 11.0.8173.0 InstallDate = 20101216 UninstallString = [CACHE]MsiExec.exe /I{90120409-6000-11D3-8CFE-0150048383C9} DisplayName = Microsoft Office Standard Edition 2003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90140000006D-0409-0000-0000000FF1CE} DisplayVersion = 14.0.4763.1000 InstallDate = 20101104 UninstallString = [CACHE]MsiExec.exe /I{90140000-006D-0409-0000-0000000FF1CE} DisplayName = Microsoft Office Click-to-Run 2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{908404096000-11D3-8CFE-0150048383C9} DisplayVersion = 11.0.8173.0 InstallDate = 20101111 UninstallString = [CACHE]MsiExec.exe /I{90840409-6000-11D3-8CFE-0150048383C9} DisplayName = Microsoft Office Excel Viewer 2003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{908504096000-11D3-8CFE-0150048383C9} DisplayVersion = 11.0.8173.0 InstallDate = 20101111 UninstallString = [CACHE]MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
DisplayName = Microsoft Office Word Viewer 2003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{927A7821FC01-4719-A86B-258C033D0C76} DisplayVersion = 1.5.0000 InstallDate = 20100826 UninstallString = [CACHE]MsiExec.exe /X{927A7821-FC01-4719-A86B-258C033D0C76} DisplayName = VMware Remote Console
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{951200000052-0409-0000-0000000FF1CE} DisplayVersion = 12.0.6425.1000 InstallDate = 20100925 UninstallString = [CACHE]MsiExec.exe /I{95120000-0052-0409-0000-0000000FF1CE} DisplayName = Microsoft Office Visio Viewer 2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9512000000AF-0409-0000-0000000FF1CE} DisplayVersion = 12.0.6425.1000 InstallDate = 20101111 UninstallString = [CACHE]MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE} DisplayName = Microsoft Office PowerPoint Viewer 2007 (English)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9541FED0327F-4DF0-8B96-EF57EF622F19} DisplayVersion = 7.22 InstallDate = 20080725
UninstallString = [CACHE]MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} DisplayName = IBM RecordNow!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9BC51C0FDA8E-4370-9997-899B3435A647} DisplayVersion = 4.0.0.7797 InstallDate = 20100826 UninstallString = [CACHE]MsiExec.exe /X{9BC51C0F-DA8E-4370-9997-899B3435A647} DisplayName = VMware vSphere Host Update Utility 4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9FAC9E5C0D20-4DBF-AFE5-2E09C52A95A2} UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}\setup.dll" -l0x9 UNINSTALLFROMSYS DisplayName = ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g) DisplayVersion = 5.0.100.112d
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0E64EBA8BF0-49FB-90C0-BB3D781A2016} UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}\setup.exe" l0x9 -AddRemove DisplayName = ThinkPad Power Manager DisplayVersion = 1.30b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD02F64-3813-A88D-B8DCCDE8F8C7} DisplayVersion = 3.2.30729 InstallDate = 20101111 UninstallString = [CACHE]MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} DisplayName = Microsoft .NET Framework 3.0 Service Pack 2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA36483F5D79-4EFD-ACA7-161EE2474E17} UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA36483F-5D79-4EFD-ACA7161EE2474E17}\Setup.exe" -l0x9 DisplayName = IBM Infoprint Select DisplayVersion = 4.1.0.100
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA867AD7-1033-7B44-A82000000003} DisplayVersion = 8.2.5 InstallDate = 20101008 UninstallString = [CACHE]MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A82000000003} DisplayName = Adobe Reader 8.2.5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B2544A0310D0-4E5E-BA69-0362FFC20D18} DisplayVersion = 2.0.0048.0 InstallDate = 20101103 UninstallString = [CACHE]MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
DisplayName = OGA Notifier 2.0.0048.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BAF782263200-4DB4-BE33-4D922A799840} DisplayVersion = 3.0.6920.0 InstallDate = 20070905 UninstallString = [CACHE]MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} DisplayName = Windows Presentation Foundation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C04E32E00416-434D-AFB9-6969D703A9EF} DisplayVersion = 4.20.9848.0 InstallDate = 20070905 UninstallString = [CACHE]MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} DisplayName = MSXML 4.0 SP2 (KB936181)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD3D0C-3F2D-899A-6A1D67F2073F} DisplayVersion = 2.2.30729 InstallDate = 20101111 UninstallString = [CACHE]MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} DisplayName = Microsoft .NET Framework 2.0 Service Pack 2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1A6B23C438E-4D08-B508-4E830CA8F335} UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation Information\{C1A6B23C-438E-4D08-B508-4E830CA8F335}\Setup.exe" xxxanything DisplayName = IBM ViaVoice TTS Runtime v6.740 - US English
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C40698F9A861-4531-9F8C-FA7F8961375B} DisplayVersion = 4.0.0.7797 InstallDate = 20100826 UninstallString = [CACHE]MsiExec.exe /X{C40698F9-A861-4531-9F8C-FA7F8961375B} DisplayName = VMware vSphere Client 4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C7134CDC2000-1967-A00D-0244A64A998F} DisplayVersion = 2.0.1.40644 InstallDate = 20101101 UninstallString = [CACHE]MsiExec.exe /X{C7134CDC-2000-1967-A00D-0244A64A998F} DisplayName = VMware Virtual Infrastructure Client 2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA96F3A1F350-11D3-B354-002035C150E4} UninstallString = [CHECK]"C:\Program Files\InstallShield Installation Information\{CA96F3A1-F350-11D3-B354-002035C150E4}\setup.exe" -runfromtemp -l0x0009 removeonly DisplayName = ILC InstallDate = 20090522 DisplayVersion = 1.04.0000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD9D1F-43C1-90FC-4F52EAE172A1} DisplayVersion = 1.1.4322 InstallDate = 20101103 UninstallString = [CACHE]MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} DisplayName = Microsoft .NET Framework 1.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD620124-36CA-84D3-9F4DCF5C5BD9} DisplayVersion = 3.5.30729 InstallDate = 20101113 UninstallString = [CACHE]MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} DisplayName = Microsoft .NET Framework 3.5 SP1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD620124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 DisplayName = Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) DisplayVersion = 1 UninstallString = [CACHE]C:\WINDOWS\system32\msiexec.exe /package {CE2CDD620124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD620124-36CA-84D3-9F4DCF5C5BD9}.KB953595 DisplayName = Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) DisplayVersion = 1 UninstallString = [CACHE]C:\WINDOWS\system32\msiexec.exe /package {CE2CDD620124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD620124-36CA-84D3-9F4DCF5C5BD9}.KB958484 DisplayName = Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) DisplayVersion = 1 UninstallString = [CACHE]C:\WINDOWS\system32\msiexec.exe /package {CE2CDD620124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD620124-36CA-84D3-9F4DCF5C5BD9}.KB963707 UninstallString = [CACHE]C:\WINDOWS\system32\msiexec.exe /package {CE2CDD620124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" DisplayVersion = 1 DisplayName = Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CEB43064B69D-4205-B18B-E0509803ADDA} DisplayVersion = 8.5.091101 InstallDate = 20100909 UninstallString = [CACHE]MsiExec.exe /X{CEB43064-B69D-4205-B18B-E0509803ADDA} DisplayName = IBM Lotus Sametime Connect 8.5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D93B70D24DA4-4F6F-9DC8-72D08F74A386} DisplayVersion = 2.5.0.64227 InstallDate = 20101213 UninstallString = [CACHE]MsiExec.exe /X{D93B70D2-4DA4-4F6F-9DC8-72D08F74A386}
DisplayName = VMware Infrastructure Update
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DFAA3D2B7087-464E-823B-738A23C29C27} DisplayVersion = 2.0.50728 InstallDate = 20100826 DisplayName = Microsoft Visual J# 2.0 Redistributable Package - SE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DFF415AC3883-4338-9365-DDCB74A0CFBA} UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFF415AC-3883-4338-9365DDCB74A0CFBA}\setup.exe" -l0x9 -removeonly DisplayName = IBM My Help InstallDate = 20080414 DisplayVersion = 1.3.18
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E633D3965188-4E9D-8F6B-BFB8BF3467E8} DisplayVersion = 5.1.112 InstallDate = 20110203 UninstallString = [CACHE]MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8} DisplayName = Skype 5.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E922961C6DB6-41DE-9FEA-426DF3E9F81C} DisplayVersion = 1.4.2
InstallDate = 20101110 DisplayName = IBM 32-bit Runtime Environment for Java 2, v1.4.2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA6644803844-11D5-8C25-444553540000} UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA664480-3844-11D5-8C25-444553540000}\setup.exe" DisplayName = TrackPoint Accessibility Features DisplayVersion = 1.11.0.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EC6AF20D4376-4070-BEE4-D3A0DFF7E140} DisplayVersion = 4.52 InstallDate = 20080725 UninstallString = [CACHE]MsiExec.exe /X{EC6AF20D-4376-4070-BEE4-D3A0DFF7E140} DisplayName = Access IBM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6F4DC-41A2-901E-8C11F044BDEC} DisplayVersion = 4.20.9876.0 InstallDate = 20100925 UninstallString = [CACHE]MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} DisplayName = MSXML 4.0 SP2 (KB973688)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FC081D4DDF1B-4CF1-B530-027E4118D846}
UninstallString = RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC081D4D-DF1B-4CF1-B530-027E4118D846}\setup.exe" l0x9 -AddRemove DisplayName = ThinkPad Configuration DisplayVersion = 1.54
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FCE65C4EB0E8-4FBD-AD16-EDCBE6CD591F} DisplayVersion = 1.1.1905.1 InstallDate = 20050404 UninstallString = [CACHE]MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} DisplayName = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
+----------------------------------------------|Microsoft Patches Information +-----------------------------------------------
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\.NETFramework\1.1\M2416447 InstalledDate = 11/3/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\.NETFramework\1.1\M979906 InstalledDate = 9/25/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\.NETFramework\1.1\S867460 InstalledDate = 4/4/2005
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\KB946503 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\KB946644 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\KB946927 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\KB947148 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\KB948815 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB946102 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB946457 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB946573 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB947317 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB948233 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB948233v2 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB948646 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB949226 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB949777 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB950230 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB950986 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB951113 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB952324 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB952346 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP1\KB952883 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP2\KB2418241 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP2\KB958481 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP2\KB976576 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP2\KB979909 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP2\KB980773 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 2.0 Service Pack 2\SP2\KB983583 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 3.0 Service Pack 2\SP2\KB958483 InstalledDate = 11/10/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 3.0 Service Pack 2\SP2\KB976769v2 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 3.0 Service Pack 2\SP2\KB977354v2 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 3.5 SP1\KB953595 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 3.5 SP1\SP1\KB2416473 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 3.5 SP1\SP1\KB958484 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Microsoft .NET Framework 3.5 SP1\SP1\KB963707 InstalledDate = 12/12/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\MSXML4SP2\Q927978 InstalledDate = 9/5/2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\MSXML4SP2\Q936181 InstalledDate = 9/5/2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\MSXML4SP2\Q954430
InstalledDate = 5/5/2009
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\MSXML4SP2\Q973688 InstalledDate = 9/25/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\WGA\SP0\KB892130 InstalledDate = 9/6/2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\WGA\SP0\WGA InstalledDate = 3/22/2006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\WgaNotify\SP0\WgaNotify InstalledDate = 9/25/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows\SP1\IDNMitigationAPIs InstalledDate = 10/6/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows\SP1\NLSDownlevelMapping InstalledDate = 10/6/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Format 11 runtime\SP0\WMFDist11 InstalledDate = 10/17/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\SP0\KB2378111_WM9
InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\SP0\KB911564 InstalledDate = 2/22/2006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\SP0\KB952069_WM9 InstalledDate = 5/5/2009
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\SP0\KB954155_WM9 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\SP0\KB968816_WM9 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\SP0\KB973540_WM9 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\SP0\KB975558_WM8 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\SP0\KB978695_WM9 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player\SP0\KB979402_WM9 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player 11\SP0\wmp11 InstalledDate = 10/17/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player 6.4\SP0\KB925398_WMP64 InstalledDate = 2/20/2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player 9\SP0\KB911565 InstalledDate = 2/22/2006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player 9\SP0\KB917734_WMP9 InstalledDate = 7/17/2006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Media Player 9\SP2\KB936782_WMP9 InstalledDate = 9/5/2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows Presentation Foundation\KB932471 InstalledDate = 9/5/2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\ie7 InstalledDate = 10/6/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2183461-IE7 InstalledDate = 10/6/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2360131-IE7 InstalledDate = 10/17/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2416400-IE7 InstalledDate = 12/15/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB923689 InstalledDate = 2/20/2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB938127-v2-IE7 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB941569 InstalledDate = 3/13/2008
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB982381-IE7 InstalledDate = 10/6/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP1\Wdf01007
InstalledDate = 12/1/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP10\MSCompPackV1 InstalledDate = 10/17/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP2\Wudf01000 InstalledDate = 10/17/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP2\Wudf01007 InstalledDate = 12/1/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP3\KB888111WXPSP2 InstalledDate = 7/17/2006
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP3\KB936929 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP3\KB952011 InstalledDate = 11/17/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP3\WIC InstalledDate = 2/20/2007
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2079403 InstalledDate = 9/2/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2115168 InstalledDate = 9/2/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2121546 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2141007 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2158563 InstalledDate = 11/3/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2160329 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2183461 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2229593 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2259922 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2279986 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2286198 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2296011 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2296199 InstalledDate = 12/15/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2345886 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2347290 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2360937 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2387149 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2419632
InstalledDate = 1/13/2011
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2423089 InstalledDate = 12/15/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2436673 InstalledDate = 12/15/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2440591 InstalledDate = 12/15/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2443105 InstalledDate = 12/15/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2443685 InstalledDate = 12/15/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2467659 InstalledDate = 12/15/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB923561 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB938464 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB946648 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950759 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950762 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950974 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB951072-v2 InstalledDate = 5/5/2009
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB951376-v2 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB951698 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB951748 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB951978 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB952004 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB952287 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB952954 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB953838 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB954459 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB954550-v5 InstalledDate = 11/6/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB954600 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB955069
InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB955759 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB955839 InstalledDate = 5/13/2009
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956390 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956572 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956744 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956802 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956803 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956844 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB958215 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB958644 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB958687 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB958690 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB958869 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB959426 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB960714 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB960803 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB960859 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB961118 InstalledDate = 11/11/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB961373 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB961501 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB963027 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB967715 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB968389 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB969059 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB969947
InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB970430 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971468 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971557 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971657 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971737 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971961 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB972270 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973354 InstalledDate = 9/2/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973507 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973525 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973687 InstalledDate = 12/15/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973815 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973869 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973904 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB974112 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB974318 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB974392 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB974455 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB974571 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975025 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975467 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975560 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975561 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975562 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975713
InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB976098-v2 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB976325 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB977816 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB977914 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978037 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978207 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978251 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978262 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978338 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978542 InstalledDate = 9/3/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978601 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978706 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB979309 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB979482 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB979687 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB980182 InstalledDate = 8/18/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB980195 InstalledDate = 8/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB980218 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB980232 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB980436 InstalledDate = 9/2/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981322 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981349 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981793 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981852 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981957
InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981997 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB982132 InstalledDate = 11/4/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB982214 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB982381 InstalledDate = 8/23/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB982665 InstalledDate = 9/2/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB982802 InstalledDate = 9/24/2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\XML Paper Specification Shared Components Pack 1.0\SP0\XpsEPSC InstalledDate = 2/20/2007
+----------------------------------------------|File Versions
+-----------------------------------------------
File: c:\documents and settings\administrator\local settings\application data\google\google talk plugin\googletalkplugin.exe Product: Google Talk Plugin Product Version: 1.0.0.0 Company: Google Description: Google Talk Plugin Original FileName: googletalkplugin.exe File Version Label: 1.0.0.0 File Version Number: 1.0.0.0 SHA-1 Digest: 0x31B643A9A29D126565EB025C4B53BD3F8DA9956C MD5 Digest: 0xCEC56AD97AD37558BD9D5BC08911C409 CRC32 Digest: 0xC31B115B Rootkit Property: Normal File Size: 83440 bytes
File: c:\documents and settings\administrator\my documents\ebooks\certifications\virus guides\imp virus books\virus removal tools\sic\sicwin.exe Product: Trend Micro Common Client Product Version: 5.5 Company: Trend Micro Inc. Description: System Information Collector Original FileName: sicwin.exe File Version Label: 5.5.0.1017 File Version Number: 5.5.0.1017
SHA-1 Digest: 0xC34C820A584ACE1CD5D31E490CA30B450ADDFFA1 MD5 Digest: 0x4E4CD6445CDBE44683A4B578355699D6 CRC32 Digest: 0x2D26872A Rootkit Property: Normal File Size: 2110728 bytes
File: c:\documents and settings\administrator\my documents\ebooks\certifications\virus guides\imp virus books\virus removal tools\sic\tmengdrv.dll Product: Trend Micro AEGIS Product Version: 2.80 Company: Trend Micro Inc. Description: TrendMicro Engine Driver Management DLL Original FileName: TmEngDrv.dll File Version Label: 2.80.0.1078 File Version Number: 2.80.0.1078 SHA-1 Digest: 0x3A4A3C8282420771F10E82E50BC47D8F16F1E390 MD5 Digest: 0x72486990BEB1F58C520E6D8541D90495 CRC32 Digest: 0xBFAFB4BE Rootkit Property: Normal File Size: 263432 bytes
File: c:\documents and settings\administrator\my documents\ebooks\certifications\virus guides\imp virus books\virus removal tools\sic\tmufeng.dll Product: Trend Micro URL Filtering Engine Product Version: 1.5 Company: Trend Micro Inc.
Description: Trend Micro URL Filter Engine Original FileName: tmufeng.dll File Version Label: 1.5.0.1022 File Version Number: 1.5.0.1022 SHA-1 Digest: 0x33613795453B615E1C6A88191740F6B9615A084D MD5 Digest: 0xAE42E3D04F9DF4111D26FE145904030E CRC32 Digest: 0xCC890422 Rootkit Property: Normal File Size: 341592 bytes
File: c:\documents and settings\administrator\my documents\mohsin\downloads\fclock.exe Product: Friendly Clock Product Version: 1.8 Company: A.Kilievich & Co. Description: Original FileName: File Version Label: 1.8.0.0 File Version Number: 1.8.0.0 SHA-1 Digest: 0xDDA56071FAE42088ABB3B60B16C3B800FECA551B MD5 Digest: 0x8E18073E2AA2CF2C4A1D4033E2565FFE CRC32 Digest: 0xA02FDA1B Rootkit Property: Normal File Size: 201216 bytes
File: c:\documents and settings\administrator\my documents\mohsin\my tools\running tools\avafind\avafind.exe
Product: Ava Find Product Version: 1.5.0.218 Company: Think Less Do More Services Description: Ava Find Original FileName: AVAFIND.EXE File Version Label: 1.5.0.218 File Version Number: 1.5.0.218 SHA-1 Digest: 0x5CB1977F9FBFBDDB3B19CE8781FE505DE112A30B MD5 Digest: 0xE7A2A5D5F5345364AC59ED81EDE6E713 CRC32 Digest: 0xC7160546 Rootkit Property: Normal File Size: 295936 bytes
File: c:\documents and settings\administrator\my documents\mohsin\my tools\running tools\avafind\dbghelp.dll Product: Debugging Tools for Windows(R) Product Version: 6.2.0013.1 Company: Microsoft Corporation Description: Windows Image Helper Original FileName: DBGHELP.DLL File Version Label: 6.2.0013.1 (DbgBuild.030619-2209) File Version Number: 6.2.13.1 SHA-1 Digest: 0x5AD9F84181FADFA71E4C19013D6899CAB39C7469 MD5 Digest: 0x3B5F0BF4125688A531FA21C823EA6193 CRC32 Digest: 0x3EDA5BE5 Rootkit Property: Normal
File Size: 813568 bytes
File: c:\documents and settings\administrator\my documents\mohsin\my tools\running tools\avafind\msvcp70.dll Product: Microsoft Visual Studio .NET Product Version: 7.00.9466.0 Company: Microsoft Corporation Description: Microsoft C++ Runtime Library Original FileName: MSVCP70.DLL File Version Label: 7.00.9466.0 File Version Number: 7.0.9466.0 SHA-1 Digest: 0x2F0C431BE7DA7F359BB75B9BA319D6F3DEA08919 MD5 Digest: 0xD04F7AACA2319A3BCDB2C5D5DD6F6026 CRC32 Digest: 0x4F125705 Rootkit Property: Normal File Size: 487424 bytes
File: c:\documents and settings\administrator\my documents\mohsin\my tools\running tools\avafind\msvcr70.dll Product: Microsoft Visual Studio .NET Product Version: 7.00.9466.0 Company: Microsoft Corporation Description: Microsoft C Runtime Library Original FileName: MSVCR70.DLL File Version Label: 7.00.9466.0 File Version Number: 7.0.9466.0
SHA-1 Digest: 0x61B8F573DB448AE6351AE3475C2E7C482D81533C MD5 Digest: 0x9972A6ED4F2388DBFA8E0A96F6F3FDF1 CRC32 Digest: 0x516C28BC Rootkit Property: Normal File Size: 344064 bytes
File: c:\documents and settings\administrator\my documents\official\objectdock\crashrpt.dll Product: Crash Report Module Product Version: 3.0.2.2 Company: Description: Crash Report Module Original FileName: CrashRpt.exe File Version Label: 3.0.2.2 File Version Number: 3.0.2.2 SHA-1 Digest: 0x9222AAE2E59400EDCB50931B2D43CB2DB8DA5AE6 MD5 Digest: 0xEB2E5161CB51D9693D2293A62360F85C CRC32 Digest: 0xD4F762A5 Rootkit Property: Normal File Size: 95944 bytes
File: c:\documents and settings\administrator\my documents\official\objectdock\dbghelp.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.1106 Company: Microsoft Corporation Description: Windows Image Helper
Original FileName: DBGHELP.DLL File Version Label: 5.1.2600.1106 (xpsp1.020828-1920) File Version Number: 5.1.2600.1106 SHA-1 Digest: 0xCD24CCEC2493B64904CF3C139CD8D58D28D5993B MD5 Digest: 0xE458D88C71990F545EF941CD16080BAD CRC32 Digest: 0x91C52E51 Rootkit Property: Normal File Size: 489984 bytes
File: c:\documents and settings\administrator\my documents\official\objectdock\docklets\calendar\calendar.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x7C26CEB856F5E3B2A952CB5C41BE7E228BBC4C8B MD5 Digest: 0xEAA174D7DF489CD515D4B968271ECECA CRC32 Digest: 0xA239CB6B Rootkit Property: Normal File Size: 26392 bytes
File: c:\documents and settings\administrator\my documents\official\objectdock\docklets\clock\clock.dll
Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xC8E67F814DEC1DEEDEA58222B963A66208137466 MD5 Digest: 0x9038E4179464283E41F0E17E2288B16D CRC32 Digest: 0x4D492FC0 Rootkit Property: Normal File Size: 94208 bytes
File: c:\documents and settings\administrator\my documents\official\objectdock\docklets\search\searchdocklet.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x81B4F8E5989C1758610918248600A781AED032FF MD5 Digest: 0x886E98A8122A15C1FDBD63F96BE55DA8 CRC32 Digest: 0x2777841F Rootkit Property: Normal
File Size: 214800 bytes
File: c:\documents and settings\administrator\my documents\official\objectdock\dockshellhook.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x12FC9F9B7AD1CA94C06E81A17C8276385BB323B8 MD5 Digest: 0x4195B4D91CFA41F3368A2BE3E1530160 CRC32 Digest: 0x13A46ABD Rootkit Property: Normal File Size: 112400 bytes
File: c:\documents and settings\administrator\my documents\official\objectdock\objectdock.exe Product: Stardock ObjectDock Product Version: v1.90.536u Company: Stardock Description: ObjectDock Original FileName: ObjectDock.exe File Version Label: v1.90.536u File Version Number: 1.9.0.536
SHA-1 Digest: 0xD92961380D1E9A1F59D6C28E64A778E7B1413CBF MD5 Digest: 0x670FCAD3345904BF3BC477EA0FB2D093 CRC32 Digest: 0xD9EB920A Rootkit Property: Normal File Size: 3450608 bytes
File: c:\documents and settings\administrator\my documents\official\objectdock\odimg.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x5359B0F6F342C36B586B555E0C2CA65DD7715508 MD5 Digest: 0x92756208FE9138D360F2BEB68D5CA349 CRC32 Digest: 0x21AE1DCA Rootkit Property: Normal File Size: 118784 bytes
File: c:\documents and settings\administrator\my documents\official\objectdock\zlib.dll Product: ZLib.DLL Product Version: Company: Description: zlib data compression library
Original FileName: zlib.dll File Version Label: 1.1.3 File Version Number: 1.1.3.0 SHA-1 Digest: 0x75C6BF583576E83E84F35123D6A890B903AEF04D MD5 Digest: 0xD44597ECC2B2550E022A762321D1686B CRC32 Digest: 0x7ECACE4B Rootkit Property: Normal File Size: 59592 bytes
File: c:\documents and settings\all users\application data\installations\{55495e65-7c5b-48e4bc7d-de54f3de5ed6}\nokia_pc_suite_7_1_30_8_all.exe Product: Installer Application Product Version: 2, 2, 0, 0 Company: Description: Installer Application Original FileName: Installer.exe File Version Label: 2, 2, 25, 0 File Version Number: 2.2.25.0 SHA-1 Digest: 0x48643FA69EE0038B057782D817C927FBE08162D3 MD5 Digest: 0xAF8715E31ADD1B381BD7BA37361B7D78 CRC32 Digest: 0xAD9E4EFE Rootkit Property: Normal File Size: 62923117 bytes
File: c:\documents and settings\all users\application data\installations\{653a52d8-127c-476dbad9-27117a3a4959}\installer.exe
Product: Installe Application Product Version: 2, 0, 0, 0 Company: Description: Installer Application Original FileName: Installer.exe File Version Label: 6, 85, 14, 0 File Version Number: 6.85.14.0 SHA-1 Digest: 0x053BB1F3BF9B7229E8D5ED6BC3D79E29521C754E MD5 Digest: 0xCAB286A79C7EB049DC43CF9A45BA36C9 CRC32 Digest: 0x93481D57 Rootkit Property: Normal File Size: 7435659 bytes
File: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll Product: Product Version: 12.0.1.609 Company: RealPlayer Description: RealPlayer Download and Record Plugin Original FileName: rpbrowserrecordplugin.dll File Version Label: 12.0.1.609 File Version Number: 12.0.1.609 SHA-1 Digest: 0x569A43F0338899154D21DE0DC67985A407CF9DA2 MD5 Digest: 0xB1689A8E86F0798450C2BB4F9BD9E49C CRC32 Digest: 0x35CD7FE5 Rootkit Property: Normal
File Size: 382720 bytes
File: c:\notes\dbghelp_x86_v6.8.40.dll Product: Debugging Tools for Windows(R) Product Version: 6.8.0004.0 Company: Microsoft Corporation Description: Windows Image Helper Original FileName: DBGHELP.DLL File Version Label: 6.8.0004.0 (debuggers(dbg).070515-1751) File Version Number: 6.8.4.0 SHA-1 Digest: 0x16B5D948ED7843576781DC4F2A391607AC0120A4 MD5 Digest: 0x74EDBB03DE3291FCF2094AF1FB363F1D CRC32 Digest: 0x457874F9 Rootkit Property: Normal File Size: 1045128 bytes
File: c:\notes\framework\rcp\brokerbridge\officeaddin.dll Product: IBM Lotus Sametime Product Version: 8.0.1 Company: IBM Description: Sametime Toolbar Addin for Word/Excel/PPT Original FileName: AddIn.dll File Version Label: 8.0.1.20080703 File Version Number: 8.0.1.3 SHA-1 Digest: 0x6D4531E6F867D975739139648EDFD816356FBE5C
MD5 Digest: 0x7BE115AA5BB208DFBA2F858AA9AB0FEF CRC32 Digest: 0x112CE66D Rootkit Property: Normal File Size: 327680 bytes
File: c:\notes\framework\rcp\brokerbridge\sthelper.dll Product: IBM Lotus Sametime Product Version: 8.0.1 Company: IBM Description: ISametimeHelper Utility Original FileName: STHelper.dll File Version Label: 8.0.1.20080730 File Version Number: 8.0.1.3 SHA-1 Digest: 0x80F2F0F27AF796CED74F6C481A1D49A06DE8611F MD5 Digest: 0xD417C8E9710262E4641C47CF6A075AC6 CRC32 Digest: 0x50CBE992 Rootkit Property: Normal File Size: 282624 bytes
File: c:\notes\framework\rcp\brokerbridge\wmqtt.dll Product: Product Version: Company: Description: Original FileName:
File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x24116C5FF1A90CA4AABBE1A1444B94AF31E2A03A MD5 Digest: 0x1BC23792925E72AEA2122C3607F95AC3 CRC32 Digest: 0xA2C5EBE1 Rootkit Property: Normal File Size: 32256 bytes
File: c:\notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.2009092 2-1655\preload.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x00AA9B84ABCEA6F67A71D635ACFF1588065472F4 MD5 Digest: 0xB174494940CAC9D412BEA3B98D38B371 CRC32 Digest: 0xFF188496 Rootkit Property: Normal File Size: 40960 bytes
File: c:\notes\nsd.exe Product: IBM Lotus Notes/Domino
Product Version: 8.5.15.10315 Company: IBM Corp Description: IBM Lotus Notes/Domino Original FileName: File Version Label: 8.5.15.10315 File Version Number: 8.5.15.10315 SHA-1 Digest: 0xA4C40D94DD7187D2E4F4CFDB3B64355B41B14462 MD5 Digest: 0x1173F18F8327E4FCBC6E3FB722D69B3F CRC32 Digest: 0xA7A3F23B Rootkit Property: Normal File Size: 3399680 bytes
File: c:\notes\ntmulti.exe Product: IBM Lotus Notes/Domino Product Version: 8.5.10.9271 Company: IBM Corp Description: IBM Lotus Notes/Domino Original FileName: File Version Label: 8.5.10.9271 File Version Number: 8.5.10.9271 SHA-1 Digest: 0xC307F64B3B4769F72783059B4BCD2873BD4150A2 MD5 Digest: 0x218D58976C01C60657818ED0EAC81602 CRC32 Digest: 0x96E0B5FD Rootkit Property: Normal File Size: 58760 bytes
File: c:\pdf995\setup.exe Product: setup Application Product Version: 1, 0, 0, 1 Company: Description: pdf995 Setup Original FileName: setup.EXE File Version Label: 1, 0, 0, 1 File Version Number: 1.0.0.1 SHA-1 Digest: 0xE2142DDF9FF855E5DED3F2A091B6FBF8C49CB2BE MD5 Digest: 0xCB5DA8C6A365FC71AABA37CC6A585A81 CRC32 Digest: 0x3341E074 Rootkit Property: Normal File Size: 385024 bytes
File: c:\program files\adobe\reader 8.0\reader\viewerps.dll Product: Acrobat Viewer ProxyStub Library Product Version: 8.2.5.241 Company: Description: Acrobat Viewer ProxyStub Library Original FileName: ViewerPS.dll File Version Label: 8.2.5.241 File Version Number: 8.2.5.241 SHA-1 Digest: 0xBDC79452A1B387AAA8C563C3F4C29A7793423F6D MD5 Digest: 0x8B795B8B7BEB9F55C1B8B6FD80032979
CRC32 Digest: 0x9962835B Rootkit Property: Normal File Size: 16832 bytes
File: c:\program files\analog devices\core\smax4pnp.exe Product: SMax4PNP Application Product Version: 6, 0, 0, 20 Company: Analog Devices, Inc. Description: SMax4PNP Original FileName: SMax4PNP.exe File Version Label: 6, 0, 0, 20 File Version Number: 6.0.0.20 SHA-1 Digest: 0x33DADC2328200108B4C6B3149E96D1498F0914D6 MD5 Digest: 0x115332A83AC2726FA974D30DB4BFD8DE CRC32 Digest: 0x9B26DFEC Rootkit Property: Normal File Size: 925696 bytes
File: c:\program files\analog devices\core\smwdmif.dll Product: Audio Driver Interface Module Product Version: 6, 0, 4200, 014 Company: Analog Devices, Inc. Description: SMWDM Interface DLL Original FileName: SMWDMIF.DLL File Version Label: 6, 0, 4200, 014
File Version Number: 6.0.4200.14 SHA-1 Digest: 0xB0E868C5A84451C3F2BC86D4F63B39586E704142 MD5 Digest: 0xC0EFACEB546D818616FF5B74DF74BB99 CRC32 Digest: 0x5E2E7C25 Rootkit Property: Normal File Size: 290816 bytes
File: c:\program files\at&t network client\diagnostic.dll Product: SDK Product Version: 2.50.05.0 Company: PCTEL Inc. Description: PCTEL SDK Diagnostic Log Original FileName: Diagnostic.dll File Version Label: 2.50.05.0 File Version Number: 2.50.5.0 SHA-1 Digest: 0xB75B44856ACEEE46F029F72559870A59D977A836 MD5 Digest: 0xA4853968BB9402114DE2ED82F4682A82 CRC32 Digest: 0x145A13A5 Rootkit Property: Normal File Size: 32768 bytes
File: c:\program files\at&t network client\netcfgsv.exe Product: NetCfgSvr Module Product Version: 6.9.0.3006 Company: AT&T
Description: Network configuration service Original FileName: NetCfgSvr.EXE File Version Label: 6.9.0.3006 File Version Number: 6.9.0.3006 SHA-1 Digest: 0x44A91F519D28567DBB5FA39DDD4C0BFF85F1FCA8 MD5 Digest: 0xF174743A4D669FA66FA1F9AE18653F48 CRC32 Digest: 0x02CE172E Rootkit Property: Normal File Size: 323584 bytes
File: c:\program files\at&t network client\toolbx.dll Product: SDK Product Version: 2.50.05.0 Company: PCTEL Inc. Description: PCTEL SDK Toolbox Original FileName: ToolBx.dll File Version Label: 2.50.05.0 File Version Number: 2.50.5.0 SHA-1 Digest: 0xD722650ECFBE44BF33F7B7974030F1AC8A8FFA7D MD5 Digest: 0xC3208827F6627056B64EFCC45F821B54 CRC32 Digest: 0x5565D35A Rootkit Property: Normal File Size: 327680 bytes
File: c:\program files\at&t network client\wwancore.dll
Product: WWAN SDK Product Version: 2.50.05.0 Company: PCTEL Inc. Description: PCTEL WWAN SDK Original FileName: WwanCore.dll File Version Label: 2.50.05.0 File Version Number: 2.50.5.0 SHA-1 Digest: 0x766FEB25EA3B3BC737318EEF5A23A9E4018603ED MD5 Digest: 0x8FA669DE0B834886C54FEE16BB85543D CRC32 Digest: 0xA244DCC4 Rootkit Property: Normal File Size: 999424 bytes
File: c:\program files\c4ebreg\c4ebreg.exe Product: Product Version: 7.34 Company: IBM Corp. Description: IBM Standard Asset Manager Service Original FileName: File Version Label: 7.34 File Version Number: 7.34.0.4 SHA-1 Digest: 0x694BB26BA516EB7DFCDBDA918C8CE8BE6D9771AB MD5 Digest: 0x67064FA49DB4032A64CDA94ECAD8E827 CRC32 Digest: 0xFB0638C5 Rootkit Property: Normal
File Size: 490776 bytes
File: c:\program files\c4ebreg\isamtray.exe Product: Product Version: 7.34 Company: IBM Corp. Description: IBM Standard Asset Manager GUI Original FileName: File Version Label: 7.34 File Version Number: 7.34.0.4 SHA-1 Digest: 0x8C546AA857877F3D7A325CE64A378E0E644C0621 MD5 Digest: 0x8D8F55B4821822DE3CF9EE342C3280A6 CRC32 Digest: 0xC4C18362 Rootkit Property: Normal File Size: 294168 bytes
File: c:\program files\common files\adobe\acrobat\activex\pdfshell.dll Product: Adobe PDF Shell Extension Product Version: 8.2.5.241 Company: Adobe Systems, Inc. Description: PDF Shell Extension Original FileName: PDFShell.dll File Version Label: 8.2.5.241 File Version Number: 8.2.5.241 SHA-1 Digest: 0x1EDFD12FAE609887FC9980986ADE245E0FE1343F
MD5 Digest: 0x69C15016E0894A627F191C7DA0047DFA CRC32 Digest: 0xC575EAA4 Rootkit Property: Normal File Size: 372736 bytes
File: c:\program files\common files\adobe\calibration\adobe gamma loader.exe Product: Adobe Systems, Inc. Adobe Gamma Loader Product Version: 1, 0, 0, 1 Company: Adobe Systems, Inc. Description: Adobe Gamma Loader Original FileName: Adobe Gamma Loader.exe File Version Label: 1, 0, 0, 1 File Version Number: 1.0.0.1 SHA-1 Digest: 0xC5B97DCD1EF1DD4A0FB5D7CE13E85FE1820CEF47 MD5 Digest: 0xC2FF17734176CD15221C10044EF0BA1A CRC32 Digest: 0x5997AF64 Rootkit Property: Normal File Size: 113664 bytes
File: c:\program files\common files\adobe\shell\psicon.dll Product: Adobe Photoshop Product Version: 7.0 Company: Adobe Systems, Incorporated Description: Icons for Adobe Photoshop Original FileName: psicon.dll
File Version Label: 7.0 File Version Number: 6.6.64.53 SHA-1 Digest: 0x9641148607668A47DF5605BB80159122C417B82A MD5 Digest: 0x3CEC41DD5502C0602FD14D577A74118D CRC32 Digest: 0xDC601E6C Rootkit Property: Normal File Size: 139264 bytes
File: c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe Product: InstallShield (R) Product Version: 10.50 Company: Macrovision Corporation Description: IDriverT Module Original FileName: IDriverT.exe File Version Label: 10.50.125 File Version Number: 10.50.0.125 SHA-1 Digest: 0xEB71CC37C45AEFAD9E23C23C775ED63D098D5B23 MD5 Digest: 0x6F95324909B502E2651442C1548AB12F CRC32 Digest: 0x36990342 Rootkit Property: Normal File Size: 73728 bytes
File: c:\program files\common files\intel\wirelesscommon\libeay32.dll Product: The OpenSSL Toolkit Product Version: 0.9.8k
Company: The OpenSSL Project, http://www.openssl.org/ Description: OpenSSL Shared Library Original FileName: libeay32.dll File Version Label: 0.9.8k File Version Number: 0.9.8.11 SHA-1 Digest: 0xAE0164FFE2DEFF941F08D2B42B7E5A9C04B1D60F MD5 Digest: 0xC56EE8C650CBB70A20A3B2E3DF3FE996 CRC32 Digest: 0x37148571 Rootkit Property: Normal File Size: 1122304 bytes
File: c:\program files\common files\intel\wirelesscommon\psregapi.dll Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel(R) PROSet/Wireless Registry API Module Original FileName: PsRegApi.dll File Version Label: 13, 0, 0, 0 File Version Number: 13.0.0.0 SHA-1 Digest: 0xAE044FE14F9E29B9B16C594E8E40A8FA1E5180D3 MD5 Digest: 0xD0F8F60E70E7656F3C398EF08DA714B5 CRC32 Digest: 0x5D0770FC Rootkit Property: Normal File Size: 655360 bytes
File: c:\program files\common files\intel\wirelesscommon\regsrvc.exe Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel(R) PROSet/Wireless Registry Service Original FileName: RegSrvc.EXE File Version Label: 13, 0, 0, 0 File Version Number: 13.0.0.0 SHA-1 Digest: 0xEE1AE105A8F6BBE047AFC51D0285A28C680EEAFD MD5 Digest: 0xA171029D6B6C2D93C22861A347F43C2A CRC32 Digest: 0xF967C2B6 Rootkit Property: Normal File Size: 473360 bytes
File: c:\program files\common files\intel\wirelesscommon\traceapi.dll Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel(R) PROSet/Wireless Trace API Module Original FileName: TraceAPI.DLL File Version Label: 13, 0, 0, 2 File Version Number: 13.0.0.2 SHA-1 Digest: 0x6F72302D286CA7BB5E8A93186733916EBD30B0FA MD5 Digest: 0x35BDEAAE8C73AD13045D16A58A5D712B CRC32 Digest: 0x1FF3A6F9
Rootkit Property: Normal File Size: 622592 bytes
File: c:\program files\common files\microsoft shared\office11\mso.dll Product: Microsoft Office 2003 Product Version: 11.0.8329 Company: Microsoft Corporation Description: Microsoft Office 2003 component Original FileName: MSO.DLL File Version Label: 11.0.8329 File Version Number: 11.0.8329.0 SHA-1 Digest: 0x25A82FFCA7B00A11E7AC95F1AD1B817C38248CD7 MD5 Digest: 0x3C2154AD1A6EC5E5F0634209B24E2AFB CRC32 Digest: 0x1F2C47EC Rootkit Property: Normal File Size: 12278608 bytes
File: c:\program files\common files\microsoft shared\office11\msoxev.dll Product: Microsoft Office InfoPath Product Version: 11.0.8161 Company: Microsoft Corporation Description: XEV Original FileName: msoxev.dll File Version Label: 11.0.8161 File Version Number: 11.0.8161.0
SHA-1 Digest: 0x9DD6423B12177B80AC70E4758549258A1D7AD06F MD5 Digest: 0x47E426BA8119476A9FAF50826CDCE17E CRC32 Digest: 0x617AAFFC Rootkit Property: Normal File Size: 45408 bytes
File: c:\program files\common files\microsoft shared\office11\riched20.dll Product: Microsoft RichEdit Control, version 5.0 Product Version: 5.0 Company: Microsoft Corporation Description: Rich Text Edit Control, v5.0 Original FileName: MsftEdit.dll File Version Label: 5.50.99.2050 File Version Number: 5.50.99.2050 SHA-1 Digest: 0x6812CAE360D1DB8865EF5AEEEF73811822B4B7AA MD5 Digest: 0xCCD29FA246D747847029FC31D77E8DAC CRC32 Digest: 0xE65353D2 Rootkit Property: Normal File Size: 1103280 bytes
File: c:\program files\common files\microsoft shared\office11\usp10.dll Product: Microsoft(R) Uniscribe Unicode script processor Product Version: 1.0626.6000.21258 Company: Microsoft Corporation Description: Uniscribe Unicode script processor
Original FileName: Uniscribe File Version Label: 1.0626.6000.21258 (vista_ldr.100416-0345) File Version Number: 1.626.6000.21258 SHA-1 Digest: 0x946C1E9ACA7FFE40739497D97F2555E509C9F0E2 MD5 Digest: 0x25F871603C32AA61BBE5B292521F5772 CRC32 Digest: 0xAEFFBB4F Rootkit Property: Normal File Size: 503296 bytes
File: c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe Product: Microsoft Office Product Version: 14.0.0370.400 Company: Microsoft Corporation Description: Microsoft Office Software Protection Platform Service Original FileName: osppsvc.exe File Version Label: 14.0.0370.400 (longhorn(wmbla).090811-1833) File Version Number: 14.0.370.400 SHA-1 Digest: 0x8CEAFDC6BCE33112C297702B06874CBBC2AD58F4 MD5 Digest: 0x928C8060A555F0622CC4CAC672B08573 CRC32 Digest: 0x9E199207 Rootkit Property: Normal File Size: 4639136 bytes
File: c:\program files\common files\microsoft shared\proof\msspell3.dll Product: Natural Language Components
Product Version: 3.1.3801 Company: Microsoft Corporation Description: Microsoft Speller Original FileName: MSSpell3.dll File Version Label: 1.1.6215 File Version Number: 1.1.0.6215 SHA-1 Digest: 0xC76A0A70B47087487A1D1EBBFDC7FD4196D56C84 MD5 Digest: 0xF29A80F607703CA1FC5D25993CC7FEDA CRC32 Digest: 0x0584FF55 Rootkit Property: Normal File Size: 86016 bytes
File: c:\program files\common files\microsoft shared\source engine\ose.exe Product: Office Source Engine Product Version: 14.0.4730.1010 Company: Microsoft Corporation Description: Office Source Engine Original FileName: ose.exe File Version Label: 14.0.4730.1010 File Version Number: 14.0.4730.1010 SHA-1 Digest: 0x835E982347DB919A681BA12F3891F62152E50F0D MD5 Digest: 0x9D10F99A6712E28F8ACD5641E3A7EA6B CRC32 Digest: 0x8D3DAEF9 Rootkit Property: Normal File Size: 149352 bytes
File: c:\program files\common files\microsoft shared\virtualization handler\cvhsvc.exe Product: Microsoft Office 2010 Product Version: 14.0.4750.1000 Company: Microsoft Corporation Description: Microsoft Office Client Virtualization Service Original FileName: CVHSVC.exe File Version Label: 14.0.4750.1000 File Version Number: 14.0.4750.1000 SHA-1 Digest: 0xFD36381C80DB84389716ADA419101B8F6AA1A301 MD5 Digest: 0x61A86809B62769643892BC0812B204AA CRC32 Digest: 0x6EEA99AD Rootkit Property: Normal File Size: 821664 bytes
File: c:\program files\common files\microsoft shared\web folders\msonsext.dll Product: Web folders and Rosebud Windows Redistributable Package Product Version: 14.0.4514.1004 Company: Microsoft Corporation Description: Windows executable Original FileName: msonsext.dll File Version Label: 14.0.4514.1004 File Version Number: 14.0.4514.1004 SHA-1 Digest: 0x829677F3F2F02FF530857053E4112A2FF0BBE793 MD5 Digest: 0x94C9DE12DA11A5B919C2A8546ECCD2D7
CRC32 Digest: 0xDED3B2C6 Rootkit Property: Normal File Size: 987488 bytes
File: c:\program files\common files\nokia\codecs\emzamrnbenc.dll Product: HipMedia Suite Product Version: 2.9.0.0000 Company: Emuzed Inc. Description: Emuzed GSM AMR-NB Encoder DMO Original FileName: EmzAMRNBEnc.DLL File Version Label: 2.9.0.000 File Version Number: 2.9.0.0 SHA-1 Digest: 0x42E834C6913FDA510947C70AAF2EAA02831E93D6 MD5 Digest: 0xD7AB577FA5F8847DDE1912B238699100 CRC32 Digest: 0x3EBA0942 Rootkit Property: Normal File Size: 258048 bytes
File: c:\program files\common files\nokia\codecs\emzamrwbenc.dll Product: HipMedia Suite Product Version: 2.9.0.0000 Company: Emuzed Inc. Description: Emuzed GSM AMR-WB Encoder DMO Original FileName: EmzAMRWBEnc.DLL File Version Label: 2.9.0.0000
File Version Number: 2.9.0.0 SHA-1 Digest: 0x95BE4C43E4427BC9DF455026F03F324B1A555BFF MD5 Digest: 0x357F1556FA3A6CA1AC99CBEB20ED3BEA CRC32 Digest: 0xDD8D4278 Rootkit Property: Normal File Size: 266240 bytes
File: c:\program files\common files\nokia\codecs\emzmp3encdmo.dll Product: HipMedia Suite Product Version: 2.9.0.0000 Company: Emuzed Inc. Description: Emuzed MP3 Encoder DMO Original FileName: EmzMP3EncDMO.DLL File Version Label: 2.9.0.0000 File Version Number: 2.9.0.0 SHA-1 Digest: 0x55F66F44EC1B62BE86738FA51F3B9BC28EDBF587 MD5 Digest: 0x7B0E9A7D793601A4DBDD89390BC5FE54 CRC32 Digest: 0xC078958B Rootkit Property: Normal File Size: 245760 bytes
File: c:\program files\common files\symantec shared\ccalert.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation
Description: Symantec Alert and Notification Original FileName: CCALERT.DLL File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x19B438DAFCCA2707CC1550B2A55AF0EBE159E795 MD5 Digest: 0xAC3DA10512F2455FF95F659EF364A4E2 CRC32 Digest: 0x732E6BA3 Rootkit Property: Normal File Size: 222880 bytes
File: c:\program files\common files\symantec shared\ccapp.exe Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec User Session Original FileName: ccApp.exe File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xF610DCDA5E19EFB616FAA9A4B9DBAC6BFB0FB76D MD5 Digest: 0x1918A1D8E67A6452720797919FA520C9 CRC32 Digest: 0xB223AABD Rootkit Property: Normal File Size: 52896 bytes
File: c:\program files\common files\symantec shared\ccdec.dll
Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Decomposer Engine Original FileName: ccDec.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xE7C0AA065B51CB4B7F9826F7885A8B43324DB4BE MD5 Digest: 0x1F97862E333CA88C0FA70532B8C835D0 CRC32 Digest: 0x94C72EEB Rootkit Property: Normal File Size: 67232 bytes
File: c:\program files\common files\symantec shared\ccevtmgr.exe Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Event Manager Service Original FileName: ccEvtMgr.exe File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xD42A19BA7D3AE3EE0A080F290F50CBCF066B9E45 MD5 Digest: 0x0A6786C95A6F8715AA4285E3C27F201F CRC32 Digest: 0xE49ECA08 Rootkit Property: Normal
File Size: 192160 bytes
File: c:\program files\common files\symantec shared\ccl40.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Library Original FileName: ccL40.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xAC7BB86247643B56CFD7BAC8107F28B7284A2440 MD5 Digest: 0x15ADFF075EEF6329A2A1DF2315CAEBEE CRC32 Digest: 0xB60C41CC Rootkit Property: Normal File Size: 378016 bytes
File: c:\program files\common files\symantec shared\cclogin.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Login Manager Original FileName: ccLogin.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x1428CEAF76EB47A046E858BDDAC0090929249927
MD5 Digest: 0x44AC9B733A263379A7FAB41744EE5B77 CRC32 Digest: 0xAE7F8E36 Rootkit Property: Normal File Size: 112288 bytes
File: c:\program files\common files\symantec shared\ccprosub.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Proxy Factory Original FileName: ccProSub.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xAF2F6EBAEB36F682EADBDDBD06071D704393B221 MD5 Digest: 0x96238323FF5130263DE6E559533E776E CRC32 Digest: 0x5D58CFDD Rootkit Property: Normal File Size: 67232 bytes
File: c:\program files\common files\symantec shared\ccproxy.exe Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Network Proxy Service Original FileName: ccProxy.exe
File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xBA749ECE2339A642B1501DEF03ABFE6B5E11674A MD5 Digest: 0xF4CBCA2089A8419BF3397A1BC248C54D CRC32 Digest: 0xCA1FEE57 Rootkit Property: Normal File Size: 202400 bytes
File: c:\program files\common files\symantec shared\ccpxyevt.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Proxy Event Factory Original FileName: ccPxyEvt.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xE66A119DF7DF4B8F09B91590B887201A93AE6A36 MD5 Digest: 0xACF90909394ED33B8B9E85C22AEDD3D5 CRC32 Digest: 0xA5947986 Rootkit Property: Normal File Size: 276128 bytes
File: c:\program files\common files\symantec shared\ccscan.dll Product: Client and Host Security Platform Product Version: 104.0.11.1
Company: Symantec Corporation Description: Symantec Scan Engine Original FileName: CCSCAN.DLL File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x44934B49B955D8E53F72AAD2E8BFDE6698B24FAC MD5 Digest: 0x6CE722265DC331133812AEBB5A38825B CRC32 Digest: 0xE14A2335 Rootkit Property: Normal File Size: 211104 bytes
File: c:\program files\common files\symantec shared\ccset.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Settings Manager Engine Original FileName: ccSet.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xAEE5DD4E97E66909DB78CB80F2315A9B800C4655 MD5 Digest: 0x151EE08397049423EBCECC2100008E45 CRC32 Digest: 0xE0BF0FA2 Rootkit Property: Normal File Size: 91808 bytes
File: c:\program files\common files\symantec shared\ccsetevt.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Settings Manager Event Factory Original FileName: ccSetEvt.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x753D856FDDC7FFE02373DBC1050A83C317B1A8FB MD5 Digest: 0xDC9D956BF7551FF77FC91F6A5B05BC5F CRC32 Digest: 0xF7F943D4 Rootkit Property: Normal File Size: 87712 bytes
File: c:\program files\common files\symantec shared\ccsetmgr.exe Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Settings Manager Service Original FileName: ccSetMgr.exe File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xCBD6E6FA9D35C07DB7AFC6027573516DC3E5CA97 MD5 Digest: 0x3B4898CF051BB04FB76E94361E336A83 CRC32 Digest: 0xF66A9AA7
Rootkit Property: Normal File Size: 169632 bytes
File: c:\program files\common files\symantec shared\ccvrtrst.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Trust Validation Engine Original FileName: ccVrTrst.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xA1AA11DB38BF0AB3C9EE3BEAD2EB7A3C2D373677 MD5 Digest: 0xBA24A4B808DCAC8BA6261844748B817C CRC32 Digest: 0xA8F44473 Rootkit Property: Normal File Size: 100000 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0
SHA-1 Digest: 0x8A81582E0D013E6F67FDB375360D26CFBFE3580D MD5 Digest: 0x700D2D7A780364F9EA961E1C7E2EB72E CRC32 Digest: 0x2D1F5DA0 Rootkit Property: Normal File Size: 75368 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2amg.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2AMG.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0x8F39CBFE679C059F979CFE9721031BEEFCC0DCB3 MD5 Digest: 0x6805108E44B0F2F1A03053BD54D6C7F5 CRC32 Digest: 0xDBDA8AD5 Rootkit Property: Normal File Size: 104040 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2arj.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component
Original FileName: DEC2ARJ.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0xBB31AAD818E68233FC3EA3E842D4A43E70FA72EC MD5 Digest: 0xEE7476A2BB96F533A51E39B12703C1F0 CRC32 Digest: 0x011B229F Rootkit Property: Normal File Size: 63080 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2cab.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2CAB.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0xEA3DD3A8E56F63E8DF2629B1BF0816A8C0321ABA MD5 Digest: 0x6DAF1E7A742ACE53A5D692D161779BDA CRC32 Digest: 0x655BEE49 Rootkit Property: Normal File Size: 79464 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2gzip.dll Product: File Decomposer
Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2GZIP.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0x69B41A04F508881ACCB0D373F6E8FB6B1419A537 MD5 Digest: 0x00335ABCAEAC9555719EFDF0CBB89AB5 CRC32 Digest: 0xEA485084 Rootkit Property: Normal File Size: 95848 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2id.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2ID.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0xCE049311F499353C0FEA6D6D50CD400B190B7C3C MD5 Digest: 0xCED7DC454023A2A7B245498FAEACAE58 CRC32 Digest: 0x33B8DE13 Rootkit Property: Normal File Size: 54888 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2lha.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2LHA.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0x1135C619F229DFE489EE36C74917868254BF7748 MD5 Digest: 0xDE4C4FE9F14BAF60CA2469C69C08D87A CRC32 Digest: 0xC4B9F696 Rootkit Property: Normal File Size: 83560 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2lz.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2LZ.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0x8E499644C4A9B0B75603E8BF41CE6C68A5E0E0DC MD5 Digest: 0xA2CE40FE5FD18935734B20DD494861A1
CRC32 Digest: 0x96F047D9 Rootkit Property: Normal File Size: 45160 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2rar.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2RAR.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0x4CFD30796CAF12DE5583DAF7606A6C1FCBFF529B MD5 Digest: 0xA518E1B01FB8A9F80816002B62A3AF6E CRC32 Digest: 0xB92B1B8A Rootkit Property: Normal File Size: 136808 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2rtf.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2RTF.DLL File Version Label: 3.15.3
File Version Number: 3.15.3.0 SHA-1 Digest: 0xF65F9823CAC09A3D9EB18DBDA2A843D91FD98567 MD5 Digest: 0xE83EC8711BCFB0E398A1B2834BACD646 CRC32 Digest: 0xCD4A8082 Rootkit Property: Normal File Size: 75368 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2ss.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2SS.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0xD80155D3679DC9B31DD29A21063B008C681DB819 MD5 Digest: 0xB5DABA1662F04241D046868F9BD819B2 CRC32 Digest: 0xC3AE6DC9 Rootkit Property: Normal File Size: 87656 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2tar.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation
Description: File Decomposer Component Original FileName: DEC2TAR.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0xB3864625B7E008567995A2E50DB25DEA6B51297D MD5 Digest: 0x95B9110DD628B24FE57B84F1FC4CE2C6 CRC32 Digest: 0x0E6D9F2C Rootkit Property: Normal File Size: 50792 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2text.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2TEXT.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0xDB7AFA42F696796F60A4A00417773F04F855601B MD5 Digest: 0xCCB743EB8CFB306B155861DD54E55DB5 CRC32 Digest: 0xEA725A16 Rootkit Property: Normal File Size: 222824 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2tnef.dll
Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2TNEF.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0x85E1E2DAE5F55EE6F7871CF4746E2A25822CCA46 MD5 Digest: 0xB7202442245F48BC07920F52028AC85D CRC32 Digest: 0x111E8ECD Rootkit Property: Normal File Size: 87656 bytes
File: c:\program files\common files\symantec shared\decomposers\dec2zip.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DEC2ZIP.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0xAFAB03781EB6ACC7D286B2AC7B4BBD52C84E2578 MD5 Digest: 0x9FF912DB49BA2059B08799AAD0846F6E CRC32 Digest: 0x76BB7F65 Rootkit Property: Normal
File Size: 214632 bytes
File: c:\program files\common files\symantec shared\decomposers\decsdk.dll Product: File Decomposer Product Version: 3.15.3 Company: Symantec Corporation Description: File Decomposer Component Original FileName: DECSDK.DLL File Version Label: 3.15.3 File Version Number: 3.15.3.0 SHA-1 Digest: 0x0AC6B63EB10C44BBC8A641AD055BBC13031F8738 MD5 Digest: 0x73D1D93BB813839C3535483EF50DBECA CRC32 Digest: 0x453EA666 Rootkit Property: Normal File Size: 43112 bytes
File: c:\program files\common files\symantec shared\dphtml.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec HTML Data Processor Original FileName: DPHTML.DLL File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x2D59E0B5BC8F2F3771B4AD7E8B6285A08A730E24
MD5 Digest: 0xC8DF3145817CD73037FD4AB1D28BF2F8 CRC32 Digest: 0x5DD1C9A2 Rootkit Property: Normal File Size: 136864 bytes
File: c:\program files\common files\symantec shared\dphttp.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec HTTP Data Processor Original FileName: DPHTTP.DLL File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x0D2538AEA73989D4433AF2BF94A109902C91A974 MD5 Digest: 0xD3716CBB9F526DB2B0C7E11F9464C596 CRC32 Digest: 0xF22A4E82 Rootkit Property: Normal File Size: 91808 bytes
File: c:\program files\common files\symantec shared\dpjs.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec JavaScript Data Processor Original FileName: DPJS.DLL
File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xD4470D4F43315B452F0EDF7C15FA57E493F60E3A MD5 Digest: 0xA5F149648A301A98E7A80BCCA96A6256 CRC32 Digest: 0x02D533AE Rootkit Property: Normal File Size: 59040 bytes
File: c:\program files\common files\symantec shared\dpvbs.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec VBScript Data Processor Original FileName: DPVBS.DLL File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x62C89BB9144CC739E1E01F0C1056D58219F4EE7F MD5 Digest: 0x8BF5A7C014F48FFB2F52D4840F05D3A1 CRC32 Digest: 0x838E4F84 Rootkit Property: Normal File Size: 54944 bytes
File: c:\program files\common files\symantec shared\ecmldr32.dll Product: ECOM Loader Product Version: 51.3.0.11
Company: Symantec Corporation Description: Symantec Engine Common Object Model Loader Original FileName: ecmldr32.DLL File Version Label: 51.3.0.11 File Version Number: 51.3.0.11 SHA-1 Digest: 0xEEA8B258A5DC6BBE3DB36897C0B5E65C7F725839 MD5 Digest: 0xBF4D6C3965216739DA4D8B162A87D4A1 CRC32 Digest: 0x7552E5BA Rootkit Property: Normal File Size: 54904 bytes
File: c:\program files\common files\symantec shared\eengine\eectrl.sys Product: ERASER ENGINE Product Version: 110.1.0.78 Company: Symantec Corporation Description: Symantec Eraser Control Driver Original FileName: eeCtrl.sys File Version Label: 110.1.0.78 File Version Number: 110.1.0.78 SHA-1 Digest: 0x9C405183CA1B5E8B7F54276256756404AC2DD13D MD5 Digest: 0x089296AEDB9B72B4916AC959752BDC89 CRC32 Digest: 0xBC56290D Rootkit Property: Normal File Size: 371248 bytes
File: c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys Product: ERASER ENGINE Product Version: 110.1.0.78 Company: Symantec Corporation Description: Symantec Eraser Utility Driver Original FileName: eraser.sys File Version Label: 110.1.0.78 File Version Number: 110.1.0.78 SHA-1 Digest: 0x55CEC34955C2F6E5AA35CD81D84ECC83095F6A91 MD5 Digest: 0x850259334652D392E33EE3412562E583 CRC32 Digest: 0x87D33748 Rootkit Property: Normal File Size: 102448 bytes
File: c:\program files\common files\symantec shared\options\vtcache.dll Product: Symantec Shared Component Product Version: 2005.3 Company: Symantec Corporation Description: VT Cache Original FileName: VTCache.dll File Version Label: 2005.3.0.58 File Version Number: 2005.3.0.58 SHA-1 Digest: 0x264D05C15CEF6ABF2457226E446E53117CF6D6A9 MD5 Digest: 0x45ADAF496847578FF481AD32E7EB3436 CRC32 Digest: 0xD48D2B0A
Rootkit Property: Normal File Size: 63112 bytes
File: c:\program files\common files\symantec shared\pfmisc.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Miscellaneous Proxy Filter Original FileName: PFMisc.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x6E6752D9298FF34E73DA7260BB180CDD955A70B3 MD5 Digest: 0x2D7833B71645FA973E3FAD4597FCD47A CRC32 Digest: 0xC92538F0 Rootkit Property: Normal File Size: 44192 bytes
File: c:\program files\common files\symantec shared\pfpriv.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Privacy Proxy Filter Original FileName: PFPriv.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1
SHA-1 Digest: 0xE0996059D8872C77BED8BC4E340F3D85B6262BA8 MD5 Digest: 0xE53E72945E86AF55B11463AD03F9C729 CRC32 Digest: 0x0EF774AF Rootkit Property: Normal File Size: 100000 bytes
File: c:\program files\common files\symantec shared\pfsec.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Security Proxy Filter Original FileName: PFSec.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xB8C0B0673743D4E5083EF0C861C326B5B014E739 MD5 Digest: 0xD1ABA5FE656B9B8702A1E971B62B450C CRC32 Digest: 0x1BE28DB7 Rootkit Property: Normal File Size: 54944 bytes
File: c:\program files\common files\symantec shared\pxyhttp.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec HTTP Proxy
Original FileName: PxyHTTP.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xE38AA0DF93D31C1B0FE5A403ED277D99CFF98138 MD5 Digest: 0x01F862E5BEAFF1573CF97ED960663F57 CRC32 Digest: 0x652FECF5 Rootkit Property: Normal File Size: 83616 bytes
File: c:\program files\common files\symantec shared\pxyim.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec IM Proxy Original FileName: PxyIM.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xE7EDA0F8356B66563DE48530FB06A7B2C35BDB09 MD5 Digest: 0x7C88DE363DBB63FC56BE476414B62214 CRC32 Digest: 0x45329FE8 Rootkit Property: Normal File Size: 26784 bytes
File: c:\program files\common files\symantec shared\sndsrvc.exe Product: Symantec Security Drivers
Product Version: 6.0 Company: Symantec Corporation Description: Network Driver Service Original FileName: SndSrvc.exe File Version Label: 6.0.4.402 File Version Number: 6.0.4.402 SHA-1 Digest: 0x11A33AB554E776E7C9C53EF9F71A93DF58485B78 MD5 Digest: 0x0D411EEA92751C1ECD8453892F41E726 CRC32 Digest: 0xBAA5D623 Rootkit Property: Normal File Size: 214720 bytes
File: c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys Product: SPBBC Product Version: 2.2.0.7 Company: Symantec Corporation Description: SPBBC Driver Original FileName: SPBBCDrv.sys File Version Label: 2.2.0.7 File Version Number: 2.2.0.7 SHA-1 Digest: 0xBE1F815A83986051F1082645A6740756FB11553A MD5 Digest: 0x677B10906838D3BFB1C07AC9087E4BF7 CRC32 Digest: 0xB65FCC5B Rootkit Property: Normal File Size: 389776 bytes
File: c:\program files\common files\symantec shared\spbbc\spbbcevt.dll Product: SPBBC Product Version: 2.2.0.7 Company: Symantec Corporation Description: SPBBC Events Original FileName: SPBBCEvt.dll File Version Label: 2.2.0.7 File Version Number: 2.2.0.7 SHA-1 Digest: 0x31583132B38C9A386DAD3A236933696BB5F00CFC MD5 Digest: 0xCF723424516314E7903551817D42C9F9 CRC32 Digest: 0x2A3A84E5 Rootkit Property: Normal File Size: 714384 bytes
File: c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe Product: SPBBC Product Version: 2.2.0.7 Company: Symantec Corporation Description: SPBBC Service Original FileName: SPBBCSvc.exe File Version Label: 2.2.0.7 File Version Number: 2.2.0.7 SHA-1 Digest: 0x9C377C892BDA358932942876207E901EC383A1B8 MD5 Digest: 0xC830007369E18A54AED23B5BB3AFA2BA
CRC32 Digest: 0x2D77B7DC Rootkit Property: Normal File Size: 1160848 bytes
File: c:\program files\common files\symantec shared\ssc\scscomms.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec Client Security Management Communications Original FileName: SCSCOMMS.DLL File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0x595BC11F6FD13BD729E9D91EAD8D1933067C0FD4 MD5 Digest: 0xFE8F065EA7F7344556764F07F027C481 CRC32 Digest: 0x39258780 Rootkit Property: Normal File Size: 1028336 bytes
File: c:\program files\common files\symantec shared\ssc\transman.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000
File Version Number: 10.1.5.5000 SHA-1 Digest: 0xFC773C5E5FCBADB336A5F4FD3A429D3607E3A72F MD5 Digest: 0x3EDE46B8A1291AF48C2B4D606CA94681 CRC32 Digest: 0x4EC6BDEA Rootkit Property: Normal File Size: 461552 bytes
File: c:\program files\common files\symantec shared\ssc\vpshell2.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0xAD2A63F577F799D34734599E3637FBFFFBE84116 MD5 Digest: 0xD2326C8989A89FA7A1AAFFBA1BC40133 CRC32 Digest: 0x6A66B0A9 Rootkit Property: Normal File Size: 47344 bytes
File: c:\program files\common files\system\ado\msado15.dll Product: Microsoft Data Access Components Product Version: 2.81.3012.0 Company: Microsoft Corporation
Description: Microsoft Data Access - ActiveX Data Objects Original FileName: msado15.dll File Version Label: 2.81.3012.0 (xpsp_sp3_gdr.101108-1643) File Version Number: 2.81.3012.0 SHA-1 Digest: 0xAFAFA8ECAA88FDCB69223D39C4A4513AF9A3C301 MD5 Digest: 0x26687D8E9FEED2EBAB77670C72007B48 CRC32 Digest: 0xB7EF00C2 Rootkit Property: Normal File Size: 536576 bytes
File: c:\program files\common files\system\msadc\msadce.dll Product: Microsoft Data Access Components Product Version: 2.81.3002.0 Company: Microsoft Corporation Description: Microsoft Data Access - OLE DB Cursor Engine Original FileName: msadce.dll File Version Label: 2.81.3002.0 (xpsp_sp3_gdr.080501-1247) File Version Number: 2.81.3002.0 SHA-1 Digest: 0xF0EBF963A46EDDC9307ADE8AF60DB3E14BBB3537 MD5 Digest: 0x142CEDECAE89E372EE347681C3FBB257 CRC32 Digest: 0x1F35277D Rootkit Property: Normal File Size: 331776 bytes
File: c:\program files\common files\system\msadc\msadcer.dll
Product: Microsoft Data Access Components Product Version: 2.81.1132.0 Company: Microsoft Corporation Description: Microsoft Data Access - OLE DB Cursor Engine Resources Original FileName: msadcer.dll File Version Label: 2.81.1132.0 (xpsp.080413-0852) File Version Number: 2.81.1132.0 SHA-1 Digest: 0x081D67447A0294EFB58B81406355B26C514EABEE MD5 Digest: 0x81E9041DAC0983AACE5C8920AF73D64E CRC32 Digest: 0x217A6833 Rootkit Property: Normal File Size: 20480 bytes
File: c:\program files\common files\system\ole db\msdaps.dll Product: Microsoft Data Access Components Product Version: 2.81.1132.0 Company: Microsoft Corporation Description: Microsoft Data Access - OLE DB Interface Proxies/Stubs Original FileName: msdaps.dll File Version Label: 2.81.1132.0 (xpsp.080413-0852) File Version Number: 2.81.1132.0 SHA-1 Digest: 0xCE7BC510EAAA8CBC58D97AA993B29DE714780979 MD5 Digest: 0x90C12209E574F0E4BD304B259E3EBA15 CRC32 Digest: 0x399ACDDA Rootkit Property: Normal
File Size: 204800 bytes
File: c:\program files\common files\system\ole db\msdasql.dll Product: Microsoft Data Access Components Product Version: 2.81.1132.0 Company: Microsoft Corporation Description: Microsoft Data Access - OLE DB Provider for ODBC Drivers Original FileName: msdasql.dll File Version Label: 2.81.1132.0 (xpsp.080413-0852) File Version Number: 2.81.1132.0 SHA-1 Digest: 0x3B212D7F391E86C2441EDE27C05DCE7491612A96 MD5 Digest: 0x1ED4C96EC76C3DDFCABD7644DA23F4B6 CRC32 Digest: 0xCB22756B Rootkit Property: Normal File Size: 315392 bytes
File: c:\program files\common files\system\ole db\msdasqlr.dll Product: Microsoft Data Access Components Product Version: 2.81.1132.0 Company: Microsoft Corporation Description: Microsoft Data Access - OLE DB Provider for ODBC Drivers Resources Original FileName: msdasqlr.dll File Version Label: 2.81.1132.0 (xpsp.080413-0852) File Version Number: 2.81.1132.0 SHA-1 Digest: 0x417447D0BE020DC76D4CD4520C92E102FD1952D2
MD5 Digest: 0x8985FCECE06A74017E23DDD093E34D4E CRC32 Digest: 0x9FB1F35F Rootkit Property: Normal File Size: 16384 bytes
File: c:\program files\common files\system\ole db\msdatl3.dll Product: Microsoft Data Access Components Product Version: 2.81.1132.0 Company: Microsoft Corporation Description: Microsoft Data Access - OLE DB Implementation Support Routines Original FileName: msdatl3.dll File Version Label: 2.81.1132.0 (xpsp.080413-0852) File Version Number: 2.81.1132.0 SHA-1 Digest: 0x01D4933BBD3328124DB94A053D7271B1C0348244 MD5 Digest: 0x73BAFFA0B02320690CDC606241078CE4 CRC32 Digest: 0x0D6DB567 Rootkit Property: Normal File Size: 94208 bytes
File: c:\program files\common files\system\ole db\oledb32.dll Product: Microsoft Data Access Components Product Version: 2.81.1132.0 Company: Microsoft Corporation Description: Microsoft Data Access - OLE DB Core Services Original FileName: oledb32.dll
File Version Label: 2.81.1132.0 (xpsp.080413-0852) File Version Number: 2.81.1132.0 SHA-1 Digest: 0x604EED033F0E9528D5B72B097BCBC090391090E7 MD5 Digest: 0xDC095DB6D468CB5B653E05F865487E57 CRC32 Digest: 0x36AC9121 Rootkit Property: Normal File Size: 487424 bytes
File: c:\program files\common files\system\ole db\oledb32r.dll Product: Microsoft Data Access Components Product Version: 2.81.1132.0 Company: Microsoft Corporation Description: Microsoft Data Access - OLE DB Core Services Resources Original FileName: oledb32r.dll File Version Label: 2.81.1132.0 (xpsp.080413-0852) File Version Number: 2.81.1132.0 SHA-1 Digest: 0xE70F2E9A5017B56E780C44953C5AC892FC762B0E MD5 Digest: 0xF86A2C7C279C746D5C5E06941ED4C337 CRC32 Digest: 0xE50FA0B3 Rootkit Property: Normal File Size: 65536 bytes
File: c:\program files\conexant\cnxt_modem_hdaudio_ven_14f1&dev_2bfa&subsys_10140588\hxfsetup.exe Product: Conexant Universal Device Install/Uninstall Application Product Version: 2.2.2.7
Company: Conexant Systems, Inc. Description: Conexant Universal Device Install/Uninstall Application Original FileName: File Version Label: 2.2.2.7 File Version Number: 2.2.2.7 SHA-1 Digest: 0x21A2C2B027BAD0F78DF273F71A76C399A8D21C68 MD5 Digest: 0x5582DDDED231DBA93B61AB4F25DE42BE CRC32 Digest: 0x2848CC46 Rootkit Property: Normal File Size: 555216 bytes
File: c:\program files\convert excel to html\unins000.exe Product: Inno Setup Product Version: Company: Description: Setup/Uninstall Original FileName: File Version Label: 51.42.0.0 File Version Number: 51.42.0.0 SHA-1 Digest: 0x695438C0A2F2D78FD470D503F1AC51FA0AA54E29 MD5 Digest: 0xD6ABC3C44E97BEEEA534E33E93AE97B4 CRC32 Digest: 0x51069412 Rootkit Property: Normal File Size: 673546 bytes
File: c:\program files\filezilla ftp client\fzshellext.dll Product: fzshellext Dynamic Link Library Product Version: 3, 3, 4, 1 Company: Description: fzshellext Dynamic Link Library Original FileName: fzshellext.dll File Version Label: 3, 3, 4, 1 File Version Number: 3.3.4.1 SHA-1 Digest: 0x0C729977F9CE8B17DC95FA7B86A69DB6E6AB322B MD5 Digest: 0xB2013803CE166169789B53B54FFF9277 CRC32 Digest: 0xBDEB87B7 Rootkit Property: Normal File Size: 94208 bytes
File: c:\program files\filezilla ftp client\uninstall.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xBC666CD7720CD0ED5B07969F26FE9E3B482E5643 MD5 Digest: 0x769E63B8F06844EB98D112386C725E1C CRC32 Digest: 0x97310D6A
Rootkit Property: Normal File Size: 63488 bytes
File: c:\program files\google\google talk\googletalk.exe Product: Google Talk Product Version: 1,0,0,105 Company: Google Description: Google Talk Original FileName: googletalk.exe File Version Label: 1,0,0,105 File Version Number: 1.0.0.105 SHA-1 Digest: 0xE8158A95522C7D4E59048CDEF5EBE61CBBA22D27 MD5 Digest: 0xFDC694C06891E14DD5BE5B668E4A69E0 CRC32 Digest: 0xA71F13AD Rootkit Property: Normal File Size: 3289088 bytes
File: c:\program files\google\google talk\uninstall.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0
SHA-1 Digest: 0x19171E3FA2A71DEBAC863D08A1AEF7BD59536AAD MD5 Digest: 0xACF578C24C002A5596B168B0CB918E9E CRC32 Digest: 0x9798FF73 Rootkit Property: Normal File Size: 57628 bytes
File: c:\program files\huawei access manager\uninst.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x1B37F859F2B8433E6E08D0679583A9FD70B12674 MD5 Digest: 0xDCCA2C187C19DFE0A6246FE4D86A77F8 CRC32 Digest: 0xDB73FA2E Rootkit Property: Normal File Size: 94892 bytes
File: c:\program files\ibm\java60\jre\bin\jp2ssv.dll Product: IBM Developer Kit for Windows,Java,1.6.0 Product Version: 6.0.0-20100902_01 Company: IBM Description: Java(TM) Platform SE binary
Original FileName: jp2ssv.dll File Version Label: 6.0.0-20100902_01 File Version Number: 6.0.0.0 SHA-1 Digest: 0xF58701CA4F10081B9BA3BC55A04C8987D5CFA560 MD5 Digest: 0x49070217BFDCC25AE34035C2AF79267D CRC32 Digest: 0x2FDEA9BC Rootkit Property: Normal File Size: 42248 bytes
File: c:\program files\ibm\java60\jre\bin\jqs.exe Product: IBM Developer Kit for Windows,Java,1.6.0 Product Version: 6.0.0-20100902_01 Company: IBM Description: Java(TM) Quick Starter Service Original FileName: jqs.exe File Version Label: 6.0.0-20100902_01 File Version Number: 6.0.0.0 SHA-1 Digest: 0xF5F6D8F71030C2849D4566D801DBDF37FDB503A8 MD5 Digest: 0xDF38AF1F500CB75E2798361A1009769F CRC32 Digest: 0x96636DAB Rootkit Property: Normal File Size: 152840 bytes
File: c:\program files\ibm\java60\jre\bin\msvcr71.dll Product: Microsoft Visual Studio .NET
Product Version: 7.10.3052.4 Company: Microsoft Corporation Description: Microsoft C Runtime Library Original FileName: MSVCR71.DLL File Version Label: 7.10.3052.4 File Version Number: 7.10.3052.4 SHA-1 Digest: 0xB0CD0697F256F62A0818084B4FFBD425FEB86E29 MD5 Digest: 0x928C609C3E8BCCE7039117D7CA024E29 CRC32 Digest: 0xCEF06DF0 Rootkit Property: Normal File Size: 353544 bytes
File: c:\program files\ibm\java60\jre\bin\ssv.dll Product: IBM Developer Kit for Windows,Java,1.6.0 Product Version: 6.0.0-20100902_01 Company: IBM Description: Java(TM) Platform SE binary Original FileName: ssv.dll File Version Label: 6.0.0-20100902_01 File Version Number: 6.0.0.0 SHA-1 Digest: 0xA42455AECAC20BC5E54FA0BF612A30185324374A MD5 Digest: 0x77AC4E185DC483F7E36BC9A49D98E44A CRC32 Digest: 0x05F1434E Rootkit Property: Normal File Size: 365832 bytes
File: c:\program files\ibm\java60\jre\lib\deploy\jqs\ie\jqs_plugin.dll Product: IBM Developer Kit for Windows,Java,1.6.0 Product Version: 6.0.0-20100902_01 Company: IBM Description: Java(TM) Quick Starter binary Original FileName: JQSIEStartDetector.dll File Version Label: 6.0.0-20100902_01 File Version Number: 6.0.0.0 SHA-1 Digest: 0x8FE07E5A4AE90D0C2AB6EBB79563EE3D468AD3C0 MD5 Digest: 0x8EF23A70E0E5E656AAB0CB07D7DE6BF1 CRC32 Digest: 0x08341892 Rootkit Property: Normal File Size: 79112 bytes
File: c:\program files\ibm\lotus\symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win 32_3.5.0.20090605-2002\preload.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x00AA9B84ABCEA6F67A71D635ACFF1588065472F4
MD5 Digest: 0xB174494940CAC9D412BEA3B98D38B371 CRC32 Digest: 0xFF188496 Rootkit Property: Normal File Size: 40960 bytes
File: c:\program files\ibm\mobility client\artstartsvc.exe Product: IBM Mobility Client Product Version: 6.1.1.0 Company: IBM Description: IBM Mobility Client Original FileName: artstartsvc.exe File Version Label: 6.1.1.1260 File Version Number: 6.1.1.1260 SHA-1 Digest: 0x3B1ABC0CBE403E7543982F62A097C9F06C630448 MD5 Digest: 0x816D9B6E73D17BBDB9D74FED1B10ACC0 CRC32 Digest: 0xCA58A023 Rootkit Property: Normal File Size: 41472 bytes
File: c:\program files\ibm\mobility client\artsvc.exe Product: IBM Mobility Client Product Version: 6.1.1.0 Company: IBM Description: IBM Mobility Client Original FileName: artsvc.exe
File Version Label: 6.1.1.1260 File Version Number: 6.1.1.1260 SHA-1 Digest: 0x2666DD4756A913FCF8895BA1C07DB00A306D4B9F MD5 Digest: 0x88B935F62E7B8091EFBC99ACCBCAC664 CRC32 Digest: 0xBBB99186 Rootkit Property: Normal File Size: 98304 bytes
File: c:\program files\ibm\my help\plugins\com.ibm.myhelp.common_1.3.14\pmonmh.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x1D057FFF59BE0246113C4EDF22921B993B0F6AC3 MD5 Digest: 0x93985E65CECE32603A2AA04401C12F00 CRC32 Digest: 0x5165A509 Rootkit Property: Normal File Size: 184371 bytes
File: c:\program files\ibm\personal communications\atmgrtok.dll Product: Personal Communications Product Version: 5.7.1
Company: IBM Corporation Description: Personal Communications Attach Manager User Token Library Original FileName: File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x07E1200EC5246E1E01101687FF49A22C8BA0D2DE MD5 Digest: 0xA45CBDE32C9F545AB3293504979BF810 CRC32 Digest: 0x2D4E0708 Rootkit Property: Normal File Size: 53248 bytes
File: c:\program files\ibm\personal communications\defsecur.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: DEFSECUR DLL Original FileName: File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xAA699CD2BF3EE4153F2D780657C98CE6D35E42D2 MD5 Digest: 0x06E17C01D9DD43D25B24606FA343485C CRC32 Digest: 0x8B229427 Rootkit Property: Normal File Size: 32768 bytes
File: c:\program files\ibm\personal communications\message.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: MESSAGE.DLL Original FileName: MESSAGE.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x14C35D79467472A98683295689D47FE39776789E MD5 Digest: 0xA15655C54EC06C4BADAF6E5D009FF8B5 CRC32 Digest: 0xCC3E5E8E Rootkit Property: Normal File Size: 40960 bytes
File: c:\program files\ibm\personal communications\millutil.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: Personal Communications Utilities Original FileName: File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xBF64AFA376D5AE1675B54ABE1DE88AF0A8FDC874 MD5 Digest: 0xD51429839F1825AC63EA3642467A3DCA CRC32 Digest: 0x25FD07E7
Rootkit Property: Normal File Size: 45056 bytes
File: c:\program files\ibm\personal communications\msgio.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: Message queuing facility for WinMill Original FileName: File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x4F60CC02133FCEBA4443803BA6191D2706797869 MD5 Digest: 0xD5B5A50AB9EB7C79EF73C4048D85F513 CRC32 Digest: 0x8A732D5E Rootkit Property: Normal File Size: 28672 bytes
File: c:\program files\ibm\personal communications\nodeinit.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: SNA Configuration Initialization Original FileName: File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773
SHA-1 Digest: 0xCA3BCDC06C2FF1EA21846DC5B37220F292603DDC MD5 Digest: 0x7B849875E83762188E5EE61E156446DB CRC32 Digest: 0x18A2EB07 Rootkit Property: Normal File Size: 77824 bytes
File: c:\program files\ibm\personal communications\oocsvcs2.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x7D20CF58B6B1C562AA825FB953D461E77F35A76A MD5 Digest: 0x6B56DDBA706352945B9212E9FB817F2D CRC32 Digest: 0x4EB9DBAD Rootkit Property: Normal File Size: 485376 bytes
File: c:\program files\ibm\personal communications\pcs_agnt.exe Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: Always Resident PComm Process
Original FileName: File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x977802E3292D2405BACA561357D6F16DE8910019 MD5 Digest: 0x6157B47B8423FF2C0EF363FBE655A0D3 CRC32 Digest: 0x425D6948 Rootkit Property: Normal File Size: 36864 bytes
File: c:\program files\ibm\personal communications\pcscapi.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: Configuration API function for WinMill Original FileName: File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xD98D59520FD1ACB66B6F03207F3E6F13E7316DB7 MD5 Digest: 0xA7AD8614D71080D0D5DA857721397E42 CRC32 Digest: 0x5FF6FCA4 Rootkit Property: Normal File Size: 94208 bytes
File: c:\program files\ibm\personal communications\pcsclib.dll Product: Personal Communications
Product Version: 5.7.1 Company: IBM Corporation Description: PCSCLIB.DLL Original FileName: PCSCLIB.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x4C4FCA5E6093686CE39C084D8A3B638963724F41 MD5 Digest: 0xDCBBF1B90C76528C5E526912262806B2 CRC32 Digest: 0x004A549F Rootkit Property: Normal File Size: 91648 bytes
File: c:\program files\ibm\personal communications\pcsmsg.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PCSMSG.DLL Original FileName: PCSMSG.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x9EA7CEAFC73F3F47739BF62618D6DD86A9F079C2 MD5 Digest: 0xBA6FEF8E83B90D42EBDACB30874A392A CRC32 Digest: 0x5D20CC6E Rootkit Property: Normal File Size: 28672 bytes
File: c:\program files\ibm\personal communications\pcspref.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PCSPREF.DLL Original FileName: PCSPREF.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xC0E7EF7D453593F38039B5F7E21511648144125A MD5 Digest: 0xDF35D88823AC52A700763BFC14750FBD CRC32 Digest: 0xD91FC7C8 Rootkit Property: Normal File Size: 121344 bytes
File: c:\program files\ibm\personal communications\pcsrtmsn.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PCSRTMSN.DLL Original FileName: PCSRTMSN.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xFF84BB66D9C5C942990F43A7A8A0E7F23E18CB43 MD5 Digest: 0x6317615C7B4A4BBA0B7FA1EF0DA29762
CRC32 Digest: 0xE8FEF53E Rootkit Property: Normal File Size: 17920 bytes
File: c:\program files\ibm\personal communications\pcstq.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PCSTQ.DLL Original FileName: PCSTQ.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x866D5ABEF6A327F544C0A7BF116B8EE063CC1D76 MD5 Digest: 0x9F889DDA805CCEFF543F01040FB2049E CRC32 Digest: 0x461E9E4C Rootkit Property: Normal File Size: 33280 bytes
File: c:\program files\ibm\personal communications\pcsw32x.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PCSW32X DLL Original FileName: File Version Label: 5070.10.5249.773
File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x6CD9ACC557D228204A6959A130E17D019C7BC65D MD5 Digest: 0x67FFCA99FB0054820E69F4968B3869E5 CRC32 Digest: 0xC7087A74 Rootkit Property: Normal File Size: 28672 bytes
File: c:\program files\ibm\personal communications\pcswlib.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PCSWLIB.DLL Original FileName: PCSWLIB.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xCD50ED916AD7BB0384B75ACCE0AC5EAF2876C884 MD5 Digest: 0xB5028E50FE75A2C0542958DD6957138A CRC32 Digest: 0x9F79C55B Rootkit Property: Normal File Size: 35328 bytes
File: c:\program files\ibm\personal communications\pcswlibi.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation
Description: PCSWLIBI.DLL Original FileName: PCSWLIBI.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x3961EE52471585285172BD9F340C8420B2DDDFD7 MD5 Digest: 0xEE1D426C33625936E11B5F1A39A2B707 CRC32 Digest: 0xCB259752 Rootkit Property: Normal File Size: 5120 bytes
File: c:\program files\ibm\personal communications\pcszlib.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PCSZLIB.DLL Original FileName: PCSZLIB.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xE98AC1FF5374F1A3C674C34AB6314DE9BA89DF46 MD5 Digest: 0x5F35D7B8CC5DBB655523A1DD833D3B3D CRC32 Digest: 0x17FDB461 Rootkit Property: Normal File Size: 7168 bytes
File: c:\program files\ibm\personal communications\spelling.dll
Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: Formatting Services Original FileName: File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xCD64C732E0DB2C62E5DC87AFB1D2D2682D92786F MD5 Digest: 0xF996FB4F50F8B3051065E270E03FD554 CRC32 Digest: 0x954EF6F5 Rootkit Property: Normal File Size: 77824 bytes
File: c:\program files\ibm\personal communications\tpam.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xC8E92313EB9162ECC0E2CDC4F52E88B221298781 MD5 Digest: 0x26F2CC97DD775EA6BAFB5399A7C77403 CRC32 Digest: 0x3C9E42C4 Rootkit Property: Normal
File Size: 28672 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\classic\core.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Java runtime library Original FileName: core.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0x97669BA070C8FA7DF9A2FF9AB7D151DEC0665F66 MD5 Digest: 0x46B819C49C89324C53D87749C5FD87F3 CRC32 Digest: 0x5B8C05D3 Rootkit Property: Normal File Size: 106496 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\classic\jvm.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Java Virtual Machine Original FileName: jvm.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0xDC4F1A669DA2039C31996AC97623ECEAA5D7D363
MD5 Digest: 0x7F864C2FA20036F43DF6818F992B2454 CRC32 Digest: 0x1D3092E8 Rootkit Property: Normal File Size: 1454080 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\dbghelp.dll Product: Debugging Tools for Windows(R) Product Version: 6.0.0007.0 Company: Microsoft Corporation Description: Windows Image Helper Original FileName: DBGHELP.DLL File Version Label: 6.0.0007.0 (DbgBuild.020301-1738) File Version Number: 6.0.7.0 SHA-1 Digest: 0x663E9DC48A5F6766C6283557455188F35B8187D4 MD5 Digest: 0xEB43E3C27E5FFD29131333CB69947B87 CRC32 Digest: 0x2D720F4A Rootkit Property: Normal File Size: 712192 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\dbgmalloc.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Java debug malloc library Original FileName: dbgmalloc.dll
File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0xAE1C7C890C76DB5B5CF683E39AF1638DC16405D6 MD5 Digest: 0x46261D86999063B6AD9136495CE4A500 CRC32 Digest: 0x2095D9EF Rootkit Property: Normal File Size: 24576 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\hpi.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Java runtime library Original FileName: hpi.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0xFC915837AA78C379982548238A7FC24BDA232EB1 MD5 Digest: 0x3ACAA8BF4F4AB3ED1279562B49FC84C7 CRC32 Digest: 0xBAE5D01B Rootkit Property: Normal File Size: 69632 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\java.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0
Company: IBM Description: Java runtime library Original FileName: java.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0x2FC2CEBCEFE3B6EEF975BBE4D263F2226C110D9E MD5 Digest: 0xBAA9F14A32BE80933244AD9F9DECAF52 CRC32 Digest: 0x1579A0B5 Rootkit Property: Normal File Size: 106496 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\java.exe Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Java launcher Original FileName: java.exe File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0x173D14D4E1B0F23E34582FF9C0D9FF9348626E4B MD5 Digest: 0x97F712E960D09FFFAF6F31DF25C907DB CRC32 Digest: 0x8B7123AD Rootkit Property: Normal File Size: 43752 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\jitc.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Just-in-time Compiler library Original FileName: jitc.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0x58DCE2B98A7A30752C48D6CC4D329210C1B335ED MD5 Digest: 0xFA462DF5BA0A61B4F36F514CA22E9D86 CRC32 Digest: 0x08C72ADA Rootkit Property: Normal File Size: 2460188 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\jsig.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Java Signal Interpose library Original FileName: jsig.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0xD6299D5685039ABC57754EDA5BADE0F00B174863 MD5 Digest: 0xC4392A90EF5D69A2179F6779462D1B6B CRC32 Digest: 0x79EBFCF5
Rootkit Property: Normal File Size: 24576 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\net.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Java runtime library Original FileName: net.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0x1075EBDA2E6EF47C449E54DBC37FE829EF57AB77 MD5 Digest: 0xCCA02D39B9C6700C304373317119D4D6 CRC32 Digest: 0x5FE59C95 Rootkit Property: Normal File Size: 106496 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\nio.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Java runtime library Original FileName: nio.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24
SHA-1 Digest: 0x0FAB0DFADFB700F5F1901B04F556DD0C5C36B93D MD5 Digest: 0x248CFFEE9AD2AA742F7DD292AB3BC671 CRC32 Digest: 0x5D3FA770 Rootkit Property: Normal File Size: 49152 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\ute.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Universal Trace Engine library Original FileName: ute.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0xEC5E6BA8D8C3101460296BB940A1FD88AB5AB626 MD5 Digest: 0x4F5531FCEA533F9885182186290422C3 CRC32 Digest: 0x12552BA7 Rootkit Property: Normal File Size: 106558 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\xhpi.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Java runtime library
Original FileName: xhpi.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0x681A7EF172C2BAC7E181362FF52D327B7611BE63 MD5 Digest: 0x0920D44001DD1E4BE3D4012E2D3918E8 CRC32 Digest: 0xBBA052CC Rootkit Property: Normal File Size: 28672 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_jvm\jre\bin\zip.dll Product: IBM Developer Kit for Windows, Java 2, 1.4.2 Product Version: 1.4.2.0 Company: IBM Description: Java runtime library Original FileName: zip.dll File Version Label: 142,0,2006,1124 File Version Number: 142.2006.11.24 SHA-1 Digest: 0xA970A901F625B326F50EA5B6858E9B9ED0232EFD MD5 Digest: 0x6605F4F26FA86202610225A5523A8C63 CRC32 Digest: 0x2536D5D5 Rootkit Property: Normal File Size: 69632 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\_uninst\uninstaller.exe Product:
Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x5F90C6EF908A78183CD2879B9AEC9F7689489E84 MD5 Digest: 0xEA377F13669DEA0F780D2488D0859587 CRC32 Digest: 0xB68B503F Rootkit Property: Normal File Size: 336668 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\cds\cdsclient.dll Product: IBM Tivoli Provisioning Manager for Dynamic Content Delivery Product Version: 1.3.2.1 Company: IBM Description: DCD client library Original FileName: CDSClient.dll File Version Label: 001_20080708D File Version Number: 1.3.2.1 SHA-1 Digest: 0xC9BC0E0246023A9E101BB1C5D9C5017AD6A5758B MD5 Digest: 0x3CC20D8F01E93216FF55340B95559362 CRC32 Digest: 0xFAE264C3 Rootkit Property: Normal File Size: 86016 bytes
File: c:\program files\ibm\tivoli\dcd\client\issi\cds\cdswinsrv.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x7A57611C18A468197BE1AF688B02998EBDBDFE3D MD5 Digest: 0x12FD9D1DD86FE562EA04F17E0781E2A6 CRC32 Digest: 0x704CF509 Rootkit Property: Normal File Size: 53248 bytes
File: c:\program files\ibm\trace facility\fmt_util.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: Trace Formatter Utility DLL Original FileName: FMT_UTIL.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x55ADE1E4137CAEB5D5756AC7A533DB78F163C398 MD5 Digest: 0xAD58DA8AA448248717A71354435BF1D6
CRC32 Digest: 0xB944138B Rootkit Property: Normal File Size: 24576 bytes
File: c:\program files\ibm\trace facility\nstrc.dll Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: Independent Trace Facility Original FileName: NSTRC.DLL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xB6A8A80FF323F1D6484D235FAC29293F05ECFE52 MD5 Digest: 0x0F1866CE6E8FDCB67669EE36A4E58303 CRC32 Digest: 0xF95487EF Rootkit Property: Normal File Size: 36864 bytes
File: c:\program files\installshield installation information\{75e7fee8-16b1-4b1d-82b49594a38edf76}\setup.exe Product: IBM 32-bit Runtime Environment for Java v6 Product Version: 6 Company: IBM Description: Setup Launcher Original FileName: Setup.exe File Version Label: 6
File Version Number: 16.0.0.400 SHA-1 Digest: 0xC9DAF311A566D76B2006C5EF415F962F83C07302 MD5 Digest: 0x7F339A4333706BB8B76CC76F5B95E8D0 CRC32 Digest: 0x562D6FE1 Rootkit Property: Normal File Size: 987744 bytes
File: c:\program files\installshield installation information\{ca96f3a1-f350-11d3-b354002035c150e4}\setup.exe Product: InstallShield Product Version: 15.0 Company: Acresso Software Inc. Description: Setup.exe Original FileName: Setup.exe File Version Label: 15.0.498 File Version Number: 15.0.0.498 SHA-1 Digest: 0x7C38F49F874DA346A4A3E4F3850D7CC287D83576 MD5 Digest: 0x8D699C26857440661FAD1AED839FFC79 CRC32 Digest: 0xC3197CEC Rootkit Property: Normal File Size: 393216 bytes
File: c:\program files\intel\wifi\bin\dbengine.dll Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation
Description: Intel(R) PROSet/Wireless Secure DB Engine Original FileName: DbEngine.DLL File Version Label: 13, 0, 0, 0 File Version Number: 13.0.0.0 SHA-1 Digest: 0x3A5CE06B82D8D4D72A478379EA5A269AB9C410B1 MD5 Digest: 0xE6DF2C30CB80344F5D5648AC6C6FF0C4 CRC32 Digest: 0x1488BE43 Rootkit Property: Normal File Size: 512000 bytes
File: c:\program files\intel\wifi\bin\evteng.exe Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel(R) PROSet/Wireless Event Log Service Original FileName: EvtEng.EXE File Version Label: 13, 0, 0, 0 File Version Number: 13.0.0.0 SHA-1 Digest: 0xCDBAD2EF1F7FADCFFE1D8FF8EEE25C011E79A4DF MD5 Digest: 0xA57BE3307ADA2FC086B5B43135735283 CRC32 Digest: 0xF5009052 Rootkit Property: Normal File Size: 858384 bytes
File: c:\program files\intel\wifi\bin\intstngs.dll
Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel(R) PROSet/Wireless Application Settings Module Original FileName: IntelSettings.DLL File Version Label: 13, 0, 0, 0 File Version Number: 13.0.0.0 SHA-1 Digest: 0x9BFFBC4D782E4B2EDBD1050BBDBE2A52B64D3FEE MD5 Digest: 0x4205E9FB60FACC3C850421A0BDC3BD59 CRC32 Digest: 0xBFB2268A Rootkit Property: Normal File Size: 503808 bytes
File: c:\program files\intel\wifi\bin\iwmsprov.dll Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel PROSet/Wireless IWMS Provider Original FileName: IWMSProv.dll File Version Label: 13, 0, 0, 0 File Version Number: 13.0.0.0 SHA-1 Digest: 0x1162927B0AAC6D9F259CFF5584B545AC616AB38A MD5 Digest: 0x7F4C4287E02D74ADBAD8B6A5E133E1CC CRC32 Digest: 0xD30D3D46 Rootkit Property: Normal
File Size: 200704 bytes
File: c:\program files\intel\wifi\bin\kmmdlplugins\supplicantplugin.dll Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel(R) PROSet/Wireless Supplicant Plugin Original FileName: SupplicantPlugin.dll File Version Label: 13, 0, 0, 12 File Version Number: 13.0.0.12 SHA-1 Digest: 0xDDB04DB287BA62F2FDE583DB07A50E39B850EADD MD5 Digest: 0xC800C4D9DA27C3C87AB52E81EDEA367D CRC32 Digest: 0x706CFFC2 Rootkit Property: Normal File Size: 411920 bytes
File: c:\program files\intel\wifi\bin\kmmdlplugins\wscplugin.dll Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel(R) PROSet/Wireless WSC Plugin Module Original FileName: WSCPlugin.dll File Version Label: 13, 0, 0, 5 File Version Number: 13.0.0.5 SHA-1 Digest: 0xD13FB216BA991F1D3A18030EB61535A4D72CC6D1
MD5 Digest: 0x95D603250B7CC45461414C0125CA3DCA CRC32 Digest: 0x7167802B Rootkit Property: Normal File Size: 461072 bytes
File: c:\program files\intel\wifi\bin\murocapi.dll Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel(R) PROSet/Wireless Muroc API Module Original FileName: MurocApi.DLL File Version Label: 13, 0, 0, 5 File Version Number: 13.0.0.5 SHA-1 Digest: 0xC3FB6D32405F3F0FE3849A745DC7A41424172CE8 MD5 Digest: 0x965F5039DB9F6FA9FC7251119265B303 CRC32 Digest: 0xD6ABF8DD Rootkit Property: Normal File Size: 872448 bytes
File: c:\program files\intel\wifi\bin\pfmgrapi.dll Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel(R) PROSet/Wireless Profile Manager API Module Original FileName: ProfileMgrApi.DLL
File Version Label: 13, 0, 0, 2 File Version Number: 13.0.0.2 SHA-1 Digest: 0xE04294CACC849772427F2440A88DA38FCFAB4FF5 MD5 Digest: 0xEBAE66FB53EF7DAC726096B5BA8A0D69 CRC32 Digest: 0x363231FF Rootkit Property: Normal File Size: 1605632 bytes
File: c:\program files\intel\wifi\bin\s24evmon.exe Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0 Company: Intel(R) Corporation Description: Intel(R) Wireless Management Service Original FileName: S24EvMon.exe/iWMSSvc.dll File Version Label: 13, 0, 0, 10 File Version Number: 13.0.0.10 SHA-1 Digest: 0xF8FF906D72A3D71BA81C43B35BE983915054CFAB MD5 Digest: 0x87955061FD3789CA7A5C4C72A05A1A9F CRC32 Digest: 0x2CC2429A Rootkit Property: Normal File Size: 954368 bytes
File: c:\program files\intel\wifi\bin\s24mudll.dll Product: Intel(R) PROSet/Wireless Product Version: 13, 0, 0, 0
Company: Intel(R) Corporation Description: Intel(R) PROSet/Wireless S24EvMon Module Original FileName: s24mudll.dll File Version Label: 13, 0, 0, 1 File Version Number: 13.0.0.1 SHA-1 Digest: 0x5E16C337C8BA1CCF462AC1E43765947E812FDB3D MD5 Digest: 0xAE8749D0DE92ECB7ABDC1BAF5F9061E9 CRC32 Digest: 0x6D66857B Rootkit Property: Normal File Size: 135168 bytes
File: c:\program files\intel\wifi\bin\supplicant.dll Product: Supplicant Dynamic Link Library Product Version: 13, 0, 0, 0 Company: Devicescape Software, Inc. Description: Supplicant Dynamic Link Library Original FileName: supplicant.dll File Version Label: 13, 0, 0, 0 File Version Number: 13.0.0.0 SHA-1 Digest: 0x2EBAF28114031390ABE6FE86CD39909568A05B1F MD5 Digest: 0x92CBC57E5106C6362FB7AF1EAF1A4342 CRC32 Digest: 0x0CB10E93 Rootkit Property: Normal File Size: 1466368 bytes
File: c:\program files\lenovo\hotkey\cleanup.dll Product: Installation Program Product Version: 1.01 Company: Lenovo Group Limited Description: Uninstaller for inf file Original FileName: cleanup.dll File Version Label: 1.01 File Version Number: 1.0.1.0 SHA-1 Digest: 0xCE57F5C723F86338783D50A71E117E177F57CEB2 MD5 Digest: 0x4417B193A6AFC52B7FC179F85DC40929 CRC32 Digest: 0x19B0E6F8 Rootkit Property: Normal File Size: 30048 bytes
File: c:\program files\lenovo\hotkey\hkvolkey.dll Product: On screen display Product Version: 1.01 Company: Lenovo Group Limited Description: vk detecter for volume up/down keys Original FileName: hkvolkey.dll File Version Label: 1.01 File Version Number: 1.0.1.0 SHA-1 Digest: 0xCFC97331FC07C45163898C91ABD97C3E7119C335 MD5 Digest: 0xF10454A577C8FB6CC529FDFFB7B04E9F CRC32 Digest: 0xF3C6E1E7
Rootkit Property: Normal File Size: 79224 bytes
File: c:\program files\lenovo\hotkey\micmute.exe Product: On screen display Product Version: 1.02 Company: Lenovo Group Limited Description: Microphone Mute Controll Service for ThinkPad Original FileName: micmute.exe File Version Label: 1.02 File Version Number: 1.0.2.0 SHA-1 Digest: 0xD89C370772E753470B8E8CD4AF3BE3171768AB48 MD5 Digest: 0xD584216C7767DCFB4B812B9B60A4A4E7 CRC32 Digest: 0x2CE4A6E3 Rootkit Property: Normal File Size: 45424 bytes
File: c:\program files\lenovo\hotkey\notifyf2.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0
SHA-1 Digest: 0x531CE772EAF167AF3A131C2822A01BD5A76E8AE9 MD5 Digest: 0x0C3E484BF4AEC2749A9F4D0A91870780 CRC32 Digest: 0x63C89013 Rootkit Property: Normal File Size: 34344 bytes
File: c:\program files\lenovo\hotkey\tpfnf6r.exe Product: ThinkPad FnF6 Resident Module Product Version: 1.10 Company: Lenovo Group Limited Description: ThinkPad FnF6 Resident Module Original FileName: TPFNF6R.EXE File Version Label: 1.10 File Version Number: 1.1.0.0 SHA-1 Digest: 0xC8B487159366998C8EA4C620EDD0A0814F4EDC95 MD5 Digest: 0x2B083A7AD8DF8698159480A3D53E8B84 CRC32 Digest: 0xE1C81D45 Rootkit Property: Normal File Size: 62752 bytes
File: c:\program files\lenovo\hotkey\tphksvc.exe Product: On screen display Product Version: 1.07 Company: Lenovo Group Limited Description: On screen display Fn+Fx handler
Original FileName: tphksvc.exe File Version Label: 1.07 File Version Number: 1.0.7.0 SHA-1 Digest: 0x23EC79A540B36A08CF5A9C9FE7E4368657877E94 MD5 Digest: 0x3C6A42A8494D74F44F048BB7F9F2DB44 CRC32 Digest: 0x6A7F64B0 Rootkit Property: Normal File Size: 62320 bytes
File: c:\program files\lenovo\hotkey\tponscr.exe Product: On screen display Product Version: 5.30 Company: Lenovo Group Limited Description: On screen display drawer Original FileName: tponscr.exe File Version Label: 5.30 File Version Number: 5.3.0.0 SHA-1 Digest: 0x01AF1FE681E3FD575E1F3C5977AB8F09E2C9E1C9 MD5 Digest: 0x72D9419E4AA1C40C9E34821722D335C8 CRC32 Digest: 0x963A8EEE Rootkit Property: Normal File Size: 67432 bytes
File: c:\program files\lenovo\hotkey\tposdsvc.dll Product: On screen display
Product Version: 1.01 Company: Lenovo Group Limited Description: On screen display driver interface DLL Original FileName: tposdsvc.dll File Version Label: 1.01 File Version Number: 1.0.1.0 SHA-1 Digest: 0xCD6AA220B0DB46E5BDD85D499746D9543FAAF4D2 MD5 Digest: 0x254A8D98E103E06CF86CB2DA8708620F CRC32 Digest: 0xF32FD092 Rootkit Property: Normal File Size: 34080 bytes
File: c:\program files\lenovo\hotkey\tposdsvc.exe Product: On screen display Product Version: 1.15 Company: Lenovo Group Limited Description: On screen display message generator for ThinkPad Original FileName: tposdsvc.exe File Version Label: 1.15 File Version Number: 1.1.5.0 SHA-1 Digest: 0xE2F6FD15B8B92AB87C7F67BAAB2A5C1B76862EC5 MD5 Digest: 0x0BF10B23779565BC472BEEBE3B9A20D9 CRC32 Digest: 0x9A8CB8F7 Rootkit Property: Normal File Size: 68976 bytes
File: c:\program files\lenovo\zoom\cleanup.dll Product: Installation Program Product Version: 1.01 Company: Lenovo Group Limited Description: Uninstaller for inf file Original FileName: cleanup.dll File Version Label: 1.01 File Version Number: 1.0.1.0 SHA-1 Digest: 0xCE57F5C723F86338783D50A71E117E177F57CEB2 MD5 Digest: 0x4417B193A6AFC52B7FC179F85DC40929 CRC32 Digest: 0x19B0E6F8 Rootkit Property: Normal File Size: 30048 bytes
File: c:\program files\lenovo\zoom\tpscrex.exe Product: ThinkPad UltraZoom Product Version: 2.10 Company: Lenovo Group Limited Description: ThinkPad UltraZoom Original FileName: TpScrEx.exe File Version Label: 2.10 File Version Number: 2.1.0.0 SHA-1 Digest: 0x67A06985D79E83DF9AADA1C117A1F027116547BC MD5 Digest: 0x2B365FF1A4CC06813B892F92AAE4C0B7
CRC32 Digest: 0xE137B330 Rootkit Property: Normal File Size: 144752 bytes
File: c:\program files\microsoft application virtualization client\sftlist.exe Product: Microsoft Application Virtualization Product Version: 4.6.0.10191 Company: Microsoft Corporation Description: Microsoft Application Virtualization Client Service Original FileName: sftlist.exe File Version Label: 4.6.0.10191 File Version Number: 4.6.0.10191 SHA-1 Digest: 0x6A94405CA7DC475C9DE8FB041114ADC25E10E36E MD5 Digest: 0x05D2B0D0F1DB139970D4AF18C679429D CRC32 Digest: 0xD5D47336 Rootkit Property: Normal File Size: 483688 bytes
File: c:\program files\microsoft application virtualization client\sftvsa.exe Product: Microsoft Application Virtualization Product Version: 4.6.0.10191 Company: Microsoft Corporation Description: Microsoft Application Virtualization Virtual Service Agent Original FileName: sftvsa.exe File Version Label: 4.6.0.10191
File Version Number: 4.6.0.10191 SHA-1 Digest: 0xEDCEDAE86018D2B999CFFA91813C18B3C2D1E935 MD5 Digest: 0xE6ED4F02B5A151BB44DE383B365C2117 CRC32 Digest: 0x6A367674 Rootkit Property: Normal File Size: 209768 bytes
File: c:\program files\microsoft office\office11\mcps.dll Product: Microsoft Clip Organizer Product Version: 11.0.8164 Company: Microsoft Corporation Description: Media Catalog Proxy/Stub Original FileName: mcps.dll File Version Label: 11.0.8164 File Version Number: 11.0.8164.0 SHA-1 Digest: 0x9854D130E21D8B48D31F7848CB453514ECE11971 MD5 Digest: 0x40FA2F035ED88108850757CA51DAD942 CRC32 Digest: 0xD067104C Rootkit Property: Normal File Size: 103256 bytes
File: c:\program files\microsoft office\office11\mstores.dll Product: Microsoft Clip Organizer Product Version: 11.0.8164 Company: Microsoft Corporation
Description: Clip Organizer Original FileName: MStoreS.dll File Version Label: 11.0.8164 File Version Number: 11.0.8164.0 SHA-1 Digest: 0x3072FF8B1CECFCDFB4DAF8D893F4B637121AA2C7 MD5 Digest: 0x10875695BED690FC4B843E8FA6B75907 CRC32 Digest: 0x445775E8 Rootkit Property: Normal File Size: 489824 bytes
File: c:\program files\microsoft office\office12\msohevi.dll Product: 2007 Microsoft Office system Product Version: 12.0.6413.1000 Company: Microsoft Corporation Description: 2007 Microsoft Office component Original FileName: MsoHevI.dll File Version Label: 12.0.6413.1000 File Version Number: 12.0.6413.1000 SHA-1 Digest: 0x28BBA04F92AA388D526F8D4D5555D35224CD706D MD5 Digest: 0x269552E0E5BD5BFE0DA7AD42FAC34C37 CRC32 Digest: 0x19023306 Rootkit Property: Normal File Size: 61816 bytes
File: c:\program files\mozilla firefox\uninstall\helper.exe
Product: Firefox Product Version: 3.6.13 Company: Mozilla Corporation Description: Firefox Helper Original FileName: helper.exe File Version Label: 3.6.13 File Version Number: 1.0.0.0 SHA-1 Digest: 0x9ED4F98C94680CB86CBAA43FB968A90B0A21A5F2 MD5 Digest: 0xF46F227D330C9E17249E2EEAF3EE687C CRC32 Digest: 0x58BFC9E7 Rootkit Property: Normal File Size: 553696 bytes
File: c:\program files\netbeans 6.8\uninstall.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xF0E6D5A97D6DC04835C6880DA864B3FA45DFD63B MD5 Digest: 0x1C9FC31F036271ABDF5EF398EE4E6993 CRC32 Digest: 0x66610491 Rootkit Property: Normal
File Size: 2236585 bytes
File: c:\program files\nokia\nokia pc suite 7\lang\phonebrowser_eng-us.nlr Product: Nokia Phone Browser Product Version: 6, 0, 9, 0 Company: Nokia Description: Nokia Phone Browser language resources Original FileName: PhoneBrowser_eng.NLR File Version Label: 7, 1, 69, 0 File Version Number: 7.1.69.0 SHA-1 Digest: 0x2635FB05F1BE7114884174AF6942338BAA3CED30 MD5 Digest: 0xC9C5FF301B9DAB8D8EAF50E4AE85C5B4 CRC32 Digest: 0x41F827AB Rootkit Property: Normal File Size: 26624 bytes
File: c:\program files\nokia\nokia pc suite 7\ngscm.dll Product: Next Gen Suite Common Modules Product Version: 1.0 Company: Nokia Description: Next Gen Suite Common Modules Original FileName: NGSCM.dll File Version Label: 7, 1, 154, 0 File Version Number: 7.1.154.0 SHA-1 Digest: 0x5937FDD004A6D2C9CF35865603F5E3AC19E530EA
MD5 Digest: 0x289891A688A9FDA4CEBD370F230FF846 CRC32 Digest: 0x0DCA1F6F Rootkit Property: Normal File Size: 929792 bytes
File: c:\program files\nokia\nokia pc suite 7\phonebrowser.dll Product: Phone Browser Product Version: 3.0 Company: Nokia Description: Phone Browser Original FileName: PhoneBrowser.dll File Version Label: 7, 1, 108, 0 File Version Number: 7.1.108.0 SHA-1 Digest: 0x6C81E714568033F9A9643125A3F73CC2175A9332 MD5 Digest: 0xF0CBAF724FF71D400FF45FBCEC4F3898 CRC32 Digest: 0xCCC1F741 Rootkit Property: Normal File Size: 613888 bytes
File: c:\program files\nokia\nokia pc suite 7\resource\phonebrowser_nokia.ngr Product: Nokia Phone Browser Product Version: 1, 0 Company: Nokia Description: Nokia Phone Browser graphics resources Original FileName: NokiaPhoneBrowser_Nokia.NGR
File Version Label: 7, 1, 21, 0 File Version Number: 7.1.21.0 SHA-1 Digest: 0xD69E35A3C7C2390DB1F25D5749DB2297C545C62D MD5 Digest: 0x5058D323DDABFAD0D8D8BC2CAEF73070 CRC32 Digest: 0x491DEEDA Rootkit Property: Normal File Size: 573440 bytes
File: c:\program files\notepad++\nppshell_01.dll Product: Product Version: 0.1 Company: Description: ShellHandler for Notepad++ Original FileName: NppShell.dll File Version Label: 0.1 File Version Number: 0.1.0.0 SHA-1 Digest: 0x24ED1C7296E52C405CA848876E3B421029E80D29 MD5 Digest: 0x07B6151824600789887C3C9899337F8E CRC32 Digest: 0x98293081 Rootkit Property: Normal File Size: 54272 bytes
File: c:\program files\notepad++\uninstall.exe Product: Product Version:
Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xC216A3CD501E674732903E33C0334D79B0126237 MD5 Digest: 0x97D0901888DF6BA7EEF4649400A9A479 CRC32 Digest: 0x43923BB9 Rootkit Property: Normal File Size: 117487 bytes
File: c:\program files\outlook express\setup50.exe Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Outlook Express Setup Library Original FileName: SETUP50.EXE File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x2761EAC89D924535B5ED7DF4174F46C9CE87E4F3 MD5 Digest: 0x8058C01E0B96EC2F74FF764BE1B67D7F CRC32 Digest: 0x2A33F27F Rootkit Property: Normal File Size: 73216 bytes
File: c:\program files\pc connectivity solution\servicelayer.exe Product: PC Connectivity Solution Product Version: 3.8 Company: Nokia. Description: ServiceLayer Module Original FileName: ServiceLayer.exe File Version Label: 7, 0, 124, 0 File Version Number: 7.0.124.0 SHA-1 Digest: 0xE7D681D424E18CBA3F93707905D65DDF2D997901 MD5 Digest: 0x58D5BFDF3ADF49FE9CABD78CC61D92F6 CRC32 Digest: 0x63562659 Rootkit Property: Normal File Size: 637952 bytes
File: c:\program files\real\realplayer\codecs\avcq.dll Product: AVC/H.264 Decoder (based on QuickTime SDK) (32-bit) Product Version: 12.0.1.609 Company: RealNetworks, Inc. Description: AVC/H.264 Decoder (based on QuickTime SDK) Original FileName: AVCQ.DLL File Version Label: 12.0.1.609 File Version Number: 12.0.1.609 SHA-1 Digest: 0x0E792CA4BDE2AEFA427856CCF4BE392703243761 MD5 Digest: 0x16B9CB79D9192996625B7DCF534C98F5 CRC32 Digest: 0xF7E854AA
Rootkit Property: Normal File Size: 43008 bytes
File: c:\program files\real\realplayer\rcaplugins\rpshellextension.dll Product: Product Version: 12.0.1.609 Company: RealPlayer Description: RealPlayer shellextension Original FileName: rpshellextension.dll File Version Label: 12.0.1.609 File Version Number: 12.0.1.609 SHA-1 Digest: 0xE30E749B5F08B107998A51E39729F517E0AB00AC MD5 Digest: 0x17BAB994D35A42CC588ABAC29F56C080 CRC32 Digest: 0x964B47E3 Rootkit Property: Normal File Size: 123904 bytes
File: c:\program files\real\realplayer\update\r1puninst.exe Product: Uninstaller Shell executable (32-bit) Product Version: 12.0.1.609 Company: RealNetworks, Inc. Description: Uninstaller Shell executable Original FileName: RNUninst.EXE File Version Label: 12.0.1.609 File Version Number: 12.0.1.609
SHA-1 Digest: 0x7859B735D4C8351319D7DC56AB12AEE46CCFDC56 MD5 Digest: 0x58EAF164B8E9ED1BE632100564375FD6 CRC32 Digest: 0xA4CA1AA9 Rootkit Property: Normal File Size: 555224 bytes
File: c:\program files\real\realplayer\update\realsched.exe Product: RealPlayer (32-bit) Product Version: 12.0.1.609 Company: RealNetworks, Inc. Description: RealNetworks Scheduler Original FileName: realsched.exe File Version Label: 12.0.1.609 File Version Number: 12.0.1.609 SHA-1 Digest: 0xA13EBAB88463315185BC11C16340DF0019C626DE MD5 Digest: 0x869513CA8428F231C7CAC62A6F9B974A CRC32 Digest: 0x4BE5510C Rootkit Property: Normal File Size: 274608 bytes
File: c:\program files\sges-v3\uninstall.exe Product: Product Version: Company: Description:
Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x2A336C59DEBF502DEBA641F69352C5EC8F03604D MD5 Digest: 0xFBC3F5EA0E12ACE8FA27182A2F1BF63E CRC32 Digest: 0x19428EC5 Rootkit Property: Normal File Size: 2236607 bytes
File: c:\program files\skype\phone\skype.exe Product: Skype Product Version: 5.1 Company: Skype Technologies S.A. Description: Skype Original FileName: Skype.exe File Version Label: 5.1.0.112 File Version Number: 5.1.0.112 SHA-1 Digest: 0x0EAEED3F20AEBF07C564AA7630238F702518D444 MD5 Digest: 0x61CFEDAF9C527A1463F34F71240F9BB5 CRC32 Digest: 0x72041B3D Rootkit Property: Normal File Size: 15026056 bytes
File: c:\program files\skype\plugin manager\skypepm.exe Product:
Product Version: 1.0.0.0 Company: Skype Technologies Description: Skype Extras Manager Original FileName: File Version Label: 3.0.0.5 File Version Number: 3.0.0.5 SHA-1 Digest: 0xF9C938CBE473F95769473B0B2F58E6ABAE799A01 MD5 Digest: 0x2CE8F1C52F490875592166316C512B6F CRC32 Digest: 0xFF47615E Rootkit Property: Normal File Size: 80256 bytes
File: c:\program files\snapshot viewer\setup\setup.exe Product: Microsoft App-wide Setup for Windows Product Version: 3.01 Company: Microsoft Corporation Description: Microsoft Setup Tool Original FileName: ACMSETUP.EXE File Version Label: 3.01 File Version Number: 3.1.0.1622 SHA-1 Digest: 0xA9707E5771570739082CC2D6BAC2E91C4FB011DB MD5 Digest: 0xD7F25C2088EEED2DA8184919639DB79F CRC32 Digest: 0x4C0488FE Rootkit Property: Normal File Size: 352768 bytes
File: c:\program files\symantec client security\symantec antivirus\cliproxy.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0x494F3030542AB394FF75B69109FBD2EC7CA08DDD MD5 Digest: 0x898DE0484542E061499D1C9A851E5128 CRC32 Digest: 0x13B7F0C3 Rootkit Property: Normal File Size: 302320 bytes
File: c:\program files\symantec client security\symantec antivirus\cliscan.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0x213D9C2F648ACCB497497E5E4ACF73598DDE94D0 MD5 Digest: 0x3556CC89A1F9D4076F188BA14503F7D2
CRC32 Digest: 0x3BB3DE81 Rootkit Property: Normal File Size: 703728 bytes
File: c:\program files\symantec client security\symantec antivirus\defutdcd.dll Product: Symantec Definition Utilities Product Version: 3.1.13a.0 Company: Symantec Corporation Description: Symantec Definition Utilities Original FileName: DefUtDCD.dll File Version Label: 3.1.13a.0 File Version Number: 3.1.13.0 SHA-1 Digest: 0x486BF5103AEA381A75F4233187E044C512BB165F MD5 Digest: 0x383047F10315DDA64069061DBE76E705 CRC32 Digest: 0x7CDA9EFA Rootkit Property: Normal File Size: 628312 bytes
File: c:\program files\symantec client security\symantec antivirus\defwatch.exe Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Virus Definition Daemon Original FileName: DefWatch.exe File Version Label: 10.1.5.5000
File Version Number: 10.1.5.5000 SHA-1 Digest: 0xB3A5B4BA666EE64C105CA415991488BD38E31F2B MD5 Digest: 0x1F709C66D8AADFF35530C56EE261C462 CRC32 Digest: 0x0FCE551F Rootkit Property: Normal File Size: 31472 bytes
File: c:\program files\symantec client security\symantec antivirus\i2ldvp3.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0xACFD89CDEDC42024A9668E7D9A8D7E911E7EA461 MD5 Digest: 0xF186CE62BDFE0A8BC6710D1FFAFF19C3 CRC32 Digest: 0xAB2EBA87 Rootkit Property: Normal File Size: 140016 bytes
File: c:\program files\symantec client security\symantec antivirus\imail.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation
Description: Symantec AntiVirus Original FileName: IMail.dll File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0xA4FD92E2816A2ADD9A2048D1D44A8FD3B0634A9B MD5 Digest: 0x872CF96E1D5D999986B34686FF1D7FA0 CRC32 Digest: 0xF98F1F67 Rootkit Property: Normal File Size: 290032 bytes
File: c:\program files\symantec client security\symantec antivirus\navlu.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0xC328177D7D835DA4A56DB418A939D20133970067 MD5 Digest: 0x23A88402D4746823C2D007BF998C850B CRC32 Digest: 0x7C90B760 Rootkit Property: Normal File Size: 52976 bytes
File: c:\program files\symantec client security\symantec antivirus\navntutl.dll
Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0x53C9377C4FC53DE51C59B181A2C96E683ACE821F MD5 Digest: 0xA029E5F02CF9524D448E38F85C09AD12 CRC32 Digest: 0x4F180B16 Rootkit Property: Normal File Size: 54000 bytes
File: c:\program files\symantec client security\symantec antivirus\notesext.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0x0AC2B696816B5E2F88CF1734C40826AEA7884C07 MD5 Digest: 0x03215AD43EC772968D58FC836FD73A14 CRC32 Digest: 0x317A0DD2 Rootkit Property: Normal
File Size: 35056 bytes
File: c:\program files\symantec client security\symantec antivirus\rtvscan.exe Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0x8F7AEEEFDDA6491E6F0CFB4881A69F125392A946 MD5 Digest: 0x8FDAADF204A4F29214DA1B03342E2735 CRC32 Digest: 0xEE1E9458 Rootkit Property: Normal File Size: 1813232 bytes
File: c:\program files\symantec client security\symantec antivirus\savemail.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: SavEmail.dll File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0xF16BB8EDF3846D84CE3DDDBC75136C6C9D8EA4EF
MD5 Digest: 0x6510B8DF193BD4CBFAB8B3B66267C9F7 CRC32 Digest: 0xE7EC472F Rootkit Property: Normal File Size: 31984 bytes
File: c:\program files\symantec client security\symantec antivirus\savroam.exe Product: Symantec SAVRoam Product Version: 10.1.5.5000 Company: symantec Description: SAVRoam Original FileName: SAVRoam.exe File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0xC09F0DEB303F1E87030BD54EECB0A6802F8DBD45 MD5 Digest: 0x3525FDCFC567E807A337C61AFF366BE8 CRC32 Digest: 0xEFB115A9 Rootkit Property: Normal File Size: 116464 bytes
File: c:\program files\symantec client security\symantec antivirus\savrt.sys Product: Symantec AntiVirus AutoProtect Product Version: 9.7 Company: Symantec Corporation Description: AutoProtect Original FileName: SAVRT.SYS
File Version Label: 9.7.2.3 File Version Number: 9.7.2.3 SHA-1 Digest: 0x915622BB091EBBD1ECA63E78BB10C1A4CF9C6BA7 MD5 Digest: 0x12B6E269EF8AC8EA36122544C8A1B6D8 CRC32 Digest: 0x2A6A6723 Rootkit Property: Normal File Size: 337592 bytes
File: c:\program files\symantec client security\symantec antivirus\savrt32.dll Product: Symantec AntiVirus AutoProtect Product Version: 9.7 Company: Symantec Corporation Description: AutoProtect DLL Original FileName: SAVRT.DLL File Version Label: 9.7.2.3 File Version Number: 9.7.2.3 SHA-1 Digest: 0x5AF1A4297CEAD9A8BA49A086EC9937DB45896E12 MD5 Digest: 0xE8D8D57B398825BDEA011C5BE81AFE5A CRC32 Digest: 0x6E1B9966 Rootkit Property: Normal File Size: 231184 bytes
File: c:\program files\symantec client security\symantec antivirus\savrtpel.sys Product: Symantec AntiVirus AutoProtect Product Version: 9.7
Company: Symantec Corporation Description: SAVRTPEL Original FileName: SAVRTPEL.SYS File Version Label: 9.7.2.3 File Version Number: 9.7.2.3 SHA-1 Digest: 0xBCA250710D7DDA7F71EED30212D665455FA1BA2E MD5 Digest: 0x97E5B6F3F95465E1F59360B59D8EC64E CRC32 Digest: 0x25E166F8 Rootkit Property: Normal File Size: 54968 bytes
File: c:\program files\symantec client security\symantec antivirus\symprotectstorage.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0xB82A4C5A95E9C6ED4F25329E05657DED53D2320E MD5 Digest: 0xC04367C2EF8741AF7133E62C72EA07C7 CRC32 Digest: 0xB277581E Rootkit Property: Normal File Size: 272112 bytes
File: c:\program files\symantec client security\symantec antivirus\vpmsece4.dll Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0x8EEC63DB4032D553869F9D21942842980F299FD6 MD5 Digest: 0x73B5E1E16FB4C3895AF9D0A125B09B7A CRC32 Digest: 0x4A495268 Rootkit Property: Normal File Size: 68848 bytes
File: c:\program files\symantec client security\symantec client firewall\ccemlflt.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Email Confidential Info Scanner Original FileName: ccEmlflt.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x876DE60534EB86005922D0A6E6545EB9A872693D MD5 Digest: 0x7662A7EF58ED90865594C2EC4EC136EF CRC32 Digest: 0x0C6DA234
Rootkit Property: Normal File Size: 145056 bytes
File: c:\program files\symantec client security\symantec client firewall\ccfwsetg.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Firewall Settings Engine Original FileName: ccFWSetg.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xDE20A79454F5A63E4740C816615BE352B2A25C7F MD5 Digest: 0xF9CD9C38169474026F98108A20054199 CRC32 Digest: 0x65F87CA9 Rootkit Property: Normal File Size: 476832 bytes
File: c:\program files\symantec client security\symantec client firewall\issvc.exe Product: Internet Security Product Version: 8.7 Company: Symantec Corporation Description: IS Service Original FileName: ISSVC.exe File Version Label: 8.7.4.97 File Version Number: 8.7.4.97
SHA-1 Digest: 0x090240D39773EAECFF623C1BD20C36C178F05769 MD5 Digest: 0xA59BA4C8C0698DDC9D805109B0F6C76C CRC32 Digest: 0xE1FABC17 Rootkit Property: Normal File Size: 87728 bytes
File: c:\program files\symantec client security\symantec client firewall\nisevt.dll Product: Internet Security Product Version: 8.7 Company: Symantec Corporation Description: NIS Event Manager Log Event Forwarder Original FileName: File Version Label: 8.7.4.97 File Version Number: 8.7.4.97 SHA-1 Digest: 0xEC728A94B70D68D2579CE6CEAADD1870868666B2 MD5 Digest: 0x4CD56B059301AFFE01C7EE33AB37C131 CRC32 Digest: 0x8F5E7E68 Rootkit Property: Normal File Size: 132784 bytes
File: c:\program files\symantec client security\symantec client firewall\nislcom.dll Product: Internet Security Product Version: 8.7 Company: Symantec Corporation Description: NIS License Wrapper
Original FileName: nisLCom.dll File Version Label: 8.7.4.97 File Version Number: 8.7.4.97 SHA-1 Digest: 0x5F82CD4B8AE2F6C63CBFCF06600F1B33C5D383DF MD5 Digest: 0x99917993884961FC09073ACA8968FBA6 CRC32 Digest: 0x07CBDBB2 Rootkit Property: Normal File Size: 439984 bytes
File: c:\program files\symantec client security\symantec client firewall\nisres.dll Product: Internet Security Product Version: 8.7 Company: Symantec Corporation Description: Resource DLL Original FileName: NISRes.dll File Version Label: 8.7.4.97 File Version Number: 8.7.4.97 SHA-1 Digest: 0x47F11BFC60E68C2432C16573993455A98E1EAF2B MD5 Digest: 0x7DE88912FBCED73385784D697B66F017 CRC32 Digest: 0x690F75D2 Rootkit Property: Normal File Size: 300720 bytes
File: c:\program files\symantec client security\symantec client firewall\prsettg.dll Product:
Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x335DC2B606A209EE53D01E29B9E86E9366A360E1 MD5 Digest: 0xFD35A0A83E8E627D44B5B0A7A2F97414 CRC32 Digest: 0xB4A274F3 Rootkit Property: Normal File Size: 63112 bytes
File: c:\program files\symantec client security\symantec client firewall\sfwalert.dll Product: Internet Security Product Version: 8.7 Company: Symantec Corporation Description: Symantec Client Firewall Alerting Original FileName: File Version Label: 8.7.4.97 File Version Number: 8.7.4.97 SHA-1 Digest: 0x74E657F9C75CEC913959C37A6EB8B386127EBE67 MD5 Digest: 0x1554283926B6172B10C9ADE92F16B783 CRC32 Digest: 0xAC45033B Rootkit Property: Normal File Size: 288432 bytes
File: c:\program files\symantec client security\symantec client firewall\snlog.dll Product: Internet Security Product Version: 8.7 Company: Symantec Corporation Description: SNLog Original FileName: File Version Label: 8.7.4.97 File Version Number: 8.7.4.97 SHA-1 Digest: 0x0A25260B0FA6C40B4712ED02B9544A9B68125638 MD5 Digest: 0x134897D72EC7129A23B4306C78136428 CRC32 Digest: 0xCAAA35D8 Rootkit Property: Normal File Size: 304816 bytes
File: c:\program files\symantec client security\symantec client firewall\symfwagt.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Firewall Agent Original FileName: SymFWAgt.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xA67AD522B536541FF3F76DF05F9959E90B1840F1 MD5 Digest: 0xA9F85878057010406474B5B1A4B1CA78
CRC32 Digest: 0x5774C54F Rootkit Property: Normal File Size: 165536 bytes
File: c:\program files\symantec client security\symantec client firewall\symsport.exe Product: Internet Security Product Version: 8.7 Company: Symantec Corporation Description: SymSPort.exe Original FileName: File Version Label: 8.7.4.97 File Version Number: 8.7.4.97 SHA-1 Digest: 0x20C26A2060BE13BF49D68E1B2477BAE86A510998 MD5 Digest: 0x768F00CA60302DA7CA682B58C52A3A05 CRC32 Digest: 0xA725A488 Rootkit Property: Normal File Size: 173744 bytes
File: c:\program files\symantec client security\symantec client firewall\tlevel.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec TLevel Assessor Original FileName: TLevel.dll File Version Label: 104.0.11.1
File Version Number: 104.0.11.1 SHA-1 Digest: 0xCEBD6B1B1FE3B4AC6C100B5AECFBD3CFC026F09C MD5 Digest: 0x538A33E7C358458625638590580F634D CRC32 Digest: 0x9422890E Rootkit Property: Normal File Size: 108192 bytes
File: c:\program files\symantec\liveupdate\lsetup.exe Product: LiveUpdate Product Version: 3.1.0.90 Company: Symantec Corporation Description: LiveUpdate Installer Original FileName: LSetup.exe File Version Label: 3.1.0.90 File Version Number: 3.1.0.90 SHA-1 Digest: 0xB8602A25B82488C31666D6983B39FB91B96F7E48 MD5 Digest: 0xA2B87C2E0EB3A3287E65023770068AB5 CRC32 Digest: 0xEB52CAD4 Rootkit Property: Normal File Size: 186048 bytes
File: c:\program files\symantec\liveupdate\pslucomserver_3_1.dll Product: LiveUpdate Product Version: 3.1.0.90 Company: Symantec Corporation
Description: LiveUpdate Engine COM Module Original FileName: LuComServer.exe File Version Label: 3.1.0.90 File Version Number: 3.1.0.90 SHA-1 Digest: 0x3FF3F82DADAC304566EF6D2339BB0A9158919FCF MD5 Digest: 0x50C361F63CC027684DC2AC061582FAF5 CRC32 Digest: 0xAA4A1914 Rootkit Property: Normal File Size: 75456 bytes
File: c:\program files\symantec\symevent.sys Product: SYMEVENT Product Version: 12.1.2.1 Company: Symantec Corporation Description: Symantec Event Library Original FileName: SYMEVENT.SYS File Version Label: 12.1.2.1 File Version Number: 12.1.2.1 SHA-1 Digest: 0x4B45F7FC0736F1F8628EFCF93AC3A48B1E039C02 MD5 Digest: 0xDE6D1102D55926354171AE4E73936725 CRC32 Digest: 0xBE9FEBB9 Rootkit Property: Normal File Size: 109744 bytes
File: c:\program files\synaptics\syntp\synisdll.dll
Product: Progressive Touch Product Version: 7.5.17.25 10Aug07 Company: Synaptics, Inc. Description: Install Resource Strings Original FileName: SynISDLL.dll File Version Label: 7.5.17.25 10Aug07 File Version Number: 7.5.17.25 SHA-1 Digest: 0x17002BC5DB71C5215BF8D400E16AFFAC94C6188C MD5 Digest: 0xDDA7CA77EFA04A83919EB671353B1A21 CRC32 Digest: 0xF47A580C Rootkit Property: Normal File Size: 471040 bytes
File: c:\program files\synaptics\syntp\syntpenh.exe Product: Progressive Touch Product Version: 7.5.17.25 10Aug07 Company: Synaptics, Inc. Description: Synaptics TouchPad Enhancements Original FileName: SynTPEnh.exe File Version Label: 7.5.17.25 10Aug07 File Version Number: 7.5.17.25 SHA-1 Digest: 0x102F8486CD5C411B619D853EBC0405FE02A2361C MD5 Digest: 0x49E9B2D790163FEA86E0FAB1C0A2AABC CRC32 Digest: 0x9DCAB8D3 Rootkit Property: Normal
File Size: 512000 bytes
File: c:\program files\synaptics\syntp\syntplpr.exe Product: Progressive Touch Product Version: 7.5.17.25 10Aug07 Company: Synaptics, Inc. Description: TouchPad Driver Helper Application Original FileName: SynTPLpr.exe File Version Label: 7.5.17.25 10Aug07 File Version Number: 7.5.17.25 SHA-1 Digest: 0x388A6E7DA4057C2EA881664F96F57F8EF63ABFBB MD5 Digest: 0xEAD2CCC0F427DA355E85E3263C628EF6 CRC32 Digest: 0x0A3854EA Rootkit Property: Normal File Size: 110592 bytes
File: c:\program files\tata photon+\huawei\uninst.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x6C3584DDAD3834D7CCE805B2ACF203FDC4BA60F1
MD5 Digest: 0x524FFB172A5F74CA9B47E35DEB29F52C CRC32 Digest: 0x565E950E Rootkit Property: Normal File Size: 99211 bytes
File: c:\program files\thinkpad\bluetooth software\bin\btwdins.exe Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: Bluetooth Support Server Original FileName: BTWDIns.EXE File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0x1B5109056076CDCA41A0761040E899FD22B5C3E2 MD5 Digest: 0x26E038920DEC7BCDCAC1E4851A235DD0 CRC32 Digest: 0x59A7905B Rootkit Property: Normal File Size: 264800 bytes
File: c:\program files\thinkpad\connectutilities\acadaptersinfo.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Adapters Info Module Original FileName: AcAdaptersInfo.dll
File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0x8603E60128272C88D19281F81BD27D27D12BA350 MD5 Digest: 0x6B6868819C9B9F050E0E59CF69E5DEBD CRC32 Digest: 0x7F359B63 Rootkit Property: Normal File Size: 144744 bytes
File: c:\program files\thinkpad\connectutilities\accrypthlpr.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Crypt Helper Module Original FileName: AcCryptHlpr.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xA23223606504202BAFF538FD774AC698DAE52826 MD5 Digest: 0xA9C4569AFB8EF4E7AD814E900E9E0094 CRC32 Digest: 0x234048F8 Rootkit Property: Normal File Size: 472424 bytes
File: c:\program files\thinkpad\connectutilities\acgina.dll Product: Access Connections Product Version: 5.50
Company: Lenovo Description: Access Connections Gina Module Original FileName: ACGina.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xBB896092732B61292E0A8904DFC6AA3437B5E78F MD5 Digest: 0x1E16125C2F89FF492DCE1C02CD5EDD92 CRC32 Digest: 0x12436F52 Rootkit Property: Normal File Size: 237568 bytes
File: c:\program files\thinkpad\connectutilities\acgolan.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Intel WLAN Adapter Support Module Original FileName: AcGolan.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xAE2882E2CBF2613B4F6548B40A34AD7E3D39719E MD5 Digest: 0x3188599A17109567C35B00AB0FAC997C CRC32 Digest: 0x7D6737AC Rootkit Property: Normal File Size: 225280 bytes
File: c:\program files\thinkpad\connectutilities\acguihlpr.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections GUI Helper Module Original FileName: ACGUIHlpr.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xBEB1FB1A44BD9D63E6374B50AE03F7B8EA6BF9D2 MD5 Digest: 0x254C9A12BCEA98691732833C3F5E431E CRC32 Digest: 0x4BC67685 Rootkit Property: Normal File Size: 1041768 bytes
File: c:\program files\thinkpad\connectutilities\achelper.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Helper Module Original FileName: ACHelper.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0x8662B5809F7ED297DE8035DA50C7D5E6826DE757 MD5 Digest: 0x3C597539CA2190D55BF7F2C04BD5D172 CRC32 Digest: 0x18F7ACBC
Rootkit Property: Normal File Size: 99688 bytes
File: c:\program files\thinkpad\connectutilities\aclocmigrator.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Location Migration Module Original FileName: AcLocMigrator.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xAE334464F03DF24E943506AA5DDB975DA2E88195 MD5 Digest: 0x740813D083A86BC9E98CC02094111CDB CRC32 Digest: 0xDE10B919 Rootkit Property: Normal File Size: 120168 bytes
File: c:\program files\thinkpad\connectutilities\aclocsettings.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Location Settings Module Original FileName: AcLocSettings.dll File Version Label: 5.50 File Version Number: 5.5.0.16
SHA-1 Digest: 0x47C6E2F0E4603160E57455B40A48D7E0F08ED521 MD5 Digest: 0x4669217997E8694F58C795562D6ED60E CRC32 Digest: 0x1AE34970 Rootkit Property: Normal File Size: 202088 bytes
File: c:\program files\thinkpad\connectutilities\acnewbioshelper.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x4EA65DE4A78B00278AAE781455DD642ACE500CE4 MD5 Digest: 0x2BF68BAF97BD40CE30611F07B26BACAD CRC32 Digest: 0xB9717E18 Rootkit Property: Normal File Size: 6656 bytes
File: c:\program files\thinkpad\connectutilities\acon.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections ACON Module
Original FileName: ACon.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0x5DCEF730748306C18FCDBBCC20BCF11631AD66A5 MD5 Digest: 0x746A0EB97FDBFBF62767FB29D05F547C CRC32 Digest: 0xCD0395AB Rootkit Property: Normal File Size: 714088 bytes
File: c:\program files\thinkpad\connectutilities\acprfmgr.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Profile Manager Module Original FileName: AcPrfMgr.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xF9265B7DF72866770BA136FE79494010EAE85215 MD5 Digest: 0x2986FC3A8B3BB53DE40CFCBC2FD34758 CRC32 Digest: 0x00E3720D Rootkit Property: Normal File Size: 169320 bytes
File: c:\program files\thinkpad\connectutilities\acprfmgrsvc.exe Product: Access Connections
Product Version: 5.50 Company: Lenovo Description: Access Connections Profile Manager Service Original FileName: AcPrfMgrSvc.exe File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xD6C1544FFCD42ED81EA38480C3A755E016B8148A MD5 Digest: 0x99E1D5B861985310142FE1F5349E7C07 CRC32 Digest: 0xAFDE598D Rootkit Property: Normal File Size: 103784 bytes
File: c:\program files\thinkpad\connectutilities\acsmbioshelper.dll Product: ThinkVantage Access Connections Product Version: 5.50 Company: Lenovo Description: ThinkVantage Access Connections SMBIOS Helper Module Original FileName: AcSmBiosHelper.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0x57802A9FADC18E0F8EB7891EF9D124185FB7EBA9 MD5 Digest: 0xF71F3880C161094DC0C1ED29928F5327 CRC32 Digest: 0x52992815 Rootkit Property: Normal File Size: 91496 bytes
File: c:\program files\thinkpad\connectutilities\acsvc.exe Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Main Service Original FileName: AcSvc.exe File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xAC8F1F738709310D8C8C8F1AF312D50178F9A345 MD5 Digest: 0xE2BA1C0CF3C4A3E9BFFFFFD6DE824090 CRC32 Digest: 0xA870AEA4 Rootkit Property: Normal File Size: 230760 bytes
File: c:\program files\thinkpad\connectutilities\acsvchlpr.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Main Service Helper Module Original FileName: AcSvcHlpr.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xCB3E1BC1AE9185034DF314CDF724C5A652F004B3 MD5 Digest: 0x1AA6D013A44C54187143B46259E95FDA
CRC32 Digest: 0x36237AC4 Rootkit Property: Normal File Size: 546152 bytes
File: c:\program files\thinkpad\connectutilities\acsvcstub.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Main Service Stub Module Original FileName: AcSvcStub.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xB232584D9541E6D62BE029A4DC6956B29942F8F9 MD5 Digest: 0xB3054714403E0CA297223D3F90BE74CD CRC32 Digest: 0x02BD99FB Rootkit Property: Normal File Size: 181608 bytes
File: c:\program files\thinkpad\connectutilities\actray.exe Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Tray Application Original FileName: AcTray.exe File Version Label: 5.50
File Version Number: 5.5.0.16 SHA-1 Digest: 0x2E773C0BD50E77AA66510792F2292B7396418BF6 MD5 Digest: 0x7582DD8DB904C21DD98FF19C7D2D437F CRC32 Digest: 0xF2E5FB4F Rootkit Property: Normal File Size: 431464 bytes
File: c:\program files\thinkpad\connectutilities\acturinsupport.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Turin Support Module Original FileName: ACTurinSupport.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0xF2CCBE904CCDDE4C5BF27B2B6EDEFFEE43DEB181 MD5 Digest: 0x6209A58FB3EAE1F06E38CAF51F429A98 CRC32 Digest: 0x7718F935 Rootkit Property: Normal File Size: 15720 bytes
File: c:\program files\thinkpad\connectutilities\anc.dll Product: IBM Access Connections Product Version: 3, 2, 0, 0 Company: IBM Corp.
Description: IBM Access Connections - ANC Original FileName: ANC.DLL File Version Label: 8.3 File Version Number: 8.3.0.0 SHA-1 Digest: 0xA44339FD180E0531F6E60B7A94BD98D31344FB2F MD5 Digest: 0x1C2355D7A6B2941170C5AB71DFC8107F CRC32 Digest: 0xAB8EBEE5 Rootkit Property: Normal File Size: 57344 bytes
File: c:\program files\thinkpad\connectutilities\anca.dll Product: IBM Access Connections Product Version: 3, 2, 0, 0 Company: IBM Corp. Description: IBM Access Connections - ANC Original FileName: ANCA.DLL File Version Label: 8.3 File Version Number: 8.3.0.0 SHA-1 Digest: 0x791647C32AFD1265B5B23200CE06CEA02B416D56 MD5 Digest: 0x6F8DECC0FF846A3CE883EFFEE621EC84 CRC32 Digest: 0xD09F2253 Rootkit Property: Normal File Size: 94208 bytes
File: c:\program files\thinkpad\connectutilities\res\us\guihlprres.dll
Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xC62271284C5468A5E5807D1B07D006B48F3F03AF MD5 Digest: 0x976EED787006BF9318C65633EB2D9757 CRC32 Digest: 0x9B6009A3 Rootkit Property: Normal File Size: 43520 bytes
File: c:\program files\thinkpad\connectutilities\res\us\svchlprres.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x330168E04CF4EB9EA5A2FF076A68EAA91765BFE0 MD5 Digest: 0xAAA5A958039DA6CED587DEED117B7E3F CRC32 Digest: 0x63A98EDB Rootkit Property: Normal
File Size: 77824 bytes
File: c:\program files\thinkpad\connectutilities\res\us\trayres.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Tray Resource Original FileName: TrayRes.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0x4B75737FB451F2C70A6C049614F7615A02C6BE2F MD5 Digest: 0x6176C34459B60C794B17CED0D624D269 CRC32 Digest: 0x89E65B7A Rootkit Property: Normal File Size: 9216 bytes
File: c:\program files\thinkpad\connectutilities\svcguihlpr.exe Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections SvcGuiHlpr Application Original FileName: SvcGuiHlpr.exe File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0x09A0E02777E2195C72EB98D5330399579441650E
MD5 Digest: 0x1F8A66CE1E849D9C1B0AAC84BCF52799 CRC32 Digest: 0xF9A18B2E Rootkit Property: Normal File Size: 167936 bytes
File: c:\program files\thinkpad\connectutilities\thinqcon.dll Product: Access Connections Product Version: 5.50 Company: Lenovo Description: Access Connections Thin QCon Module Original FileName: ThinQCon.dll File Version Label: 5.50 File Version Number: 5.5.0.16 SHA-1 Digest: 0x0EB1A2683463609B60548FB71C1C580044AF2021 MD5 Digest: 0xFE4D8FB506BDD38B716FE0CCEC436D54 CRC32 Digest: 0x4B024717 Rootkit Property: Normal File Size: 103784 bytes
File: c:\program files\thinkpad\connectutilities\tpwrpc.dll Product: On screen display Product Version: 1.02 Company: Lenovo Group Limited Description: ThinkPad Wireless Radio Power Control Library Original FileName: tpwrpc.dll
File Version Label: 1.02 File Version Number: 1.0.2.0 SHA-1 Digest: 0x21EDE6DA026A7F3E1B9E04093B585C93E91BA68A MD5 Digest: 0xD724AEB8ACA260C6A8209D4F1993CF61 CRC32 Digest: 0xE5C7B7D8 Rootkit Property: Normal File Size: 83392 bytes
File: c:\program files\thinkpad\tpshocks\mui\0409\tpshocks.dll Product: ThinkVantage Active Protection System Product Version: 1.54 Company: Lenovo. Description: ThinkVantage Active Protection System Original FileName: TpShocks.exe File Version Label: 1.54.0.1 File Version Number: 1.54.0.1 SHA-1 Digest: 0x951226B126BF93192DFBE61D45F13DF2F1B245F5 MD5 Digest: 0xF60ACC9E1708DD4098DB0447F4BF3A74 CRC32 Digest: 0xBCE4181F Rootkit Property: Normal File Size: 95520 bytes
File: c:\program files\thinkpad\utilities\tpkmapap.exe Product: Keyboard Customizer Product Version: 1, 3, 0, 0
Company: Lenovo Description: Keyboard Customizer Original FileName: TpKmapAp.EXE File Version Label: 1, 3, 0, 0 File Version Number: 1.3.0.0 SHA-1 Digest: 0x13EC5126F6B55F0DB343E61FDC3E579251BAEEC0 MD5 Digest: 0xAC4DBF4B495BD25F6C9B9F55DA640420 CRC32 Digest: 0xD6DA0809 Rootkit Property: Normal File Size: 868352 bytes
File: c:\program files\videolan\vlc\uninstall.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xF069624670FA9663EDB051F276171C3FE54970F6 MD5 Digest: 0xE1A3878DED0023D938E306554E55B5D6 CRC32 Digest: 0x7AB20C3C Rootkit Property: Normal File Size: 195815 bytes
File: c:\program files\websm\_uninst\uninstall.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x5A4A507953DF5CBEAEBDCEB9843D79CC2E317372 MD5 Digest: 0x2FF4687A26EC306FF7EF0FE7F4171981 CRC32 Digest: 0xF033EA48 Rootkit Property: Normal File Size: 305148 bytes
File: c:\program files\windows media player\setup_wm.exe Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Microsoft Windows Media Configuration Utility Original FileName: setup_wm.exe File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0xF7D9EC64D779398C15BFE1B3727CEF36AC3FB92C MD5 Digest: 0x70AE876F8314819A466A830D9BBF23FC CRC32 Digest: 0x336F0DFB
Rootkit Property: Normal File Size: 1669632 bytes
File: c:\program files\windows media player\wmpenc.exe Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Player Encoder Helper Original FileName: wmpenc.exe File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0xD7F49D0563E7FB5BA57B4735A858D33481AF63E7 MD5 Digest: 0xD78B9D50A090168C1FBF01710125B06C CRC32 Digest: 0x8F056CBF Rootkit Property: Normal File Size: 25600 bytes
File: c:\program files\windows media player\wmplayer.exe Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Player Original FileName: wmplayer.exe File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262
SHA-1 Digest: 0x2473468C8E097E495E4A0ECD81313DF71CC9F490 MD5 Digest: 0x15FC4AD85BADC2B2A851E5B8495FCFCD CRC32 Digest: 0xB4A05D00 Rootkit Property: Normal File Size: 64512 bytes
File: c:\program files\windows media player\wmpnetwk.exe Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Player Network Sharing Service Original FileName: WMPNetwk.exe File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x577447EDA713CB328B563085E0128DAA92B05576 MD5 Digest: 0x6BAB4DC65515A098505F8B3D01FB6FE5 CRC32 Digest: 0xECF4D42C Rootkit Property: Normal File Size: 913408 bytes
File: c:\program files\windows media player\wmsetsdk.exe Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Microsoft Windows Media Configuration Utility
Original FileName: setup_wm.exe File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0xF7D9EC64D779398C15BFE1B3727CEF36AC3FB92C MD5 Digest: 0x70AE876F8314819A466A830D9BBF23FC CRC32 Digest: 0x336F0DFB Rootkit Property: Normal File Size: 1669632 bytes
File: c:\program files\winpcap\rpcapd.exe Product: WinPcap Product Version: 4.1.0.2001 Company: CACE Technologies, Inc. Description: Remote Packet Capture Daemon Original FileName: rpcapd.exe File Version Label: 4.1.0.2001 File Version Number: 4.1.0.2001 SHA-1 Digest: 0x1568C3BB5A8E7FD530AC1996A137FD22E117A707 MD5 Digest: 0xB60F58F175DE20A6739194E85B035178 CRC32 Digest: 0x772C6075 Rootkit Property: Normal File Size: 117264 bytes
File: c:\program files\winpcap\uninstall.exe Product: WinPcap 4.1.2
Product Version: Company: CACE Technologies, Inc. Description: WinPcap 4.1.2 installer Original FileName: File Version Label: 4.1.0.2001 File Version Number: 4.1.0.2001 SHA-1 Digest: 0x8A1C1C9718807DFE4671348F2B2F73ED75A2FC2D MD5 Digest: 0xCA9A97F36C096F79CC209C8685F24E5A CRC32 Digest: 0x1139EBF0 Rootkit Property: Normal File Size: 119890 bytes
File: c:\program files\winrar\rarext.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 3.93.0.0 SHA-1 Digest: 0x82394E38071109609AB08C548005070E958E7BA7 MD5 Digest: 0x30A23A61E651C7487407CF74176C6AB1 CRC32 Digest: 0xFF741404 Rootkit Property: Normal File Size: 141824 bytes
File: c:\program files\winrar\uninstall.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 3.93.0.0 SHA-1 Digest: 0xD048F25AC6F21D136487D51C95AF1688E27003CC MD5 Digest: 0xEEF1A4F707778F6659AE9CB26B128EB9 CRC32 Digest: 0x7AFFB715 Rootkit Property: Normal File Size: 120832 bytes
File: c:\program files\wordweb\uninst.exe Product: Product Version: 1.0.0.0 Company: Antony Lewis Description: WordWeb thesaurus/dictionary install program Original FileName: File Version Label: 5.0.0.0 File Version Number: 5.0.0.0 SHA-1 Digest: 0xB1195C1187F14327D1FCEA9B439D15F69610D6EC MD5 Digest: 0x0850221B6B3989393BEFC04CA179093C
CRC32 Digest: 0xE2266743 Rootkit Property: Normal File Size: 500920 bytes
File: c:\program files\wordweb\wcapture.dll Product: DTCapt Product Version: 3, 0, 0, 19 Company: Deskperience Description: DTCapt Dynamic Link Library Original FileName: DTCapt.dll File Version Label: 3, 0, 0, 19 File Version Number: 3.0.0.19 SHA-1 Digest: 0x86DAC1C7284A6E1F37C955B05BF369CE82DAF4F6 MD5 Digest: 0x63E10F26DFC62D215A507A8F16291E81 CRC32 Digest: 0xE2A7CDE8 Rootkit Property: Normal File Size: 221400 bytes
File: c:\program files\wordweb\wucnt.dll Product: Product Version: Company: Description: Original FileName: File Version Label:
File Version Number: 0.0.0.0 SHA-1 Digest: 0x7F09090849A43414950632A59881A380FEF73788 MD5 Digest: 0x7B34EB727FB33675B2AA3744E20E7177 CRC32 Digest: 0x8224E142 Rootkit Property: Normal File Size: 22736 bytes
File: c:\program files\wordweb\wweb32.exe Product: WordWeb Product Version: 5.0.0.0 Company: Antony Lewis Description: WordWeb thesaurus/dictionary Original FileName: File Version Label: 5.0.0.0 File Version Number: 5.0.0.0 SHA-1 Digest: 0x6C88B0793B9E7CC681AF8E3643E0CEA646859CB6 MD5 Digest: 0x430C23985F52F458895B3875BCA5C4B8 CRC32 Digest: 0xBEC6F94E Rootkit Property: Normal File Size: 42168 bytes
File: c:\program files\wst\unins000.exe Product: Product Version: Company:
Description: Setup/Uninstall Original FileName: File Version Label: 51.52.0.0 File Version Number: 51.52.0.0 SHA-1 Digest: 0xF0DA272B348EE179D858BCC7FAEA26C9B84972DC MD5 Digest: 0x4A1A31B36549E9368BA56CC7FC273291 CRC32 Digest: 0x46FD07E2 Rootkit Property: Normal File Size: 722718 bytes
File: c:\program files\yahoo!\messenger\yahoomessenger.exe Product: Yahoo! Messenger Product Version: 10,0,0,1270 Company: Yahoo! Inc. Description: Yahoo! Messenger Original FileName: File Version Label: 10,0,0,1270 File Version Number: 10.0.0.1270 SHA-1 Digest: 0x7AD170AC4A784D6EA68A5E9ECAEB462EAA0F9594 MD5 Digest: 0xC0D12E6C85FC6DD7FF1DBB04F2DC933B CRC32 Digest: 0xBEC348A0 Rootkit Property: Normal File Size: 5252408 bytes
File: c:\progra~1\common~1\instal~1\driver\1050\intel3~1\idriver.exe
Product: InstallDriver Module Product Version: 10.50 Company: Macrovision Corporation Description: InstallDriver Module Original FileName: InstallDriver.EXE File Version Label: 10.50.125 File Version Number: 10.50.0.125 SHA-1 Digest: 0x4043A8A9D6F0628586470D53B7DADCA3D1A3BA62 MD5 Digest: 0xD82C9D45C46477906DADDCAB7DC43068 CRC32 Digest: 0xDF34E087 Rootkit Property: Normal File Size: 774144 bytes
File: c:\progra~1\common~1\instal~1\driver\7\intel3~1\idriver.exe Product: InstallDriver Module Product Version: 7.03 Company: Description: InstallDriver Module Original FileName: InstallDriver.EXE File Version Label: 7.03.318 File Version Number: 7.3.0.318 SHA-1 Digest: 0xA1292E1EBE9C948997DE2F90D7BB8634EC298B80 MD5 Digest: 0x23DBB0678BBE5AF50B6158CC043DD3ED CRC32 Digest: 0x372ADD10 Rootkit Property: Normal
File Size: 622592 bytes
File: c:\progra~1\common~1\instal~1\driver\9\intel3~1\idriver.exe Product: InstallDriver Module Product Version: 9.01 Company: InstallShield Software Corporation Description: InstallDriver Module Original FileName: InstallDriver.EXE File Version Label: 9.01.429 File Version Number: 9.1.0.429 SHA-1 Digest: 0xE5F40CD1F5C700F2417968BE16AA6E3862627313 MD5 Digest: 0x8CEF05C47F798BB773C04D19DBDABBF8 CRC32 Digest: 0x3A20A3B0 Rootkit Property: Normal File Size: 761856 bytes
File: c:\progra~1\common~1\micros~1\virtua~1\cvhbs.exe Product: Microsoft Office 2010 Product Version: 14.0.4750.1000 Company: Microsoft Corporation Description: Microsoft Office Client Virtualization Handler Original FileName: CVHBS.exe File Version Label: 14.0.4750.1000 File Version Number: 14.0.4750.1000 SHA-1 Digest: 0xA601532717B016C669FA24EDC12C8D988F2C4473
MD5 Digest: 0xA92FC5D8E0E8E202B424A4438724F6D4 CRC32 Digest: 0x46FC21A2 Rootkit Property: Normal File Size: 379808 bytes
File: c:\progra~1\common~1\symant~1\ccalert.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Alert and Notification Original FileName: CCALERT.DLL File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x19B438DAFCCA2707CC1550B2A55AF0EBE159E795 MD5 Digest: 0xAC3DA10512F2455FF95F659EF364A4E2 CRC32 Digest: 0x732E6BA3 Rootkit Property: Normal File Size: 222880 bytes
File: c:\progra~1\common~1\symant~1\ccemlpxy.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Email Proxy Original FileName: ccEmlPxy.dll
File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xFFE7990E5C505A9AB97A3B560E0B96BDE50BBF97 MD5 Digest: 0x0BB158E2EF248767D2B5A4E40452B1F0 CRC32 Digest: 0xC3F70BB8 Rootkit Property: Normal File Size: 259744 bytes
File: c:\progra~1\common~1\symant~1\cclogin.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Login Manager Original FileName: ccLogin.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x1428CEAF76EB47A046E858BDDAC0090929249927 MD5 Digest: 0x44AC9B733A263379A7FAB41744EE5B77 CRC32 Digest: 0xAE7F8E36 Rootkit Property: Normal File Size: 112288 bytes
File: c:\progra~1\common~1\symant~1\ccpxyevt.dll Product: Client and Host Security Platform Product Version: 104.0.11.1
Company: Symantec Corporation Description: Symantec Proxy Event Factory Original FileName: ccPxyEvt.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0xE66A119DF7DF4B8F09B91590B887201A93AE6A36 MD5 Digest: 0xACF90909394ED33B8B9E85C22AEDD3D5 CRC32 Digest: 0xA5947986 Rootkit Property: Normal File Size: 276128 bytes
File: c:\progra~1\common~1\symant~1\ccsetevt.dll Product: Client and Host Security Platform Product Version: 104.0.11.1 Company: Symantec Corporation Description: Symantec Settings Manager Event Factory Original FileName: ccSetEvt.dll File Version Label: 104.0.11.1 File Version Number: 104.0.11.1 SHA-1 Digest: 0x753D856FDDC7FFE02373DBC1050A83C317B1A8FB MD5 Digest: 0xDC9D956BF7551FF77FC91F6A5B05BC5F CRC32 Digest: 0xF7F943D4 Rootkit Property: Normal File Size: 87712 bytes
File: c:\progra~1\common~1\symant~1\spbbc\spbbcevt.dll Product: SPBBC Product Version: 2.2.0.7 Company: Symantec Corporation Description: SPBBC Events Original FileName: SPBBCEvt.dll File Version Label: 2.2.0.7 File Version Number: 2.2.0.7 SHA-1 Digest: 0x31583132B38C9A386DAD3A236933696BB5F00CFC MD5 Digest: 0xCF723424516314E7903551817D42C9F9 CRC32 Digest: 0x2A3A84E5 Rootkit Property: Normal File Size: 714384 bytes
File: c:\progra~1\common~1\symant~1\symcdata\scfids~1\20110126.001\symidsco.sys Product: Symantec Intrusion Detection Product Version: 8.5 Company: Symantec Corporation Description: IDS Core Driver Original FileName: File Version Label: 8.5.0.8 File Version Number: 8.5.0.8 SHA-1 Digest: 0x590A8DFD05870F91070821106A79EDF1617BC8C0 MD5 Digest: 0x2133D1F879B280121B0E6A7D34B24A02 CRC32 Digest: 0x67E73D89
Rootkit Property: Normal File Size: 270712 bytes
File: c:\progra~1\common~1\symant~1\virusd~1\20110202.002\cceraser.dll Product: ERASER ENGINE Product Version: 110.1.4.5 Company: Symantec Corporation Description: Symantec Eraser Engine Original FileName: ccEraser.dll File Version Label: 110.1.4.5 File Version Number: 110.1.4.5 SHA-1 Digest: 0xE69155A0E430E8D9ECECE601A7A73F1E48DAF987 MD5 Digest: 0x18B460AD6C9DE8CBE5C1C636E6D434D6 CRC32 Digest: 0x5F6052C3 Rootkit Property: Normal File Size: 2792568 bytes
File: c:\progra~1\common~1\symant~1\virusd~1\20110202.002\ecmsvr32.dll Product: ECOM Server Product Version: 101.3.0.93 Company: Symantec Corporation Description: Symantec Engine Common Object Model Server Original FileName: ecmsvr32.DLL File Version Label: 101.3.0.93 File Version Number: 101.3.0.93
SHA-1 Digest: 0xEFFCCFD92E3F83566B53FA8C43BF1E26CCF9A989 MD5 Digest: 0xCBD9B8DBE455EEFBD76766CDDE0474A9 CRC32 Digest: 0xE90169FA Rootkit Property: Normal File Size: 279992 bytes
File: c:\progra~1\common~1\symant~1\virusd~1\20110202.002\naveng.sys Product: Symantec Antivirus Engine Product Version: 20101.3.1.1 Company: Symantec Corporation Description: AV Engine Original FileName: naveng32.dll File Version Label: 20101.3.1.1 File Version Number: 20101.3.1.1 SHA-1 Digest: 0x2A2915DAA57B046A932F0FF30D8B0CE3FFDB86DC MD5 Digest: 0xC8EF74E4D8105B1D02D58EA4734CF616 CRC32 Digest: 0xE013F945 Rootkit Property: Normal File Size: 86008 bytes
File: c:\progra~1\common~1\symant~1\virusd~1\20110202.002\naveng32.dll Product: Symantec Antivirus Engine Product Version: 20101.3.0.103 Company: Symantec Corporation Description: AV Engine
Original FileName: naveng32.dll File Version Label: 20101.3.0.103 File Version Number: 20101.3.0.103 SHA-1 Digest: 0x23E0361D958F5ED85677EF38005BB23BA00A404E MD5 Digest: 0x96AB66A711247D9793D1F6AA58FF5E42 CRC32 Digest: 0x1949B238 Rootkit Property: Normal File Size: 177592 bytes
File: c:\progra~1\common~1\symant~1\virusd~1\20110202.002\navex15.sys Product: Symantec Antivirus Engine Product Version: 20101.3.1.1 Company: Symantec Corporation Description: AV Engine Original FileName: navex32a.dll File Version Label: 20101.3.1.1 File Version Number: 20101.3.1.1 SHA-1 Digest: 0x40AD9532DFA493915C2F44CD7E34DAEC42F40C6F MD5 Digest: 0x94B3164055D821A62944D9FE84036470 CRC32 Digest: 0xCF3012DA Rootkit Property: Normal File Size: 1360760 bytes
File: c:\progra~1\common~1\symant~1\virusd~1\20110202.002\navex32a.dll Product: Symantec Antivirus Engine
Product Version: 20101.3.0.103 Company: Symantec Corporation Description: AV Engine Original FileName: navex32a.dll File Version Label: 20101.3.0.103 File Version Number: 20101.3.0.103 SHA-1 Digest: 0xF6F9812E7A76755BE6CBBB306746A2FBE055C261 MD5 Digest: 0xFE78ACFDE622E63D92CA49412BB9CE53 CRC32 Digest: 0x987A5090 Rootkit Property: Normal File Size: 1705400 bytes
File: c:\progra~1\difx\270581355a767bf1\dpinst.exe Product: Driver Package Installer (DPInst) Product Version: 2.1 Company: Microsoft Corporation Description: Driver Package Installer Original FileName: DPInst.exe File Version Label: 2.1 File Version Number: 2.1.0.0 SHA-1 Digest: 0x77FA9F9255D8577AA28357F97E09838C9C43DE34 MD5 Digest: 0x3F442906B29B552F1C9FEC1E221D90B7 CRC32 Digest: 0x7BB58539 Rootkit Property: Normal File Size: 795104 bytes
File: c:\progra~1\difx\b4723e9a0713e5b1\dpinst.exe Product: Driver Package Installer (DPInst) Product Version: 2.1.1 Company: Microsoft Corporation Description: Driver Package Installer Original FileName: DPInst.exe File Version Label: 2.1.1 File Version Number: 2.1.1.0 SHA-1 Digest: 0x8EFE297772764772D2631FCE9398B3A27CE96AEB MD5 Digest: 0x2BFABD08BFAA4C75FE105AF365733954 CRC32 Digest: 0xFAB7C421 Rootkit Property: Normal File Size: 800824 bytes
File: c:\progra~1\micros~2\office11\1033\ppintl.dll Product: Microsoft Office 2003 Product Version: 11.0.8161 Company: Microsoft Corporation Description: Microsoft Office PowerPoint Original FileName: PPINTL.DLL File Version Label: 11.0.8161 File Version Number: 11.0.8161.0 SHA-1 Digest: 0x667322B850BC5238983E4F1655A1EFED4102039A MD5 Digest: 0x12EB7DFA9EF26CA8AC4074442D2A18BB
CRC32 Digest: 0xBA104F8B Rootkit Property: Normal File Size: 492896 bytes
File: c:\progra~1\micros~2\office11\gdiplus.dll Product: Microsoft Office 2003 Product Version: 11.0.8312 Company: Microsoft Corporation Description: Microsoft Office 2003 component Original FileName: gdiplus.dll File Version Label: 11.0.8312 File Version Number: 11.0.8312.0 SHA-1 Digest: 0x3FCE14147EB08096AF2DCE192802FA904A174774 MD5 Digest: 0xD06AAF2A7BAC263D0FEB686880644F56 CRC32 Digest: 0xA33D9A43 Rootkit Property: Normal File Size: 1700168 bytes
File: c:\progra~1\micros~2\office11\powerpnt.exe Product: Microsoft Office 2003 Product Version: 11.0.8324 Company: Microsoft Corporation Description: Microsoft Office PowerPoint Original FileName: POWERPNT.EXE File Version Label: 11.0.8324
File Version Number: 11.0.8324.0 SHA-1 Digest: 0xB5AAB28C0E17D2C3E08D3EDC909E0D679CA4F2A9 MD5 Digest: 0x845311B9DCE25F9267D4EE52CC263941 CRC32 Digest: 0x575B60C8 Rootkit Property: Normal File Size: 6418776 bytes
File: c:\progra~1\symantec\liveup~1\lucoms~1.exe Product: LiveUpdate Product Version: 3.1.0.90 Company: Symantec Corporation Description: LiveUpdate Engine COM Module Original FileName: LuComServer.exe File Version Label: 3.1.0.90 File Version Number: 3.1.0.90 SHA-1 Digest: 0x7C866C9733D12F00C76B2B66967DB06C9E1B1420 MD5 Digest: 0xFC38B32BFC5F750FF3A5C527F946582B CRC32 Digest: 0x8ECBFA66 Rootkit Property: Normal File Size: 2528960 bytes
File: c:\progra~1\symant~2\symant~1\logfwder.dll Product: Internet Security Product Version: 8.7 Company: Symantec Corporation
Description: Internet Security Log Forwarder Original FileName: LogFwder.dll File Version Label: 8.7.4.97 File Version Number: 8.7.4.97 SHA-1 Digest: 0xB4E22A3649E9FF09FFFD801527314B06EB63CEB9 MD5 Digest: 0x3FA9C31799014473F4E2BC4611435C62 CRC32 Digest: 0xA6E5478B Rootkit Property: Normal File Size: 226992 bytes
File: c:\progra~1\symant~2\symant~1\nisalert.dll Product: Internet Security Product Version: 8.7 Company: Symantec Corporation Description: Internet Security Alert Original FileName: File Version Label: 8.7.4.97 File Version Number: 8.7.4.97 SHA-1 Digest: 0x2E49A720455A20D25FF49F627CAD23C7690D5B0D MD5 Digest: 0xCBD6EFAD5BED419F93E0E8B912099B06 CRC32 Digest: 0x54C45278 Rootkit Property: Normal File Size: 403120 bytes
File: c:\progra~1\symant~2\symant~1\nisprod.dll
Product: Internet Security Product Version: 8.7 Company: Symantec Corporation Description: NIS Product Plugin Original FileName: NISProd.dll File Version Label: 8.7.4.97 File Version Number: 8.7.4.97 SHA-1 Digest: 0x253E306B86FBF207399C02AE9A376EBEAE77D387 MD5 Digest: 0x83251EE5F07854FF9E229940ACC908F0 CRC32 Digest: 0x40253D53 Rootkit Property: Normal File Size: 460464 bytes
File: c:\progra~1\symant~2\symant~1\nistray.dll Product: Internet Security Product Version: 8.7 Company: Symantec Corporation Description: Internet Security System Tray Original FileName: File Version Label: 8.7.4.97 File Version Number: 8.7.4.97 SHA-1 Digest: 0xF66946C1EEA8B904E3ED524F320D30DB18221E4B MD5 Digest: 0x1DD030AD47C4AD9A36FFD39A530923F4 CRC32 Digest: 0x6C6304CD Rootkit Property: Normal
File Size: 255664 bytes
File: c:\progra~1\symant~2\symant~2\vptray.exe Product: Symantec AntiVirus Product Version: 10.1.5.5000 Company: Symantec Corporation Description: Symantec AntiVirus Original FileName: File Version Label: 10.1.5.5000 File Version Number: 10.1.5.5000 SHA-1 Digest: 0xB9CCE6A3F38412166FEC0D3CE62786AF048C6DEE MD5 Digest: 0xA1307C939E5216317E363D06A5473C7D CRC32 Digest: 0xEC128A08 Rootkit Property: Normal File Size: 125168 bytes
File: c:\progra~1\thinkpad\connec~1\acathv~1.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x0FCE9A330FC09AFC45DB2AAC522041281B3A6FD0
MD5 Digest: 0x4ED1E0158FCB12E27CBE2BADF0EE7315 CRC32 Digest: 0x9591CDEC Rootkit Property: Normal File Size: 53248 bytes
File: c:\progra~1\thinkpad\utilit~1\batlogex.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x2C2EB2A009DB0B00156FA915869423F199C8A419 MD5 Digest: 0xC31CAF9DD23823745159071D58CA47B5 CRC32 Digest: 0x0520B1D9 Rootkit Property: Normal File Size: 208896 bytes
File: c:\progra~1\thinkpad\utilit~1\pwrmgrtr.dll Product: ThinkPad Power Manager Product Version: 1, 0, 0, 0 Company: Lenovo Group Limited Description: ThinkPad Power Manager Background Monitor and Tray Battery Gauge Original FileName: PWRMGRTR.DLL
File Version Label: 1, 0, 0, 0 File Version Number: 1.0.0.0 SHA-1 Digest: 0xF49C2C63A7ECA50BACB4C13BF284B687DC1EFADB MD5 Digest: 0x569A4073C0E2826C7B9BE931B24E680E CRC32 Digest: 0x265EF5A4 Rootkit Property: Normal File Size: 294912 bytes
File: c:\progra~1\window~2\wmpband.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Player Deskband Original FileName: wmdband.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x48DCC049640FD247A37999B54546CFDEA953AE7D MD5 Digest: 0x54A9F1E18AAB48579AB70A32D60D780A CRC32 Digest: 0xCE941996 Rootkit Property: Normal File Size: 96256 bytes
File: c:\progra~1\yahoo!\messen~1\unwise.exe Product: Product Version:
Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x3C4735750C99C63E6861170A8C459A608594211E MD5 Digest: 0x973567B98CDFC147DF4E60471D9DF072 CRC32 Digest: 0x5BE5019B Rootkit Property: Normal File Size: 153088 bytes
File: c:\sdwork\issimsvc.exe Product: Product Version: 4.09 Company: IBM Corp. Description: ISSI Service Original FileName: File Version Label: 4.09 File Version Number: 4.9.0.0 SHA-1 Digest: 0x45442B280CADC4B36DBE02A93DF02320CE668E2C MD5 Digest: 0xB35439C61EAC9D093CB658D7F01F8486 CRC32 Digest: 0x4F92FB76 Rootkit Property: Normal File Size: 242928 bytes
File: c:\sdwork\psapi.dll Product: Microsoft Windows NT(TM) Operating System Product Version: 3.51 Company: Microsoft Corporation Description: Process Status Helper Original FileName: PSAPI File Version Label: 3.51 File Version Number: 3.51.1016.1 SHA-1 Digest: 0x8A65DED13DACD9A767F494368B0E5FFD4DE8C971 MD5 Digest: 0x0BCD1BB56616ACE4561C8FA9A7EAFE47 CRC32 Digest: 0x6649A1C6 Rootkit Property: Normal File Size: 14400 bytes
File: c:\sdwork\w32maing.exe Product: IBM Standard Software Installer Product Version: 4.87 Company: IBM Corp. Description: OSP Windows 32-bit ESD API Original FileName: File Version Label: 4.87 File Version Number: 0.4.0.87 SHA-1 Digest: 0x3E09C0DA197675063039B085EEE53817202E8517 MD5 Digest: 0x88D80A8D7C233BC8F4FC54407E8D8642 CRC32 Digest: 0xA172B620
Rootkit Property: Normal File Size: 278016 bytes
File: c:\windows\$ntservicepackuninstallidnmitigationapis$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.2.0029.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.2.0029.0 (SRV03_QFE.031113-0918) File Version Number: 6.2.29.0 SHA-1 Digest: 0x708ADF05475E7386AE77E0C9A72230B57B043566 MD5 Digest: 0xB5FF6305E3B6FDFC91057D2FAC100E4C CRC32 Digest: 0x51CA3978 Rootkit Property: Normal File Size: 213216 bytes
File: c:\windows\$ntservicepackuninstallnlsdownlevelmapping$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.2.0029.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.2.0029.0 (SRV03_QFE.031113-0918) File Version Number: 6.2.29.0
SHA-1 Digest: 0x708ADF05475E7386AE77E0C9A72230B57B043566 MD5 Digest: 0xB5FF6305E3B6FDFC91057D2FAC100E4C CRC32 Digest: 0x51CA3978 Rootkit Property: Normal File Size: 213216 bytes
File: c:\windows\$ntuninstallkb2079403$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2115168$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall
Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2121546$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2141007$\spuninst\spuninst.exe Product: Microsoft Windows Operating System
Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2158563$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2160329$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2183461$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07
CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2229593$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2259922$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv
File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2279986$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2286198$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation
Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2296011$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2296199$\spuninst\spuninst.exe
Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2345886$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal
File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2347290$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2360937$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1
MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2378111_wm9$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2387149$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE
File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2419632$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2423089$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0
Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2436673$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2440591$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2443105$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3
Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2443685$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb2467659$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0
SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb923561$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb938464$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall
Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb946648$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb950759$\spuninst\spuninst.exe Product: Microsoft Windows Operating System
Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb950762$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb950974$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb951072-v2$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07
CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb951376-v2$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb951698$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv
File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb951748$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb951978$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation
Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb952004$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb952011$\spuninst\spuninst.exe
Product: Microsoft Windows Operating System Product Version: 6.3.0004.1 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0004.1 built by: dnsrv File Version Number: 6.3.4.1 SHA-1 Digest: 0xF8E76D1F160D5FE0ADA4389E44F18A1667D90AFD MD5 Digest: 0xA39DF582CA051AFC8811FBD00DB12F10 CRC32 Digest: 0x4CD39CBB Rootkit Property: Normal File Size: 221488 bytes
File: c:\windows\$ntuninstallkb952069_wm9$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal
File Size: 231288 bytes
File: c:\windows\$ntuninstallkb952287$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb952954$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1
MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb953838$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb954155_wm9$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE
File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb954459$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb954600$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0
Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb955069$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb955759$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb955839$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3
Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb956390$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb956572$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0
SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb956744$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb956802$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall
Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb956803$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb956844$\spuninst\spuninst.exe Product: Microsoft Windows Operating System
Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb958215$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb958644$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb958687$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07
CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb958690$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb958869$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv
File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb959426$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb960714$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation
Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb960803$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb960859$\spuninst\spuninst.exe
Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb961118$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal
File Size: 231288 bytes
File: c:\windows\$ntuninstallkb961373$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb961501$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1
MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb963027$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb967715$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE
File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb968389$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb968816_wm9$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0
Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb969059$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb969947$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb970430$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3
Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb971468$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb971557$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0
SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb971657$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb971737$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall
Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb971961$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb972270$\spuninst\spuninst.exe Product: Microsoft Windows Operating System
Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb973354$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb973507$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb973525$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07
CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb973540_wm9$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb973687$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv
File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb973815$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb973869$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation
Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb973904$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb974112$\spuninst\spuninst.exe
Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb974318$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal
File Size: 231288 bytes
File: c:\windows\$ntuninstallkb974392$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb974455$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1
MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb974571$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb975025$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE
File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb975467$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb975558_wm8$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0
Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb975560$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb975561$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb975562$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3
Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb975713$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb976098-v2$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0
SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb976325$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb977816$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall
Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb977914$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb978037$\spuninst\spuninst.exe Product: Microsoft Windows Operating System
Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb978207$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb978251$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb978262$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07
CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb978338$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb978542$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv
File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb978601$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb978695_wm9$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation
Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb978706$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb979309$\spuninst\spuninst.exe
Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb979402_wm9$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal
File Size: 231288 bytes
File: c:\windows\$ntuninstallkb979482$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb979687$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1
MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb980182$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb980195$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE
File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb980218$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb980232$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0
Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb980436$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb981322$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb981349$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3
Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb981793$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb981852$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0
SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb981957$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb981997$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall
Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb982132$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb982214$\spuninst\spuninst.exe Product: Microsoft Windows Operating System
Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb982381$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb982665$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallkb982802$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07
CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\$ntuninstallmscomppackv1$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0003.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0003.0 built by: dnsrv File Version Number: 6.3.3.0 SHA-1 Digest: 0x27DE9154D87A7A9A3B56A1D5460D5EAF546812FE MD5 Digest: 0xA9882FE31BA3BBB3557BBB2FF429A46E CRC32 Digest: 0x161D5AC1 Rootkit Property: Normal File Size: 221488 bytes
File: c:\windows\$ntuninstallwdf01007$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0004.1 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0004.1 built by: dnsrv
File Version Number: 6.3.4.1 SHA-1 Digest: 0xF8E76D1F160D5FE0ADA4389E44F18A1667D90AFD MD5 Digest: 0xA39DF582CA051AFC8811FBD00DB12F10 CRC32 Digest: 0x4CD39CBB Rootkit Property: Normal File Size: 221488 bytes
File: c:\windows\$ntuninstallwmfdist11$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.2.0029.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.2.0029.0 (SRV03_QFE.031113-0918) File Version Number: 6.2.29.0 SHA-1 Digest: 0x708ADF05475E7386AE77E0C9A72230B57B043566 MD5 Digest: 0xB5FF6305E3B6FDFC91057D2FAC100E4C CRC32 Digest: 0x51CA3978 Rootkit Property: Normal File Size: 213216 bytes
File: c:\windows\$ntuninstallwmp11$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.2.0029.0 Company: Microsoft Corporation
Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.2.0029.0 (SRV03_QFE.031113-0918) File Version Number: 6.2.29.0 SHA-1 Digest: 0x708ADF05475E7386AE77E0C9A72230B57B043566 MD5 Digest: 0xB5FF6305E3B6FDFC91057D2FAC100E4C CRC32 Digest: 0x51CA3978 Rootkit Property: Normal File Size: 213216 bytes
File: c:\windows\$ntuninstallwudf01007$\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0004.1 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0004.1 built by: dnsrv File Version Number: 6.3.4.1 SHA-1 Digest: 0xF8E76D1F160D5FE0ADA4389E44F18A1667D90AFD MD5 Digest: 0xA39DF582CA051AFC8811FBD00DB12F10 CRC32 Digest: 0x4CD39CBB Rootkit Property: Normal File Size: 221488 bytes
File: c:\windows\aaremove.exe
Product: aaremove Application Product Version: 1, 0, 0, 1 Company: Description: aaremove MFC Application Original FileName: aaremove.EXE File Version Label: 1, 0, 0, 1 File Version Number: 1.0.0.1 SHA-1 Digest: 0x92DB211CDCCF9FEED961D49B9E099249A3491DAB MD5 Digest: 0xFDD6CB39D94E9B838F4ECB225D08150A CRC32 Digest: 0xEE05F713 Rootkit Property: Normal File Size: 11776 bytes
File: c:\windows\apppatch\acadproc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Compatibility DLL Original FileName: File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5A08FBFF77B730A9D2970FD731DE516AAE432ABD MD5 Digest: 0xEA9EE60B408878E5F2012F9C783836DB CRC32 Digest: 0x6DB7BE1C Rootkit Property: Normal
File Size: 39424 bytes
File: c:\windows\apppatch\acgenral.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Compatibility DLL Original FileName: File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD28C378F459FAFA7367649554B729A80B3924AAD MD5 Digest: 0x310C15FD8358B2C4CD7A5B98A112883F CRC32 Digest: 0xC008C15E Rootkit Property: Normal File Size: 1852928 bytes
File: c:\windows\apppatch\aclayers.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5906 Company: Microsoft Corporation Description: Windows Compatibility DLL Original FileName: File Version Label: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307) File Version Number: 5.1.2600.5906 SHA-1 Digest: 0x57AD12A0F3AFE8BB6D28806E8A65EEB10759155C
MD5 Digest: 0xAF8841FEF8DE40D36E77C6662843EDAE CRC32 Digest: 0x13AD000A Rootkit Property: Normal File Size: 471552 bytes
File: c:\windows\downloaded program files\avctactxlauncher.ocx Product: DSView AppTracker Control Product Version: 3.8.1.76 Company: Avocent Corporation Description: DSView AppTracker Control Original FileName: ActXLauncher.ocx File Version Label: 3.8.1.76 File Version Number: 3.8.1.76 SHA-1 Digest: 0x8C2D96FDBD59E8F0D2647E7E414E7224D19406B6 MD5 Digest: 0x53328997241C160A98B4E5422E0124B5 CRC32 Digest: 0x5ED90059 Rootkit Property: Normal File Size: 49152 bytes
File: c:\windows\downloaded program files\avctdsview3interfacevieweru.dll Product: DSView3InterfaceViewer Product Version: 3.5.0.22 Company: Avocent Corporation Description: DSView3InterfaceViewer Original FileName: DSView3InterfaceViewer.dll
File Version Label: 3.5.0.22 File Version Number: 3.5.0.22 SHA-1 Digest: 0xA649908A951ED523701E04AEB20EF5B4DDF4DDB1 MD5 Digest: 0x7D00F8A5429711A62E8F98928CF3DA87 CRC32 Digest: 0x72B90D6C Rootkit Property: Normal File Size: 434176 bytes
File: c:\windows\downloaded program files\avctdsviewapptracker.dll Product: DSViewAppTracker Dynamic Link Library Product Version: 3.8.1.76 Company: Avocent Corporation Description: DSViewAppTracker Dynamic Link Library Original FileName: DSViewAppTracker.dll File Version Label: 3.8.1.76 File Version Number: 3.8.1.76 SHA-1 Digest: 0x4597D0FAFEAFA0090BA8B608747AFF5890044034 MD5 Digest: 0xD853149A0D48369A4E6347B7CF62E300 CRC32 Digest: 0x00454B77 Rootkit Property: Normal File Size: 30208 bytes
File: c:\windows\downloaded program files\avctinterfaceviewerimpl.dll Product: ActiveX Control Video Viewer Product Version: 3.5.0.22
Company: Avocent Corporation Description: InterfaceViewerImpl Original FileName: InterfaceViewerImpl.dll File Version Label: 3.5.0.22 File Version Number: 3.5.0.22 SHA-1 Digest: 0x1FDCB610E6DBEC8993A671E2FEF265E5C2959DB0 MD5 Digest: 0xE8C0D1D01C55E7E615787FEF8A45BFE1 CRC32 Digest: 0x60EB3EEB Rootkit Property: Normal File Size: 21504 bytes
File: c:\windows\downloaded program files\avctinterfacevieweru.dll Product: ActiveX Control Video Viewer Product Version: 3.5.0.22 Company: Avocent Corporation Description: InterfaceViewer Original FileName: InterfaceViewer.dll File Version Label: 3.5.0.22 File Version Number: 3.5.0.22 SHA-1 Digest: 0x57153C50A8B5A95BDFD21C758C0E820B8B24DF39 MD5 Digest: 0xF869410AC8ECEA9F052AB26730DBEA22 CRC32 Digest: 0xC605A994 Rootkit Property: Normal File Size: 258048 bytes
File: c:\windows\downloaded program files\avctkeyboard.dll Product: Keyboard Dynamic Link Library Product Version: 3.5.0.22 Company: Avocent Corporation Description: Keyboard DLL Original FileName: Keyboard.dll File Version Label: 3.5.0.22 File Version Number: 3.5.0.22 SHA-1 Digest: 0x038A4CF37D58D880C257127B5C76E89DCF8DDA71 MD5 Digest: 0x8023ADB9E83B6B15E2DD1FC08899F735 CRC32 Digest: 0xA660CFD4 Rootkit Property: Normal File Size: 57344 bytes
File: c:\windows\downloaded program files\avctputtytel.exe Product: PuTTY suite Product Version: 3.6.4.5 Company: Simon Tatham Description: SSH, Telnet and Rlogin client Original FileName: PuTTY File Version Label: 3.6.4.5 File Version Number: 3.6.4.5 SHA-1 Digest: 0x2EE58B157AF07D319F98A94979013B6308845E39 MD5 Digest: 0xA2689E498584E0B31A4A55BB5A6E1F3B CRC32 Digest: 0xB956A6E9
Rootkit Property: Normal File Size: 520192 bytes
File: c:\windows\downloaded program files\avctrdpviewer.exe Product: Avocent RDP Viewer Product Version: 1.3.0.5 Company: Avocent Corp. Description: Avocent RDP Viewer Original FileName: rdpviewer.exe File Version Label: 1.3.0.5 File Version Number: 1.3.0.5 SHA-1 Digest: 0xB2927E56DB42A38C2E3E33BF9E2200127601AB16 MD5 Digest: 0x2B7DCE9C1FC2E8768A6E9FAB12A92A4C CRC32 Digest: 0xF1560875 Rootkit Property: Normal File Size: 151552 bytes
File: c:\windows\downloaded program files\avctrdpviewerja.dll Product: Avocent RDP Viewer Product Version: 1.1.0.1 Company: Avocent Corp. Description: Avocent RDP Viewer Original FileName: rdpviewer.exe File Version Label: 1.1.0.1 File Version Number: 1.1.0.1
SHA-1 Digest: 0xA2D69E7A777DEE5711E40ECB72388B6F27F415BD MD5 Digest: 0xC61AA9847CCCE946EC37E7C0EADD8CB6 CRC32 Digest: 0xB7FF018B Rootkit Property: Normal File Size: 106496 bytes
File: c:\windows\downloaded program files\avctrdpviewerko.dll Product: Avocent RDP Viewer Product Version: 1.1.0.1 Company: Avocent Corp. Description: Avocent RDP Viewer Original FileName: rdpviewer.exe File Version Label: 1.1.0.1 File Version Number: 1.1.0.1 SHA-1 Digest: 0x66999E8E88A4F635E66EB91126468C9601B6F82C MD5 Digest: 0x6C53F306CD008FC5D6161D938B8CFB68 CRC32 Digest: 0x21FAB23B Rootkit Property: Normal File Size: 106496 bytes
File: c:\windows\downloaded program files\avctrdpviewerzh.dll Product: Avocent RDP Viewer Product Version: 1.1.0.1 Company: Avocent Corp. Description: Avocent RDP Viewer
Original FileName: rdpviewer.exe File Version Label: 1.1.0.1 File Version Number: 1.1.0.1 SHA-1 Digest: 0xD4B454D3BB445A2E6FB7CC85A9F5DFD42C1BB14B MD5 Digest: 0xCBDDDAEEDDE33A1A7A640FA25609D88A CRC32 Digest: 0xEBBE57E3 Rootkit Property: Normal File Size: 102400 bytes
File: c:\windows\downloaded program files\avctserialviewer.exe Product: Avocent Serial Viewer Product Version: 3.6.4.5 Company: Avocent Corporation Description: Serial Viewer Original FileName: ThirdPartyTelnet.exe File Version Label: 3.6.4.5 File Version Number: 3.6.4.5 SHA-1 Digest: 0xD13FD477F8A8D088D1A64C90BEBA2AAABD9BB16E MD5 Digest: 0x091DEC7D558F21651A3F9900EDCC56C2 CRC32 Digest: 0x8B3E70B4 Rootkit Property: Normal File Size: 167936 bytes
File: c:\windows\downloaded program files\avctserialviewerja.dll Product: Avocent Serial Viewer
Product Version: 3.6.4.5 Company: Avocent Corporation Description: Serial Viewer Original FileName: ThirdPartyTelnet.exe File Version Label: 3.6.4.5 File Version Number: 3.6.4.5 SHA-1 Digest: 0xEEBF39F5585B746DC7DC4296CDC0EC676FCCF1AB MD5 Digest: 0xD90952F7026CB4E2FCF84FEA6C19F0C8 CRC32 Digest: 0x2849CC37 Rootkit Property: Normal File Size: 5120 bytes
File: c:\windows\downloaded program files\avctserialviewerko.dll Product: Avocent Serial Viewer Product Version: 3.6.4.5 Company: Avocent Corporation Description: Serial Viewer Original FileName: ThirdPartyTelnet.exe File Version Label: 3.6.4.5 File Version Number: 3.6.4.5 SHA-1 Digest: 0xF8BE661AC6C09A25A6BA8DB40A95FF5990F20F47 MD5 Digest: 0xFC4B9B334C4E64E05F35A90731B6BC07 CRC32 Digest: 0xFCA0C14A Rootkit Property: Normal File Size: 5120 bytes
File: c:\windows\downloaded program files\avctserialviewerzh.dll Product: Avocent Serial Viewer Product Version: 3.6.4.5 Company: Avocent Corporation Description: Serial Viewer Original FileName: ThirdPartyTelnet.exe File Version Label: 3.6.4.5 File Version Number: 3.6.4.5 SHA-1 Digest: 0x8F6AAD2A8BB8893B57C57FFA21945EB31409E414 MD5 Digest: 0x47F44CBC69B8200C23CAF58144F91646 CRC32 Digest: 0x84FD74EF Rootkit Property: Normal File Size: 4608 bytes
File: c:\windows\downloaded program files\avctvideoviewer.exe Product: Avocent Session Viewer Product Version: 3.5.0.22 Company: Avocent Corporation Description: Video Viewer Original FileName: AvctVideoViewer.ocx File Version Label: 3.5.0.22 File Version Number: 3.5.0.22 SHA-1 Digest: 0x2627394C9D3DC9C1BF72417E0A72D61DA68D3A9B MD5 Digest: 0xD8B9F652E99E5DA300B25A29D66A1343
CRC32 Digest: 0xBDBED88E Rootkit Property: Normal File Size: 1970176 bytes
File: c:\windows\downloaded program files\avctvideoviewerja.dll Product: Avocent Session Viewer Product Version: 3.5.0.22 Company: Avocent Corporation Description: Video Viewer Original FileName: AvctVideoViewerJA.dll File Version Label: 3.5.0.22 File Version Number: 3.5.0.22 SHA-1 Digest: 0x96396C88CEC7CB723C0BB636F9CDA56C58512284 MD5 Digest: 0x57C77C684E8F4DE10B6092A09239A822 CRC32 Digest: 0xD20C00B5 Rootkit Property: Normal File Size: 733184 bytes
File: c:\windows\downloaded program files\avctvideoviewerko.dll Product: Avocent Session Viewer Product Version: 3.5.0.22 Company: Avocent Corporation Description: Video Viewer Original FileName: AvctVideoViewerJA.dll File Version Label: 3.5.0.22
File Version Number: 3.5.0.22 SHA-1 Digest: 0x048D3E83B8F6B9A7C4A6491CA7061DE494047CB6 MD5 Digest: 0xB7A20499540F33512C5839DA9304AC8D CRC32 Digest: 0xD87D53BD Rootkit Property: Normal File Size: 729088 bytes
File: c:\windows\downloaded program files\avctvideoviewerzh.dll Product: Avocent Session Viewer Product Version: 3.5.0.22 Company: Avocent Corporation Description: Video Viewer Original FileName: AvctVideoViewerZH.dll File Version Label: 3.5.0.22 File Version Number: 3.5.0.22 SHA-1 Digest: 0xDE23DD23921D7FBFB6FF3B9027C433E80E344737 MD5 Digest: 0x003A519F3D26A7004B3865D2401B3754 CRC32 Digest: 0x11D72864 Rootkit Property: Normal File Size: 724992 bytes
File: c:\windows\downloaded program files\avctvirtualmedia.exe Product: Avocent Virtual Media Viewer Product Version: 3.5.1.1 Company: Avocent Corporation
Description: Avocent Virtual Media Viewer Original FileName: VirtualMedia.exe File Version Label: 3.5.1.1 File Version Number: 3.5.1.1 SHA-1 Digest: 0xD6D53E5ECB26C9B45DDE61C91B523FFED55F2639 MD5 Digest: 0xBA9980928CC1FC614192926E7D46C8B8 CRC32 Digest: 0x022DB02F Rootkit Property: Normal File Size: 565248 bytes
File: c:\windows\downloaded program files\avctvirtualmediaja.dll Product: Avocent Virtual Media Viewer Product Version: 3.5.1.1 Company: Avocent Corporation Description: Avocent Virtual Media Viewer Original FileName: VirtualMedia.exe File Version Label: 3.5.1.1 File Version Number: 3.5.1.1 SHA-1 Digest: 0x95E910B00DE90D1A294C4BCEB750842D99358E1E MD5 Digest: 0x2DE779A3C6F352633E5A7793A66E9B56 CRC32 Digest: 0x7A67BF39 Rootkit Property: Normal File Size: 73728 bytes
File: c:\windows\downloaded program files\avctvirtualmediako.dll
Product: Avocent Virtual Media Viewer Product Version: 3.5.1.1 Company: Avocent Corporation Description: Avocent Virtual Media Viewer Original FileName: VirtualMedia.exe File Version Label: 3.5.1.1 File Version Number: 3.5.1.1 SHA-1 Digest: 0x88B8436EABD738BA56FFADFA97392E53E7C6C9FC MD5 Digest: 0x5949885385192E067D6B487FFCDFF0F7 CRC32 Digest: 0x4AB945E7 Rootkit Property: Normal File Size: 73728 bytes
File: c:\windows\downloaded program files\avctvirtualmediazh.dll Product: Avocent Virtual Media Viewer Product Version: 3.5.1.1 Company: Avocent Corporation Description: Avocent Virtual Media Viewer Original FileName: VirtualMedia.exe File Version Label: 3.5.1.1 File Version Number: 3.5.1.1 SHA-1 Digest: 0xCDCBCA4BDF08B7C02D36393C42CB9E55921EE1D0 MD5 Digest: 0xCDC605304254672B4758D67BB25163BA CRC32 Digest: 0xE99CE9E0 Rootkit Property: Normal
File Size: 69632 bytes
File: c:\windows\downloaded program files\avctvncviewer.exe Product: Avocent Win32 Viewer Product Version: 2.1.0.7 Company: Avocent Corp. Description: vncviewer Original FileName: vncviewer.exe File Version Label: 2.1.0.7 File Version Number: 2.1.0.7 SHA-1 Digest: 0x239E3DB126C60F8C17B9E6030549F9BB84C6EC24 MD5 Digest: 0x8F07F92C90408B76B5FDC56352B0EC51 CRC32 Digest: 0x3B94FB4F Rootkit Property: Normal File Size: 331776 bytes
File: c:\windows\downloaded program files\avctvncviewerja.dll Product: Avocent Win32 Viewer Product Version: 1.1.2.2 Company: Avocent Corp. Description: vncviewer Original FileName: vncviewer.exe File Version Label: 1.1.2.2 File Version Number: 1.1.2.2 SHA-1 Digest: 0xF0A49385937AF2426283AAD296619F323845F71B
MD5 Digest: 0xC5ACC596D41E18CCA47E176734837EDD CRC32 Digest: 0x5150B6F7 Rootkit Property: Normal File Size: 86016 bytes
File: c:\windows\downloaded program files\avctvncviewerzh.dll Product: Avocent Win32 Viewer Product Version: 1.1.2.2 Company: Avocent Corp. Description: vncviewer Original FileName: vncviewer.exe File Version Label: 1.1.2.2 File Version Number: 1.1.2.2 SHA-1 Digest: 0xDB8D0D717B4F66D726E7A26C2C84F95056729DB7 MD5 Digest: 0x3182CB5063B604152D73179E524CC592 CRC32 Digest: 0x0162858F Rootkit Property: Normal File Size: 81920 bytes
File: c:\windows\downloaded program files\dynhttp.dll Product: http client Module Product Version: 1,0,0,1 Company: Avocent Description: http client Module Original FileName: AvocentHTTP.dll
File Version Label: 1,0,0,1 File Version Number: 1.0.0.1 SHA-1 Digest: 0x5EA4943B3DA26B7CDD0C6A157723205577453ADA MD5 Digest: 0x15FE2940DE87E5CF5902C64A7B656E09 CRC32 Digest: 0xB73EEB1F Rootkit Property: Normal File Size: 106496 bytes
File: c:\windows\downloaded program files\gpwsx.ocx Product: gpod Product Version: 4.00 Company: IBM Description: Original FileName: gpwsx.ocx File Version Label: 4.00 File Version Number: 4.0.0.0 SHA-1 Digest: 0xF9B92EDE17C178937D37471530E5F06AE90C30BF MD5 Digest: 0x22B4AAC96AE58EFA340C56C43BAA6C27 CRC32 Digest: 0x4D6FBA84 Rootkit Property: Normal File Size: 184320 bytes
File: c:\windows\downloaded program files\juniperext.exe Product: Product Version:
Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x971973257BA03EDD1FB5152F1B60D8B1490143C7 MD5 Digest: 0x2037085825B999FE8A7AFC92A004F78D CRC32 Digest: 0x596CDF72 Rootkit Property: Normal File Size: 398632 bytes
File: c:\windows\downloaded program files\launchexe.dll Product: launchEXE Module Product Version: 1, 0, 5, 2 Company: Description: launchEXE Module Original FileName: launchEXE.DLL File Version Label: 1, 0, 5, 2 File Version Number: 1.0.5.2 SHA-1 Digest: 0xE2B83D0B1E68F2F7C378A83507100F4A36721C40 MD5 Digest: 0x08BAFA4FCDD9075F1AC17DB808F122B0 CRC32 Digest: 0xE336ED60 Rootkit Property: Normal File Size: 53248 bytes
File: c:\windows\downloaded program files\vpclient.dll Product: Soronti SorontiView.dll Product Version: 1, 0, 5, 7 Company: Soronti, Inc. Description: SorontiView.dll Original FileName: sorontiview.dll File Version Label: 1, 0, 5, 7 File Version Number: 1.0.5.7 SHA-1 Digest: 0x2313EB8047EC6C04193E08D1EAEC2C412264B6A1 MD5 Digest: 0x66B9EF18EDF8443A292C91B063D9DAD2 CRC32 Digest: 0xCB4AA86A Rootkit Property: Normal File Size: 172032 bytes
File: c:\windows\downloaded program files\vpclient.exe Product: Win32 Remote Viewer Product Version: 1, 0, 5, 7 Company: Description: Remote Viewer Original FileName: VPViewer.exe File Version Label: 1, 0, 5, 7 File Version Number: 1.0.5.7 SHA-1 Digest: 0x1401FAFB61A29A31ADC4032792A137EC963BBA1F MD5 Digest: 0x2418E6F765D6C87C93DFD5AF1FD44E86 CRC32 Digest: 0xCB511E26
Rootkit Property: Normal File Size: 118784 bytes
File: c:\windows\downloaded program files\vpfilexfer.dll Product: TODO: <Product name> Product Version: 1.0.0.1 Company: TODO: <Company name> Description: TODO: <File description> Original FileName: vpfilexfer.dll File Version Label: 1.0.0.1 File Version Number: 1.0.0.1 SHA-1 Digest: 0x1C2D4BDB4EAAEE6D451E6DBEA1A035453ED29191 MD5 Digest: 0x4F9FA23444ACCCBC0FFAA077239C144F CRC32 Digest: 0xA031C1F0 Rootkit Property: Normal File Size: 180224 bytes
File: c:\windows\explorer.exe Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Windows Explorer Original FileName: EXPLORER.EXE File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512
SHA-1 Digest: 0x9D2BF84874ABC5B6E9A2744B7865C193C08D362F MD5 Digest: 0x12896823FB95BFB3DC9B46BCAEDC9923 CRC32 Digest: 0x0EE48FAF Rootkit Property: Normal File Size: 1033728 bytes
File: c:\windows\ie7\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.2.0029.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.2.0029.0 (SRV03_QFE.031113-0918) File Version Number: 6.2.29.0 SHA-1 Digest: 0x708ADF05475E7386AE77E0C9A72230B57B043566 MD5 Digest: 0xB5FF6305E3B6FDFC91057D2FAC100E4C CRC32 Digest: 0x51CA3978 Rootkit Property: Normal File Size: 213216 bytes
File: c:\windows\ie7updates\kb2183461-ie7\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall
Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\ie7updates\kb2360131-ie7\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\ie7updates\kb2416400-ie7\spuninst\spuninst.exe Product: Microsoft Windows Operating System
Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\ie7updates\kb938127-v2-ie7\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.2.0029.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.2.0029.0 (SRV03_QFE.031113-0918) File Version Number: 6.2.29.0 SHA-1 Digest: 0x708ADF05475E7386AE77E0C9A72230B57B043566 MD5 Digest: 0xB5FF6305E3B6FDFC91057D2FAC100E4C CRC32 Digest: 0x51CA3978 Rootkit Property: Normal File Size: 213216 bytes
File: c:\windows\ie7updates\kb982381-ie7\spuninst\spuninst.exe Product: Microsoft Windows Operating System Product Version: 6.3.0013.0 Company: Microsoft Corporation Description: Windows Service Pack Uninstall Original FileName: SPUNINST.EXE File Version Label: 6.3.0013.0 built by: dnsrv File Version Number: 6.3.13.0 SHA-1 Digest: 0x81ADF0958958754FE7D553C51DE20D80CF386BD1 MD5 Digest: 0x78141AD888BA82E3ABC854D229A59F07 CRC32 Digest: 0x97D3DFD3 Rootkit Property: Normal File Size: 231288 bytes
File: c:\windows\microsoft.net\framework\v1.1.4322\updates\hotfix.exe Product: MSDDHotfix Product Version: 1, 0, 1, 0 Company: Description: MSDDHotfix Original FileName: Hotfix.exe File Version Label: 1, 0, 1, 0 File Version Number: 1.0.1.0 SHA-1 Digest: 0xEE7DD3770E5113A65516E2C96CC90A09ABCEB60B MD5 Digest: 0xA0A32BA4F5473CE6877F2A21211D7B86
CRC32 Digest: 0xB3E78898 Rootkit Property: Normal File Size: 73728 bytes
File: c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe Product: Microsoft .NET Framework Product Version: 2.0.50727.3053 Company: Microsoft Corporation Description: Microsoft ASP.NET State Server Original FileName: aspnet_state.exe File Version Label: 2.0.50727.3053 (netfxsp.050727-3000) File Version Number: 2.0.50727.3053 SHA-1 Digest: 0x51E6CEA7D2C27FFE21976CD0AC3CF6078042653D MD5 Digest: 0x0E5E4957549056E2BF2C49F4F6B601AD CRC32 Digest: 0x1AC50853 Rootkit Property: Normal File Size: 34312 bytes
File: c:\windows\microsoft.net\framework\v2.0.50727\culture.dll Product: Microsoft .NET Framework Product Version: 2.0.50727.3053 Company: Microsoft Corporation Description: Microsoft Globalization Support Original FileName: culture.dll File Version Label: 2.0.50727.3053 (netfxsp.050727-3000)
File Version Number: 2.0.50727.3053 SHA-1 Digest: 0x304CF950CC933CC9E528E7000E12199CD6BBA9EC MD5 Digest: 0x219AF0F9A54EBEEB3E7E20025D801034 CRC32 Digest: 0x82CF7E47 Rootkit Property: Normal File Size: 27136 bytes
File: c:\windows\microsoft.net\framework\v2.0.50727\fusion.dll Product: Microsoft .NET Framework Product Version: 2.0.50727.3053 Company: Microsoft Corporation Description: Assembly manager Original FileName: fusion.dll File Version Label: 2.0.50727.3053 (netfxsp.050727-3000) File Version Number: 2.0.50727.3053 SHA-1 Digest: 0xD5F121D3D5E3699E920824F5733A4EB2A4741C76 MD5 Digest: 0xEA3AF33A9341B88D23FDC20D6EC826FE CRC32 Digest: 0x65C8AEE5 Rootkit Property: Normal File Size: 18936 bytes
File: c:\windows\microsoft.net\framework\v2.0.50727\microsoft visual j# 2.0 redistributable package - se\install.exe Product: Microsoft Visual Studio 2005 Product Version: 8.0.50727.937 Company: Microsoft Corporation
Description: External Installer Original FileName: Install.exe File Version Label: 8.0.50727.937 (jsertm.050727-9300) File Version Number: 8.0.50727.937 SHA-1 Digest: 0x70700387D45F20AF5E6842D97228D025926F3524 MD5 Digest: 0x722BD933842CC4DF602F68265C02B372 CRC32 Digest: 0x34405C6A Rootkit Property: Normal File Size: 612184 bytes
File: c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe Product: Microsoft .NET Framework Product Version: 2.0.50727.3053 Company: Microsoft Corporation Description: .NET Runtime Optimization Service Original FileName: mscorsvw.exe File Version Label: 2.0.50727.3053 (netfxsp.050727-3000) File Version Number: 2.0.50727.3053 SHA-1 Digest: 0x6BEACDA3C977838A88B4795BFA42B7AD8FC9A5A2 MD5 Digest: 0xD87ACAED61E417BBA546CED5E7E36D9C CRC32 Digest: 0x7A5C237C Rootkit Property: Normal File Size: 69632 bytes
File: c:\windows\microsoft.net\framework\v2.0.50727\shfusion.dll
Product: Microsoft .NET Framework Product Version: 2.0.50727.3053 Company: Microsoft Corporation Description: Microsoft COM Runtime Fusion Assembly Viewer Original FileName: shfusion.dll File Version Label: 2.0.50727.3053 (netfxsp.050727-3000) File Version Number: 2.0.50727.3053 SHA-1 Digest: 0x1E0EFE7F5AAF8BEBF9E514BFB5BF5BA717990731 MD5 Digest: 0x36BA8022693AF7E967359FF3F97531D7 CRC32 Digest: 0x911141E0 Rootkit Property: Normal File Size: 118784 bytes
File: c:\windows\microsoft.net\framework\v2.0.50727\shfusres.dll Product: Microsoft .NET Framework Product Version: 2.0.50727.3053 Company: Microsoft Corporation Description: Microsoft COM Runtime Fusion Assembly Viewer Resources Original FileName: shfusres.dll File Version Label: 2.0.50727.3053 (netfxsp.050727-3000) File Version Number: 2.0.50727.3053 SHA-1 Digest: 0xFC8FEAFC8BDB9539C924DBAF9A54516A94EBF410 MD5 Digest: 0x327DE7A9766CC9AA302C8D7F3925C8CE CRC32 Digest: 0x9E4BD7B7 Rootkit Property: Normal
File Size: 95232 bytes
File: c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe Product: Microsoft .NET Framework Product Version: 3.0.4506.2152 Company: Microsoft Corporation Description: Windows CardSpace Original FileName: infocard.exe File Version Label: 3.0.4506.2152 (SP.030729-0100) File Version Number: 3.0.4506.2152 SHA-1 Digest: 0x436FD2F86420D94416304A8ADB6CD6751D03C5B3 MD5 Digest: 0xC01AC32DC5C03076CFB852CB5DA5229C CRC32 Digest: 0x39FFF0D9 Rootkit Property: Normal File Size: 881664 bytes
File: c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe Product: Microsoft .NET Framework Product Version: 3.0.4506.2152 Company: Microsoft Corporation Description: SMSvcHost.exe Original FileName: SMSvcHost.exe File Version Label: 3.0.4506.2152 (SP.030729-0100) File Version Number: 3.0.4506.2152
SHA-1 Digest: 0x10F1EC2DAF049045FEAE843437146E19AEB62952 MD5 Digest: 0xD34612C5D02D026535B3095D620626AE CRC32 Digest: 0xF903FB2F Rootkit Property: Normal File Size: 132096 bytes
File: c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe Product: Microsoft .NET Framework Product Version: 3.0.6920.1427 Company: Microsoft Corporation Description: PresentationFontCache.exe Original FileName: PresentationFontCache.exe File Version Label: 3.0.6920.1427 built by: SP File Version Number: 3.0.6920.1427 SHA-1 Digest: 0x760F989C9F04ADC60DF790C2FD6099FF10F35EA2 MD5 Digest: 0x8BA7C024070F2B7FDD98ED8A4BA41789 CRC32 Digest: 0x6B750355 Rootkit Property: Normal File Size: 46104 bytes
File: c:\windows\microsoft.net\framework\v3.5\microsoft .net framework 3.5 sp1\setup.exe Product: Microsoft Visual Studio 2008 Product Version: 9.0.30729.1 Company: Microsoft Corporation Description: Suite Integration Toolkit Executable
Original FileName: Setup.exe File Version Label: 9.0.30729.1 built by: SP File Version Number: 9.0.30729.1 SHA-1 Digest: 0xE1C3DB8326981E50C6BEC02A840F3593D8A87DB6 MD5 Digest: 0xD69997274BB90D26092E24DD2F7165EE CRC32 Digest: 0x19566495 Rootkit Property: Normal File Size: 269304 bytes
File: c:\windows\pchealth\helpctr\binaries\pchsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft PCHealth Service Holder Original FileName: PCHSVC.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x46D3AEE4E4CEFEDCC287A9783EB607F1CA60D755 MD5 Digest: 0x4FCCA060DFE0C51A09DD5C3843888BCD CRC32 Digest: 0xC480A270 Rootkit Property: Normal File Size: 38400 bytes
File: c:\windows\system32\acs.exe Product: Atheros Configuration Service (ACS)
Product Version: 5.0.0.359 Company: Atheros Description: ACS Original FileName: acs.exe File Version Label: 5.0.0.359 File Version Number: 5.0.0.359 SHA-1 Digest: 0xBEF5CB3889C14C28A387989A6161CDA501FDF89B MD5 Digest: 0x88459AC0F5D5A1AA60E56B5E6070ED0F CRC32 Digest: 0x695EC4F6 Rootkit Property: Normal File Size: 360533 bytes
File: c:\windows\system32\activeds.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: ADs Router Layer DLL Original FileName: ADs File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x71DDE7DEA4019AB631FE85A31149A494363B7BDC MD5 Digest: 0x2CDAE321B8E878A278BA2D2FA013060B CRC32 Digest: 0xBE63F4A1 Rootkit Property: Normal File Size: 193536 bytes
File: c:\windows\system32\actxprxy.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: ActiveX Interface Marshaling Library Original FileName: ActXPrxy.dll File Version Label: 6.00.2900.5512 (xpsp.080413-2113) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0xEC1F4ED9D76D99A9C1D3073A8E351FE0EFE03FB5 MD5 Digest: 0x912B67BB8249925A5C972FC5839EAE09 CRC32 Digest: 0xAB131156 Rootkit Property: Normal File Size: 98304 bytes
File: c:\windows\system32\adsldpc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: ADs LDAP Provider C DLL Original FileName: adsldpc File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x1E272578A29B1C2ED7A013266CA50343A560FA2D MD5 Digest: 0x0D84657DBF93DB98673DEFDF2B29E25A
CRC32 Digest: 0x111FDF40 Rootkit Property: Normal File Size: 143360 bytes
File: c:\windows\system32\advapi32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5755 Company: Microsoft Corporation Description: Advanced Windows 32 Base API Original FileName: advapi32.dll File Version Label: 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) File Version Number: 5.1.2600.5755 SHA-1 Digest: 0xEA2E9BAC1789B53D7EFCD675A63F4A2B44898439 MD5 Digest: 0xE76F8807070ED04E7408A86D6D3A6137 CRC32 Digest: 0xC9027432 Rootkit Property: Normal File Size: 617472 bytes
File: c:\windows\system32\alg.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Application Layer Gateway Service Original FileName: ALG.exe File Version Label: 5.1.2600.5512 (xpsp.080413-0852)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xEF5728C819F466BFE56C36BC9DB3FAC004EF3D50 MD5 Digest: 0x8C515081584A38AA007909CD02020B3D CRC32 Digest: 0x4DDAB640 Rootkit Property: Normal File Size: 44544 bytes
File: c:\windows\system32\alrsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Alerter Service DLL Original FileName: ALRSVC.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x43295C3A78D9FEF4E4C778B5F1153DDF3F968E5B MD5 Digest: 0xA9A3DAA780CA6C9671A19D52456705B4 CRC32 Digest: 0x2F7C8344 Rootkit Property: Normal File Size: 17408 bytes
File: c:\windows\system32\apphelp.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: Application Compatibility Client Library Original FileName: Apphelp File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x016EA16586E3C27F4BD43341BA906187A416AFE0 MD5 Digest: 0xCF492D7E9AF1C628B3536D20EF6F5CC7 CRC32 Digest: 0x30CDC203 Rootkit Property: Normal File Size: 125952 bytes
File: c:\windows\system32\appmgmts.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Software installation Service Original FileName: appmgmts.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x27BD216140F9390492A5183E4045985D16294DC0 MD5 Digest: 0xD8849F77C0B66226335A59D26CB4EDC6 CRC32 Digest: 0xA660859C Rootkit Property: Normal File Size: 167936 bytes
File: c:\windows\system32\athcfg20resu.dll
Product: Atheros Configuration API Res Dynamic Link Library Product Version: 5.0.0.359 Company: Atheros Communications, Inc. Description: ACAPI RES DLL Original FileName: athcfg11res.dll File Version Label: 5.0.0.359 File Version Number: 5.0.0.359 SHA-1 Digest: 0xC22E125CCE60D440CA9C3273E14A89CC63498B8A MD5 Digest: 0xE2CEB663E5229C1D4FDAB913901B24F4 CRC32 Digest: 0x99BDD100 Rootkit Property: Normal File Size: 114792 bytes
File: c:\windows\system32\athcfg20u.dll Product: Atheros Configuration API Dynamic Link Library Product Version: 5.0.0.359 Company: Atheros Description: ACAPI DLL Original FileName: athcfg10.dll File Version Label: 5.0.0.359 File Version Number: 5.0.0.359 SHA-1 Digest: 0x70B1D7CCBF6F527AC0690595B0CB379D8AA60524 MD5 Digest: 0x7E8C5BD781FDACD082EE1602595ECB2F CRC32 Digest: 0x889DFA56 Rootkit Property: Normal
File Size: 299103 bytes
File: c:\windows\system32\ati2edxx.dll Product: ATI External Device Utility Product Version: 6, 14, 10, 2504 Company: ATI Technologies, Inc. Description: ati2edxx Original FileName: ati2edxx.dll File Version Label: 6, 14, 10, 2504 File Version Number: 6.14.10.2504 SHA-1 Digest: 0x26C84AF48EC9F6A6FCC912AD30BBFF742AF00143 MD5 Digest: 0x9FBCE057A30BC7E0EF519BD2C8072E92 CRC32 Digest: 0xE3B877F1 Rootkit Property: Normal File Size: 41984 bytes
File: c:\windows\system32\ati2evxx.dll Product: ATI External Event Utility for Windows Product Version: 6.14.10.4142 Company: ATI Technologies Inc. Description: ATI External Event Utility DLL Module Original FileName: ATI2EVXX.DLL File Version Label: 6.14.10.4142 File Version Number: 6.14.10.4142 SHA-1 Digest: 0x4428CB05066B3FC1966142DA51B916607AF0D058
MD5 Digest: 0x44AF903CB5552332CFF12D303C77DD2F CRC32 Digest: 0x74A05F79 Rootkit Property: Normal File Size: 86016 bytes
File: c:\windows\system32\ati2evxx.exe Product: ATI External Event Utility for Windows Product Version: 6.14.10.4142 Company: ATI Technologies Inc. Description: ATI External Event Utility EXE Module Original FileName: ATI2EVXX.EXE File Version Label: 6.14.10.4142 File Version Number: 6.14.10.4142 SHA-1 Digest: 0x002B9AB03F7915FA3638B0A191F896F7D0791627 MD5 Digest: 0xEEDAC720AC52A12EDBE1D1F9933B59E7 CRC32 Digest: 0x13A6BB74 Rootkit Property: Normal File Size: 413696 bytes
File: c:\windows\system32\atiiiexx.dll Product: ATI Display Driver Utilities Product Version: 6.14.10.4004 Company: ATI Technologies Inc. Description: .INF file installer Original FileName: atiiiexx.dll
File Version Label: 6.14.10.4004 File Version Number: 6.14.10.4004 SHA-1 Digest: 0x2FDE9CAE034ED6042730BCC988977778847D212A MD5 Digest: 0x6099841B0C3F55E19693A82AADF56D56 CRC32 Digest: 0x29C0D4FE Rootkit Property: Normal File Size: 307200 bytes
File: c:\windows\system32\atl.dll Product: Microsoft (R) Visual C++ Product Version: 6.05.2284 Company: Microsoft Corporation Description: ATL Module for Windows XP (Unicode) Original FileName: ATL.DLL File Version Label: 3.05.2284 File Version Number: 3.5.2284.2 SHA-1 Digest: 0x571921057C5CE0B6C0D6422A6298F396E1B11D63 MD5 Digest: 0x224FB925C641DA16CEB6D60F40CA4C75 CRC32 Digest: 0xA75C4FDB Rootkit Property: Normal File Size: 58880 bytes
File: c:\windows\system32\audiodev.dll Product: Microsoft Windows Operating System Product Version: 5.2.5721.5262
Company: Microsoft Corporation Description: Portable Media Devices Shell Extension Original FileName: audiodev.dll File Version Label: 5.2.5721.5262 (WMP_11.090130-1421) File Version Number: 5.2.5721.5262 SHA-1 Digest: 0x5EA03CD6FA44FD61A3AB53329361768E589B5BD7 MD5 Digest: 0x1899415F4E5BD55FB9486A4B20E45D6A CRC32 Digest: 0x9E870589 Rootkit Property: Normal File Size: 276992 bytes
File: c:\windows\system32\audiosrv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Audio Service Original FileName: audiosrv.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0845) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x8DAF0F7CF979DF9FE7634B3EB64F21DD430E9BC7 MD5 Digest: 0xDEF7A7882BEC100FE0B2CE2549188F9D CRC32 Digest: 0x2C6CC615 Rootkit Property: Normal File Size: 42496 bytes
File: c:\windows\system32\authz.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Authorization Framework Original FileName: authz.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x36977FD1A696A3C3B974D2147D23425F7B0E6BEC MD5 Digest: 0x714705F29A917993536A6AB2DEDB0B7F CRC32 Digest: 0xD7862A52 Rootkit Property: Normal File Size: 62464 bytes
File: c:\windows\system32\avicap32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: AVI Capture window class Original FileName: AVICAP32.DLL File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x7F37A3AE136024BC0D3379FA92DA118765E8940D MD5 Digest: 0x01CFA88F8DEE91EC9F8E0988F49D106E CRC32 Digest: 0xBA083E18
Rootkit Property: Normal File Size: 64000 bytes
File: c:\windows\system32\avifil32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5908 Company: Microsoft Corporation Description: Microsoft AVI File support library Original FileName: AVIFIL32.DLL File Version Label: 5.1.2600.5908 (xpsp_sp3_gdr.091127-0541) File Version Number: 5.1.2600.5908 SHA-1 Digest: 0x39FB0FB7D86E0FC7D46404AFBE42BB65AD7BA758 MD5 Digest: 0x382668323400BD3BCFE9FFF249515975 CRC32 Digest: 0x989336FE Rootkit Property: Normal File Size: 84992 bytes
File: c:\windows\system32\basesrv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows NT BASE API Server DLL Original FileName: basesrv File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x305EDA21E5E3CE960F5E23D2AC84366282835689 MD5 Digest: 0x42F1F4C0AFB08410E5F02D4B13EBB623 CRC32 Digest: 0x3502C84F Rootkit Property: Normal File Size: 52736 bytes
File: c:\windows\system32\batmeter.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Battery Meter Helper DLL Original FileName: BATMETER.DLL File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x187EC7ABC2BF87E51681ED5A7F9467E9F55C6029 MD5 Digest: 0x231A0B0E3BA7ABFE469A8262FAA1FD71 CRC32 Digest: 0x1CB8FF5E Rootkit Property: Normal File Size: 29184 bytes
File: c:\windows\system32\browselc.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Shell Browser UI Library
Original FileName: BROWSEUI.DLL File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x86E7DE920010C213AC8A4B088734037B0941FCB1 MD5 Digest: 0xF3370C98F4981EDA6036689D298E67B9 CRC32 Digest: 0x65D8F110 Rootkit Property: Normal File Size: 63488 bytes
File: c:\windows\system32\browser.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Computer Browser Service DLL Original FileName: browser.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x93E0BC4C8B09E6E211326576257965C4ED1248E9 MD5 Digest: 0xA06CE3399D16DB864F55FAEB1F1927A9 CRC32 Digest: 0x37EE5F5B Rootkit Property: Normal File Size: 77824 bytes
File: c:\windows\system32\browseui.dll Product: Microsoft Windows Operating System
Product Version: 6.00.2900.6003 Company: Microsoft Corporation Description: Shell Browser UI Library Original FileName: BROWSEUI.DLL File Version Label: 6.00.2900.6003 (xpsp_sp3_gdr.100623-1635) File Version Number: 6.0.2900.6003 SHA-1 Digest: 0x285F9D1BF2DA802C9FA4DDA2688ABDDA43D6AB8A MD5 Digest: 0x93B9631389F8C84E56F2552482C6C6E5 CRC32 Digest: 0x96FF7807 Rootkit Property: Normal File Size: 1025024 bytes
File: c:\windows\system32\bthcrp.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: bthcrp DLL Original FileName: bthcrp.DLL or bthcrp98.DLL File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0xACAD11742D69A3D5A2149EFFA06DFE02FEC987B9 MD5 Digest: 0xC995CDC2CD5E0763EF80A14DA9777D1A CRC32 Digest: 0x1EF96F64 Rootkit Property: Normal File Size: 106496 bytes
File: c:\windows\system32\btncopy.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: BTNCopy Module Original FileName: BTNCopy.DLL File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0x361480794A2C84363ABAFC1D7111B2F522033E61 MD5 Digest: 0x34A9E4C2470F8493F477FF7B040D9CE2 CRC32 Digest: 0x9834F770 Rootkit Property: Normal File Size: 49152 bytes
File: c:\windows\system32\btneig~1.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: BTNeighborhood DLL Original FileName: BTNeighborhood.DLL File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0x8E1953168B98DFC5FBF0C7C6BE1CE5493001A4DB MD5 Digest: 0xC540C47A8831E352ADA5BBD3C9CAB30A
CRC32 Digest: 0xB9B0F8AD Rootkit Property: Normal File Size: 979021 bytes
File: c:\windows\system32\btosif.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: BTOSIF DLL Original FileName: btosif.dll File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0x102D36ED35718C04D9A3E15089D441D2B0DCA478 MD5 Digest: 0x745075624F9B025B173DE1CA9A343172 CRC32 Digest: 0xCB765899 Rootkit Property: Normal File Size: 122880 bytes
File: c:\windows\system32\btrez.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: btrez DLL Original FileName: btrez.DLL File Version Label: 5.1.0.4700
File Version Number: 5.1.0.4700 SHA-1 Digest: 0xD7E80D6E61A8300A04B7727C55421012BCEEB864 MD5 Digest: 0xFA6728405DAACA8B465AB98C820EF8FB CRC32 Digest: 0x6BE53056 Rootkit Property: Normal File Size: 966656 bytes
File: c:\windows\system32\btsendto.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: SendTo Dialog DLL Original FileName: btsendto.dll File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0x91971C9CAB981DE9D5DFACF553FEDCB4AAF032CB MD5 Digest: 0xEA52AC29040867AEF312766BCB266C77 CRC32 Digest: 0x5A3F243E Rootkit Property: Normal File Size: 221184 bytes
File: c:\windows\system32\btsend~1.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation.
Description: SendTo from Office DLL Original FileName: BtOfficeAddin.dll File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0x659830500D5D2058358789CC247B3EEF55E5A515 MD5 Digest: 0xFA3FA8294E10617E4E2D3C8D7930AEDC CRC32 Digest: 0x20CD2ED9 Rootkit Property: Normal File Size: 176128 bytes
File: c:\windows\system32\btwicons.dll Product: btwicons Dynamic Link Library Product Version: 1, 0, 0, 1 Company: Description: btwicons DLL Original FileName: btwicons.DLL File Version Label: 1, 0, 0, 1 File Version Number: 1.0.0.1 SHA-1 Digest: 0x4543BB745CDE6A86A5F08F57BEBC10C64A7D471B MD5 Digest: 0xC55A277A03A2FF437319E953A5206CDB CRC32 Digest: 0xC6ACE318 Rootkit Property: Normal File Size: 2842624 bytes
File: c:\windows\system32\btwpimif.dll
Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: BTWPIMIF DLL Original FileName: btwpimif.dll File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0x0D210E38C3A614DA10F851591A3AB19B7D844459 MD5 Digest: 0x6AA0C7FD62DB48439ACD6F69D90DE759 CRC32 Digest: 0xA4E16232 Rootkit Property: Normal File Size: 45056 bytes
File: c:\windows\system32\btxppanel.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: BTXPPanel Module Original FileName: BTXPPanel.DLL File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0x425369768B9F6E7745D479FD0463885675AA68AA MD5 Digest: 0xAF19316A6CE864DAE46EC61E49E7AA2E CRC32 Digest: 0x6EE864DB Rootkit Property: Normal
File Size: 106496 bytes
File: c:\windows\system32\btxpshell.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: BtXpShell DLL Original FileName: BtXpShell.DLL File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0x31B2F4690E0E824D6AC877E3D346DA33889FC2E6 MD5 Digest: 0x28A308BBF27DF2FACF3FFEB87BC914E2 CRC32 Digest: 0x55EDB59D Rootkit Property: Normal File Size: 24576 bytes
File: c:\windows\system32\cabinet.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Cabinet File API Original FileName: cabinet.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2B946D9D45BA684394DD78C45E2CC71B28446D18
MD5 Digest: 0xF9D3C78CFE15271D80790677C893CE45 CRC32 Digest: 0xB18FF3B1 Rootkit Property: Normal File Size: 60416 bytes
File: c:\windows\system32\cba.dll Product: Intel Common Base Agent Product Version: 6.12.0.142 Company: LANDesk Software Ltd. Description: CBA Interface Library Original FileName: CBA.DLL File Version Label: 6.12.0.142 E File Version Number: 6.12.0.142 SHA-1 Digest: 0x07564FE20A6290658EB7F12D2A75B75658663678 MD5 Digest: 0x6359E3556DF766AD6E1AD7EFE59F6FA4 CRC32 Digest: 0x9DB6D628 Rootkit Property: Normal File Size: 34600 bytes
File: c:\windows\system32\certcli.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Certificate Services Client Original FileName: CertCli
File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x1949D2DE6E367A893AACB1D2A304E6291EACAB79 MD5 Digest: 0x00709952D444EAE14DBBD30D36FBAE0F CRC32 Digest: 0x36C47AF8 Rootkit Property: Normal File Size: 194560 bytes
File: c:\windows\system32\cewmdm.dll Product: Windows Media Device Manager Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows CE WMDM Service Provider Original FileName: CEWMDM.DLL File Version Label: 11.0.5721.5262 File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x8B84442238E8016FBA6A364B10984EAE3F664F44 MD5 Digest: 0xDE1BEF23DEBED6700A51727F92E18207 CRC32 Digest: 0xE3E42001 Rootkit Property: Normal File Size: 229376 bytes
File: c:\windows\system32\cfgmgr32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: Configuration Manager Forwarder DLL Original FileName: CFGMGR32.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x87BEEC45FAADA0B894D0A9D7C69B612E5638FC8B MD5 Digest: 0x5F0CE62E0831CF972EC6949FD3E37DA7 CRC32 Digest: 0xC8685F52 Rootkit Property: Normal File Size: 16896 bytes
File: c:\windows\system32\cisvc.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Content Index service Original FileName: cisvc.exe File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5E29256F3E47541A02E738D50ABF37820F7BC3F5 MD5 Digest: 0x1CFE720EB8D93A7158A4EBC3AB178BDE CRC32 Digest: 0x53113EF4 Rootkit Property: Normal File Size: 5632 bytes
File: c:\windows\system32\clbcatq.dll Product: COM Services Product Version: 03.00.00.4414 Company: Microsoft Corporation Description: Original FileName: File Version Label: 2001.12.4414.700 File Version Number: 2001.12.4414.700 SHA-1 Digest: 0xBD0F1633A7D858F27D3FA2BAD744B766A1533490 MD5 Digest: 0xF137A0CA70003DB20448D540651FA003 CRC32 Digest: 0xF43789FF Rootkit Property: Normal File Size: 498688 bytes
File: c:\windows\system32\clipsrv.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows NT DDE Server Original FileName: CLIPSRV.EXE File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x28DB51083926C4BB31A8211F63EC68A42F8FF22C MD5 Digest: 0x34CBE729F38138217F9C80212A2A0C82 CRC32 Digest: 0x49E54A73
Rootkit Property: Normal File Size: 33280 bytes
File: c:\windows\system32\clusapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Cluster API Library Original FileName: clusapi File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x86C52208E983F9E8C9EE69EED8FBAC111696A822 MD5 Digest: 0xDF82E222578DBE59FCBBD69A02E4C806 CRC32 Digest: 0x65F46BA4 Rootkit Property: Normal File Size: 58368 bytes
File: c:\windows\system32\cmd.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Command Processor Original FileName: Cmd.Exe File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x811A005CF787C6CCBE0D9F1C36C1D49A9CB71FD1 MD5 Digest: 0x6D778E0F95447E6546553EEEA709D03C CRC32 Digest: 0xC299C503 Rootkit Property: Normal File Size: 389120 bytes
File: c:\windows\system32\cnbjmon.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.2082 Company: Microsoft Corporation Description: Langage Monitor for Canon Bubble-Jet Printer Original FileName: CNBJMON.DLL File Version Label: 5.1.2600.2082 (xpsp(skatari).040213-0952) File Version Number: 0.3.0.0 SHA-1 Digest: 0x79EB118DFED767B1F43378FCE84CE4C5CFC33FE5 MD5 Digest: 0x5D3D1AB0EF4EA55B731863050482C111 CRC32 Digest: 0x5559585D Rootkit Property: Normal File Size: 47104 bytes
File: c:\windows\system32\colbact.dll Product: COM Services Product Version: 03.00.00.4414 Company: Microsoft Corporation Description:
Original FileName: File Version Label: 2001.12.4414.700 File Version Number: 2001.12.4414.700 SHA-1 Digest: 0x37F76F0ADCAE0F54CBBE3D805D96B9696842D236 MD5 Digest: 0x690D97864735E8ECD87F55777E266690 CRC32 Digest: 0x1416CCD8 Rootkit Property: Normal File Size: 60416 bytes
File: c:\windows\system32\comctl32.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.6028 Company: Microsoft Corporation Description: Common Controls Library Original FileName: COMCTL32.DLL File Version Label: 5.82 (xpsp_sp3_qfe.100823-1643) File Version Number: 5.82.2900.6028 SHA-1 Digest: 0xD5D102EB9200C2A02CB53931AEEB480694E225C5 MD5 Digest: 0x93AFB83FBC1F9443CAC722FCA63D73BF CRC32 Digest: 0xB00C920E Rootkit Property: Normal File Size: 617472 bytes
File: c:\windows\system32\comdlg32.dll Product: Microsoft Windows Operating System
Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Common Dialogs DLL Original FileName: comdlg32.dll File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x097776790214F0F3489F749BE018C84F2DC929D2 MD5 Digest: 0x86987A5000DFA3EBE2275C0456BCF2FE CRC32 Digest: 0xF1E69F91 Rootkit Property: Normal File Size: 276992 bytes
File: c:\windows\system32\comres.dll Product: COM Services Product Version: 03.00.00.4414 Company: Microsoft Corporation Description: Original FileName: File Version Label: 2001.12.4414.700 File Version Number: 2001.12.4414.700 SHA-1 Digest: 0xEDA8C030913D048CDA82AEB6066BE39E005CE0F1 MD5 Digest: 0x1280A158C722FA95A80FB7AEBE78FA7D CRC32 Digest: 0x868482D5 Rootkit Property: Normal File Size: 792064 bytes
File: c:\windows\system32\comsvcs.dll Product: COM Services Product Version: 03.00.00.4414 Company: Microsoft Corporation Description: Original FileName: File Version Label: 2001.12.4414.702 File Version Number: 2001.12.4414.702 SHA-1 Digest: 0x12EA33F6B5A759B955031E78D407AB936BB975ED MD5 Digest: 0xED0C0DF222209E43AD9AFBF3FE87DDE0 CRC32 Digest: 0xAC72C4C0 Rootkit Property: Normal File Size: 1267200 bytes
File: c:\windows\system32\credui.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Credential Manager User Interface Original FileName: credui.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xBAF29803401D1AFD910D365B9F400DAF7FE86DD4 MD5 Digest: 0x235892E493845D64D890163CFEF90E97
CRC32 Digest: 0xB3BF3685 Rootkit Property: Normal File Size: 163840 bytes
File: c:\windows\system32\crtdll.dll Product: Microsoft Windows NT(TM) Operating System Product Version: 4.00 Company: Microsoft Corporation Description: Microsoft C Runtime Library Original FileName: CRTDLL.DLL File Version Label: 4.00 File Version Number: 4.0.1183.1 SHA-1 Digest: 0xC432BD1921CBBE0EB91663FE4A80D17378230A1A MD5 Digest: 0x06F2AEA1065838AAE394553063CDF28E CRC32 Digest: 0x9144DA9A Rootkit Property: Normal File Size: 149019 bytes
File: c:\windows\system32\crypt32.dll Product: Microsoft Windows Operating System Product Version: 5.131.2600.5512 Company: Microsoft Corporation Description: Crypto API32 Original FileName: CRYPT32.DLL File Version Label: 5.131.2600.5512 (xpsp.080413-2113)
File Version Number: 5.131.2600.5512 SHA-1 Digest: 0x3127DBE44B75C673C24F9AD63675FF91CD9C6321 MD5 Digest: 0xBDAAF79DD63F194434D31A74B9BB8B77 CRC32 Digest: 0xF04E4319 Rootkit Property: Normal File Size: 599040 bytes
File: c:\windows\system32\cryptdll.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Cryptography Manager Original FileName: cryptdll.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x74766889F34BFEF4546C2380480F906D754B02B1 MD5 Digest: 0x17A1D675C12BBF80CAAC54A4855C41D0 CRC32 Digest: 0x15B1DB06 Rootkit Property: Normal File Size: 33280 bytes
File: c:\windows\system32\cryptnet.dll Product: Microsoft Windows Operating System Product Version: 5.131.2600.5512 Company: Microsoft Corporation
Description: Crypto Network Related API Original FileName: CRYPTNET.DLL File Version Label: 5.131.2600.5512 (xpsp.080413-2113) File Version Number: 5.131.2600.5512 SHA-1 Digest: 0x98A248C4972D819D7A42647F0F042EF4CF96AB6D MD5 Digest: 0xC14350FC0D47D806699C4F907FC6785B CRC32 Digest: 0xFA6A73FD Rootkit Property: Normal File Size: 64512 bytes
File: c:\windows\system32\cryptsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Cryptographic Services Original FileName: cryptsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x592BE5153E92D5F398FFAD0E76CC23234E521D08 MD5 Digest: 0x3D4E199942E29207970E04315D02AD3B CRC32 Digest: 0x3B51D6CC Rootkit Property: Normal File Size: 62464 bytes
File: c:\windows\system32\cryptui.dll
Product: Microsoft Windows Operating System Product Version: 5.131.2600.5512 Company: Microsoft Corporation Description: Microsoft Trust UI Provider Original FileName: CRYPTUI.DLL File Version Label: 5.131.2600.5512 (xpsp.080413-2113) File Version Number: 5.131.2600.5512 SHA-1 Digest: 0x8D72E84D63A0B44BCA596C5F370FA0E4B595AC3C MD5 Digest: 0x6E4BE11D50F8A8DE2BAD644C9C9DE8D3 CRC32 Digest: 0x7C67C971 Rootkit Property: Normal File Size: 512512 bytes
File: c:\windows\system32\cscdll.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Offline Network Agent Original FileName: CSCDLL.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xEF8C7DCF9A12B43BCD2C19A2AD366D65DB16E2D5 MD5 Digest: 0x515A7FAE2070C2B0242B2353443E2F11 CRC32 Digest: 0x4BF7EDED Rootkit Property: Normal
File Size: 101888 bytes
File: c:\windows\system32\cscui.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Client Side Caching UI Original FileName: cscui.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5208F129AA4974E2D7976D5A36E09B9F38869348 MD5 Digest: 0x085ED2E391A871C7BAE87E0228B546BA CRC32 Digest: 0x551DBEDE Rootkit Property: Normal File Size: 326656 bytes
File: c:\windows\system32\csrsrv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5915 Company: Microsoft Corporation Description: Client Server Runtime Process Original FileName: CSRSrv.DLL File Version Label: 5.1.2600.5915 (xpsp_sp3_gdr.091211-1412) File Version Number: 5.1.2600.5915 SHA-1 Digest: 0xA181214046A135BAC35182C4A8FB615367093CD9
MD5 Digest: 0x51C5B2BC37AE9EC5FED75B4AEEE04B18 CRC32 Digest: 0x8D9CC25E Rootkit Property: Normal File Size: 33280 bytes
File: c:\windows\system32\csrss.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Client Server Runtime Process Original FileName: CSRSS.Exe File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x9B81FE32842DB93292A59A87E73CA113701F7E3B MD5 Digest: 0x44F275C64738EA2056E3D9580C23B60F CRC32 Digest: 0x0F5A13CD Rootkit Property: Normal File Size: 6144 bytes
File: c:\windows\system32\ctfmon.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: CTF Loader Original FileName: CTFMON.EXE
File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x99CB7370F16773C8E2D0C86FE805EC638AB126E9 MD5 Digest: 0x5F1D5F88303D4A4DBC8E5F97BA967CC3 CRC32 Digest: 0xCAAB96B1 Rootkit Property: Normal File Size: 15360 bytes
File: c:\windows\system32\d3dim700.dll Product: Microsoft Windows Operating System Product Version: 5.03.2600.5512 Company: Microsoft Corporation Description: Microsoft Direct3D Original FileName: D3DIM700.dll File Version Label: 5.03.2600.5512 (xpsp.080413-0845) File Version Number: 5.3.2600.5512 SHA-1 Digest: 0x3396CD75508C5896C7ECDF1784DDC65003B9BF25 MD5 Digest: 0x56ADB11F7D4D0816C0BE1E701C1B5E52 CRC32 Digest: 0xBF18A8C7 Rootkit Property: Normal File Size: 824320 bytes
File: c:\windows\system32\davclnt.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: Web DAV Client DLL Original FileName: davclnt.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xDC187873A6298B97615A3DC125DF508F3A867D42 MD5 Digest: 0xFB8F8EEC8D9C2157789472DD61CDC78B CRC32 Digest: 0x135F2862 Rootkit Property: Normal File Size: 25088 bytes
File: c:\windows\system32\dbghelp.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Image Helper Original FileName: DBGHELP.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xE5C743C8D39DE0C0F43099476DE82CF5A862CC15 MD5 Digest: 0xB6E6F3F5B63053D5DC1F4EE32992492F CRC32 Digest: 0x1AC2EF66 Rootkit Property: Normal File Size: 640000 bytes
File: c:\windows\system32\dciman32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: DCI Manager Original FileName: dciman32 File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2C8BB1FF49379D6F335496410C1930841654A586 MD5 Digest: 0xD8B91D94ECB123862B390FDE3250D3BB CRC32 Digest: 0xFA01F98E Rootkit Property: Normal File Size: 8704 bytes
File: c:\windows\system32\ddraw.dll Product: Microsoft Windows Operating System Product Version: 5.03.2600.5512 Company: Microsoft Corporation Description: Microsoft DirectDraw Original FileName: DDraw.dll File Version Label: 5.03.2600.5512 (xpsp.080413-0845) File Version Number: 5.3.2600.5512 SHA-1 Digest: 0x55B268AE2AEA99A0D233D77841AAA6FA250A4719 MD5 Digest: 0xA340CD71EB535A3DD751B5F28723E50C CRC32 Digest: 0xBB2C1248
Rootkit Property: Normal File Size: 279552 bytes
File: c:\windows\system32\ddrawex.dll Product: Microsoft Windows Operating System Product Version: 5.03.2600.5512 Company: Microsoft Corporation Description: Direct Draw Ex Original FileName: ddrawex File Version Label: 5.03.2600.5512 (xpsp.080413-0845) File Version Number: 5.3.2600.5512 SHA-1 Digest: 0xD92523BA81EDE7AB1DFD4C685CFD6268506305EE MD5 Digest: 0xA47F6A13202AA54541CA46D6CED79F5F CRC32 Digest: 0x149FE63B Rootkit Property: Normal File Size: 27136 bytes
File: c:\windows\system32\devenum.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 6.5.2600.5512
SHA-1 Digest: 0xD6809AD26328B1A3A1DB476F5B20A162BA67BD20 MD5 Digest: 0xAA5E22854F56C68148EB3345DBD62970 CRC32 Digest: 0x29C9D3FD Rootkit Property: Normal File Size: 59904 bytes
File: c:\windows\system32\dhcpcsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: DHCP Client Service Original FileName: dhcpcsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x58D6F6ED00876B7EC653079E5448F74379697524 MD5 Digest: 0x5E38D7684A49CACFB752B046357E0589 CRC32 Digest: 0xAE0DEF93 Rootkit Property: Normal File Size: 126976 bytes
File: c:\windows\system32\dllhost.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: COM Surrogate
Original FileName: dllhost.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5D0B0222B0F37A85D64B9283611E940313E21348 MD5 Digest: 0x0A9BA6AF531AFE7FA5E4FB973852D863 CRC32 Digest: 0x1C8C6AEA Rootkit Property: Normal File Size: 5120 bytes
File: c:\windows\system32\dmadmin.exe Product: Logical Disk Manager for Windows NT Product Version: 1.0 Company: Microsoft Corp., Veritas Software Description: Logical Disk Manager service process Original FileName: dmadmin.exe File Version Label: 2600.5512.503.0 File Version Number: 2600.5512.503.0 SHA-1 Digest: 0x26DAB1CC620A62B6382D84C350D334B86A0345D3 MD5 Digest: 0xE46050330BD42F33609117F861E32D3C CRC32 Digest: 0x7639D603 Rootkit Property: Normal File Size: 224768 bytes
File: c:\windows\system32\dmserver.dll Product: Logical Disk Manager for Windows NT
Product Version: 1.0 Company: Microsoft Corp. Description: Logical Disk Manager service dll Original FileName: dmserver.dll File Version Label: 2600.5512.503.0 File Version Number: 2600.5512.503.0 SHA-1 Digest: 0x80C6F2808D413AE6FA37F6FD4ADA8DC160F99A0A MD5 Digest: 0x57EDEC2E5F59F0335E92F35184BC8631 CRC32 Digest: 0xAC42AB40 Rootkit Property: Normal File Size: 23552 bytes
File: c:\windows\system32\dnsapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5625 Company: Microsoft Corporation Description: DNS Client API DLL Original FileName: dnsapi File Version Label: 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249) File Version Number: 5.1.2600.5625 SHA-1 Digest: 0x3EAF6478C6F14794B05A612D845C1725757BEB0B MD5 Digest: 0x5D3FDE8FB2801A2041D1B965372C4928 CRC32 Digest: 0x6145C1AF Rootkit Property: Normal File Size: 147968 bytes
File: c:\windows\system32\dnsrslvr.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: DNS Caching Resolver Service Original FileName: dnsrslvr.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2E2F3D37181966E4BE410340FC1A34D57A453642 MD5 Digest: 0x474B4DC3983173E4B4C9740B0DAC98A6 CRC32 Digest: 0x9467091E Rootkit Property: Normal File Size: 45568 bytes
File: c:\windows\system32\dot3api.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: 802.3 Autoconfiguration API Original FileName: dot3api.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x50AD68B8A3450C8BD652A039B6F94045975E4B65 MD5 Digest: 0x8E2CC37BA87D8F681066E0E9C8A19F73
CRC32 Digest: 0x4A807BA3 Rootkit Property: Normal File Size: 26112 bytes
File: c:\windows\system32\dot3dlg.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: 802.3 UI Helper Original FileName: dot3dlg.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x1FAB45CB9BCEC525D36A32055A0E70F0E0AC94CF MD5 Digest: 0x4E8F3230BAC8C1CAADF01A8C728E1C5C CRC32 Digest: 0x4975BB90 Rootkit Property: Normal File Size: 9216 bytes
File: c:\windows\system32\dot3svc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Wired AutoConfig Service Original FileName: dot3svc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD40A92548DC68129A468147432DE34F5C6DC2C90 MD5 Digest: 0x0F0F6E687E5E15579EF4DA8DD6945814 CRC32 Digest: 0x32D19D87 Rootkit Property: Normal File Size: 132096 bytes
File: c:\windows\system32\drivers\abp480n5.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: AdvanSys SCSI Controller Driver Original FileName: ABP480N5.SYS File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x66D302025842F2268A867FC9A86B5BBCF0DE5BAB MD5 Digest: 0x6ABB91494FE6C59089B9336452AB2EA3 CRC32 Digest: 0xED1225CB Rootkit Property: Normal File Size: 23552 bytes
File: c:\windows\system32\drivers\acpi.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: ACPI Driver for NT Original FileName: ACPI.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFAF1AE66CC016DD7281A1FCA53BE841B6B611106 MD5 Digest: 0x8FD99680A539792A30E97944FDAECF17 CRC32 Digest: 0xFDE36A7C Rootkit Property: Normal File Size: 187776 bytes
File: c:\windows\system32\drivers\acpiec.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: ACPI Embedded Controller Driver Original FileName: acpiec.sys File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xF27A1EE007EB29DB95BEBEEB16F76322E2CDFDCE MD5 Digest: 0x9859C0F6936E723E4892D7141B1327D5 CRC32 Digest: 0x2FFB4AF9 Rootkit Property: Normal File Size: 11648 bytes
File: c:\windows\system32\drivers\adihdaud.sys
Product: SoundMAX Digital HD Audio Driver Product Version: 5.10.01.4310 Company: Analog Devices, Inc. Description: High Definition Audio Function Driver(Release Candidate 1) Original FileName: ADIHDAud.sys File Version Label: 5.10.01.4310 built by: WinDDK File Version Number: 5.10.1.4310 SHA-1 Digest: 0xC5D0371682E7B8DBD924092A07CFD86226574FBC MD5 Digest: 0x66614B9FDC7E74AB736A84D89F7B06B6 CRC32 Digest: 0x9D1D10B5 Rootkit Property: Normal File Size: 176128 bytes
File: c:\windows\system32\drivers\adpu160m.sys Product: Microsoft Windows Operating System Product Version: 5.1.2484.0 Company: Microsoft Corporation Description: Adaptec Ultra160 SCSI miniport Original FileName: adpu160m.sys File Version Label: v3.60a (Lab01_N(johnstra).010529-2218) File Version Number: 5.1.2484.0 SHA-1 Digest: 0x53164FDFAB5A0C0DD564D362C9DA005F41E0BCC0 MD5 Digest: 0x9A11864873DA202C996558B2106B0BBC CRC32 Digest: 0x6B692BF7 Rootkit Property: Normal
File Size: 101888 bytes
File: c:\windows\system32\drivers\aeaudio.sys Product: Andrea Audio Driver Product Version: 4.0.1.20 Company: Andrea Electronics Corporation Description: Audio Noise Filtering Driver Original FileName: AEAudio.sys File Version Label: 4.0.1.20 File Version Number: 4.0.1.20 SHA-1 Digest: 0x2EE010C636BCC79CB45F4DBC870160BE5D7FFF8E MD5 Digest: 0xC984DE22ED71414ABC42C1E03D412E33 CRC32 Digest: 0xE9D02F1C Rootkit Property: Normal File Size: 152960 bytes
File: c:\windows\system32\drivers\aec.sys Product: Microsoft Windows Operating System Product Version: 5.1.2601.3142 Company: Microsoft Corporation Description: Microsoft Acoustic Echo Canceller Original FileName: aec.sys File Version Label: 5.1.2601.3142 File Version Number: 5.1.2601.3142 SHA-1 Digest: 0x7CCD9DDA4ED4C776CD1A1BE021A13DBC4B277C7E
MD5 Digest: 0x8BED39E3C35D6A489438B8141717A557 CRC32 Digest: 0xF5078C1B Rootkit Property: Normal File Size: 142592 bytes
File: c:\windows\system32\drivers\afd.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5657 Company: Microsoft Corporation Description: Ancillary Function Driver for WinSock Original FileName: afd.sys File Version Label: 5.1.2600.5657 (xpsp_sp3_gdr.080814-1236) File Version Number: 5.1.2600.5657 SHA-1 Digest: 0x7AF696BE55454D2B297BB2115DDFBECF95AA7EEF MD5 Digest: 0x7E775010EF291DA96AD17CA4B17137D7 CRC32 Digest: 0x3605D2B3 Rootkit Property: Normal File Size: 138496 bytes
File: c:\windows\system32\drivers\agnfilt.sys Product: AT&T Global Network Firewall Product Version: 6.7.0.3011 Company: AT&T Description: Net Firewall Original FileName: agnfilt.sys
File Version Label: 6.7.0.3011 File Version Number: 6.7.0.3011 SHA-1 Digest: 0xF1551080161BA24DB35534742C1F8202E18BF9DD MD5 Digest: 0x1E5F5F898E8D0BE41EC6A3CC2476F25D CRC32 Digest: 0xD39936CD Rootkit Property: Normal File Size: 180864 bytes
File: c:\windows\system32\drivers\agnwifi.sys Product: AT&T Global Network Client Product Version: 6.1.0.3000 Company: AT&T Description: Wi-Fi Driver Original FileName: agnwifi.sys File Version Label: 6.1.0.3000 File Version Number: 6.1.0.3000 SHA-1 Digest: 0xD16A6ED557A7C6E385C7BFF1E9055A2C759D2AED MD5 Digest: 0x685443AFA5D1A94C5F47E4846B0E4C3D CRC32 Digest: 0x7EC81B73 Rootkit Property: Normal File Size: 19328 bytes
File: c:\windows\system32\drivers\agp440.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: 440 NT AGP Filter Original FileName: agp440.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x8F2814AFD462823191004A52AFF05DACE9E134BB MD5 Digest: 0x08FD04AA961BDC77FB983F328334E3D7 CRC32 Digest: 0xCFA21DB3 Rootkit Property: Normal File Size: 42368 bytes
File: c:\windows\system32\drivers\agpcpq.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: CompatNT AGP Filter Original FileName: agpcpq.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x0AE7FC426BC8AD5E461DC2FA1A903689FD0DFDB5 MD5 Digest: 0x03A7E0922ACFE1B07D5DB2EEB0773063 CRC32 Digest: 0x0C85FD08 Rootkit Property: Normal File Size: 44928 bytes
File: c:\windows\system32\drivers\aha154x.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Adaptec AHA-154x series SCSI miniport Original FileName: aha154x.sys File Version Label: v1.13b (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x038E5CB01BF63EC2DFBCA5AEC9BE0575855E8472 MD5 Digest: 0xC23EA9B5F46C7F7910DB3EAB648FF013 CRC32 Digest: 0x0FA89078 Rootkit Property: Normal File Size: 12800 bytes
File: c:\windows\system32\drivers\aic78u2.sys Product: Microsoft Windows Operating System Product Version: 5.1.2474.0 Company: Microsoft Corporation Description: Adaptec Ultra2 SCSI miniport Original FileName: aic78u2.sys File Version Label: v3.60a (Lab01_N.010510-0033) File Version Number: 5.1.2474.0 SHA-1 Digest: 0xA659CBB358269D5DBC939C477AD8E6F38F38B9AC MD5 Digest: 0x19DD0FB48B0C18892F70E2E7D61A1529 CRC32 Digest: 0xC6A2E537
Rootkit Property: Normal File Size: 55168 bytes
File: c:\windows\system32\drivers\aic78xx.sys Product: Microsoft Windows Operating System Product Version: 5.1.2474.0 Company: Microsoft Corporation Description: Adaptec Ultra SCSI miniport Original FileName: aic78xx.sys File Version Label: v3.60a (Lab01_N.010510-0033) File Version Number: 5.1.2474.0 SHA-1 Digest: 0x22E79761B687A945AF616F38965D989C8E39481B MD5 Digest: 0xB7FE594A7468AA0132DEB03FB8E34326 CRC32 Digest: 0x44970E33 Rootkit Property: Normal File Size: 56960 bytes
File: c:\windows\system32\drivers\aliide.sys Product: ALi mini IDE Driver Product Version: 1.20 Company: Acer Laboratories Inc. Description: ALi mini IDE Driver Original FileName: aliide.sys File Version Label: 1.20 File Version Number: 1.2.0.0
SHA-1 Digest: 0x2B44EB781C9FE6B681E9FBD3EA179E6CC16BDE11 MD5 Digest: 0x1140AB9938809700B46BB88E46D72A96 CRC32 Digest: 0x5759BBAD Rootkit Property: Normal File Size: 5248 bytes
File: c:\windows\system32\drivers\alim1541.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: ALi M1541 NT AGP Filter Original FileName: agpALi.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA23C13598C1AD0F5E5D965DF58F32926EC26581C MD5 Digest: 0xCB08AED0DE2DD889A8A820CD8082D83C CRC32 Digest: 0x6A2B29CC Rootkit Property: Normal File Size: 42752 bytes
File: c:\windows\system32\drivers\amdagp.sys Product: Windows (R) 2000 DDK Driver Product Version: 5.00 Company: Advanced Micro Devices, Inc. Description: AMD Win2000 AGP Filter
Original FileName: amdagp.sys File Version Label: 5.00 (xpsp.080413-2111) File Version Number: 5.2.2.2195 SHA-1 Digest: 0x09A537BC79F5D5E813B9A81D44C5CB12FDD0B8B5 MD5 Digest: 0x95B4FB835E28AA1336CEEB07FD5B9398 CRC32 Digest: 0x0466E287 Rootkit Property: Normal File Size: 43008 bytes
File: c:\windows\system32\drivers\amsint.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: AMD SCSI/NET Controller Original FileName: amsint.sys File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xDFBE8D37AC64734D58F1D4B6DD6DBD1817CF58B5 MD5 Digest: 0x79F5ADD8D24BD6893F2903A3E2F3FAD6 CRC32 Digest: 0xA249F884 Rootkit Property: Normal File Size: 12032 bytes
File: c:\windows\system32\drivers\anc.sys Product: IBM Access Connections
Product Version: 3, 2, 0, 0 Company: IBM Corp. Description: IBM Access Connections - ANC Original FileName: ANC.SYS File Version Label: 8.3 File Version Number: 8.3.0.0 SHA-1 Digest: 0x0D3A35C14121BD1D62AF694DAEF4386592A742AC MD5 Digest: 0x11AB185A7AF224800BBFB5B836974A17 CRC32 Digest: 0xEA65CDC8 Rootkit Property: Normal File Size: 11520 bytes
File: c:\windows\system32\drivers\anydlc.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: ANYDLC.DLL(9X)/ANYDLC.SYS(NT) Original FileName: ANUTIL File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xCADB62035214B2C92B1FA5EAC190BA59205F6545 MD5 Digest: 0x3EA28A33E8DDFA6576F5CB1C5FAB0AC4 CRC32 Digest: 0x978E457C Rootkit Property: Normal File Size: 38236 bytes
File: c:\windows\system32\drivers\appn.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: APPN library Original FileName: APPN.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xDFA931FD0608C0F8B47A76A424150E534A893774 MD5 Digest: 0xA0166911B476D65B4790BD40F920F220 CRC32 Digest: 0xD79EDB8C Rootkit Property: Normal File Size: 1286560 bytes
File: c:\windows\system32\drivers\appnapi.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: APPNAPI library Original FileName: APPNAPI.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xA84BE01C60CB1750B2AC983F92D07401460D7E6F MD5 Digest: 0xC12B83254A99014D9A46E49D56DA3809
CRC32 Digest: 0x5E733278 Rootkit Property: Normal File Size: 120192 bytes
File: c:\windows\system32\drivers\appnbase.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: APPNBASE library Original FileName: APPNBASE.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x45158CBBD086326044668EF80B8C6A7CB751C7A5 MD5 Digest: 0x6B6D87514E49563002A006C5A2AEBF84 CRC32 Digest: 0x734B85ED Rootkit Property: Normal File Size: 195872 bytes
File: c:\windows\system32\drivers\appnnode.exe Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: APPNNODE executable Original FileName: APPNNODE.EXE File Version Label: 5070.10.5249.773
File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x38D831A1ACBB7D601A3E13D2A6A0A64DE00B50C4 MD5 Digest: 0xBD282DD4FF522E5BD9B2805BBB1D3CA7 CRC32 Digest: 0xCDC744DE Rootkit Property: Normal File Size: 32768 bytes
File: c:\windows\system32\drivers\apshm86.sys Product: ThinkVantage Active Protection System Product Version: 1.54 Company: Lenovo. Description: ThinkVantage Active Protection System HID Digitizer Activity Monitor Driver Original FileName: ApsHM86.sys File Version Label: 1.54.0.0 built by: WinDDK File Version Number: 1.54.0.0 SHA-1 Digest: 0x27BE9610FDBE08D8F1F40F972C93E4E2DD39D72A MD5 Digest: 0x639BA7B37F25054CF5E82604E736D250 CRC32 Digest: 0xED9E392C Rootkit Property: Normal File Size: 19504 bytes
File: c:\windows\system32\drivers\apsx86.sys Product: ThinkVantage Active Protection System Product Version: 1.54 Company: Lenovo.
Description: Shockproof Disk Driver Original FileName: ApsX86.sys File Version Label: 1.54.0.0 File Version Number: 1.54.0.0 SHA-1 Digest: 0x2160C1B1D1D1FA5B30DD02EBAABBF654D1006A8A MD5 Digest: 0xA3AEE791DB8C73882F4503BFAACD8C9E CRC32 Digest: 0x60BC4DEE Rootkit Property: Normal File Size: 103472 bytes
File: c:\windows\system32\drivers\ar5211.sys Product: Atheros AR5001 Wireless Network Adapter Product Version: 5.0.100.112 Company: Atheros Communications, Inc. Description: Driver for Atheros AR5001 Wireless Network Adapter Original FileName: AR5211.SYS File Version Label: 5.0.100.112 File Version Number: 5.0.100.112 SHA-1 Digest: 0xF27B9296532C5F86F068D780BD7E5A4335F5E37E MD5 Digest: 0x317564A02DC28747BEA2E9043955DD6E CRC32 Digest: 0xA2010F4B Rootkit Property: Normal File Size: 508672 bytes
File: c:\windows\system32\drivers\artndint.sys
Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xDBE8F013CB99596FC9D80BDD9787E4DE6BC5C725 MD5 Digest: 0xC9323D8401D8A2EE8850FAB5D71CCD61 CRC32 Digest: 0xCE4C4D86 Rootkit Property: Normal File Size: 7760 bytes
File: c:\windows\system32\drivers\asc.sys Product: AdvanSys SCSI driver Product Version: 2.9I-MS Company: Advanced System Products, Inc. Description: AdvanSys SCSI Controller Driver Original FileName: ASC.SYS File Version Label: 2.9I-MS (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x4457225E1E685A96E56DF08FB595FB2A47B98DA6 MD5 Digest: 0x62D318E9A0C8FC9B780008E724283707 CRC32 Digest: 0x16B40078 Rootkit Property: Normal
File Size: 26496 bytes
File: c:\windows\system32\drivers\asc3350p.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: AdvanSys SCSI Card Driver Original FileName: ASC3350P.SYS File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x672231041EF98C2EA4798EEF1FDB7795FD44957B MD5 Digest: 0x69EB0CC7714B32896CCBFD5EDCBEA447 CRC32 Digest: 0x315A63EE Rootkit Property: Normal File Size: 22400 bytes
File: c:\windows\system32\drivers\asc3550.sys Product: AdvanSys PCI Ultra Wide SCSI Driver Product Version: 3.1E-MS Company: Advanced System Products, Inc. Description: AdvanSys Ultra-Wide PCI SCSI Driver Original FileName: ASC3550.SYS File Version Label: 3.1E-MS (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xDA0773D97F8E38F858C7F03AA7A17E2E50C060F7
MD5 Digest: 0x5D8DE112AA0254B907861E9E9C31D597 CRC32 Digest: 0xC23AF74E Rootkit Property: Normal File Size: 14848 bytes
File: c:\windows\system32\drivers\asyncmac.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: MS Remote Access serial network driver Original FileName: ASYNCMAC.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD3AE90917C931145319570B926D360B29CF6A569 MD5 Digest: 0xB153AFFAC761E7F5FCFA822B9C4E97BC CRC32 Digest: 0x66433D07 Rootkit Property: Normal File Size: 14336 bytes
File: c:\windows\system32\drivers\atapi.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: IDE/ATAPI Port Driver Original FileName: atapi.sys
File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA719156E8AD67456556A02C34E762944234E7A44 MD5 Digest: 0x9F3A2F5AA6875C72BF062C712CFA2674 CRC32 Digest: 0xE758DA4A Rootkit Property: Normal File Size: 96512 bytes
File: c:\windows\system32\drivers\ati2mtag.sys Product: ATI Radeon WindowsNT Miniport Driver Product Version: 6.14.10.6635 Company: ATI Technologies Inc. Description: ATI Radeon WindowsNT Miniport Driver Original FileName: ati2mtag.sys File Version Label: 6.14.10.6635 File Version Number: 6.14.10.6635 SHA-1 Digest: 0x141A0072FA7CA40502AF10256B38E46515F1DE05 MD5 Digest: 0xE150424208C8A91DEED8C45019A6CDD2 CRC32 Digest: 0x190B6284 Rootkit Property: Normal File Size: 1724416 bytes
File: c:\windows\system32\drivers\atmarpc.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: IP/ATM Arp Client Original FileName: ATMARP.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xAABB3172DB4A0824DD4A1B558FCE94AE2D3B3259 MD5 Digest: 0x9916C1225104BA14794209CFA8012159 CRC32 Digest: 0x6ED62A34 Rootkit Property: Normal File Size: 59904 bytes
File: c:\windows\system32\drivers\atmeltpm.sys Product: Atmel TPM Driver Product Version: 3.0.0.15 Company: Atmel, Inc. Description: Atmel TPM Driver Original FileName: AtmelTpm.SYS File Version Label: 3.0.0.15 built by: WinDDK File Version Number: 3.0.0.15 SHA-1 Digest: 0x480F894E0212ACF626B7252B27E2D14E012DCFA2 MD5 Digest: 0xDBF0D7E2DF33B469EB55406FEA759350 CRC32 Digest: 0x0D7E93F5 Rootkit Property: Normal File Size: 15872 bytes
File: c:\windows\system32\drivers\audstub.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: AudStub Driver Original FileName: audstub.sys File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xE07EE000BC06B455534D8A517305C1208D30306B MD5 Digest: 0xD9F724AA26C010A217C97606B160ED68 CRC32 Digest: 0x222A24E2 Rootkit Property: Normal File Size: 3072 bytes
File: c:\windows\system32\drivers\avpnnic.sys Product: AGN Virtual Network Adapter Driver Product Version: 5.08 Company: AT&T Description: AGN Virtual Network Adapter Driver Original FileName: avpnnic.sys File Version Label: 5.08 built by: WinDDK File Version Number: 5.0.1.1 SHA-1 Digest: 0x769C22AEE4A34874BC681C653F813246D5E635A1 MD5 Digest: 0x84632BB018CDB66B366EAD809BB0A426 CRC32 Digest: 0x8CFFED8A
Rootkit Property: Normal File Size: 13952 bytes
File: c:\windows\system32\drivers\b57xp32.sys Product: Broadcom NetXtreme Gigabit Ethernet Driver Product Version: 7.44.0.0 Company: Broadcom Corporation Description: Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver. Original FileName: b57xp32.sys File Version Label: 7.44.0.0 built by: WinDDK File Version Number: 7.44.0.0 SHA-1 Digest: 0x1D84D4C7C1D68880D74FBA0C0DC354FA3A5DF134 MD5 Digest: 0x8A8FD355547B50BD5BE0BC473C0AF148 CRC32 Digest: 0x5042BAEA Rootkit Property: Normal File Size: 114688 bytes
File: c:\windows\system32\drivers\btkrnl.sys Product: Bluetooth Software Product Version: 5.1.0.4601 Company: Broadcom Corporation. Description: Bluetooth Bus Enumerator Original FileName: BTKRNL.SYS File Version Label: 5.1.0.4601 File Version Number: 5.1.0.4601
SHA-1 Digest: 0x71F38D2CC0D9C7E597D68721E8A17E1CC463C313 MD5 Digest: 0xEF5E0DE0A7CA2977A9255F36F4D915AB CRC32 Digest: 0x23B1B94A Rootkit Property: Normal File Size: 879624 bytes
File: c:\windows\system32\drivers\btport.sys Product: Bluetooth Software Product Version: 5.1.0.3200 Company: Broadcom Corporation. Description: Bluetooth BTPORT Driver for Windows 2000 Original FileName: BTPORT.SYS File Version Label: 5.1.0.3200 File Version Number: 5.1.0.3200 SHA-1 Digest: 0x8654363C960CFA748F53E68D5A4C4C28D1F8DA4B MD5 Digest: 0x58A49BD10E08D3D4333A60DEDCB1CED8 CRC32 Digest: 0x7C9ABC9F Rootkit Property: Normal File Size: 37424 bytes
File: c:\windows\system32\drivers\btwusb.sys Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: Driver for Bluetooth USB Devices
Original FileName: BTWUSB.SYS File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0xB5A31DC1E4D350A5A5D3BC3FB31D45776C57BF34 MD5 Digest: 0x053DC5BE74621B63BB48C2B86BAFC7B0 CRC32 Digest: 0x2F906FE6 Rootkit Property: Normal File Size: 74688 bytes
File: c:\windows\system32\drivers\cbidf2k.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: CardBus/PCMCIA IDE Miniport Driver Original FileName: cbidf2k.sys File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x2D93247F985EF498535BE7B95172182FF829588A MD5 Digest: 0x90A673FC8E12A79AFBED2576F6A7AAF9 CRC32 Digest: 0xE2CABB8A Rootkit Property: Normal File Size: 13952 bytes
File: c:\windows\system32\drivers\ccdcmb.sys Product:
Product Version: Company: Nokia Description: Nokia USB Phone Bus Driver Original FileName: ccdcmb.sys File Version Label: 7.1.18.34 File Version Number: 7.1.18.34 SHA-1 Digest: 0xDC3E0F50EFB5F0E007FB58CCDB9CE331E67188BE MD5 Digest: 0x4A8A2AA0706B659175169DECF198E9D7 CRC32 Digest: 0xAE27893B Rootkit Property: Normal File Size: 17664 bytes
File: c:\windows\system32\drivers\ccdcmbo.sys Product: Product Version: Company: Nokia Description: Nokia USB Phone Bus Driver Original FileName: ccdcmb.sys File Version Label: 7.1.18.34 File Version Number: 7.1.18.34 SHA-1 Digest: 0x83E8628456083E0FA7A17E5D8C010FF3CE07A20E MD5 Digest: 0xFD3E61831095AC62E6840D986B5A2016 CRC32 Digest: 0x63A0695C Rootkit Property: Normal File Size: 22016 bytes
File: c:\windows\system32\drivers\cd20xrnt.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: IBM Portable CD-ROM Drive Miniport Original FileName: cd20xrnt.sys File Version Label: v3.01 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x97E979A4E41A18118F290B283C52D1B2E583D9F6 MD5 Digest: 0xF3EC03299634490E97BBCE94CD2954C7 CRC32 Digest: 0xB3CE8E7C Rootkit Property: Normal File Size: 7680 bytes
File: c:\windows\system32\drivers\cdrom.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: SCSI CD-ROM Driver Original FileName: cdrom.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA80D103EECFE831B93C01F092ABCDDAE90BCCD6F MD5 Digest: 0x1F4260CC5B42272D71F79E570A27A4FE
CRC32 Digest: 0x9B9244F9 Rootkit Property: Normal File Size: 62976 bytes
File: c:\windows\system32\drivers\cmbatt.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Control Method Battery Driver Original FileName: cmbatt.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x7D4DB7B95DCD863BBF1581503F66B03617DE443D MD5 Digest: 0x0F6C187D38D98F8DF904589A5F94D411 CRC32 Digest: 0x500B36CD Rootkit Property: Normal File Size: 13952 bytes
File: c:\windows\system32\drivers\cmdide.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: CMD Technology, Inc. Description: CMD PCI IDE Bus Driver Original FileName: cmdide.sys File Version Label: 2.0.7 (XPClient.010817-1148)
File Version Number: 2.0.7.0 SHA-1 Digest: 0x5FF466B81A33C5998B091D291C6E940BC6A72DB8 MD5 Digest: 0xE5DCB56C533014ECBC556A8357C929D5 CRC32 Digest: 0x9EDE6CB6 Rootkit Property: Normal File Size: 6656 bytes
File: c:\windows\system32\drivers\compbatt.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Composite Battery Driver Original FileName: compbatt.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2A5A0C88D11CA2264779C2FC1430842CD96D3BD7 MD5 Digest: 0x6E4C9F21F0FAE8940661144F41B13203 CRC32 Digest: 0x698A2D41 Rootkit Property: Normal File Size: 10240 bytes
File: c:\windows\system32\drivers\cpqarray.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation
Description: Compaq Drive Array Controllers SCSI Miniport Driver Original FileName: CPQARRAY.SYS File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xB53994B750D378E4536AA2D84F23FAD510EFE835 MD5 Digest: 0x3EE529119EED34CD212A215E8C40D4B6 CRC32 Digest: 0xD5CBA14C Rootkit Property: Normal File Size: 14976 bytes
File: c:\windows\system32\drivers\dac2w2k.sys Product: Mylex Disk Array Controller Driver Product Version: 6.00-21 Company: Mylex Corporation Description: Mylex Disk Array Controller Driver Original FileName: dac2w2k.sys File Version Label: 6.00-21 (XPClient.010817-1148) File Version Number: 6.0.21.0 SHA-1 Digest: 0xE34986FD8FD9A7F0F6561A96890037F6B6794D2D MD5 Digest: 0xE550E7418984B65A78299D248F0A7F36 CRC32 Digest: 0x56839B03 Rootkit Property: Normal File Size: 179584 bytes
File: c:\windows\system32\drivers\dac960nt.sys
Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Mylex Disk Array Controller Driver Original FileName: DAC960NT.sys File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xCEEB731A2504482159FA6E57CD658E760CDB4E6C MD5 Digest: 0x683789CAA3864EB46125AE86FF677D34 CRC32 Digest: 0x91A444B9 Rootkit Property: Normal File Size: 14720 bytes
File: c:\windows\system32\drivers\disk.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: PnP Disk Driver Original FileName: scsidisk.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA19652B689C06A116CF889823979669327DE109F MD5 Digest: 0x044452051F3E02E7963599FC8F4F3E25 CRC32 Digest: 0x96AFE78F Rootkit Property: Normal
File Size: 36352 bytes
File: c:\windows\system32\drivers\dmboot.sys Product: VERITAS NT Disk Manager Product Version: 1.0 Company: Microsoft Corp., Veritas Software Description: NT Disk Manager Startup Driver Original FileName: dmboot.sys File Version Label: 2600.5512.503.0 File Version Number: 2600.5512.503.0 SHA-1 Digest: 0x6EF561FBD8B9A3797C82DCE0425A3557B80CB5C9 MD5 Digest: 0xD992FE1274BDE0F84AD826ACAE022A41 CRC32 Digest: 0xF01A10D1 Rootkit Property: Normal File Size: 799744 bytes
File: c:\windows\system32\drivers\dmio.sys Product: VERITAS NT Disk Manager Product Version: 1.0 Company: Microsoft Corp., Veritas Software Description: NT Disk Manager I/O Driver Original FileName: dmio.sys File Version Label: 2600.5512.503.0 File Version Number: 2600.5512.503.0 SHA-1 Digest: 0x244A53AB6CECFD0C6D106284165CB6BB9AEA87CA
MD5 Digest: 0x7C824CF7BBDE77D95C08005717A95F6F CRC32 Digest: 0x13E4FE1F Rootkit Property: Normal File Size: 153344 bytes
File: c:\windows\system32\drivers\dmload.sys Product: Logical Disk Manager for Windows NT Product Version: 1.0 Company: Microsoft Corp., Veritas Software. Description: NT Disk Manager Startup Driver Original FileName: dmload.sys File Version Label: 2600.0.503.0 File Version Number: 2600.0.503.0 SHA-1 Digest: 0xA768077067DB3DE64B1CEB98EC2DA42B7F184EBA MD5 Digest: 0xE9317282A63CA4D188C0DF5E09C6AC5F CRC32 Digest: 0xAC8D78B2 Rootkit Property: Normal File Size: 5888 bytes
File: c:\windows\system32\drivers\dmusic.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Kernel DLS Synthesizer Original FileName: DMusic.sys
File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA30227904D422A4DC0B7BD1D67E05DD747A524CC MD5 Digest: 0x8A208DFCF89792A484E76C40E5F50B45 CRC32 Digest: 0x63259F5F Rootkit Property: Normal File Size: 52864 bytes
File: c:\windows\system32\drivers\dpti2o.sys Product: Microsoft Windows Operating System Product Version: 5.1.2462.0 Company: Microsoft Corporation Description: DPT SmartRAID miniport Original FileName: dpti2o.sys File Version Label: 2.09 (Lab01_N.010309-0027) File Version Number: 5.1.2462.0 SHA-1 Digest: 0x739CBEF2D4F11C525B748547E8BE293FFDBF6362 MD5 Digest: 0x40F3B93B4E5B0126F2F5C0A7A5E22660 CRC32 Digest: 0xDB671F27 Rootkit Property: Normal File Size: 20192 bytes
File: c:\windows\system32\drivers\drmkaud.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: Microsoft Kernel DRM Audio Descrambler Filter Original FileName: drmkaud.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xCED162D79F69003C470CE6A84BED2FC18E1693DA MD5 Digest: 0x8F5FCFF8E8848AFAC920905FBD9D33C8 CRC32 Digest: 0x32E3BE7F Rootkit Property: Normal File Size: 2944 bytes
File: c:\windows\system32\drivers\e1e5132.sys Product: Intel(R) PRO/1000 Adapter Product Version: 9.4.17.0 Company: Intel Corporation Description: Intel(R) PRO/1000 Adapter NDIS 5.2 deserialized driver Original FileName: E1E5232.SYS File Version Label: 9.4.17.0 built by: WinDDK File Version Number: 9.4.17.0 SHA-1 Digest: 0x6F2650BAA38FC43A245CE38D860ABF42372216C9 MD5 Digest: 0x6F7CCD3C02B26D530900F06D98171A69 CRC32 Digest: 0x69462177 Rootkit Property: Normal File Size: 230400 bytes
File: c:\windows\system32\drivers\ewusbdev.sys Product: Huawei Technologies Co., Ltd. USB Modem/Serial Device Driver Product Version: 1. 0. 0. 9. SP00 Company: Huawei Technologies Co., Ltd. Description: USB Modem/Serial Device Driver Original FileName: ewusbdev.sys File Version Label: 1. 0. 0. 9 File Version Number: 1.0.0.9 SHA-1 Digest: 0xCDBA5E9998336923DB16706B6EE2D77802ECF42F MD5 Digest: 0x922065957563D851B5A68B95AADAC6AD CRC32 Digest: 0x600354D8 Rootkit Property: Normal File Size: 100736 bytes
File: c:\windows\system32\drivers\ewusbmdm.sys Product: Huawei Technologies Co., Ltd. USB Modem/Serial Device Driver Product Version: 2. 0. 3. 826 Company: Huawei Technologies Co., Ltd. Description: USB Modem/Serial Device Driver Original FileName: ewusbmdm.sys File Version Label: 2. 0. 3. 826 File Version Number: 2.0.3.826 SHA-1 Digest: 0xB9451269B206302DCAE7D6EEFC0B938C9F13383D MD5 Digest: 0x20330198554B7DDB44403AF21D6AE179 CRC32 Digest: 0xE48C0CA3
Rootkit Property: Normal File Size: 102528 bytes
File: c:\windows\system32\drivers\fdc.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Floppy Disk Controller Driver Original FileName: fdc.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xDF9E8A2D18AEDD359476C1A45877F0614ECF4993 MD5 Digest: 0x92CDD60B6730B9F50F6A1A0C1F8CDC81 CRC32 Digest: 0x47C3B1AB Rootkit Property: Normal File Size: 27392 bytes
File: c:\windows\system32\drivers\flpydisk.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Floppy Driver Original FileName: floppy.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x019614B5B22C191FBFB8E9565CF7682CC8F02F6E MD5 Digest: 0x9D27E7B80BFCDF1CDD9B555862D5E7F0 CRC32 Digest: 0x16F17776 Rootkit Property: Normal File Size: 20480 bytes
File: c:\windows\system32\drivers\fltmgr.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Filesystem Filter Manager Original FileName: fltMgr.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x9D951CF22A9F5DC75469F96C45CEFE6C73B2047F MD5 Digest: 0xB2CF4B0786F8212CB92ED2B50C6DB6B0 CRC32 Digest: 0x32451E2A Rootkit Property: Normal File Size: 129792 bytes
File: c:\windows\system32\drivers\ftdisk.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: FT Disk Driver
Original FileName: ftdisk.sys File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x12B8DB7B23BF05C46BCE7640B0714BF682B7C2A4 MD5 Digest: 0x6AC26732762483366C3969C9E4D2259D CRC32 Digest: 0x3EC05674 Rootkit Property: Normal File Size: 125056 bytes
File: c:\windows\system32\drivers\hdaudbus.sys Product: Microsoft Windows Operating System Product Version: 5.10.01.5013 Company: Windows (R) Server 2003 DDK provider Description: High Definition Audio Bus Driver v1.0a Original FileName: hdaudbus.sys File Version Label: 5.10.01.5013 built by: WinDDK File Version Number: 5.10.1.5013 SHA-1 Digest: 0x0192B8EA988A83A7CB98A2617ABCEB8AF608C181 MD5 Digest: 0x573C7D0A32852B48F3058CFD8026F511 CRC32 Digest: 0xE06DAA47 Rootkit Property: Normal File Size: 144384 bytes
File: c:\windows\system32\drivers\hidusb.sys Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: USB Miniport Driver for Input Devices Original FileName: HIDUSB.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x6126A6D2A56FE0C290B093A754E1FCF9521AE3E0 MD5 Digest: 0xCCF82C5EC8A7326C3066DE870C06DAF1 CRC32 Digest: 0x985D00AF Rootkit Property: Normal File Size: 10368 bytes
File: c:\windows\system32\drivers\hpn.sys Product: Microsoft Windows Operating System Product Version: 5.1.2467.0 Company: Microsoft Corporation Description: NetRAID-4M Miniport Driver Original FileName: hpn.sys File Version Label: 5.1.2467.0 (Lab01_N(johnstra).010423-0023) File Version Number: 5.1.2467.0 SHA-1 Digest: 0x3A38D34761E756225B20529FC069550AF25382C8 MD5 Digest: 0xB028377DEA0546A5FCFBA928A8AEFAE0 CRC32 Digest: 0x8C4094E2 Rootkit Property: Normal File Size: 25952 bytes
File: c:\windows\system32\drivers\hsx_cnxt.sys Product: SoftK56 Modem Driver Product Version: 7.39.00 Company: Conexant Systems, Inc. Description: HSF_CNXT driver Original FileName: HSF_CNXT.sys File Version Label: 7.39.00 built by: WinDDK File Version Number: 7.39.0.0 SHA-1 Digest: 0x1C8A172C9817CEDCABC8D7888A1D3DF0AA350E31 MD5 Digest: 0x11EC1AFCEB5C917CE73D3C301FF4291E CRC32 Digest: 0x2B5A3B3F Rootkit Property: Normal File Size: 670208 bytes
File: c:\windows\system32\drivers\hsx_dpv.sys Product: SoftK56 Modem Driver Product Version: 7.39.00 Company: Conexant Systems, Inc. Description: HSF_DP driver Original FileName: HSF_DP.sys File Version Label: 7.39.00 built by: WinDDK File Version Number: 7.39.0.0 SHA-1 Digest: 0x614C2EA0E50B6B59CB2C66C7CA32F39B7568FD31 MD5 Digest: 0xB1FC0B027DF4374F9E5B796CFDF797B3
CRC32 Digest: 0xF8D32BD4 Rootkit Property: Normal File Size: 936448 bytes
File: c:\windows\system32\drivers\hsxhwazl.sys Product: SoftK56 Modem Driver Product Version: 7.39.00 Company: Conexant Systems, Inc. Description: HSF_HWAZL WDM driver Original FileName: HSF_HWAZL.sys File Version Label: 7.39.00 built by: WinDDK File Version Number: 7.39.0.0 SHA-1 Digest: 0xC9D792281750C0E7E2A873974BF1BAECE8DB5173 MD5 Digest: 0x3AF45F5B4157C88FFAE24D89BA408302 CRC32 Digest: 0xF5A7CD74 Rootkit Property: Normal File Size: 192512 bytes
File: c:\windows\system32\drivers\http.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5891 Company: Microsoft Corporation Description: HTTP Protocol Stack Original FileName: http.sys File Version Label: 5.1.2600.5891 (xpsp_sp3_gdr.091020-1758)
File Version Number: 5.1.2600.5891 SHA-1 Digest: 0x721F9CB8FBB6FE323278CCD1391956998E3A804D MD5 Digest: 0xF80A415EF82CD06FFAF0D971528EAD38 CRC32 Digest: 0x1AFFFD95 Rootkit Property: Normal File Size: 265728 bytes
File: c:\windows\system32\drivers\i2omp.sys Product: Microsoft Windows Operating System Product Version: 1.0.0.6 Company: Microsoft Corporation Description: I2O Miniport Driver Original FileName: i2omp.sys File Version Label: 1.0.0.6 (xpsp.080413-2108) File Version Number: 1.0.0.6 SHA-1 Digest: 0xF25501D8753613AE1C0E7D75CBD72991458EDE70 MD5 Digest: 0xF10863BF1CCC290BABD1A09188AE49E0 CRC32 Digest: 0x7CA6B2D1 Rootkit Property: Normal File Size: 18560 bytes
File: c:\windows\system32\drivers\i8042prt.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: i8042 Port Driver Original FileName: i8042prt.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x684D74767873A042DE4BA26A7D322F1E7CA9D6F7 MD5 Digest: 0x4A0B06AA8943C1E332520F7440C0AA30 CRC32 Digest: 0x930B8273 Rootkit Property: Normal File Size: 52480 bytes
File: c:\windows\system32\drivers\iastor.sys Product: Intel Matrix Storage Manager driver Product Version: 7.0.0.1020 Company: Intel Corporation Description: Intel Matrix Storage Manager driver - ia32 Original FileName: iaStor.sys File Version Label: 7.0.0.1020 File Version Number: 7.0.0.1020 SHA-1 Digest: 0x39FEDED925D83DA3CA6E1BC29415D141864E53FF MD5 Digest: 0xFD7F9D74C2B35DBDA400804A3F5ED5D8 CRC32 Digest: 0xFC8B081F Rootkit Property: Normal File Size: 277784 bytes
File: c:\windows\system32\drivers\ibmbldid.sys
Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x2636A7479329EC31AF650449DBD1BB389A1075B7 MD5 Digest: 0x3A7DBE81EC5EDB96A0A61C7D4AF3198D CRC32 Digest: 0xEA21BABA Rootkit Property: Normal File Size: 4224 bytes
File: c:\windows\system32\drivers\ibmpmdrv.sys Product: ThinkPad Product Version: 1.60 Company: Lenovo. Description: ThinkPad Power Management Driver Original FileName: IBMPMDRV.SYS File Version Label: 1.60.0.4 File Version Number: 1.60.0.4 SHA-1 Digest: 0x04BA4F8BC9996FC4BF13143E31E3ADA82B02EDA3 MD5 Digest: 0x400D7095D5AE08970F839BCAC1843106 CRC32 Digest: 0xDEF75861 Rootkit Property: Normal
File Size: 26608 bytes
File: c:\windows\system32\drivers\igxpmp32.sys Product: Intel Graphics Accelerator Drivers for Windows NT(R) Product Version: 6.14.10.4860 Company: Intel Corporation Description: Intel Graphics Miniport Driver Original FileName: igxpmp32.sys File Version Label: 6.14.10.4860 File Version Number: 6.14.10.4860 SHA-1 Digest: 0x4D6FF43616C17B823B3BE36D9B8F19B168B25872 MD5 Digest: 0x06B71441957B48A4866DE2FE27CB79C8 CRC32 Digest: 0x865E0081 Rootkit Property: Normal File Size: 5765056 bytes
File: c:\windows\system32\drivers\imapi.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: IMAPI Kernel Driver Original FileName: IMAPI.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x11A1C247E82B8DEB69BFA852259CAF9793EF0AEE
MD5 Digest: 0x083A052659F5310DD8B6A6CB05EDCF8E CRC32 Digest: 0xD2E09C6D Rootkit Property: Normal File Size: 42112 bytes
File: c:\windows\system32\drivers\ini910u.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: INITIO ini910u SCSI miniport Original FileName: ini910u.sys File Version Label: 2.17 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xA922AF93451BFD2852E4EEDE3D7FFCAEDE9A898F MD5 Digest: 0x4A40E045FAEE58631FD8D91AFC620719 CRC32 Digest: 0x81DFF172 Rootkit Property: Normal File Size: 16000 bytes
File: c:\windows\system32\drivers\intelide.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Intel PCI IDE Driver Original FileName: intelide.sys
File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x26A71F20A825368CE1A0510413906B486E84B34A MD5 Digest: 0xB5466A9250342A7AA0CD1FBA13420678 CRC32 Digest: 0xC8C1CBCE Rootkit Property: Normal File Size: 5504 bytes
File: c:\windows\system32\drivers\intelppm.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Processor Device Driver Original FileName: intelppm.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFDE26AB07EBB4895815BC01E84D0FF31F7553FE2 MD5 Digest: 0x8C953733D8F36EB2133F5BB58808B66B CRC32 Digest: 0xFDE5A55D Rootkit Property: Normal File Size: 36352 bytes
File: c:\windows\system32\drivers\ip6fw.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: IPv6 Windows Firewall Driver Original FileName: ip6fw.sys File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x4755DD23EB1780211F8CCF27966F78907D2EB851 MD5 Digest: 0x3BB22519A194418D5FEC05D800A19AD0 CRC32 Digest: 0x58857D4C Rootkit Property: Normal File Size: 36608 bytes
File: c:\windows\system32\drivers\ipfltdrv.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: IP FILTER DRIVER Original FileName: ipfltdrv.sys File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x77253EF369A95E2CB3BF5531D963260A9C2E7857 MD5 Digest: 0x731F22BA402EE4B62748ADAF6363C182 CRC32 Digest: 0xFE3B7609 Rootkit Property: Normal File Size: 32896 bytes
File: c:\windows\system32\drivers\ipinip.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: IP in IP Encapsulation Driver Original FileName: IPINIP.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB3540C34656CD1425D935D979C6E08064CBEDC79 MD5 Digest: 0xB87AB476DCF76E72010632B5550955F5 CRC32 Digest: 0x67A6AB94 Rootkit Property: Normal File Size: 20864 bytes
File: c:\windows\system32\drivers\ipnat.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: IP Network Address Translator Original FileName: IPNAT.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xCADA5FE764992D74A8BCEE9705A01EF61EAEA5DF MD5 Digest: 0xCC748EA12C6EFFDE940EE98098BF96BB CRC32 Digest: 0xB99B4679
Rootkit Property: Normal File Size: 152832 bytes
File: c:\windows\system32\drivers\ipsec.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: IPSec Driver Original FileName: ipsec.sys File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5C6DBEC1D047A3252E8FDAD3A240DDA073ACEFEC MD5 Digest: 0x23C74D75E36E7158768DD63D92789A91 CRC32 Digest: 0x6C4384AC Rootkit Property: Normal File Size: 75264 bytes
File: c:\windows\system32\drivers\irda.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: IRDA Protocol Driver Original FileName: irda.sys File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x80DB95006DA032753EDED1A58233D80A3001FB5A MD5 Digest: 0xACA5E7B54409F9CB5EED97ED0C81120E CRC32 Digest: 0x719C49C5 Rootkit Property: Normal File Size: 88192 bytes
File: c:\windows\system32\drivers\irenum.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Infra-Red Bus Enumerator Original FileName: irenum.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB3E13FDF5DCB365512C96C83DB29C19611A5803F MD5 Digest: 0xC93C9FF7B04D772627A3646D89F7BF89 CRC32 Digest: 0x0FE5E18A Rootkit Property: Normal File Size: 11264 bytes
File: c:\windows\system32\drivers\isamfilter.sys Product: IBM Standard Asset Manager Product Version: 7.32 Company: IBM Corp. Description: IBM Standard Asset Manager Filter
Original FileName: isamfilter.sys File Version Label: 7.32 built by: WinDDK File Version Number: 7.32.0.1 SHA-1 Digest: 0x58E83680111B50F0A8C82EC8810CDE53ABD6892B MD5 Digest: 0xA5425E15045272E22CE5F61C99FA15A8 CRC32 Digest: 0x2498DD3D Rootkit Property: Normal File Size: 6400 bytes
File: c:\windows\system32\drivers\isapnp.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: PNP ISA Bus Driver Original FileName: isapnp.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xEF0E8DF348B9BE72F292BB7216EA381CBD0B0BAB MD5 Digest: 0x05A299EC56E52649B1CF2FC52D20F2D7 CRC32 Digest: 0x457CDA61 Rootkit Property: Normal File Size: 37248 bytes
File: c:\windows\system32\drivers\kbdclass.sys Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Keyboard Class Driver Original FileName: kbdclass.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD1531EAABD403C811DFBFB17985A97DBB0C3E534 MD5 Digest: 0x463C1EC80CD17420A542B7F36A36F128 CRC32 Digest: 0x2EA2933D Rootkit Property: Normal File Size: 24576 bytes
File: c:\windows\system32\drivers\klognt.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: KLOGNT DLL Original FileName: File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x0A4E8FE87CF95ED2E109B5DA3120303502A15590 MD5 Digest: 0x6BF4D4960B5A6B01EE75120B6BD994E7 CRC32 Digest: 0x668AA5EA Rootkit Property: Normal File Size: 24588 bytes
File: c:\windows\system32\drivers\kmixer.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Kernel Mode Audio Mixer Original FileName: kmixer.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x79A0399FFCA1E5616EBFCAD9F49D66B1102E4F23 MD5 Digest: 0x692BCF44383D056AED41B045A323D378 CRC32 Digest: 0x52C8998A Rootkit Property: Normal File Size: 172416 bytes
File: c:\windows\system32\drivers\ldlcserv.exe Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: LDLCSERV.EXE Original FileName: LDLCSERV.EXE File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x4DF56C8C1F3C2C8A1DAE29E67B9218900F657EB6 MD5 Digest: 0x6A1BC28F7463091433485BD36871D065
CRC32 Digest: 0xBD959CFE Rootkit Property: Normal File Size: 28672 bytes
File: c:\windows\system32\drivers\llc2.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: LLC2 library Original FileName: LLC2.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xE741E343E8DD0170EBD8975C992593AA6A7862CC MD5 Digest: 0x6EC170CA8E5DC1130505C0FF25147BE3 CRC32 Digest: 0x212FB614 Rootkit Property: Normal File Size: 101408 bytes
File: c:\windows\system32\drivers\mdmxsdk.sys Product: Diagnostic Interface Product Version: 1.0.2.010 Company: Conexant Description: Diagnostic Interface DRIVER Original FileName: MDMXSDK.SYS File Version Label: 1.0.2.010
File Version Number: 1.0.2.10 SHA-1 Digest: 0x40B3416E6F67A17D604270FF03A58B153BC835B5 MD5 Digest: 0xE246A32C445056996074A397DA56E815 CRC32 Digest: 0x0426BB6A Rootkit Property: Normal File Size: 12544 bytes
File: c:\windows\system32\drivers\mouclass.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Mouse Class Driver Original FileName: mouclass.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xE0718537A99CF900283414D1DB86083AEC23ED77 MD5 Digest: 0x35C9E97194C8CFB8430125F8DBC34D04 CRC32 Digest: 0x0770AE6E Rootkit Property: Normal File Size: 23040 bytes
File: c:\windows\system32\drivers\mouhid.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation
Description: HID Mouse Filter Driver Original FileName: mouhid.sys File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x4D5C2048C9830E945B8B3642BA1237E8B72A87AF MD5 Digest: 0xB1C303E17FB9D46E87A98E4BA6769685 CRC32 Digest: 0xB4128B51 Rootkit Property: Normal File Size: 12160 bytes
File: c:\windows\system32\drivers\mraid35x.sys Product: MegaRAID Miniport Driver for Windows Whistler 32 Product Version: 6.19 Company: American Megatrends Inc. Description: MegaRAID RAID Controller Driver for Windows Whistler 32 Original FileName: mraid35x.sys File Version Label: 6.19 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x9CFC3D8CDDDDB08C78BDE481E4BC92C409D2E29A MD5 Digest: 0x3F4BB95E5A44F3BE34824E8E7CAF0737 CRC32 Digest: 0x61BAAD38 Rootkit Property: Normal File Size: 17280 bytes
File: c:\windows\system32\drivers\mrxdav.sys
Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows NT WebDav Minirdr Original FileName: MRxDAV.Sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x68DC26E6576EF52BEDC7D97BA44679A0E1CC3D74 MD5 Digest: 0x11D42BB6206F33FBB3BA0288D3EF81BD CRC32 Digest: 0x72D89C77 Rootkit Property: Normal File Size: 180608 bytes
File: c:\windows\system32\drivers\mrxsmb.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5944 Company: Microsoft Corporation Description: Windows NT SMB Minirdr Original FileName: MRXSMB.Sys File Version Label: 5.1.2600.5944 (xpsp_sp3_gdr.100224-1415) File Version Number: 5.1.2600.5944 SHA-1 Digest: 0x52EFF61934A595EBD9FAA6E291E1F01E72D4B9FF MD5 Digest: 0xF3AEFB11ABC521122B67095044169E98 CRC32 Digest: 0xB6C80700 Rootkit Property: Normal
File Size: 455680 bytes
File: c:\windows\system32\drivers\msgpc.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: MS General Packet Classifier Original FileName: MSGPC.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xCB51536535DA476D37EA63D6BC62F797AB35E2B6 MD5 Digest: 0x0A02C63C8B144BD8C86B103DEE7C86A2 CRC32 Digest: 0xD143F959 Rootkit Property: Normal File Size: 35072 bytes
File: c:\windows\system32\drivers\mskssrv.sys Product: Microsoft(R) Windows(R) Operating System Product Version: 5.3.2600.5512 Company: Microsoft Corporation Description: MS KS Server Original FileName: mskssrv.sys File Version Label: 5.3.2600.5512 (xpsp.080413-2108) File Version Number: 5.3.2600.5512 SHA-1 Digest: 0x9B5514C00E297A0752E489931D46F74AE12CD9A7
MD5 Digest: 0xD1575E71568F4D9E14CA56B7B0453BF1 CRC32 Digest: 0xD1937CAB Rootkit Property: Normal File Size: 7552 bytes
File: c:\windows\system32\drivers\mspclock.sys Product: Microsoft(R) Windows(R) Operating System Product Version: 5.3.2600.5512 Company: Microsoft Corporation Description: MS Proxy Clock Original FileName: mspclock.sys File Version Label: 5.3.2600.5512 (xpsp.080413-2108) File Version Number: 5.3.2600.5512 SHA-1 Digest: 0x9EED6E8B8384D1BD0D7AAEC62026D5B102594275 MD5 Digest: 0x325BB26842FC7CCC1FCCE2C457317F3E CRC32 Digest: 0xE4D8749E Rootkit Property: Normal File Size: 5376 bytes
File: c:\windows\system32\drivers\mspqm.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: MS Proxy Quality Manager Original FileName: mspqm.sys
File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xEFC0C76A25ECC8B1C5CB537F95CF20B0D96D747C MD5 Digest: 0xBAD59648BA099DA4A17680B39730CB3D CRC32 Digest: 0x077CFB92 Rootkit Property: Normal File Size: 4992 bytes
File: c:\windows\system32\drivers\mssmbios.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: System Management BIOS Driver Original FileName: smbios.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x22822AB6DD4DEFA28E54C814C1252E64C1305251 MD5 Digest: 0xAF5F4F3F14A8EA2C26DE30F7A1E17136 CRC32 Digest: 0x99E79913 Rootkit Property: Normal File Size: 15488 bytes
File: c:\windows\system32\drivers\ndistapi.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: NDIS 3.0 connection wrapper driver Original FileName: NDISTAPI.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x53A892C2CFE5B775349CEB42300EF8B3217DC585 MD5 Digest: 0x1AB3D00C991AB086E69DB84B6C0ED78F CRC32 Digest: 0x677B6C64 Rootkit Property: Normal File Size: 10112 bytes
File: c:\windows\system32\drivers\ndisuio.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: NDIS User mode I/O Driver Original FileName: NDISUIO.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xCEA30801140ADF385FD2E7326CC7CC47601D19AF MD5 Digest: 0xF927A4434C5028758A842943EF1A3849 CRC32 Digest: 0xD9F8161A Rootkit Property: Normal File Size: 14592 bytes
File: c:\windows\system32\drivers\ndiswan.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: MS PPP Framing Driver (Strong Encryption) Original FileName: NDISWAN.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x005371445088726EE73E8625A6C7FA0216F1DC06 MD5 Digest: 0xEDC1531A49C80614B2CFDA43CA8659AB CRC32 Digest: 0x5BF984E0 Rootkit Property: Normal File Size: 91520 bytes
File: c:\windows\system32\drivers\netbios.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: NetBIOS interface driver Original FileName: NETBIOS.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xC74F9616C2E8C5B5CB9D672B1D03567FCFACCA05 MD5 Digest: 0x5D81CF9A2F1A3A756B66CF684911CDF0 CRC32 Digest: 0x06492F9D
Rootkit Property: Normal File Size: 34688 bytes
File: c:\windows\system32\drivers\netbt.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: MBT Transport driver Original FileName: netbt.sys File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x9D2E1A5FBE165725C366FFADB0B64F400B8CBC1D MD5 Digest: 0x74B2B2F5BEA5E9A3DC021D685551BD3D CRC32 Digest: 0x6649407E Rootkit Property: Normal File Size: 162816 bytes
File: c:\windows\system32\drivers\netw5x32.sys Product: Intel Wireless WiFi Link Adapter Product Version: Company: Intel Corporation Description: Intel Wireless WiFi Link Driver Original FileName: NETw5x32.SYS File Version Label: 13.0.0.107 File Version Number: 13.0.0.107
SHA-1 Digest: 0x0D1EBF55CE6A319079DAE26E709236F6A85F0ADD MD5 Digest: 0x580207A7C9BDE8BA65401F51F9BA9741 CRC32 Digest: 0x0A3B412C Rootkit Property: Normal File Size: 5977216 bytes
File: c:\windows\system32\drivers\npf.sys Product: WinPcap Product Version: 4.1.0.2001 Company: CACE Technologies, Inc. Description: npf.sys (NT5/6 x86) Kernel Driver Original FileName: npf.sys File Version Label: 4.1.0.2001 File Version Number: 4.1.0.2001 SHA-1 Digest: 0x34FB3BB374D7B99F936C1968E135F9EF86B425E2 MD5 Digest: 0xB48DC6ABCD3AEFF8618350CCBDC6B09A CRC32 Digest: 0x9F14B68E Rootkit Property: Normal File Size: 35088 bytes
File: c:\windows\system32\drivers\nscirda.sys Product: NSC Fast Infrared Driver. Product Version: 1,0,0,0 Company: National Semiconductor Corporation Description: NSC Fast Infrared Driver.
Original FileName: nscirda.sys File Version Label: 5,02,00,011 (xpsp.080413-0852) File Version Number: 5.2.0.11 SHA-1 Digest: 0xFDB38B5B4B2A7DF41F15B1572E68E40662C852F2 MD5 Digest: 0x2ADC0CA9945C65284B3D19BC18765974 CRC32 Digest: 0xE4471432 Rootkit Property: Normal File Size: 28672 bytes
File: c:\windows\system32\drivers\nstrcnt.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: NSTRCNT.SYS Original FileName: NSTRCNT.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x35099691BB2763AE9EDCA8118CB91ED1FC8D8BFB MD5 Digest: 0xBDE3A4F2AB6F0CCBA5F5520FF0DB1240 CRC32 Digest: 0x15AB7418 Rootkit Property: Normal File Size: 12028 bytes
File: c:\windows\system32\drivers\nwlnkflt.sys Product: Microsoft Windows Operating System
Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: NWLINK2 Traffic Filter Driver Original FileName: nwlnkflt.sys File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x99C71139009069EB04E65CAB57BD71F3403B101D MD5 Digest: 0xB305F3FAD35083837EF46A0BBCE2FC57 CRC32 Digest: 0xD954F090 Rootkit Property: Normal File Size: 12416 bytes
File: c:\windows\system32\drivers\nwlnkfwd.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: NWLINK2 Forwarder Driver Original FileName: nwlnkfwd.sys File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x4A55D8E1EF7F7A9ADB8DD2F21DB0F92FC21F7249 MD5 Digest: 0xC99B3415198D1AAB7227F2C88FD664B9 CRC32 Digest: 0xEC20DF69 Rootkit Property: Normal File Size: 32512 bytes
File: c:\windows\system32\drivers\parport.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Parallel Port Driver Original FileName: parport.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA75D3CF7ACF657076C762D03BA379F945EC27368 MD5 Digest: 0x5575FAF8F97CE5E713D108C2A58D7C7C CRC32 Digest: 0xB6923EE2 Rootkit Property: Normal File Size: 80128 bytes
File: c:\windows\system32\drivers\pccsmcfd.sys Product: Product Version: Company: Nokia Description: PCCS Mode Change Filter Driver Original FileName: pccsmcfd.sys File Version Label: 7.0.0.0 File Version Number: 7.0.0.0 SHA-1 Digest: 0x52C4558656EE4DA7C58A1344F42356B2C828C9AF MD5 Digest: 0xFD2041E9BA03DB7764B2248F02475079
CRC32 Digest: 0xFDDC04E8 Rootkit Property: Normal File Size: 18816 bytes
File: c:\windows\system32\drivers\pci.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: NT Plug and Play PCI Enumerator Original FileName: pci.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA6FE7CA93616532F0B6305FC6878939830E45FE8 MD5 Digest: 0xA219903CCF74233761D92BEF471A07B1 CRC32 Digest: 0x56762C21 Rootkit Property: Normal File Size: 68224 bytes
File: c:\windows\system32\drivers\pciide.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Generic PCI IDE Bus Driver Original FileName: pciide.sys File Version Label: 5.1.2600.0 (XPClient.010817-1148)
File Version Number: 5.1.2600.0 SHA-1 Digest: 0xDD1A94969B0B66FF72E39107E297BFFE23781CBD MD5 Digest: 0xCCF5F451BB1A5A2A522A76E670000FF0 CRC32 Digest: 0xEE7549F9 Rootkit Property: Normal File Size: 3328 bytes
File: c:\windows\system32\drivers\pcmcia.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: PCMCIA Bus Driver Original FileName: pcmcia.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB021DEA299A2684D6698CFF9E39C9030396608B1 MD5 Digest: 0x9E89EF60E9EE05E3F2EEF2DA7397F1C1 CRC32 Digest: 0xFDF68AE1 Rootkit Property: Normal File Size: 120192 bytes
File: c:\windows\system32\drivers\pdlnacom.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation
Description: PDLNACOM.SYS Original FileName: PDLNACOM.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xBD6B15F9C6D8EE52F579B1ED52F3B86A3081BF38 MD5 Digest: 0x11F1CE5DCDA14CA488FA462326A55DBA CRC32 Digest: 0x5A4D069C Rootkit Property: Normal File Size: 75200 bytes
File: c:\windows\system32\drivers\pdlnafac.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNAFAC.SYS Original FileName: PDLNAFAC.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x26E4DD96F8FDEB9746B3F34896EA95C2C9E63A26 MD5 Digest: 0xC19580F33330F6A9322BEEC663F75B74 CRC32 Digest: 0xE0356CED Rootkit Property: Normal File Size: 36048 bytes
File: c:\windows\system32\drivers\pdlnatcm.sys
Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNATCM.SYS Original FileName: PDLNATCM.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xDA474766E68BFE21DEC899DDED15677118302B93 MD5 Digest: 0x783D6DBDDF90E7BF4BEBD5541B8EA9EE CRC32 Digest: 0x6821992C Rootkit Property: Normal File Size: 20480 bytes
File: c:\windows\system32\drivers\pdlnatdl.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNATDL.SYS Original FileName: PDLNATDL.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x542D1B12A4EE9031564081647EDF06090940E20A MD5 Digest: 0x9DCE400FDBC757F7957927C0051F3D3D CRC32 Digest: 0xB5868BAD Rootkit Property: Normal
File Size: 18432 bytes
File: c:\windows\system32\drivers\pdlncbas.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNCBAS.SYS Original FileName: PDLNCBAS.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x99C422B424805FE6863764BF860646A5F1400B9B MD5 Digest: 0xF647014133068A3425D5104A6E2B88A5 CRC32 Digest: 0x04C3F668 Rootkit Property: Normal File Size: 6784 bytes
File: c:\windows\system32\drivers\pdlncfwk.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNCFWK.SYS Original FileName: PDLNCFWK.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xBE731CD3E28AF8550209C9CA8DBFFFE549549B81
MD5 Digest: 0xC7D1CE981C8547EAA80C484EE610A51F CRC32 Digest: 0x89DD8CE1 Rootkit Property: Normal File Size: 160288 bytes
File: c:\windows\system32\drivers\pdlnctdl.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNCTDL.SYS Original FileName: PDLNCTDL.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x967507AB95FFA1412EFB77EE9048859B30C051E7 MD5 Digest: 0x8F0F5E60B5BF5FAE56BDA4513E1BCF93 CRC32 Digest: 0x5A706AAB Rootkit Property: Normal File Size: 12288 bytes
File: c:\windows\system32\drivers\pdlndint.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNDINT.SYS Original FileName: PDLNDINT.SYS
File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x965563723ACB21A645A760E75B2F373FF8CA53F6 MD5 Digest: 0x6C75699E517F63A482804CFC80546A4A CRC32 Digest: 0x97C26B79 Rootkit Property: Normal File Size: 12800 bytes
File: c:\windows\system32\drivers\pdlndldl.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNDLDL.SYS Original FileName: PDLNDLDL.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x29A70D341C0F3EB58065D04CFA9133B23174AC39 MD5 Digest: 0xBBF28B64A0337A9B4F1D5CFA8AFDDEAC CRC32 Digest: 0xCE4E77EF Rootkit Property: Normal File Size: 59392 bytes
File: c:\windows\system32\drivers\pdlndlpb.sys Product: Personal Communications Product Version: 5.7.1
Company: IBM Corporation Description: PDLNDLPB.SYS Original FileName: PDLNDLPB.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xA2D1AA10431E41B919B44ACD69F0A9353CE75B37 MD5 Digest: 0x99D9E584980E453BB3BD5E7DDBE7580E CRC32 Digest: 0x5F1C7BD0 Rootkit Property: Normal File Size: 70144 bytes
File: c:\windows\system32\drivers\pdlndoem.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNDOEM.SYS Original FileName: PDLNDOEM.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xB3665911832CC57F5417AAE491BD3844B3C11B36 MD5 Digest: 0x54472ABEF7845C8412E4A39DCDDE19ED CRC32 Digest: 0x739AF553 Rootkit Property: Normal File Size: 18944 bytes
File: c:\windows\system32\drivers\pdlndqll.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNDQLL.SYS Original FileName: PDLNDQLL.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x0C873AA85D9D72ADD9B2043C4690FCD0CB830DB8 MD5 Digest: 0x1DC235E946D38694FCA8B99D8550E3EA CRC32 Digest: 0x4E558195 Rootkit Property: Normal File Size: 53248 bytes
File: c:\windows\system32\drivers\pdlndsdl.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNDSDL.SYS Original FileName: PDLNDSDL.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x6EC45E75EE67EF222ED0184A8E8FEEFE1527FA4B MD5 Digest: 0x463AECDF65EE52FAB907E038F1DC6B9F CRC32 Digest: 0xDDF1C468
Rootkit Property: Normal File Size: 67072 bytes
File: c:\windows\system32\drivers\pdlndtdl.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNDTDL.SYS Original FileName: PDLNDTDL.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x495D40C483ECD9DB517991714929956F24C80F1B MD5 Digest: 0xAEBD20E1CAC597B82C4EABFBCAA9D9F9 CRC32 Digest: 0x385B9CF9 Rootkit Property: Normal File Size: 51712 bytes
File: c:\windows\system32\drivers\pdlnebas.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNEBAS.SYS Original FileName: PDLNEBAS.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773
SHA-1 Digest: 0xEF929013D3E176B1E06D3697877AF5544947E73C MD5 Digest: 0xC1A32CFC72AD02E026353873CEF80C80 CRC32 Digest: 0x04656EF4 Rootkit Property: Normal File Size: 8608 bytes
File: c:\windows\system32\drivers\pdlnecfg.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNECFG.SYS Original FileName: PDLNECFG.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x589142A541AC2CA1BAE3E1C6C9E152C05D250731 MD5 Digest: 0x09FC3B8CF15319515906A187CE6841B5 CRC32 Digest: 0x0228548D Rootkit Property: Normal File Size: 50336 bytes
File: c:\windows\system32\drivers\pdlnemap.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNEMAP.SYS
Original FileName: PDLNEMAP.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xE9381A422DC61F7FF1D8F2B3A0758F4C12835F7D MD5 Digest: 0x956B93B4CCE0763B57D13DC5BB190526 CRC32 Digest: 0x08BFCF33 Rootkit Property: Normal File Size: 67184 bytes
File: c:\windows\system32\drivers\pdlnemsg.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNEMSG.SYS Original FileName: PDLNEMSG.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x1A62E4111E39827D2D332CAE781B0A9B2A3062AC MD5 Digest: 0x268C838DB60BA87C018149D2171D232C CRC32 Digest: 0xB67DF0B5 Rootkit Property: Normal File Size: 12768 bytes
File: c:\windows\system32\drivers\pdlnepkt.sys Product: Personal Communications
Product Version: 5.7.1 Company: IBM Corporation Description: PDLNEPKT.SYS Original FileName: PDLNEPKT.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x7981C5CCADE5F6BE5FA08011D3D5C61C917197EC MD5 Digest: 0x9D1AE0BC98B2CC47DECFCF1BC6CA531C CRC32 Digest: 0x17058CC1 Rootkit Property: Normal File Size: 19984 bytes
File: c:\windows\system32\drivers\pdlnshay.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNSHAY.SYS Original FileName: PDLNSHAY.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x5CEB7B869CED7AA8F98614A1786E0BA541C6AD3E MD5 Digest: 0xFC0A7F996DDA6CA020217CB479D08F36 CRC32 Digest: 0x6B8A7E79 Rootkit Property: Normal File Size: 59504 bytes
File: c:\windows\system32\drivers\pdlnslea.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNSLEA.SYS Original FileName: PDLNSLEA.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xCBE0745DC3836D506E81F8763A41B611A193AF46 MD5 Digest: 0xAE9E37F7C759DE11E8754A8288EA6D23 CRC32 Digest: 0x78CDA2CF Rootkit Property: Normal File Size: 22384 bytes
File: c:\windows\system32\drivers\pdlnsv25.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNSV25.SYS Original FileName: PDLNSV25.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xB47EF056F71A83670872D929540152C64BAB928B MD5 Digest: 0x8698BA42F05BF901D3C8C6E61B2FC38A
CRC32 Digest: 0x8A368C63 Rootkit Property: Normal File Size: 54416 bytes
File: c:\windows\system32\drivers\pdlnsx25.sys Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: PDLNSX25.SYS Original FileName: PDLNSX25.SYS File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0x6D7D559751C9A098E697B7CF80EF7355E43148A1 MD5 Digest: 0x28CCA5CED734BCB8D80B821A5901CE05 CRC32 Digest: 0x3A15B118 Rootkit Property: Normal File Size: 58432 bytes
File: c:\windows\system32\drivers\perc2.sys Product: Microsoft Windows Operating System Product Version: 5.1.2467.0 Company: Microsoft Corporation Description: PERC 2 Miniport Driver Original FileName: perc2.sys File Version Label: 5.1.2467.0 (Lab01_N(johnstra).010423-0023)
File Version Number: 5.1.2467.0 SHA-1 Digest: 0x013292B4A5C1829AAF323CDEF54434FC71861EE5 MD5 Digest: 0x6C14B9C19BA84F73D3A86DBA11133101 CRC32 Digest: 0x2790D0A7 Rootkit Property: Normal File Size: 27296 bytes
File: c:\windows\system32\drivers\perc2hib.sys Product: Microsoft Windows Operating System Product Version: 5.1.2467.0 Company: Microsoft Corporation Description: PERC 2 Hibernate Driver Original FileName: perc2hib.sys File Version Label: 5.1.2467.0 (Lab01_N(johnstra).010423-0023) File Version Number: 5.1.2467.0 SHA-1 Digest: 0x72A3B2EBDF235FABDAE12BD8BA3DC4C8773CE066 MD5 Digest: 0xF50F7C27F131AFE7BEBA13E14A3B9416 CRC32 Digest: 0xCBF789A1 Rootkit Property: Normal File Size: 5504 bytes
File: c:\windows\system32\drivers\pmemnt.sys Product: Microsoft(R) Windows NT(TM) Operating System Product Version: 4.00 Company: Microsoft Corporation
Description: Physical Memory Driver Original FileName: PMEMNT.SYS File Version Label: 4.00 File Version Number: 4.0.1381.1 SHA-1 Digest: 0xF2527576354C72FA18D30FA52CE95F0152873AE1 MD5 Digest: 0xFA292805788528C083F416E151B60AB6 CRC32 Digest: 0x0D9C95FF Rootkit Property: Normal File Size: 7012 bytes
File: c:\windows\system32\drivers\ptilink.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Parallel Technologies, Inc. Description: Parallel Technologies DirectParallel IO Library Original FileName: ptilink.sys File Version Label: 1.10 (XPClient.010817-1148) File Version Number: 1.1.0.0 SHA-1 Digest: 0xE8C148E71E870965CA452142E55AC89486779D56 MD5 Digest: 0x80D317BD1C3DBC5D4FE7B1678C60CADD CRC32 Digest: 0xA5E3747E Rootkit Property: Normal File Size: 17792 bytes
File: c:\windows\system32\drivers\pxhelp20.sys
Product: PxHelp20 Product Version: Company: Sonic Solutions Description: Px Engine Device Driver for Windows 2000/XP Original FileName: PxHelp20.sys File Version Label: 3.00.33a File Version Number: 3.0.33.0 SHA-1 Digest: 0x722FF1200307C2008F6F972493FF374A9CBD3AEF MD5 Digest: 0x81088114178112618B1C414A65E50F7C CRC32 Digest: 0x497DA859 Rootkit Property: Normal File Size: 36528 bytes
File: c:\windows\system32\drivers\ql1080.sys Product: Miniport Driver for QLogic ISP PCI Adapters Product Version: Company: QLogic Corporation Description: Miniport Driver for QLogic ISP PCI Adapters Original FileName: ql1080.mpd File Version Label: 3.04 File Version Number: 3.4.0.0 SHA-1 Digest: 0x7391D80B6C4028404BCE9368962A93D3F9B1746E MD5 Digest: 0x0A63FB54039EB5662433CABA3B26DBA7 CRC32 Digest: 0xF184EEC8 Rootkit Property: Normal
File Size: 40320 bytes
File: c:\windows\system32\drivers\ql10wnt.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Miniport Driver for QLogic ISP PCI Adapters Original FileName: ql10wnt.sys File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x1E6ECEA2299B25787E1066BAFF861F40662C2085 MD5 Digest: 0x6503449E1D43A0FF0201AD5CB1B8C706 CRC32 Digest: 0x0D812D60 Rootkit Property: Normal File Size: 33152 bytes
File: c:\windows\system32\drivers\ql12160.sys Product: Miniport Driver for QLogic ISP PCI Adapters Product Version: Company: QLogic Corporation Description: Miniport Driver for QLogic ISP PCI Adapters Original FileName: ql12160.sys File Version Label: 7.13.02 (W64) File Version Number: 7.13.2.0 SHA-1 Digest: 0xEB7A27648B15BEE48E1A66B8B2D945B4DC3C3EFC
MD5 Digest: 0x156ED0EF20C15114CA097A34A30D8A01 CRC32 Digest: 0x3526E204 Rootkit Property: Normal File Size: 45312 bytes
File: c:\windows\system32\drivers\ql1240.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: QLogic ISP PCI Adapters Original FileName: ql1240.sys File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x345CE10ADAD4FCECED677BC64B810237945CDBAE MD5 Digest: 0x70F016BEBDE6D29E864C1230A07CC5E6 CRC32 Digest: 0x2EB396EC Rootkit Property: Normal File Size: 40448 bytes
File: c:\windows\system32\drivers\ql1280.sys Product: Miniport Driver for QLogic ISP PCI Adapters Product Version: Company: QLogic Corporation Description: Miniport Driver for QLogic ISP PCI Adapters Original FileName: ql1280.sys
File Version Label: 7.13.01 (W2K) File Version Number: 7.13.1.0 SHA-1 Digest: 0xAD07D35A767E634D8FB7C9189E295A70CC2BAFD4 MD5 Digest: 0x907F0AEEA6BC451011611E732BD31FCF CRC32 Digest: 0xCC20C290 Rootkit Property: Normal File Size: 49024 bytes
File: c:\windows\system32\drivers\rasacd.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: RAS Automatic Connection Driver Original FileName: rasacd.sys File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xAB474DB29198EA46F5E1C1D60B7AA215660CD563 MD5 Digest: 0xFE0D99D6F31E4FAD8159F690D68DED9C CRC32 Digest: 0x56F20605 Rootkit Property: Normal File Size: 8832 bytes
File: c:\windows\system32\drivers\rasirda.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0
Company: Microsoft Corporation Description: IrDA WAN Miniport Driver Original FileName: irwan.sys File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x3473B9581DBA8E07C1D5A854AB087CFDCF348999 MD5 Digest: 0x0207D26DDF796A193CCD9F83047BB5FC CRC32 Digest: 0x809FF581 Rootkit Property: Normal File Size: 19584 bytes
File: c:\windows\system32\drivers\rasl2tp.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: RAS L2TP mini-port/call-manager driver Original FileName: rasl2tp.sys File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB9FE509C7536D4DB8117D9F482720A9732A2984C MD5 Digest: 0x11B4A627BC9614B885C4969BFA5FF8A6 CRC32 Digest: 0xB395B71A Rootkit Property: Normal File Size: 51328 bytes
File: c:\windows\system32\drivers\raspppoe.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: RAS PPPoE mini-port/call-manager driver Original FileName: raspppoe.sys File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x696DFA5C8928839E20EB287B904E6FAC1D4DDB36 MD5 Digest: 0x5BC962F2654137C9909C3D4603587DEE CRC32 Digest: 0xFE86878C Rootkit Property: Normal File Size: 41472 bytes
File: c:\windows\system32\drivers\raspptp.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Peer-to-Peer Tunneling Protocol Original FileName: RASPPTP.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xDE55E72AA3708BA1AFD7C13FB7D60A5A65D53C08 MD5 Digest: 0xEFEEC01B1D3CF84F16DDD24D9D9D8F99 CRC32 Digest: 0x3C581D26
Rootkit Property: Normal File Size: 48384 bytes
File: c:\windows\system32\drivers\raspti.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: PTI DirectParallel(R) mini-port/call-manager driver Original FileName: raspti.sys File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x9F85B3C30FF634D23E711CC694750D5D8AD14419 MD5 Digest: 0xFDBB1D60066FCFBB7452FD8F9829B242 CRC32 Digest: 0x7BEE3044 Rootkit Property: Normal File Size: 16512 bytes
File: c:\windows\system32\drivers\rdbss.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Redirected Drive Buffering SubSystem Driver Original FileName: RDBSS.Sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0xDFC7963C8FC9C1B639600EDCF8F24479ACD8A88D MD5 Digest: 0x7AD224AD1A1437FE28D89CF22B17780A CRC32 Digest: 0xE482ACA8 Rootkit Property: Normal File Size: 175744 bytes
File: c:\windows\system32\drivers\rdpcdd.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: RDP Miniport Original FileName: RDPCDD.SYS File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xDBDA3AC341EDFF01B7C00357B3F0FEAFEEF15470 MD5 Digest: 0x4912D5B403614CE99C28420F75353332 CRC32 Digest: 0xB8C0D604 Rootkit Property: Normal File Size: 4224 bytes
File: c:\windows\system32\drivers\rdpdr.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft RDP Device redirector
Original FileName: RDPDR.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x58C87E8EEAAF6E9CBC754B62E570E415EC719C42 MD5 Digest: 0x15CABD0F7C00C47C70124907916AF3F1 CRC32 Digest: 0x68EEB56A Rootkit Property: Normal File Size: 196224 bytes
File: c:\windows\system32\drivers\redbook.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Redbook Audio Filter Driver Original FileName: redbook.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD17DC93354A34753BB062C5C7E0841E3F2BC74E8 MD5 Digest: 0xF828DD7E1419B6653894A8F97A0094C5 CRC32 Digest: 0x58D37148 Rootkit Property: Normal File Size: 57600 bytes
File: c:\windows\system32\drivers\rootmdm.sys Product: Microsoft Windows Operating System
Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Legacy Non-Pnp Modem Device Driver Original FileName: ROOTMDM.SYS File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xB4A02978D8BB4B064FA1067696A4838DAAF0B963 MD5 Digest: 0xD8B0B4ADE32574B2D9C5CC34DC0DBBE7 CRC32 Digest: 0xD52E147A Rootkit Property: Normal File Size: 5888 bytes
File: c:\windows\system32\drivers\s24trans.sys Product: Intel Wireless LAN Packet Driver Product Version: 13, 0, 0, 3 Company: Intel Corporation Description: Intel WLAN Packet Driver Original FileName: S24TRANS.SYS File Version Label: 13, 0, 0, 3 File Version Number: 13.0.0.3 SHA-1 Digest: 0xEAC780B6ADC21362DC180AB37D1030F0D2A599CD MD5 Digest: 0xE7958E8ACDA7CA20127EF5F2235F25CC CRC32 Digest: 0x31875064 Rootkit Property: Normal File Size: 13952 bytes
File: c:\windows\system32\drivers\scsiport.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: SCSI Port Driver Original FileName: scsiport.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFCC138A05370378FB7699C73518D01136099941C MD5 Digest: 0x76C465F570E90C28942D52CCB2580A10 CRC32 Digest: 0xCABF2AA2 Rootkit Property: Normal File Size: 96384 bytes
File: c:\windows\system32\drivers\secdrv.sys Product: Macrovision SECURITY Driver Product Version: SECURITY Driver 4.03.086 2006/09/13 Company: Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. Description: Macrovision SECURITY Driver Original FileName: SECDRV.SYS File Version Label: 4.03.086 File Version Number: 4.3.86.0 SHA-1 Digest: 0x51613026E706F9BDCBC0C94CF2014BC9FB58A3E8 MD5 Digest: 0x90A3935D05B494A5A39D37E71F09A677
CRC32 Digest: 0x3B5FE253 Rootkit Property: Normal File Size: 20480 bytes
File: c:\windows\system32\drivers\serenum.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Serial Port Enumerator Original FileName: serenum.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x9A4AC71BB4107B0C1E7F6948F288D8FC8030F177 MD5 Digest: 0x0F29512CCD6BEAD730039FB4BD2C85CE CRC32 Digest: 0x34CE180C Rootkit Property: Normal File Size: 15744 bytes
File: c:\windows\system32\drivers\serial.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Serial Device Driver Original FileName: serial.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x57F1FAE6A306BF14F6EF3E43C0C4252E9F21C0DC MD5 Digest: 0xCCA207A8896D4C6A0C9CE29A4AE411A7 CRC32 Digest: 0x41855B7C Rootkit Property: Normal File Size: 64512 bytes
File: c:\windows\system32\drivers\sftfsxp.sys Product: Microsoft Application Virtualization Product Version: 4.6.0.10191 Company: Microsoft Corporation Description: Microsoft Application Virtualization File System Original FileName: sftfs.sys File Version Label: 4.6.0.10191 File Version Number: 4.6.0.10191 SHA-1 Digest: 0x49180AE655A3406A8B7D050714E7F352983F89FA MD5 Digest: 0x14CB193ECD4E71A32446790F9ECF39DD CRC32 Digest: 0xDE5663A0 Rootkit Property: Normal File Size: 554344 bytes
File: c:\windows\system32\drivers\sftplayxp.sys Product: Microsoft Application Virtualization Product Version: 4.6.0.10191 Company: Microsoft Corporation
Description: Microsoft Application Virtualization SystemGuard Original FileName: sftplay.sys File Version Label: 4.6.0.10191 File Version Number: 4.6.0.10191 SHA-1 Digest: 0x1B4EB5FB4B7A02AAE17C78755DE1D4B53F38E71C MD5 Digest: 0x1F05637831CAF19B069AAF361D720BB9 CRC32 Digest: 0xDA63DED7 Rootkit Property: Normal File Size: 211432 bytes
File: c:\windows\system32\drivers\sftredirxp.sys Product: Microsoft Application Virtualization Product Version: 4.6.0.10191 Company: Microsoft Corporation Description: Microsoft Application Virtualization SystemGuard Original FileName: sftredir.sys File Version Label: 4.6.0.10191 File Version Number: 4.6.0.10191 SHA-1 Digest: 0x189A40210984FD2FFE833EFA9408A025F63F3574 MD5 Digest: 0x423628F17862593D7D43E02187F4C1B5 CRC32 Digest: 0xFB4850B1 Rootkit Property: Normal File Size: 20584 bytes
File: c:\windows\system32\drivers\sftvolxp.sys
Product: Microsoft Application Virtualization Product Version: 4.6.0.10191 Company: Microsoft Corporation Description: Microsoft Application Virtualization Volume Manager Original FileName: SoftVol.sys File Version Label: 4.6.0.10191 File Version Number: 4.6.0.10191 SHA-1 Digest: 0xC794782C2A0820B68A5125D9B38F9C371D88BC22 MD5 Digest: 0x258AB73A01FA1B8D1A2A053C6BBA5544 CRC32 Digest: 0xB8B665FB Rootkit Property: Normal File Size: 18280 bytes
File: c:\windows\system32\drivers\sisagp.sys Product: SiS (R) NT AGP Filter Product Version: 5.12.01.2010 Company: Silicon Integrated Systems Corporation Description: SiS NT AGP Filter Original FileName: SISAGP.SYS File Version Label: 5.12.01.2010 (xpsp.080413-2111) File Version Number: 5.12.1.2010 SHA-1 Digest: 0x2D6113D14210476AEBCF055E81B9CC672A509D37 MD5 Digest: 0x6B33D0EBD30DB32E27D1D78FE946A754 CRC32 Digest: 0x5DFBD112 Rootkit Property: Normal
File Size: 40960 bytes
File: c:\windows\system32\drivers\smapint.sys Product: Microsoft(R) Windows NT(TM) Operating System Product Version: 4.00 Company: Microsoft Corporation Description: SMAPI I/O Original FileName: smapint.sys File Version Label: 4.00 File Version Number: 4.0.1381.1 SHA-1 Digest: 0x3F00278038ED76580618FA63686C5A207CA19577 MD5 Digest: 0x26341D0DD225D19FD50E0EE3C3C77502 CRC32 Digest: 0x15D5BEDD Rootkit Property: Normal File Size: 14848 bytes
File: c:\windows\system32\drivers\sparrow.sys Product: Microsoft(R) Windows (R) 2000 Operating System Product Version: 5.1.2409.1 Company: Adaptec, Inc. Description: Adaptec AIC-6x60 series SCSI miniport Original FileName: sparrow.sys File Version Label: v2.0a (ReleaseBinaries.001205-1804) File Version Number: 5.1.2409.1 SHA-1 Digest: 0x778141F9E86A699C15D999110BC6BC6C3153534D
MD5 Digest: 0x83C0F71F86D3BDAF915685F3D568B20E CRC32 Digest: 0x8CB45591 Rootkit Property: Normal File Size: 19072 bytes
File: c:\windows\system32\drivers\splitter.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Kernel Audio Splitter Original FileName: splitter.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2892EC95C3C8E4F5C767D709AC82FA2A6471C277 MD5 Digest: 0xAB8B92451ECB048A4D1DE7C3FFCB4A9F CRC32 Digest: 0xB27F2EF3 Rootkit Property: Normal File Size: 6272 bytes
File: c:\windows\system32\drivers\sr.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: System Restore Filesystem Filter Driver Original FileName: sr.sys
File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x97CC0454D9E1258D45D69C64F980BD04060142E6 MD5 Digest: 0x76BB022C2FB6902FD5BDD4F78FC13A5D CRC32 Digest: 0x87CDCCA3 Rootkit Property: Normal File Size: 73472 bytes
File: c:\windows\system32\drivers\srv.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.6031 Company: Microsoft Corporation Description: Server driver Original FileName: SRV.SYS File Version Label: 5.1.2600.6031 (xpsp_sp3_gdr.100826-1646) File Version Number: 5.1.2600.6031 SHA-1 Digest: 0x5B23A108AED3E2B6A22D20782B7BD251FE322C6A MD5 Digest: 0x0F6AEFAD3641A657E18081F52D0C15AF CRC32 Digest: 0xE2B07EB4 Rootkit Property: Normal File Size: 357248 bytes
File: c:\windows\system32\drivers\swenum.sys Product: Microsoft(R) Windows(R) Operating System Product Version: 5.3.2600.5512
Company: Microsoft Corporation Description: Plug and Play Software Device Enumerator Original FileName: swenum.sys File Version Label: 5.3.2600.5512 (xpsp.080413-2108) File Version Number: 5.3.2600.5512 SHA-1 Digest: 0x283D7B9E45F2D5E615166BE8AD232B7D74875D0A MD5 Digest: 0x3941D127AEF12E93ADDF6FE6EE027E0F CRC32 Digest: 0xF48E0A06 Rootkit Property: Normal File Size: 4352 bytes
File: c:\windows\system32\drivers\swmidi.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft GS Wavetable Synthesizer Original FileName: swmidi.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x492E94F981EDA355E3F1854CFBB673986C428BC7 MD5 Digest: 0x8CE882BCC6CF8A62F2B2323D95CB3D01 CRC32 Digest: 0x2093E35B Rootkit Property: Normal File Size: 56576 bytes
File: c:\windows\system32\drivers\sym_hi.sys Product: Microsoft Windows Operating System Product Version: 5.1.2462.0 Company: LSI Logic Description: Symbios Hi-Perf SCSI Miniport Driver Original FileName: SYM_HI.SYS File Version Label: 5.1.2462.0 (Lab01_N.010309-0027) File Version Number: 5.1.2462.0 SHA-1 Digest: 0x5D9308D2738C48479943A508C04B19A5AE739E6C MD5 Digest: 0x80AC1C4ABBE2DF3B738BF15517A51F2C CRC32 Digest: 0xCDA26020 Rootkit Property: Normal File Size: 28384 bytes
File: c:\windows\system32\drivers\sym_u3.sys Product: Microsoft Windows Operating System Product Version: 5.1.2462.0 Company: LSI Logic Description: Symbios Ultra3 SCSI Miniport Driver Original FileName: SYM_U3.SYS File Version Label: 5.1.2462.0 (Lab01_N.010309-0027) File Version Number: 5.1.2462.0 SHA-1 Digest: 0x5552CA82224B296495A10641F32DECCCF9167FDF MD5 Digest: 0xBF4FAB949A382A8E105F46EBB4937058 CRC32 Digest: 0xF11B2687
Rootkit Property: Normal File Size: 30688 bytes
File: c:\windows\system32\drivers\symc810.sys Product: Microsoft(R) Windows (R) 2000 Operating System Product Version: 5.1.2409.1 Company: Symbios Logic Inc. Description: Symbios Logic Inc. SCSI Miniport Driver Original FileName: SYMC810.SYS File Version Label: 5.1.2409.1 (ReleaseBinaries.001205-1804) File Version Number: 5.1.2409.1 SHA-1 Digest: 0x09F6023B965069572C2D8F40DF323CCA2EFB9143 MD5 Digest: 0x1FF3217614018630D0A6758630FC698C CRC32 Digest: 0x4FE9C1F8 Rootkit Property: Normal File Size: 16256 bytes
File: c:\windows\system32\drivers\symc8xx.sys Product: Microsoft(R) Windows (R) 2000 Operating System Product Version: 5.1.2409.1 Company: LSI Logic Description: Symbios 8XX SCSI Miniport Driver Original FileName: SYMC8XX.SYS File Version Label: 5.1.2409.1 (ReleaseBinaries.001205-1804) File Version Number: 5.1.2409.1
SHA-1 Digest: 0xF5AFEF7C1C705621E8C3CC03755F979C76FCC55A MD5 Digest: 0x070E001D95CF725186EF8B20335F933C CRC32 Digest: 0xC2EED0C8 Rootkit Property: Normal File Size: 32640 bytes
File: c:\windows\system32\drivers\symdns.sys Product: Symantec Security Drivers Product Version: 6.0 Company: Symantec Corporation Description: DNS Filter Driver Original FileName: SYMDNS File Version Label: 6.0.4.402 File Version Number: 6.0.4.402 SHA-1 Digest: 0x229ED46A13C20D8AEB459CC932B8BDE85203A6AF MD5 Digest: 0x99F158D37B42FCA00B3F5AB5B3EFEBB7 CRC32 Digest: 0xFADA9DDE Rootkit Property: Normal File Size: 12992 bytes
File: c:\windows\system32\drivers\symfw.sys Product: Symantec Security Drivers Product Version: 6.0 Company: Symantec Corporation Description: Firewall Filter Driver
Original FileName: File Version Label: 6.0.4.402 File Version Number: 6.0.4.402 SHA-1 Digest: 0x1BEA14A980DABB0A52EF6B924547E284A911A86A MD5 Digest: 0x29AE12DB354A89382A43A8FCB6AB0AB5 CRC32 Digest: 0x786FF3E3 Rootkit Property: Normal File Size: 110784 bytes
File: c:\windows\system32\drivers\symids.sys Product: Symantec Security Drivers Product Version: 6.0 Company: Symantec Corporation Description: IDS Filter Driver Original FileName: File Version Label: 6.0.4.402 File Version Number: 6.0.4.402 SHA-1 Digest: 0x6C41926EAE3724136A6F3F4B555C3CBC4EE39057 MD5 Digest: 0x728D1DFF8573B5DD18DA536FA733EB11 CRC32 Digest: 0x4A0EB6FC Rootkit Property: Normal File Size: 31936 bytes
File: c:\windows\system32\drivers\symndis.sys Product: Symantec Security Drivers
Product Version: 6.0 Company: Symantec Corporation Description: NDIS Filter Driver Original FileName: SYMNDIS File Version Label: 6.0.4.402 File Version Number: 6.0.4.402 SHA-1 Digest: 0x04493FF9C2DF458F904CCC5E452667A86763E17B MD5 Digest: 0xB1F616C31575DA1535C2A7823C112182 CRC32 Digest: 0x92DF5937 Rootkit Property: Normal File Size: 28352 bytes
File: c:\windows\system32\drivers\symredrv.sys Product: Symantec Security Drivers Product Version: 6.0 Company: Symantec Corporation Description: Redirector Filter Driver Original FileName: SYMREDRV File Version Label: 6.0.4.402 File Version Number: 6.0.4.402 SHA-1 Digest: 0x3391925CD39AC9B0656903C49F994A26FF623CF1 MD5 Digest: 0x6C0A85982F4E0D672B85A2BFB50A24B5 CRC32 Digest: 0x12F45570 Rootkit Property: Normal File Size: 24768 bytes
File: c:\windows\system32\drivers\symtdi.sys Product: Symantec Security Drivers Product Version: 6.0 Company: Symantec Corporation Description: Network Dispatch Driver Original FileName: File Version Label: 6.0.4.402 File Version Number: 6.0.4.402 SHA-1 Digest: 0x4B1673617D80CD9FFBAACB25CA5C75B3E71ACAB9 MD5 Digest: 0xCDDA3BA3F7D5B63FF9F85CB478C11473 CRC32 Digest: 0xCF12E1E8 Rootkit Property: Normal File Size: 195776 bytes
File: c:\windows\system32\drivers\syntp.sys Product: Synaptics Device Driver Product Version: 7.5.17.25 10Aug07 Company: Synaptics, Inc. Description: Synaptics Touchpad Driver Original FileName: SynTP.sys File Version Label: 7.5.17.25 10Aug07 File Version Number: 7.5.17.25 SHA-1 Digest: 0x2F577A87B28C3E1DA6FD1C5C03759D53D25DDD6A MD5 Digest: 0x58F3288F83A3E8169EEB6A10787C7F2E
CRC32 Digest: 0x8BFA789D Rootkit Property: Normal File Size: 177664 bytes
File: c:\windows\system32\drivers\sysaudio.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: System Audio WDM Filter Original FileName: sysaudio.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x86F3E756DD2845391485B33C82831AFC240AEBD8 MD5 Digest: 0x8B83F3ED0F1688B4958F77CD6D2BF290 CRC32 Digest: 0x5A883441 Rootkit Property: Normal File Size: 60800 bytes
File: c:\windows\system32\drivers\tcpip.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5625 Company: Microsoft Corporation Description: TCP/IP Protocol Driver Original FileName: tcpip.sys File Version Label: 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
File Version Number: 5.1.2600.5625 SHA-1 Digest: 0x67E432A0C6A588E3B9AAD49424B457DB47A79B15 MD5 Digest: 0x9AEFA14BD6B182D61E3119FA5F436D3D CRC32 Digest: 0xC7935406 Rootkit Property: Normal File Size: 361600 bytes
File: c:\windows\system32\drivers\tdsmapi.sys Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x1CBDFECC391018AC8686342BA125785C4BDF8B14 MD5 Digest: 0x564B337034271B7BDDCABFDDC91C6B7A CRC32 Digest: 0x5A0D57C6 Rootkit Property: Normal File Size: 9343 bytes
File: c:\windows\system32\drivers\termdd.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: Terminal Server Driver Original FileName: termdd.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xE1057801F2C9748345C08D2E343B78861941ABB5 MD5 Digest: 0x88155247177638048422893737429D9E CRC32 Digest: 0xEB452F4C Rootkit Property: Normal File Size: 40840 bytes
File: c:\windows\system32\drivers\tmcomm.sys Product: Trend Micro AEGIS Product Version: 2.80 Company: Trend Micro Inc. Description: TrendMicro Common Module Original FileName: TmComm.sys File Version Label: 2.80.0.1078 File Version Number: 2.80.0.1078 SHA-1 Digest: 0x44374CD30AFD51C8B86F533BACBFDABC31950F40 MD5 Digest: 0x91C8ED783527718B05E6D170E4A0D242 CRC32 Digest: 0x58C22AA9 Rootkit Property: Normal File Size: 161296 bytes
File: c:\windows\system32\drivers\toside.sys
Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Toshiba PCI IDE Controller Original FileName: toside.sys File Version Label: 5.1.2600.0 (XPClient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x26C83FA01090898102ED8751EDDCD11C59F2EB7A MD5 Digest: 0xF2790F6AF01321B172AA62F8E1E187D9 CRC32 Digest: 0x17B27F39 Rootkit Property: Normal File Size: 4992 bytes
File: c:\windows\system32\drivers\tphkdrv.sys Product: ThinkPad OnScreenDisplay Product Version: 3.01 Company: Lenovo Group Limited Description: ThinkPad Hotkey Driver Original FileName: tphkdrv.sys File Version Label: 3.01 File Version Number: 5.0.2195.1620 SHA-1 Digest: 0xF0F68ED1838BA67F2442AE6AA1DEEFD2B32C7C95 MD5 Digest: 0x8AEF2188630F5ECD79AD9ABBA630630B CRC32 Digest: 0x66210474 Rootkit Property: Normal
File Size: 17844 bytes
File: c:\windows\system32\drivers\tppwrif.sys Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x460E20031EB2127B7FDB52958FD951C7031FA53A MD5 Digest: 0x44672DE6CEA9569C21C4B7A8D2560750 CRC32 Digest: 0x7AA3AE7B Rootkit Property: Normal File Size: 4442 bytes
File: c:\windows\system32\drivers\trcboot.exe Product: Personal Communications Product Version: 5.7.1 Company: IBM Corporation Description: TRCBOOT.EXE Original FileName: TRCBOOT.EXE File Version Label: 5070.10.5249.773 File Version Number: 5070.10.5249.773 SHA-1 Digest: 0xA20C574D169A08708955DF880832796D6795829D
MD5 Digest: 0xF148F952FC89545137622EB73525EF8F CRC32 Digest: 0xE68F60D1 Rootkit Property: Normal File Size: 28672 bytes
File: c:\windows\system32\drivers\tsmapip.sys Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x249819CDAE09BD55C2B442234B7CB88B68824CE0 MD5 Digest: 0xF2ABA3066D7921D7FCDBD66DEA88BE11 CRC32 Digest: 0x91CB1385 Rootkit Property: Normal File Size: 7168 bytes
File: c:\windows\system32\drivers\ultra.sys Product: Promise ultra66 Miniport Driver for WindowsNT Product Version: 1.43 (Build 0603) Company: Promise Technology, Inc. Description: Promise Ultra66 Miniport Driver Original FileName: ultra66.sys
File Version Label: 1.43 (Build 0603) File Version Number: 1.0.507.1 SHA-1 Digest: 0x17E20C9332CF1B6DFDB2CC567566119D2084D9D4 MD5 Digest: 0x1B698A51CD528D8DA4FFAED66DFC51B9 CRC32 Digest: 0x35DCF875 Rootkit Property: Normal File Size: 36736 bytes
File: c:\windows\system32\drivers\update.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Update Driver Original FileName: update.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x3068CF03D3BFF84FB1144E4E03A1242F0261A374 MD5 Digest: 0x402DDC88356B1BAC0EE3DD1580C76A31 CRC32 Digest: 0x72FCC7B4 Rootkit Property: Normal File Size: 384768 bytes
File: c:\windows\system32\drivers\usbccgp.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: USB Common Class Generic Parent Driver Original FileName: USBCCGP.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xE4F6F560F8107DC4C61B106C1BCFB92237DF50ED MD5 Digest: 0x173F317CE0DB8E21322E71B7E60A27E8 CRC32 Digest: 0x4330E262 Rootkit Property: Normal File Size: 32128 bytes
File: c:\windows\system32\drivers\usbehci.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: EHCI eUSB Miniport Driver Original FileName: USBEHCI.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2D87DE64AABDC49EACC538D05B29C1CB481815E3 MD5 Digest: 0x65DCF09D0E37D4C6B11B5B0B76D470A7 CRC32 Digest: 0x6EB02505 Rootkit Property: Normal File Size: 30208 bytes
File: c:\windows\system32\drivers\usbhub.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Default Hub Driver for USB Original FileName: usbhub.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x0302DFD1FEE854066CC1975ECE9EFBB45399555D MD5 Digest: 0x1AB3CDDE553B6E064D2E754EFE20285C CRC32 Digest: 0xAC404D7B Rootkit Property: Normal File Size: 59520 bytes
File: c:\windows\system32\drivers\usbprint.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: USB Printer driver Original FileName: usbprint.sys File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x57CC8334546A0D030EB28E19F55BE0BD9B0F14F7 MD5 Digest: 0xA717C8721046828520C9EDF31288FC00 CRC32 Digest: 0xAD155946
Rootkit Property: Normal File Size: 25856 bytes
File: c:\windows\system32\drivers\usbser.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: USB Modem Driver Original FileName: usbser.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5ABCFCF50F8F39335E7AEAF106FA07BB80865FE2 MD5 Digest: 0x1C888B000C2F9492F4B15B5B6B84873E CRC32 Digest: 0xE6CA45F3 Rootkit Property: Normal File Size: 26112 bytes
File: c:\windows\system32\drivers\usbser_lowerflt.sys Product: Product Version: Company: Nokia Description: Filter Driver for Nokia USB Phone Bus Driver Original FileName: usbser_lowerflt.sys File Version Label: 7.1.18.34 File Version Number: 7.1.18.34
SHA-1 Digest: 0x9BE6E62E562F7AB36738CE30345EDBF86446C170 MD5 Digest: 0x587E643A4E2FFD9A00F114B057CEB773 CRC32 Digest: 0x488B7D8D Rootkit Property: Normal File Size: 7808 bytes
File: c:\windows\system32\drivers\usbser_lowerfltj.sys Product: Product Version: Company: Nokia Description: Filter Driver for Nokia USB Phone Bus Driver Original FileName: usbser_lowerflt.sys File Version Label: 7.1.18.34 File Version Number: 7.1.18.34 SHA-1 Digest: 0x0E2056B557D22021F12F23428001CBE950363CC1 MD5 Digest: 0xFCA6A196D47CB972A0E4ADC0DB9CD17C CRC32 Digest: 0x037C3BEC Rootkit Property: Normal File Size: 7808 bytes
File: c:\windows\system32\drivers\usbstor.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: USB Mass Storage Class Driver
Original FileName: usbstor.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x086DCDA17A57A4765A22608F96F8C955946F7DCC MD5 Digest: 0xA32426D9B14A089EAA1D922E0C5801A9 CRC32 Digest: 0xA891EF88 Rootkit Property: Normal File Size: 26368 bytes
File: c:\windows\system32\drivers\usbuhci.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: UHCI USB Miniport Driver Original FileName: USBUHCI.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x57D162F1678DCE537E9147F67932B9BE843B920B MD5 Digest: 0x26496F9DEE2D787FC3E61AD54821FFE6 CRC32 Digest: 0x7DD7FF10 Rootkit Property: Normal File Size: 20608 bytes
File: c:\windows\system32\drivers\vga.sys Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: VGA/Super VGA Video Driver Original FileName: vga.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xEF28535DC943A831C1A2289326D55B7ABB669B45 MD5 Digest: 0x0D3A8FAFCEACD8B7625CD549757A7DF1 CRC32 Digest: 0x18A98B95 Rootkit Property: Normal File Size: 20992 bytes
File: c:\windows\system32\drivers\viaagp.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: VIA NT AGP Filter Original FileName: viaagp.sys File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xE729AD9662899415194A57D72FB53A6038B34622 MD5 Digest: 0x754292CE5848B3738281B4F3607EAEF4 CRC32 Digest: 0xD5B39B1A Rootkit Property: Normal File Size: 42240 bytes
File: c:\windows\system32\drivers\viaide.sys Product: Microsoft(R) Windows NT(R) Operating System Product Version: 5.00.1636.1 Company: Microsoft Corporation Description: Generic PCI IDE Bus Driver Original FileName: pciide.sys File Version Label: 1.00.01.01 File Version Number: 1.0.1.1 SHA-1 Digest: 0xBEAB75667DA69C7E20C862325BE1C96F94FB3D2A MD5 Digest: 0x3B3EFCDA263B8AC14FDF9CBDD0791B2E CRC32 Digest: 0x72F3B3E5 Rootkit Property: Normal File Size: 5376 bytes
File: c:\windows\system32\drivers\wanarp.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: MS Remote Access and Routing ARP Driver Original FileName: WANARP.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFE32CA6BE9B526570ED6064B84D938FC10155CA4 MD5 Digest: 0xE20B95BAEDB550F32DD489265C1DA1F6
CRC32 Digest: 0x5391C642 Rootkit Property: Normal File Size: 34560 bytes
File: c:\windows\system32\drivers\wcndis.sys Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xC1FCFA75C8B21CC3E39F982B812DB18F3E61798D MD5 Digest: 0xC92784C52D1156A46557B3025AA458C5 CRC32 Digest: 0x3F3DA177 Rootkit Property: Normal File Size: 15720 bytes
File: c:\windows\system32\drivers\wdf01000.sys Product: Microsoft Windows Operating System Product Version: 1.7.6001.0 Company: Microsoft Corporation Description: WDF Dynamic Original FileName: wdf01000.sys File Version Label: 1.7.6001.0 (longhorn_rtm.080118-1840)
File Version Number: 1.7.6001.0 SHA-1 Digest: 0xBB9471B0476B8382039FA879E88B06608B653273 MD5 Digest: 0xBBCFEAB7E871CDDAC2D397EE7FA91FDC CRC32 Digest: 0x8381B9C3 Rootkit Property: Normal File Size: 503008 bytes
File: c:\windows\system32\drivers\wdmaud.sys Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: MMSYSTEM Wave/Midi API mapper Original FileName: WDMAUD.SYS File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x400EAA59B0C8015C37F1AF04A4D031DE75F63520 MD5 Digest: 0x6768ACF64B18196494413695F0C3A00F CRC32 Digest: 0xA918B9D4 Rootkit Property: Normal File Size: 83072 bytes
File: c:\windows\system32\drivers\wpdusb.sys Product: Microsoft Windows Operating System Product Version: 5.2.5721.5262 Company: Microsoft Corporation
Description: WPD USB Driver Original FileName: wpdusb.sys File Version Label: 5.2.5721.5262 (WMP_11.090130-1421) File Version Number: 5.2.5721.5262 SHA-1 Digest: 0xB8AE5D584C4E0534F05E30E6A5F4929BC1BC70EB MD5 Digest: 0xC60DC16D4E406810FAD54B98DC92D5EC CRC32 Digest: 0x33C41DAD Rootkit Property: Normal File Size: 38528 bytes
File: c:\windows\system32\drivers\wsimd.sys Product: Wireless Intermediate Miniport Driver Product Version: 1.0.0.47 Company: Atheros Communications, Inc. Description: Wireless Intermediate Miniport Driver Original FileName: WSIMD.SYS File Version Label: 1.0.0.47 File Version Number: 1.0.0.47 SHA-1 Digest: 0x9263564CDD5177EC32ACD44DB205FA466D0EB621 MD5 Digest: 0xEBEDF91C32FE60C724402E6F44CA3152 CRC32 Digest: 0x8D83C7F7 Rootkit Property: Normal File Size: 54432 bytes
File: c:\windows\system32\drivers\wudfpf.sys
Product: Microsoft Windows Operating System Product Version: 6.0.6001.18000 Company: Microsoft Corporation Description: Windows Driver Foundation - User-mode Driver Framework Platform Driver Original FileName: WUDFPf.sys File Version Label: 6.0.6001.18000 (longhorn_rtm.080118-1840) File Version Number: 6.0.6001.18000 SHA-1 Digest: 0x317E585FB94E723A395F29DF4174A4A3F1A92CC6 MD5 Digest: 0x6FF66513D372D479EF1810223C8D20CE CRC32 Digest: 0x03576EA5 Rootkit Property: Normal File Size: 77696 bytes
File: c:\windows\system32\drivers\wudfrd.sys Product: Microsoft Windows Operating System Product Version: 6.0.6001.18000 Company: Microsoft Corporation Description: Windows Driver Foundation - User-mode Driver Framework Reflector Original FileName: WUDFRd.sys File Version Label: 6.0.6001.18000 (longhorn_rtm.080118-1840) File Version Number: 6.0.6001.18000 SHA-1 Digest: 0x9D38015BB5375543AE220A3C3CF4C90009319CDA MD5 Digest: 0xAC13CB789D93412106B0FB6C7EB2BCB6 CRC32 Digest: 0xDC928FF1 Rootkit Property: Normal
File Size: 83328 bytes
File: c:\windows\system32\drmclien.dll Product: Microsoft DRM Product Version: 9.00.00.4503 Company: Microsoft Corporation Description: DRM Client DLL Original FileName: drmclien.dll File Version Label: 9.00.00.4503 File Version Number: 9.0.0.4503 SHA-1 Digest: 0x677A9972D4CFFA67E030C84E415D1E9FCD95FE2A MD5 Digest: 0x2E229C47678C8D275CCBA88704659DE6 CRC32 Digest: 0x5C0DA935 Rootkit Property: Normal File Size: 299520 bytes
File: c:\windows\system32\drprov.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Terminal Server Network Provider Original FileName: DRPROV.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xEB37B896875D963B0B8536D081AEEE5D6E759F8E
MD5 Digest: 0x2DE1190196EE9555DB548A57622022EB CRC32 Digest: 0x13C53C62 Rootkit Property: Normal File Size: 14336 bytes
File: c:\windows\system32\dsa.dll Product: Devicescape Windows WPA Supplicant (Core 0.4.3) Product Version: 1, 634, 9, 11 Company: Devicescape Description: Devicescape Windows Supplicant DLL Original FileName: dsa.dll File Version Label: 1, 634, 9, 11 File Version Number: 1.634.9.11 SHA-1 Digest: 0xFEE61DDB3F8E416E7D894A2DBBCD9805BA3406D7 MD5 Digest: 0xF6BF89BF86B4B27EA28AA0B5943F7F73 CRC32 Digest: 0xC354BBE7 Rootkit Property: Normal File Size: 1257566 bytes
File: c:\windows\system32\dsound.dll Product: Microsoft(R) Windows(R) Operating System Product Version: 5.3.2600.5512 Company: Microsoft Corporation Description: DirectSound Original FileName: dsound.dll
File Version Label: 5.3.2600.5512 (xpsp.080413-0845) File Version Number: 5.3.2600.5512 SHA-1 Digest: 0x360AC8659B7662CE958BB45639D6380FCCEA6FEF MD5 Digest: 0x4D83ED8BDDEC431FC8AD907B47CFB6E3 CRC32 Digest: 0x33C2A52C Rootkit Property: Normal File Size: 367616 bytes
File: c:\windows\system32\dssenh.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5507 Company: Microsoft Corporation Description: Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider Original FileName: dssenh.dll File Version Label: 5.1.2600.5507 (xpsp.080318-1711) File Version Number: 5.1.2600.5507 SHA-1 Digest: 0x1ECC8DB8C706D215A999A04B8C04DEB77F89010D MD5 Digest: 0xFEDE68BF80052BAD393AFD5C2E60DCB0 CRC32 Digest: 0x8CEF95D4 Rootkit Property: Normal File Size: 138752 bytes
File: c:\windows\system32\dwrcsh32.dll Product: DameWare Development DWRCSh32 Product Version: 6, 9, 0, 4
Company: DameWare Development LLC Description: Shell interface for DameWare Mini Remote Control Application Original FileName: DWRCSh32.dll File Version Label: 6, 9, 0, 4 File Version Number: 6.9.0.4 SHA-1 Digest: 0xDB7B987038D87A12852225869E11EC5FABD1630F MD5 Digest: 0xA211A22826D486A6B16C655934FC3D65 CRC32 Digest: 0x447357C5 Rootkit Property: Normal File Size: 68120 bytes
File: c:\windows\system32\dxmasf.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 6.4.9.1133 SHA-1 Digest: 0x38BCE223A02C1833F4F2C80425B798AFFDBD4930 MD5 Digest: 0x8B4C502DE1AAAF6AF41AE3C14E40BA0A CRC32 Digest: 0x6DEF62A6 Rootkit Property: Normal File Size: 498742 bytes
File: c:\windows\system32\eapolqec.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft EAPOL NAP Enforcement Client Original FileName: EapolQec.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x4D0641A39F6F9E8750E8C6A1E3C7363B1BEE7C48 MD5 Digest: 0xE6EF7BC927D9F8F9BA1584BFC39E0C6F CRC32 Digest: 0xADE51F41 Rootkit Property: Normal File Size: 30720 bytes
File: c:\windows\system32\eappcfg.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Eap Peer Config Original FileName: eappcfg.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x16C7EF237D2962D8D6B7E1599651E9DF487A0BD0 MD5 Digest: 0x5DB625E7D095604010CF84DE2D8ACFA6 CRC32 Digest: 0x9DAC861D
Rootkit Property: Normal File Size: 126976 bytes
File: c:\windows\system32\eappprxy.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft EAPHost Peer Client DLL Original FileName: eappprxy.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xDA67818DFC9999AC37D1D37AB76481ECD58F7C89 MD5 Digest: 0xABC4206543450C0666D152F4B65833B8 CRC32 Digest: 0x520B358C Rootkit Property: Normal File Size: 40960 bytes
File: c:\windows\system32\eapsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft EAPHost service Original FileName: eapsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x13761A05B23ED5BA3139C722768D8010E5DA71B9 MD5 Digest: 0x2187855A7703ADEF0CEF9EE4285182CC CRC32 Digest: 0xF4F823C1 Rootkit Property: Normal File Size: 33792 bytes
File: c:\windows\system32\egathdrv.sys Product: IBM eGatherer Product Version: Company: IBM Corporation Description: IBM eGatherer Kernel Module Original FileName: EGATHDRV.SYS File Version Label: 2.05 File Version Number: 2.0.0.5 SHA-1 Digest: 0x51C135AD2172948F9251C4C8128F89AC900D91E8 MD5 Digest: 0x2D0FC676D159525F6CD74C3302C7A61C CRC32 Digest: 0xAFBC8CC8 Rootkit Property: Normal File Size: 5427 bytes
File: c:\windows\system32\ersvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Error Reporting Service
Original FileName: ERSVC.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x990F99259722FE54DD2D5D4CD58FD1EA64F35F16 MD5 Digest: 0xBC93B4A066477954555966D77FEC9ECB CRC32 Digest: 0x3F0DE687 Rootkit Property: Normal File Size: 23040 bytes
File: c:\windows\system32\es.dll Product: COM Services Product Version: 03.00.00.4414 Company: Microsoft Corporation Description: Original FileName: File Version Label: 2001.12.4414.706 File Version Number: 2001.12.4414.706 SHA-1 Digest: 0x4E77D4CA22F372292AFB418764166AAE26110096 MD5 Digest: 0xD4991D98F2DB73C60D042F1AEF79EFAE CRC32 Digest: 0x73472672 Rootkit Property: Normal File Size: 253952 bytes
File: c:\windows\system32\esent.dll Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Server Database Storage Engine Original FileName: esent.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xAE8C6716967B384F4D74E42AB0A7C483C66A3217 MD5 Digest: 0xF5B754CDEA20BBB3A31E16A776EDE6D6 CRC32 Digest: 0x55E7302C Rootkit Property: Normal File Size: 1082368 bytes
File: c:\windows\system32\eventlog.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Event Logging Service Original FileName: Eventlog.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x20DF622631E9E0A3212AE79E6B2289316FD6C12E MD5 Digest: 0x6D4FEB43EE538FC5428CC7F0565AA656 CRC32 Digest: 0x584A961B Rootkit Property: Normal File Size: 56320 bytes
File: c:\windows\system32\fontsub.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5888 Company: Microsoft Corporation Description: Font Subsetting DLL Original FileName: fontsub File Version Label: 5.1.2600.5888 (xpsp_sp3_gdr.091015-1548) File Version Number: 5.1.2600.5888 SHA-1 Digest: 0x4779B62CFD6BDB986B3BBAF947CFF4BBC11F6AA9 MD5 Digest: 0x6B6FAA61E31C496CA6F7B1663B01F286 CRC32 Digest: 0x32F3565F Rootkit Property: Normal File Size: 81920 bytes
File: c:\windows\system32\gdi32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5698 Company: Microsoft Corporation Description: GDI Client DLL Original FileName: gdi32 File Version Label: 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932) File Version Number: 5.1.2600.5698 SHA-1 Digest: 0x0F37018F672C7635691F7317ADE3C5A63904EC96 MD5 Digest: 0x8B1F3320AEBB536E021A5014409862DE
CRC32 Digest: 0xB5F6B116 Rootkit Property: Normal File Size: 286720 bytes
File: c:\windows\system32\h323.tsp Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft H.323 Telephony Service Provider Original FileName: H323.TSP File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x363C1A006AD9CB6FB9889620E784DCFBA488AC3F MD5 Digest: 0x8BC2B02DC11C98D14CEE43B8E8393FF3 CRC32 Digest: 0xF8E7B681 Rootkit Property: Normal File Size: 265728 bytes
File: c:\windows\system32\hccutils.dll Product: Intel(R) Common User Interface Product Version: 6.14.10.4860 Company: Intel Corporation Description: hccutils Module Original FileName: HCCUTILS.DLL File Version Label: 6.14.10.4860
File Version Number: 6.14.10.4860 SHA-1 Digest: 0x0737405B8141D3296F2B7F84DD18A029912477B1 MD5 Digest: 0x91C7E815073324F36F768165E714E643 CRC32 Digest: 0x28C10A8E Rootkit Property: Normal File Size: 102400 bytes
File: c:\windows\system32\hid.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Hid User Library Original FileName: hid.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x8A2C21BE5502F065AE5F806E1534149BC1269962 MD5 Digest: 0x8973122796E3B5D6B5900FC186E55FEA CRC32 Digest: 0x8814D58C Rootkit Property: Normal File Size: 20992 bytes
File: c:\windows\system32\hidphone.tsp Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: Microsoft HID Phone TSP Original FileName: hidphone.tsp File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x8326D265A3B461C9F9A7D74D56ADD05A6FF3CEE0 MD5 Digest: 0x6B552ED3BEE5AA3C4560478FF779BA98 CRC32 Digest: 0xECC329BC Rootkit Property: Normal File Size: 29696 bytes
File: c:\windows\system32\hkcmd.exe Product: Intel(R) Common User Interface Product Version: 6.14.10.4860 Company: Intel Corporation Description: hkcmd Module Original FileName: HKCMD.EXE File Version Label: 6.14.10.4860 File Version Number: 6.14.10.4860 SHA-1 Digest: 0x600E9CCC2B62D83B903E2C0659EFA5B462105777 MD5 Digest: 0x9CFCDD671467E28273BDE9D5968D1234 CRC32 Digest: 0x6DE8A4B4 Rootkit Property: Normal File Size: 162328 bytes
File: c:\windows\system32\hlink.dll
Product: Microsoft Windows Operating System Product Version: 5.2.3790.2748 Company: Microsoft Corporation Description: Microsoft Office 2000 component Original FileName: hlink.dll File Version Label: 5.2.3790.2748 (srv03_sp1_qfe.060717-0810) File Version Number: 5.2.3790.2748 SHA-1 Digest: 0xEF7E8396B987ACA96C67D859CA4B92C862302D24 MD5 Digest: 0x4B3F282C998813C86A6CF89615960630 CRC32 Digest: 0xF3C7276C Rootkit Property: Normal File Size: 72704 bytes
File: c:\windows\system32\hnetcfg.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Home Networking Configuration Manager Original FileName: HNETCFG.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x93768C7019A79077B74D183B6C1D3B3A91C0C4B4 MD5 Digest: 0x3CB32D3B8CBE79899D63280BB7A83CD9 CRC32 Digest: 0x96358152 Rootkit Property: Normal
File Size: 344064 bytes
File: c:\windows\system32\iac25_32.ax Product: Indeo audio software Product Version: 2.05.53 Company: Intel Corporation Description: Indeo audio software Original FileName: iac25_32.ax File Version Label: 2.05.53 File Version Number: 2.0.5.53 SHA-1 Digest: 0x80072A2315BDABF34ED9CC4787AB98A0E37D937F MD5 Digest: 0x877C90686858D899B042BBA45E9B7F2C CRC32 Digest: 0xB4BC1D29 Rootkit Property: Normal File Size: 199680 bytes
File: c:\windows\system32\ibmpmsvc.exe Product: ThinkPad Power Management Service Product Version: 1.60 Company: Lenovo. Description: ThinkPad Power Management Service Original FileName: IBMPMSVC.EXE File Version Label: 1.60.0.4 File Version Number: 1.60.0.4 SHA-1 Digest: 0x8E46FFEEF600E04E0118F8D2731A1FE21CA23472
MD5 Digest: 0x06AF18300C5B511A3D85C3E0B7909C10 CRC32 Digest: 0x5386F342 Rootkit Property: Normal File Size: 38248 bytes
File: c:\windows\system32\icaapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: DLL Interface to TermDD Device Driver Original FileName: icaapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x166E7E5C0064C63FB4516303B879D1C83B69CF2A MD5 Digest: 0xDF6551E4C4C46655A0C76194F1FCEA5D CRC32 Digest: 0xBB86C1E5 Rootkit Property: Normal File Size: 11264 bytes
File: c:\windows\system32\iccvid.dll Product: Cinepak for Windows 32 Product Version: 1.10.0.0 Company: Radius Inc. Description: Cinepak Codec Original FileName: iccvid.drv
File Version Label: 1.10.0.11 File Version Number: 1.10.0.13 SHA-1 Digest: 0x4DFD86CFCA8CC2B349A6BBDA10380B4C4E38A0CF MD5 Digest: 0x938B596D4170E4F9870A902DF2DEEF48 CRC32 Digest: 0x15666C59 Rootkit Property: Normal File Size: 80384 bytes
File: c:\windows\system32\icm32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Color Management Module (CMM) Original FileName: ICM32.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x252748BDFDED7A366000D6E91FB13ED6638C73C0 MD5 Digest: 0x6D07DF8A3B4E89B5BAC943B64F0B70D0 CRC32 Digest: 0x6110F300 Rootkit Property: Normal File Size: 254976 bytes
File: c:\windows\system32\icmp.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: ICMP DLL Original FileName: icmp.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x03CA0C72B022FF5CAA3F62716946228960F2D8DA MD5 Digest: 0x4EA92135C436D18975C2EBEC242B71DA CRC32 Digest: 0x8B5BEF06 Rootkit Property: Normal File Size: 3584 bytes
File: c:\windows\system32\ie4uinit.exe Product: Windows Internet Explorer Product Version: 7.00.6000.17093 Company: Microsoft Corporation Description: IE Per-User Initialization Utility Original FileName: IE4UINIT.EXE File Version Label: 7.00.6000.17093 (vista_gdr.101017-1200) File Version Number: 7.0.6000.17093 SHA-1 Digest: 0x1116533B7FAA54EE945A92B18F0F60E83F0D67AA MD5 Digest: 0xBB1E44F08617D4575D3F31DCEFDB84E2 CRC32 Digest: 0x04AC3A94 Rootkit Property: Normal File Size: 70656 bytes
File: c:\windows\system32\ieframe.dll Product: Windows Internet Explorer Product Version: 7.00.6000.17093 Company: Microsoft Corporation Description: Internet Explorer Original FileName: IEFRAME.DLL File Version Label: 7.00.6000.17093 (vista_gdr.101017-1200) File Version Number: 7.0.6000.17093 SHA-1 Digest: 0x1B82C3DFF7659522066E0BC4C3779F1786F22B48 MD5 Digest: 0xFBD1701C30E58B590D7089484B9BC1FA CRC32 Digest: 0x37F17E33 Rootkit Property: Normal File Size: 6075904 bytes
File: c:\windows\system32\iertutil.dll Product: Windows Internet Explorer Product Version: 7.00.6000.17093 Company: Microsoft Corporation Description: Run time utility for Internet Explorer Original FileName: IeRtUtil.dll File Version Label: 7.00.6000.17093 (vista_gdr.101017-1200) File Version Number: 7.0.6000.17093 SHA-1 Digest: 0x2827C8A23B45F8495140A3C1ED5CF6439B7EAE42 MD5 Digest: 0xD336FA28CFE620182E2C46D15E29B4CC CRC32 Digest: 0x7B295FD3
Rootkit Property: Normal File Size: 268288 bytes
File: c:\windows\system32\ieudinit.exe Product: Windows Internet Explorer Product Version: 7.00.6000.17093 Company: Microsoft Corporation Description: IE Per User Active Setup Uninstall Utility Original FileName: IEUDINIT.EXE File Version Label: 7.00.6000.17093 (vista_gdr.101017-1200) File Version Number: 7.0.6000.17093 SHA-1 Digest: 0x46D9DF3D53F585F67EA18D4AEE39F529CE5F2B01 MD5 Digest: 0xF3B5A170B8E051DCC06CB79EA65636C5 CRC32 Digest: 0xB1A0428E Rootkit Property: Normal File Size: 13824 bytes
File: c:\windows\system32\igfxdev.dll Product: Intel(R) Common User Interface Product Version: 6.14.10.4860 Company: Intel Corporation Description: igfxdev Module Original FileName: IGFXDEV.DLL File Version Label: 6.14.10.4860 File Version Number: 6.14.10.4860
SHA-1 Digest: 0x1C7CBEB26615F7C84668FBC24A6CA6282756C9B0 MD5 Digest: 0xCFF29149F6B458219AADB81A77BC5FB0 CRC32 Digest: 0x864BA273 Rootkit Property: Normal File Size: 204800 bytes
File: c:\windows\system32\igfxpers.exe Product: Intel(R) Common User Interface Product Version: 6.14.10.4860 Company: Intel Corporation Description: persistence Module Original FileName: IGFXPERS.EXE File Version Label: 6.14.10.4860 File Version Number: 6.14.10.4860 SHA-1 Digest: 0x2005F6D7FD6FE74EAFA8096D12E7CDE55A446B19 MD5 Digest: 0x7ABF75BA95393A261271F5954678A613 CRC32 Digest: 0xABEFD3F3 Rootkit Property: Normal File Size: 137752 bytes
File: c:\windows\system32\igfxpph.dll Product: Intel(R) Common User Interface Product Version: 6.14.10.4860 Company: Intel Corporation Description: igfxpph Module
Original FileName: IGFXPPH.DLL File Version Label: 6.14.10.4860 File Version Number: 6.14.10.4860 SHA-1 Digest: 0x2112F8FE2BD36F63194A979C788CB4BAB69C5707 MD5 Digest: 0xE0F5306DAE23E8CAC415E56575A52C96 CRC32 Digest: 0x38CCED9A Rootkit Property: Normal File Size: 204800 bytes
File: c:\windows\system32\igfxres.dll Product: Intel(R) Common User Interface Product Version: 6.14.10.4860 Company: Intel Corporation Description: igfxres Module Original FileName: IGFXRES.DLL File Version Label: 6.14.10.4860 File Version Number: 6.14.10.4860 SHA-1 Digest: 0xBE839EB90D67258056F3D2CC53E5F86360BE3DC4 MD5 Digest: 0xF20A1BEAE6311DC8D5787DBD3B399B56 CRC32 Digest: 0x0F3EA378 Rootkit Property: Normal File Size: 172032 bytes
File: c:\windows\system32\igfxress.dll Product: Intel(R) Common User Interface
Product Version: 6.14.10.4860 Company: Intel Corporation Description: igfxress Module Original FileName: IGFXRESS.DLL File Version Label: 6.14.10.4860 File Version Number: 6.14.10.4860 SHA-1 Digest: 0x6A6FF427E552A40764AD7F744D4248B0C73FE3B1 MD5 Digest: 0x4C7EFA1AFCE2207CF520C24D178A1530 CRC32 Digest: 0xBAB4062C Rootkit Property: Normal File Size: 3293184 bytes
File: c:\windows\system32\igfxsrvc.dll Product: Intel(R) Common User Interface Product Version: 6.14.10.4860 Company: Intel Corporation Description: igfxsrvc Module Original FileName: IGFXSRVC.EXE File Version Label: 6.14.10.4860 File Version Number: 6.14.10.4860 SHA-1 Digest: 0x651F945041F1D07F8ED0005A53E1FE29E684E9C4 MD5 Digest: 0xA4A0E379961D53D797892F097FB6A9BA CRC32 Digest: 0x8F378AAC Rootkit Property: Normal File Size: 47616 bytes
File: c:\windows\system32\igfxsrvc.exe Product: Intel(R) Common User Interface Product Version: 6.14.10.4860 Company: Intel Corporation Description: igfxsrvc Module Original FileName: IGFXSRVC.EXE File Version Label: 6.14.10.4860 File Version Number: 6.14.10.4860 SHA-1 Digest: 0xA29A6084BFB68EEF9514A3636B7683DA4284AAE5 MD5 Digest: 0xA408F0306ABAF0EB4501AC3E22ACC7E0 CRC32 Digest: 0x463D576C Rootkit Property: Normal File Size: 252440 bytes
File: c:\windows\system32\igfxtray.exe Product: Intel(R) Common User Interface Product Version: 6.14.10.4860 Company: Intel Corporation Description: igfxTray Module Original FileName: IGFXTRAY.EXE File Version Label: 6.14.10.4860 File Version Number: 6.14.10.4860 SHA-1 Digest: 0xC59A18FE940A8F7AF0970BE106676BC25F3ECCBF MD5 Digest: 0x98D91A68DA26C02E786E554874A83D19
CRC32 Digest: 0x3C4569DE Rootkit Property: Normal File Size: 141848 bytes
File: c:\windows\system32\igxpun.exe Product: Intel(R) Graphics Media Accelerator Driver Product Version: 1, 0, 38, 0 Company: Intel(R) Corporation Description: Intel(R) Graphics Media Accelerator Driver installer Original FileName: Setup.exe File Version Label: 1, 0, 38, 0 File Version Number: 1.0.38.0 SHA-1 Digest: 0xD490E021913F11448C173BF065523588BD290412 MD5 Digest: 0xC8B53805DECF8A158A132F2DED69E8BC CRC32 Digest: 0x6ED61BC9 Rootkit Property: Normal File Size: 399896 bytes
File: c:\windows\system32\imaadp32.acm Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: IMA ADPCM CODEC for MSACM Original FileName: imaadp32.acm File Version Label: 5.1.2600.5512 (xpsp.080413-0845)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFE71CE5D64E4A2A91910C57535FFB1F80A392650 MD5 Digest: 0x577E496F0D41411BF149394D80959D53 CRC32 Digest: 0xF571E46F Rootkit Property: Normal File Size: 16384 bytes
File: c:\windows\system32\imagehlp.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows NT Image Helper Original FileName: IMAGEHLP.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2EAA144578F2BEB69DA027CA0E15445C98A95607 MD5 Digest: 0xCA648BD638245EB83F971FF71B031BEC CRC32 Digest: 0xF7A06429 Rootkit Property: Normal File Size: 144384 bytes
File: c:\windows\system32\imapi.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: Image Mastering API Original FileName: imapi.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x50F53A563C11D0F26D70DFD290589506B224FA4A MD5 Digest: 0x30DEAF54A9755BB8546168CFE8A6B5E1 CRC32 Digest: 0xFFFB411A Rootkit Property: Normal File Size: 150528 bytes
File: c:\windows\system32\imm32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows XP IMM32 API Client DLL Original FileName: imm32 File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xF9BE7678080084BC3CB48D0CB64BBA9BA98800F1 MD5 Digest: 0x0DA85218E92526972A821587E6A8BF8F CRC32 Digest: 0xC1486DA0 Rootkit Property: Normal File Size: 110080 bytes
File: c:\windows\system32\inetpp.dll
Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Internet Print Provider DLL Original FileName: inetpp.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xEAC23E24785642668B666A738F8336AC19E24BFE MD5 Digest: 0xEE4C651A217B01D636B5364AC77DA892 CRC32 Digest: 0x687EA163 Rootkit Property: Normal File Size: 75264 bytes
File: c:\windows\system32\ipconf.tsp Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Multicast Conference TAPI Service Provider Original FileName: ipconf.tsp File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xCB99FE2487B82E88B5FD4DA50AA11BF3D85FAA5B MD5 Digest: 0x8B8A45DF7CEF36D93C7BD3E4C84003B8 CRC32 Digest: 0xF45E399D Rootkit Property: Normal
File Size: 17408 bytes
File: c:\windows\system32\iphlpapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: IP Helper API Original FileName: iphlpapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD1B9EEDE5A4650DC577ABC73D81B948A45A36830 MD5 Digest: 0xAF07DC9B7CC455629E732340C7B15F3A CRC32 Digest: 0xE4D0E9E4 Rootkit Property: Normal File Size: 94720 bytes
File: c:\windows\system32\ipnathlp.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft NAT Helper Components Original FileName: IPNATHLP.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB6ED18DD0C81847C06D9A7AC5A4B52D29B489CFB
MD5 Digest: 0x83F41D0D89645D7235C051AB1D9523AC CRC32 Digest: 0xC4465897 Rootkit Property: Normal File Size: 331264 bytes
File: c:\windows\system32\ipsecsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows IPSec SPD Server DLL Original FileName: ipsecsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA66D4D640AE59E303A6F284FBD2E3B4BAE02C2DA MD5 Digest: 0x332760FBA1655FCFD35BD6F4FD871300 CRC32 Digest: 0x103E6145 Rootkit Property: Normal File Size: 183808 bytes
File: c:\windows\system32\ir32_32.dll Product: Product Version: Company: Description: Original FileName:
File Version Label: File Version Number: 3.24.15.3 SHA-1 Digest: 0xE50AA40AEAB7CE7E45A3C48BBCBF2780392EE37D MD5 Digest: 0x43ECA1576906BA76FB3E329A338A3CAE CRC32 Digest: 0xE5A04ACB Rootkit Property: Normal File Size: 199168 bytes
File: c:\windows\system32\ir50_32.dll Product: Intel Indeo video 5.10 Product Version: R.5.10.15.2.55 Company: Intel Corporation Description: Intel Indeo video 5.10 Original FileName: ir50_32.dll File Version Label: R.5.10.15.2.55 File Version Number: 5.2562.15.55 SHA-1 Digest: 0x9DFF59284FF6BAB9E26423349EB993F608AB3FF9 MD5 Digest: 0x5F10DC19D92CCF6B719B494572F4F74B CRC32 Digest: 0x48149A66 Rootkit Property: Normal File Size: 755200 bytes
File: c:\windows\system32\irmon.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: Infrared Monitor Original FileName: irmon.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x715DF0EB71A61BF7D6238EBD7BF1BB7A96C4EA04 MD5 Digest: 0x49CC4533CE897CB2E93C1E84A818FDE5 CRC32 Digest: 0xC579F449 Rootkit Property: Normal File Size: 28160 bytes
File: c:\windows\system32\iyuv_32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5908 Company: Microsoft Corporation Description: Intel Indeo(R) Video YUV Codec Original FileName: iyuv_32.dll File Version Label: 5.1.2600.5908 (xpsp_sp3_gdr.091127-0541) File Version Number: 5.1.2600.5908 SHA-1 Digest: 0xAE37B92A8ABD212D966FBA12C2E98A08187E0A54 MD5 Digest: 0xC07552F5734B37F947289B51BC932376 CRC32 Digest: 0x4F324839 Rootkit Property: Normal File Size: 48128 bytes
File: c:\windows\system32\jscript.dll Product: Microsoft (R) JScript Product Version: 5.7.6002.22145 Company: Microsoft Corporation Description: Microsoft (R) JScript Original FileName: jscript.dll File Version Label: 5.7.6002.22145 File Version Number: 5.7.6002.22145 SHA-1 Digest: 0x59C3EFB1FE545CE9026229F64A0312A40157AA9D MD5 Digest: 0xB39D9A185DCB17B679A9475ECFFB33B2 CRC32 Digest: 0xFFE0A64E Rootkit Property: Normal File Size: 512000 bytes
File: c:\windows\system32\kerberos.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5834 Company: Microsoft Corporation Description: Kerberos Security Package Original FileName: kerberos.dll File Version Label: 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305) File Version Number: 5.1.2600.5834 SHA-1 Digest: 0xC92BC7C31CFBCC5376EA655D4FAD5054E214535D MD5 Digest: 0x99EA6AC9B3FEE42E0438A3A24720EE3F CRC32 Digest: 0x9DE1CE9B
Rootkit Property: Normal File Size: 301568 bytes
File: c:\windows\system32\kernel32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5781 Company: Microsoft Corporation Description: Windows NT BASE API Client DLL Original FileName: kernel32 File Version Label: 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317) File Version Number: 5.1.2600.5781 SHA-1 Digest: 0xC88D57CC99F75CD928B47B6E444231F26670138F MD5 Digest: 0xB921FB870C9AC0D509B2CCABBBBE95F3 CRC32 Digest: 0x8A0508E5 Rootkit Property: Normal File Size: 989696 bytes
File: c:\windows\system32\kmddsp.tsp Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: TAPI Kernel-Mode Service Provider Original FileName: KMDDSP.TSP File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x7E93C1DE384FF60C613421BD573CFC645D960D99 MD5 Digest: 0x76EC97C5068D3D9FAA7774B0F659D31A CRC32 Digest: 0x1E77AE45 Rootkit Property: Normal File Size: 33280 bytes
File: c:\windows\system32\kmsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Key Management Service Original FileName: KmSvc.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xBED5C824EF40C80C2B70A49C0B568D2399DABCC5 MD5 Digest: 0x8878BD685E490239777BFE51320B88E9 CRC32 Digest: 0x0132DA14 Rootkit Property: Normal File Size: 61440 bytes
File: c:\windows\system32\ksuser.dll Product: Microsoft(R) Windows(R) Operating System Product Version: 5.3.2600.5512 Company: Microsoft Corporation Description: User CSA Library
Original FileName: ksuser.dll File Version Label: 5.3.2600.5512 (xpsp.080413-0845) File Version Number: 5.3.2600.5512 SHA-1 Digest: 0x7A3BF42E83441B6415B2A57D64A7392F52CB17FE MD5 Digest: 0x9B9F1C38D559047B8AC0DBA2D5FEBDE9 CRC32 Digest: 0xBD8E6BD9 Rootkit Property: Normal File Size: 4096 bytes
File: c:\windows\system32\l3codeca.acm Product: MPEG Layer-3 Audio Codec for MSACM Product Version: 1, 0, 0, 0 Company: Fraunhofer Institut Integrierte Schaltungen IIS Description: MPEG Layer-3 Audio Codec for MSACM Original FileName: l3codec.acm File Version Label: 1, 9, 0, 0306 File Version Number: 1.9.0.306 SHA-1 Digest: 0xECD01A411677EBA860D060676DD8876474378411 MD5 Digest: 0xF3946B534CC197CBFFD9A2ECFD1F556F CRC32 Digest: 0x3B8C55ED Rootkit Property: Normal File Size: 307260 bytes
File: c:\windows\system32\l3codecx.ax Product: MPEG Layer-3 Audio Codec for Microsoft DirectShow
Product Version: 1, 9, 0, 0311 Company: Fraunhofer Institut Integrierte Schaltungen IIS Description: MPEG Layer-3 Audio Decoder Original FileName: L3CODECX.AX File Version Label: 1, 9, 0, 0311 File Version Number: 1.9.0.311 SHA-1 Digest: 0x47B4EC1314CED1DBA55CE6DC9668D5B8106C29EA MD5 Digest: 0x69A0628BBE1A404B1BA0B6DCA7610A06 CRC32 Digest: 0x04530585 Rootkit Property: Normal File Size: 98304 bytes
File: c:\windows\system32\linkinfo.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Volume Tracking Original FileName: LINKINFO.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xABBC2B1DC026422D1AE58456A11075E4CF672338 MD5 Digest: 0x2DC5A8019E2387987905F77C664E4BE2 CRC32 Digest: 0xDB546D0B Rootkit Property: Normal File Size: 19968 bytes
File: c:\windows\system32\lmhsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: TCPIP NetBios Transport Services DLL Original FileName: lmhsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB11A261CEA8DDAD6B1D9816B724723A6126AFFA3 MD5 Digest: 0xA7DB739AE99A796D91580147E919CC59 CRC32 Digest: 0x9A04CEF1 Rootkit Property: Normal File Size: 13824 bytes
File: c:\windows\system32\localspl.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5809 Company: Microsoft Corporation Description: Local Spooler DLL Original FileName: localspl.dll File Version Label: 5.1.2600.5809 (xpsp_sp3_gdr.090507-1329) File Version Number: 5.1.2600.5809 SHA-1 Digest: 0x321340B618B46B8FFC8E8B05FF0723F663E04C37 MD5 Digest: 0xAA897735D5AB916297A6823A9B2D61B1
CRC32 Digest: 0xAD2571CE Rootkit Property: Normal File Size: 345600 bytes
File: c:\windows\system32\locator.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Rpc Locator Original FileName: locator.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x7E2CC7D2DA54EE5D36FF5BC95972232983C076BB MD5 Digest: 0xAAED593F84AFA419BBAE8572AF87CF6A CRC32 Digest: 0x7B25ABAF Rootkit Property: Normal File Size: 75264 bytes
File: c:\windows\system32\lpk.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Language Pack Original FileName: LanguagePack File Version Label: 5.1.2600.5512 (xpsp.080413-2105)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x05F1D34E919B8B625A32B4B4C4AC55E6E974C342 MD5 Digest: 0x012DF358CEBAA23ACB26D82077820817 CRC32 Digest: 0x9689B06F Rootkit Property: Normal File Size: 22016 bytes
File: c:\windows\system32\lsasrv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5834 Company: Microsoft Corporation Description: LSA Server DLL Original FileName: lsasrv.dll File Version Label: 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305) File Version Number: 5.1.2600.5834 SHA-1 Digest: 0x42940943F90EE2F6BBC66571D530F7571559F063 MD5 Digest: 0x6A77C91890CFE08135301574BB29559F CRC32 Digest: 0xCDA675ED Rootkit Property: Normal File Size: 730112 bytes
File: c:\windows\system32\lsass.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: LSA Shell (Export Version) Original FileName: lsass.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xDE5A73CBB5F51F64C53FB4277EF2C23E70DB123F MD5 Digest: 0xBF2466B3E18E970D8A976FB95FC1CA85 CRC32 Digest: 0xE6696FF6 Rootkit Property: Normal File Size: 13312 bytes
File: c:\windows\system32\macromed\flash\flashutil10l_activex.exe Product: Flash Player Installer/Uninstaller Product Version: 10,1,102,64 Company: Adobe Systems, Inc. Description: Adobe Flash Player Installer/Uninstaller 10.1 r102 Original FileName: FlashUtil.exe File Version Label: 10,1,102,64 File Version Number: 10.1.102.64 SHA-1 Digest: 0xC02F7F79797C56F82B3A30606ADA7C0228DBDC83 MD5 Digest: 0x711FD53E441255983C0AB014E2F107F4 CRC32 Digest: 0x79C0E2ED Rootkit Property: Normal File Size: 233936 bytes
File: c:\windows\system32\macromed\flash\flashutil10l_plugin.exe
Product: Flash Player Installer/Uninstaller Product Version: 10,1,102,64 Company: Adobe Systems, Inc. Description: Adobe Flash Player Installer/Uninstaller 10.1 r102 Original FileName: FlashUtil.exe File Version Label: 10,1,102,64 File Version Number: 10.1.102.64 SHA-1 Digest: 0xAB756C898F3A103C3CD7C3595ABE19294FD0DDD3 MD5 Digest: 0x8D5E9603AD5FDD6B7E8F9DB6264F1CD1 CRC32 Digest: 0xB3FA1A5A Rootkit Property: Normal File Size: 233936 bytes
File: c:\windows\system32\mdimon.dll Product: Microsoft Office Document Imaging Product Version: 11.3.8166.2 Company: Microsoft Corporation Description: Microsoft Document Imaging Original FileName: MSPCORE.DLL File Version Label: 11.3.8166.2 File Version Number: 0.3.8166.2 SHA-1 Digest: 0x878A88238B3592091DF8D8E709CC63425C9B225F MD5 Digest: 0x322FD75A97DBA67FC8F97A9957F857F1 CRC32 Digest: 0x52534918 Rootkit Property: Normal
File Size: 28040 bytes
File: c:\windows\system32\mf3216.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: 32-bit to 16-bit Metafile Conversion DLL Original FileName: mf3216.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x515C3C869059BBE9A9F62608E520BC7E8BFF4DC6 MD5 Digest: 0x2FDAE072FDF96930257949D289E950F1 CRC32 Digest: 0x0FFAC6FF Rootkit Property: Normal File Size: 40960 bytes
File: c:\windows\system32\mfc42.dll Product: Microsoft (R) Visual C++ Product Version: 6.02.400 Company: Microsoft Corporation Description: MFCDLL Shared Library - Retail Version Original FileName: MFC42.DLL File Version Label: 6.02.8073.0 File Version Number: 6.2.8073.0 SHA-1 Digest: 0x8C0959CE1B24B81FCAC665C29CAA358E2E56E037
MD5 Digest: 0x9018AC8A2745963B2E675FB880A11FED CRC32 Digest: 0x9032B140 Rootkit Property: Normal File Size: 974848 bytes
File: c:\windows\system32\mfc42u.dll Product: Microsoft (R) Visual C++ Product Version: 6.02.400 Company: Microsoft Corporation Description: MFCDLL Shared Library - Retail Version Original FileName: MFC42.DLL File Version Label: 6.02.8073.0 File Version Number: 6.2.8073.0 SHA-1 Digest: 0x90CE4A0FE7B3866CD402951C78B2C9EDD47FEDE4 MD5 Digest: 0x652401636A8D82D81A99A637A6A49F09 CRC32 Digest: 0x6D3492F5 Rootkit Property: Normal File Size: 974848 bytes
File: c:\windows\system32\mfc71.dll Product: Microsoft Visual Studio .NET Product Version: 7.10.5057.0 Company: Microsoft Corporation Description: MFCDLL Shared Library - Retail Version Original FileName: MFC71.DLL
File Version Label: 7.10.5057.0 File Version Number: 7.10.5057.0 SHA-1 Digest: 0xFBCEF9C5BA94B2B653EECE8D40C207AE9CBCED59 MD5 Digest: 0x58535D8377E3C0E2518434EFD88D1D9F CRC32 Digest: 0x89366B14 Rootkit Property: Normal File Size: 1056768 bytes
File: c:\windows\system32\mfc71u.dll Product: Microsoft Visual Studio .NET Product Version: 7.10.5057.0 Company: Microsoft Corporation Description: MFCDLL Shared Library - Retail Version Original FileName: MFC71U.DLL File Version Label: 7.10.5057.0 File Version Number: 7.10.5057.0 SHA-1 Digest: 0x2F5412628FA2699E4F4A7FD8CED9E58A3A23BF59 MD5 Digest: 0x12F8CB899B4C14B76ECD251986362788 CRC32 Digest: 0xEAEA799C Rootkit Property: Normal File Size: 1049600 bytes
File: c:\windows\system32\mfplat.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262
Company: Microsoft Corporation Description: Media Foundation Platform DLL Original FileName: mfplat.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x40DC99E4EA774CD0A899346C8DCDE6B9C01706DA MD5 Digest: 0xADC5D27EB04A03368163C7C41F5CA1A8 CRC32 Digest: 0xAAEC511A Rootkit Property: Normal File Size: 212992 bytes
File: c:\windows\system32\mgmtapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft SNMP Manager API (uses WinSNMP) Original FileName: mgmtapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x6569124EC611D04EE05C0B21C519CFF7BC9F3224 MD5 Digest: 0x1E744353BD534405187A404667DA3DC3 CRC32 Digest: 0xEFA7CD43 Rootkit Property: Normal File Size: 14848 bytes
File: c:\windows\system32\midimap.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft MIDI Mapper Original FileName: midimap.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0845) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5C72E1C08A4038A4CE908D9B57E78A23EE5FE0EF MD5 Digest: 0x5C12660A97822F6E61576943B49AAAD6 CRC32 Digest: 0x2E6D5FD1 Rootkit Property: Normal File Size: 18944 bytes
File: c:\windows\system32\mlang.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Multi Language Support DLL Original FileName: MLANG.DLL File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x28893E22E6311BBD303C9F7D3DBD99C844C70B66 MD5 Digest: 0xB714735C12A70171DE28657948FD91F1 CRC32 Digest: 0x667645C0
Rootkit Property: Normal File Size: 586240 bytes
File: c:\windows\system32\mnmsrvc.exe Product: Windows NetMeeting Product Version: 3.01 Company: Microsoft Corporation Description: NetMeeting Remote Desktop Sharing Original FileName: mnmsrvc.dll File Version Label: 5.1.2600.5512 File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xF38C1D9AEAF417902ABD68E1A63121142296B569 MD5 Digest: 0xD18F1F0C101D06A1C1ADF26EED16FCDD CRC32 Digest: 0x79B801B9 Rootkit Property: Normal File Size: 32768 bytes
File: c:\windows\system32\modemui.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Modem Properties Original FileName: MODEMUI.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x938341EBF69E751198ECC8593C924D1EE9AA1425 MD5 Digest: 0xFE4A73CDBC882A19D070F1C01586E81A CRC32 Digest: 0x7FB93AED Rootkit Property: Normal File Size: 153600 bytes
File: c:\windows\system32\mpg2splt.ax Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 6.5.2600.5512 SHA-1 Digest: 0x3EE2516A68CC58A88C9DEBC3C24FE1960C0FEBD5 MD5 Digest: 0x3302B1CB44223D03D1D5BD59FB8C3114 CRC32 Digest: 0x43789624 Rootkit Property: Normal File Size: 148992 bytes
File: c:\windows\system32\mpr.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Multiple Provider Router DLL
Original FileName: mpr.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x0AFFD0A48F5F137169158083C61CF46454689055 MD5 Digest: 0xDD7BD97FB8BD800963789158A5E4B41D CRC32 Digest: 0xD8E6EFF4 Rootkit Property: Normal File Size: 59904 bytes
File: c:\windows\system32\mprapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows NT MP Router Administration DLL Original FileName: mprapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xF786CB504A764DB01112BB91EDD91D4D05CDDA61 MD5 Digest: 0xEA5B8BECA3F279C757578CD7F1E95855 CRC32 Digest: 0x212AD01A Rootkit Property: Normal File Size: 87040 bytes
File: c:\windows\system32\mprdim.dll Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Dynamic Interface Manager Original FileName: MPRDIM.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x1C969551BEB3F20CD5E5D7632BAFF638D071AFBD MD5 Digest: 0x7E699FF5F59B5D9DE5390E3C34C67CF5 CRC32 Digest: 0x95B6C3CA Rootkit Property: Normal File Size: 53248 bytes
File: c:\windows\system32\msacm32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft ACM Audio Filter Original FileName: msfltr32.acm File Version Label: 5.1.2600.5512 (xpsp.080413-0845) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x9BE8C8A0CE2316FEFF5783EFBE259BB1F6334A63 MD5 Digest: 0x2098AB52BD5316E59AA36F3437B13BE6 CRC32 Digest: 0xEDE4B266 Rootkit Property: Normal File Size: 71680 bytes
File: c:\windows\system32\msacm32.drv Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Microsoft Sound Mapper Original FileName: msacm32.acm File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xBB7A0493B31CC4245A6EE9838E5ACAAAFC129957 MD5 Digest: 0x9A3BD5F55AADFF859539142F6328A66E CRC32 Digest: 0xD5406BAE Rootkit Property: Normal File Size: 20480 bytes
File: c:\windows\system32\msadp32.acm Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft ADPCM CODEC for MSACM Original FileName: msadp32.acm File Version Label: 5.1.2600.5512 (xpsp.080413-0845) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x8410A9A0782EE525EA9890A50A8A5CB7A1F9F17F MD5 Digest: 0xC5648BE5409E0AABDA8C9047BAC8F603
CRC32 Digest: 0xFF08C10B Rootkit Property: Normal File Size: 14848 bytes
File: c:\windows\system32\msasn1.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5875 Company: Microsoft Corporation Description: ASN.1 Runtime APIs Original FileName: msasn1.dll File Version Label: 5.1.2600.5875 (xpsp_sp3_gdr.090904-1413) File Version Number: 5.1.2600.5875 SHA-1 Digest: 0xFDB9C1E25067E147C999607C420CDD9656DEEC99 MD5 Digest: 0x04D898830DF96A17A20FD35D7590F87E CRC32 Digest: 0x63D6A79F Rootkit Property: Normal File Size: 58880 bytes
File: c:\windows\system32\msaud32.acm Product: Windows Media Audio Product Version: 8.00.00.4502 Company: Microsoft Corporation Description: Windows Media Audio Original FileName: msaud32 File Version Label: 8.00.00.4502
File Version Number: 8.0.0.4502 SHA-1 Digest: 0x3790A144773F029333898D36E891AF19E7DB73D9 MD5 Digest: 0x55AEEA66C5E84E3FD6CD3E933397D478 CRC32 Digest: 0xD579EDC6 Rootkit Property: Normal File Size: 282654 bytes
File: c:\windows\system32\mscms.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5627 Company: Microsoft Corporation Description: Microsoft Color Matching System DLL Original FileName: MSCMS.DLL File Version Label: 5.1.2600.5627 (xpsp_sp3_gdr.080624-1245) File Version Number: 5.1.2600.5627 SHA-1 Digest: 0x383F96126C94BDBA172BF2DEC307FC9A42BEBD3C MD5 Digest: 0x4AC2FA4A6F0DF2511BAC13393C06EFF1 CRC32 Digest: 0xF9922B11 Rootkit Property: Normal File Size: 74240 bytes
File: c:\windows\system32\mscoree.dll Product: Microsoft .NET Framework Product Version: 4.0.31106.0 Company: Microsoft Corporation
Description: Microsoft .NET Runtime Execution Engine Original FileName: mscoree.dll File Version Label: 4.0.31106.0 (Main.031106-0000) File Version Number: 4.0.31106.0 SHA-1 Digest: 0x437703D6916457B7B7E6367CB285FDD952CBE550 MD5 Digest: 0x128DD9AF8640DBCC711940903C8B554F CRC32 Digest: 0x0BFE0393 Rootkit Property: Normal File Size: 297808 bytes
File: c:\windows\system32\msctf.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: MSCTF Server DLL Original FileName: MSCTF.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x3C5A241879C49EFAE60E7D20C81195C0008FC317 MD5 Digest: 0xE40FCF943127DDC8FD60554B722D762B CRC32 Digest: 0x392BE0B0 Rootkit Property: Normal File Size: 297984 bytes
File: c:\windows\system32\msctfime.ime
Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Text Frame Work Service IME Original FileName: MSCTFIME.IME File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x434C43FC87679A37AA054C0C18E190CCB39A4439 MD5 Digest: 0x5733177BCF16EE78B99543C9B0AB81EA CRC32 Digest: 0x6D3663FE Rootkit Property: Normal File Size: 177152 bytes
File: c:\windows\system32\msdart.dll Product: Microsoft Data Access Components Product Version: 2.81.1132.0 Company: Microsoft Corporation Description: Microsoft Data Access - OLE DB Runtime Routines Original FileName: msdart.dll File Version Label: 2.81.1132.0 (xpsp.080413-0852) File Version Number: 2.81.1132.0 SHA-1 Digest: 0x6EDBDF77F982BF3FC0AE497B7AFF9D7636AF8CD0 MD5 Digest: 0x01F0CBEB457CAE7EF0CA52C7CCA5B0E8 CRC32 Digest: 0xB5818AFB Rootkit Property: Normal
File Size: 151552 bytes
File: c:\windows\system32\msdmo.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 6.5.2600.5512 SHA-1 Digest: 0x291179F9A56F4B63AC6492BA8BA613FFAAEED48D MD5 Digest: 0xD25C03D04159D462D69F294BA7142BDB CRC32 Digest: 0x2C91FB32 Rootkit Property: Normal File Size: 14336 bytes
File: c:\windows\system32\msdtc.exe Product: Microsoft Distributed Transaction Coordinator Product Version: 03.01.00.4414 Company: Microsoft Corporation Description: MS DTC console program Original FileName: File Version Label: 2001.12.4414.700 File Version Number: 2001.12.4414.700 SHA-1 Digest: 0xBC01515610B7CFEF9098FC892BA0E3F37B257A45
MD5 Digest: 0xA137F1470499A205ABBB9AAFB3B6F2B1 CRC32 Digest: 0x49AF15E1 Rootkit Property: Normal File Size: 6144 bytes
File: c:\windows\system32\msg711.acm Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Microsoft CCITT G.711 (A-Law and u-Law) CODEC for MSACM Original FileName: msg711.acm File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xEA9A3033755C3B8C370D1722B9725E453DBF2EDB MD5 Digest: 0x33271A2667334B9A8842C65A079EF375 CRC32 Digest: 0xE64DACA2 Rootkit Property: Normal File Size: 9216 bytes
File: c:\windows\system32\msg723.acm Product: Windows NetMeeting Product Version: 3.01 Company: Microsoft Corporation Description: Microsoft G.723.1 CODEC for MSACM Original FileName: msg723.acm
File Version Label: 4.4.3400 File Version Number: 4.4.0.3400 SHA-1 Digest: 0x4D882E9C149D6F671A08A21675C64F25634381CF MD5 Digest: 0xB87F759738C52E8D6FBCDAAA84C6486F CRC32 Digest: 0x33A6F6D7 Rootkit Property: Normal File Size: 118784 bytes
File: c:\windows\system32\msgina.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows NT Logon GINA DLL Original FileName: MSGINA.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x4C0DCC93F51F2A30BB304E7F6219D523057FD4DB MD5 Digest: 0xD7B7A57C0E57C836F18CF12A4C62A1CA CRC32 Digest: 0x24544FED Rootkit Property: Normal File Size: 997376 bytes
File: c:\windows\system32\msgsm32.acm Product: Microsoft Windows Operating System Product Version: 5.1.2600.0
Company: Microsoft Corporation Description: Microsoft GSM 6.10 Audio CODEC for MSACM Original FileName: msgsm32.acm File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x48AE80F47E1543564D0313BD883845E87D334736 MD5 Digest: 0x3A9846E207DAFC13009C048A2F6F8C2A CRC32 Digest: 0x86032C00 Rootkit Property: Normal File Size: 19968 bytes
File: c:\windows\system32\msgsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: NT Messenger Service Original FileName: msgsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x3AD9925DD867CF0BEB6CACE008EC6E7CA5AEA290 MD5 Digest: 0x986B1FF5814366D71E0AC5755C88F2D3 CRC32 Digest: 0x9EF23DBA Rootkit Property: Normal File Size: 33792 bytes
File: c:\windows\system32\msgsys.dll Product: Intel Common Base Agent Product Version: 6.12.0.142 Company: LANDesk Software Ltd. Description: CBA -- Message System Library Original FileName: MsgSys.DLL File Version Label: 6.12.0.142 E File Version Number: 6.12.0.142 SHA-1 Digest: 0xC0B3D188D2A7DEECB772FE86570EFB9B7C37C320 MD5 Digest: 0x6A4A5F73BD9AF98426BB7E21C54EFC5B CRC32 Digest: 0x238BC590 Rootkit Property: Normal File Size: 46896 bytes
File: c:\windows\system32\msh261.drv Product: Windows NetMeeting Product Version: 3.01 Company: Microsoft Corporation Description: Microsoft H.261 ICM Driver Original FileName: msh261.drv File Version Label: 5.1.2600.5512 File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xC6F583D7A4071DC2F31E6A205056A0602BCE9EA4 MD5 Digest: 0xC6FD300A6100AC89BC4CB944C19FA2A9 CRC32 Digest: 0x219A6F89
Rootkit Property: Normal File Size: 188416 bytes
File: c:\windows\system32\msh263.drv Product: Windows NetMeeting Product Version: 3.01 Company: Microsoft Corporation Description: Microsoft H.263 ICM Driver Original FileName: msh263.drv File Version Label: 5.1.2600.5512 File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x0D54818EE39DF6847AE208F7CD6798DB834FD021 MD5 Digest: 0x7D529AA41EA993357F8C3D7E92C2372A CRC32 Digest: 0xFFD41AD6 Rootkit Property: Normal File Size: 294912 bytes
File: c:\windows\system32\mshta.exe Product: Windows Internet Explorer Product Version: 7.00.5730.13 Company: Microsoft Corporation Description: Microsoft (R) HTML Application host Original FileName: MSHTA.EXE File Version Label: 7.00.5730.13 (longhorn(wmbla).070711-1130) File Version Number: 7.0.5730.13
SHA-1 Digest: 0xD0B69CB68F058C046FC90F27C3A12D7EF86AF89F MD5 Digest: 0x2667B412F7453B8C39197D3C550536CD CRC32 Digest: 0x1B5E4188 Rootkit Property: Normal File Size: 45568 bytes
File: c:\windows\system32\mshtml.dll Product: Windows Internet Explorer Product Version: 7.00.6000.17093 Company: Microsoft Corporation Description: Microsoft (R) HTML Viewer Original FileName: MSHTML.DLL File Version Label: 7.00.6000.17093 (vista_gdr.101017-1200) File Version Number: 7.0.6000.17093 SHA-1 Digest: 0xC31DAD736EE6C48FEDFAFAED8BDDEC75532A4488 MD5 Digest: 0x2F2DA920F5B9582D40B9761D2AB45696 CRC32 Digest: 0x697412CD Rootkit Property: Normal File Size: 3604480 bytes
File: c:\windows\system32\mshtmled.dll Product: Windows Internet Explorer Product Version: 7.00.6000.17093 Company: Microsoft Corporation Description: Microsoft HTML Editing Component
Original FileName: MSHTMLED.DLL File Version Label: 7.00.6000.17093 (vista_gdr.101017-1200) File Version Number: 7.0.6000.17093 SHA-1 Digest: 0x1688CCAA877B024867E1663E7310E26F4B0D3598 MD5 Digest: 0xDECC5A0426C82CD84AB5C7BEC0412BE5 CRC32 Digest: 0xD473322C Rootkit Property: Normal File Size: 478208 bytes
File: c:\windows\system32\msi.dll Product: Windows Installer - Unicode Product Version: 3.1.4001.5512 Company: Microsoft Corporation Description: Windows Installer Original FileName: msi.dll File Version Label: 3.1.4001.5512 File Version Number: 3.1.4001.5512 SHA-1 Digest: 0x27591EE4BC2970090D421423E771EC51E46B6A41 MD5 Digest: 0xD3F72D50DE53F9F1F55240115AF4D42E CRC32 Digest: 0xF2937316 Rootkit Property: Normal File Size: 2843136 bytes
File: c:\windows\system32\msidle.dll Product: Microsoft Windows Operating System
Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: User Idle Monitor Original FileName: MSIDLE.DLL File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x1D00D997FB0A45E52F47CAEA5133B6D2B3C623E0 MD5 Digest: 0xE47E364C96467FD54FA44D59F927C3AB CRC32 Digest: 0xF3AD331F Rootkit Property: Normal File Size: 6656 bytes
File: c:\windows\system32\msiexec.exe Product: Windows Installer - Unicode Product Version: 3.1.4001.5512 Company: Microsoft Corporation Description: Windows installer Original FileName: msiexec.exe File Version Label: 3.1.4001.5512 File Version Number: 3.1.4001.5512 SHA-1 Digest: 0x2007D2C57E7B68B550DB764F3CB4F43BB0274460 MD5 Digest: 0x5879D691E842574A20FE63817CB76DF9 CRC32 Digest: 0xC4F9691B Rootkit Property: Normal File Size: 78848 bytes
File: c:\windows\system32\msimg32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: GDIEXT Client DLL Original FileName: gdiext File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFE7C3659D785B40C1888F9BCF8317B02E925BE8E MD5 Digest: 0xAFFC87E2501FCE8F09D4C10BA6421CCF CRC32 Digest: 0x8FFFA7F2 Rootkit Property: Normal File Size: 4608 bytes
File: c:\windows\system32\msimtf.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Active IMM Server DLL Original FileName: MSIMTF.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA2EB2B4A82A5FF168EF7A84E43B9AEADFF9ED590 MD5 Digest: 0xE11457C66FDD966EE415FBBC6D9BE643
CRC32 Digest: 0xC7A48FD4 Rootkit Property: Normal File Size: 159232 bytes
File: c:\windows\system32\msjet40.dll Product: Microsoft (R) Jet Product Version: 4.00.9511.0 Company: Microsoft Corporation Description: Microsoft Jet Engine Library Original FileName: MSJET40.DLL File Version Label: 4.00.9511.0 File Version Number: 4.0.9511.0 SHA-1 Digest: 0x6AA89ECB20022142D3ADE0E482572DF18D7C6D7E MD5 Digest: 0x9E70016C950B1F8FDEAA6F067E2E25A8 CRC32 Digest: 0x8A6D00B1 Rootkit Property: Normal File Size: 1516568 bytes
File: c:\windows\system32\msjint40.dll Product: Microsoft (R) Jet Product Version: 4.00.9502.0 Company: Microsoft Corporation Description: Microsoft Jet Database Engine International DLL Original FileName: MSJINT40.DLL File Version Label: 4.00.9502.0
File Version Number: 4.0.9502.0 SHA-1 Digest: 0x3251F7DC20DFCDF5A34F3EE55DF4D8FBBDA4CEA6 MD5 Digest: 0x7E2B58CE8C4013287371667880B1080D CRC32 Digest: 0x55DA2207 Rootkit Property: Normal File Size: 151583 bytes
File: c:\windows\system32\msjter40.dll Product: Microsoft (R) Jet Product Version: 4.00.9502.0 Company: Microsoft Corporation Description: Microsoft Jet Database Engine Error DLL Original FileName: MSJTER40.DLL File Version Label: 4.00.9502.0 File Version Number: 4.0.9502.0 SHA-1 Digest: 0x37DA5313093B1AFD9AA7A976E63DB98B2773ADBF MD5 Digest: 0x0D14F07B29FBF0D750AA2495DD72B968 CRC32 Digest: 0xA3F03ED0 Rootkit Property: Normal File Size: 60192 bytes
File: c:\windows\system32\msls31.dll Product: Microsoft Line Services Product Version: 3.10 Company: Microsoft Corporation
Description: Microsoft Line Services library file Original FileName: MSLS31.DLL File Version Label: 3.10.349.0 File Version Number: 3.10.349.0 SHA-1 Digest: 0xB0D2A2897A2FB6A98207BE16D0ABC06118022EEC MD5 Digest: 0x87B27E19DC5B4F8F3FEF061A155977B9 CRC32 Digest: 0xDABC3EF1 Rootkit Property: Normal File Size: 156160 bytes
File: c:\windows\system32\mspatcha.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft(R) Patch Engine Original FileName: mspatcha.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x14D7946AB6769B9366C114822BFDE12FA2113E11 MD5 Digest: 0xB85E95679B5ADC12311BCD3F5385D623 CRC32 Digest: 0x4B9B3D50 Rootkit Property: Normal File Size: 29696 bytes
File: c:\windows\system32\mspmsnsv.dll
Product: Windows Media Device Manager Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Microsoft Media Device Service Provider Original FileName: MsPMSNSv.dll File Version Label: 11.0.5721.5262 File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x249D26A0E3A741E023D88E41B070061FEB1D1E21 MD5 Digest: 0x051B1BDECD6DEE18C771B5D5EC7F044D CRC32 Digest: 0x179069B6 Rootkit Property: Normal File Size: 27136 bytes
File: c:\windows\system32\mspmsp.dll Product: Windows Media Device Manager Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Microsoft Media Device Service Provider Original FileName: MsPMSP.dll File Version Label: 11.0.5721.5262 File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x68A351EAA386A8F62CF8CDA07743B33FD15261A4 MD5 Digest: 0x062ED848780162270910D8F87790D0E0 CRC32 Digest: 0x899702EF Rootkit Property: Normal
File Size: 175616 bytes
File: c:\windows\system32\msprivs.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Privilege Translations Original FileName: mspriv.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xCAD7E84A17E3AAA40DDB7D7A87D440FD86E80E35 MD5 Digest: 0xC6BB1D1500DB4A0E224CB65E6C7E8A80 CRC32 Digest: 0x05D5AC68 Rootkit Property: Normal File Size: 48128 bytes
File: c:\windows\system32\msrle32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5908 Company: Microsoft Corporation Description: Microsoft RLE Compressor Original FileName: msrle32.dll File Version Label: 5.1.2600.5908 (xpsp_sp3_gdr.091127-0541) File Version Number: 5.1.2600.5908 SHA-1 Digest: 0x26B27B96604BEF2BEF5FB1CEA8F066B397646922
MD5 Digest: 0x777819E1514AA632364DE59F810B292C CRC32 Digest: 0x32B7A1C2 Rootkit Property: Normal File Size: 11264 bytes
File: c:\windows\system32\mstlsapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Terminal Server Licensing Original FileName: mstlsapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA88F24CB797BB85ABA9EA841103FAAE3677188A7 MD5 Digest: 0x2D65D56C2F8B6CC5EBFF8E7200C30304 CRC32 Digest: 0x164C5464 Rootkit Property: Normal File Size: 116224 bytes
File: c:\windows\system32\msutb.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: MSUTB Server DLL Original FileName: MSUTB.DLL
File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xC0B75DE05A02C0CC94B0D1EF5DFEE3AE79E212C0 MD5 Digest: 0x17AA58A54C00F1746B8654C050491F43 CRC32 Digest: 0x39B0DAD1 Rootkit Property: Normal File Size: 195072 bytes
File: c:\windows\system32\msv1_0.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5876 Company: Microsoft Corporation Description: Microsoft Authentication Package v1.0 Original FileName: MSV1_0.DLL File Version Label: 5.1.2600.5876 (xpsp_sp3_gdr.090909-1234) File Version Number: 5.1.2600.5876 SHA-1 Digest: 0xFB79958937F4574EA217321D1A869C02EDBD9EBE MD5 Digest: 0x517561A1113B04E51D936CD018DE1C1F CRC32 Digest: 0xE8B51352 Rootkit Property: Normal File Size: 136192 bytes
File: c:\windows\system32\msvcirt.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: Windows NT IOStreams DLL Original FileName: msvcirt.dll File Version Label: 7.0.2600.5512 (xpsp.080413-2111) File Version Number: 7.0.2600.5512 SHA-1 Digest: 0x93159F6E1BD0250BA45A27787A7814BA9B24FF7E MD5 Digest: 0x585992D78B671AAA075C02241309795D CRC32 Digest: 0xE60C55DB Rootkit Property: Normal File Size: 57344 bytes
File: c:\windows\system32\msvcp60.dll Product: Microsoft (R) Visual C++ Product Version: 6.02.3104.0 Company: Microsoft Corporation Description: Microsoft (R) C++ Runtime Library Original FileName: MSVCP60.DLL File Version Label: 6.02.3104.0 File Version Number: 6.2.3104.0 SHA-1 Digest: 0x97F12347BD168FA577527824F71897AFF886C999 MD5 Digest: 0xF404830F3CD9BF8F2515E489C0CDA297 CRC32 Digest: 0xD70BFB00 Rootkit Property: Normal File Size: 413696 bytes
File: c:\windows\system32\msvcp71.dll Product: Microsoft Visual Studio .NET Product Version: 7.10.3077.0 Company: Microsoft Corporation Description: Microsoft C++ Runtime Library Original FileName: MSVCP71.DLL File Version Label: 7.10.3077.0 File Version Number: 7.10.3077.0 SHA-1 Digest: 0xC8CCB04EEDAC821A13FAE314A2435192860C72B8 MD5 Digest: 0x561FA2ABB31DFA8FAB762145F81667C2 CRC32 Digest: 0x5A3B11D4 Rootkit Property: Normal File Size: 499712 bytes
File: c:\windows\system32\msvcr71.dll Product: Microsoft Visual Studio .NET Product Version: 7.10.3052.4 Company: Microsoft Corporation Description: Microsoft C Runtime Library Original FileName: MSVCR71.DLL File Version Label: 7.10.3052.4 File Version Number: 7.10.3052.4 SHA-1 Digest: 0x4CF530F625AB01BAF8A513B02A259B8D35C60B30 MD5 Digest: 0xCF8889C5F5764AC1976E6458A748D35F CRC32 Digest: 0x6C335B7E
Rootkit Property: Normal File Size: 348160 bytes
File: c:\windows\system32\msvcrt.dll Product: Microsoft Windows Operating System Product Version: 7.0.2600.5512 Company: Microsoft Corporation Description: Windows NT CRT DLL Original FileName: msvcrt.dll File Version Label: 7.0.2600.5512 (xpsp.080413-2111) File Version Number: 7.0.2600.5512 SHA-1 Digest: 0x70D5F97088CC9348BB9D10098AF0738A696B96DE MD5 Digest: 0x355EDBB4D412B01F1740C17E3F50FA00 CRC32 Digest: 0x0B7B1677 Rootkit Property: Normal File Size: 343040 bytes
File: c:\windows\system32\msvfw32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Video for Windows DLL Original FileName: msvfw32.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0845) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0xA0132DE325C72A73EE497A3517C4CE942569F25F MD5 Digest: 0x235B2311786AC007AD644B12A2DA8AC7 CRC32 Digest: 0xA8A6AED5 Rootkit Property: Normal File Size: 121344 bytes
File: c:\windows\system32\msvidc32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5908 Company: Microsoft Corporation Description: Microsoft Video 1 Compressor Original FileName: msvidc32.dll File Version Label: 5.1.2600.5908 (xpsp_sp3_gdr.091127-0541) File Version Number: 5.1.2600.5908 SHA-1 Digest: 0x9A2A8EC8D67929C735C36F1E599A91E961B55F7A MD5 Digest: 0xFCB4782D700268C1B82ECEF74CF1A3B9 CRC32 Digest: 0x96BB9FCE Rootkit Property: Normal File Size: 28672 bytes
File: c:\windows\system32\mswmdm.dll Product: Windows Media Device Manager Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Device Manager Core
Original FileName: WMDM.dll File Version Label: 11.0.5721.5262 File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x37F24A87BE5357F79E332595780D9A7A1AE09A9F MD5 Digest: 0xCF55708E01719037B441ED53C8886A84 CRC32 Digest: 0xE3CA88BB Rootkit Property: Normal File Size: 321536 bytes
File: c:\windows\system32\mswsock.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5625 Company: Microsoft Corporation Description: Microsoft Windows Sockets 2.0 Service Provider Original FileName: mswsock.dll File Version Label: 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249) File Version Number: 5.1.2600.5625 SHA-1 Digest: 0xE7EC9DEC28DB732BD344F4BDE6F60975175A4E7C MD5 Digest: 0x832E4DD8964AB7ACC880B2837CB1ED20 CRC32 Digest: 0xFBBA0828 Rootkit Property: Normal File Size: 245248 bytes
File: c:\windows\system32\mswstr10.dll Product: Microsoft (R) Jet
Product Version: 4.00.9502.0 Company: Microsoft Corporation Description: Microsoft Jet Sort Library Original FileName: MSWSTR10.DLL File Version Label: 4.00.9502.0 File Version Number: 4.0.9502.0 SHA-1 Digest: 0x1FB815E1258D808411C5874AF0C6C7CC5FC6C7C3 MD5 Digest: 0xAFDC647D16B285B9AE6140335B3B3255 CRC32 Digest: 0x0E3FED45 Rootkit Property: Normal File Size: 621344 bytes
File: c:\windows\system32\msyuv.dll Product: Microsoft(R) Windows(R) Operating System Product Version: 5.3.2600.5908 Company: Microsoft Corporation Description: Microsoft UYVY Video Decompressor Original FileName: MSYUV.DLL File Version Label: 5.3.2600.5908 (xpsp_sp3_gdr.091127-0541) File Version Number: 5.3.2600.5908 SHA-1 Digest: 0x7B088BD67F731D2F5A977A0718E03B0CAAA6A790 MD5 Digest: 0x0F200BE1ED9DE188CA6407A3759BE7CF CRC32 Digest: 0xB91919AA Rootkit Property: Normal File Size: 17920 bytes
File: c:\windows\system32\mtxclu.dll Product: COM Services Product Version: 03.01.00.4414 Company: Microsoft Corporation Description: MS DTC amd MTS clustering support DLL Original FileName: File Version Label: 2001.12.4414.706 File Version Number: 2001.12.4414.706 SHA-1 Digest: 0x4712AC78DE94E12A94EC132044B9F04F76AAEA63 MD5 Digest: 0x36795A645EAA47FE31D2A8F136A2C69B CRC32 Digest: 0x28BC32EA Rootkit Property: Normal File Size: 66560 bytes
File: c:\windows\system32\mydocs.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: My Documents Folder UI Original FileName: mydocs.dll File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x03DE584B1601B98C897768717E4F629A19F87662 MD5 Digest: 0x538A270F35A713C360B7ED4168BB7521
CRC32 Digest: 0x0946122A Rootkit Property: Normal File Size: 90624 bytes
File: c:\windows\system32\ncobjapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Original FileName: NCObjAPI.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x7AFDF6DC60B2EE364D3D3CD6EEB8509B9A278DA0 MD5 Digest: 0xEC29A79F1E76DC509E24D401F29D0678 CRC32 Digest: 0xAF655A0A Rootkit Property: Normal File Size: 36352 bytes
File: c:\windows\system32\nddeapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Network DDE Share Management APIs Original FileName: NDDEAPI.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2105)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x62268747F51A908297B1248F6E06C81D7B638C0B MD5 Digest: 0x013C1148C1EC025596896E093F60F608 CRC32 Digest: 0x7E995810 Rootkit Property: Normal File Size: 17920 bytes
File: c:\windows\system32\ndptsp.tsp Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: NDIS Proxy TAPI Service Provider Original FileName: NDProxy.TSP File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x8B91982F4EAD7D00DB82BFD81C4039EB0512F1C3 MD5 Digest: 0x4589963D84F2984FA5949A72162BA4F4 CRC32 Digest: 0x91C131A8 Rootkit Property: Normal File Size: 56832 bytes
File: c:\windows\system32\netapi32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5694 Company: Microsoft Corporation
Description: Net Win32 API DLL Original FileName: NetApi32.DLL File Version Label: 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312) File Version Number: 5.1.2600.5694 SHA-1 Digest: 0x5E935F90226FF224936EDF449F925B647B535917 MD5 Digest: 0x318230E845919255EF3C5D5E1E863631 CRC32 Digest: 0x5A9AE439 Rootkit Property: Normal File Size: 337408 bytes
File: c:\windows\system32\netcfgx.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Network Configuration Objects Original FileName: netcfgx.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x51F5DCADE9EF8F94B78FACB4239583313FC516FB MD5 Digest: 0x37A62C6092AADD2EFDE0468DD8818E99 CRC32 Digest: 0xD3BC095D Rootkit Property: Normal File Size: 622592 bytes
File: c:\windows\system32\netdde.exe
Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Network DDE - DDE Communication Original FileName: NETDDE.EXE File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x7235C82AA9698D9297A73E44CB365FD5973CEF78 MD5 Digest: 0xB857BA82860D7FF85AE29B095645563B CRC32 Digest: 0x59828835 Rootkit Property: Normal File Size: 111104 bytes
File: c:\windows\system32\netlogon.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Net Logon Services DLL Original FileName: NetLogon.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA6AB9D384B3D801A8973B4ED5F01961CB0B8A07C MD5 Digest: 0x1B7F071C51B77C272875C3A23E1E4550 CRC32 Digest: 0xE25458B0 Rootkit Property: Normal
File Size: 407040 bytes
File: c:\windows\system32\netman.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Network Connections Manager Original FileName: netman.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x33F8C80CBC4A8B5AFD12B74E8999BA5D448C9C19 MD5 Digest: 0x13E67B55B3ABD7BF3FE7AAE5A0F9A9DE CRC32 Digest: 0x03CCA430 Rootkit Property: Normal File Size: 198144 bytes
File: c:\windows\system32\netrap.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Net Remote Admin Protocol DLL Original FileName: NetRap.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x80BE09DDFF957E6739EF107BCD1B8337B64A6432
MD5 Digest: 0xB41D53899E37CC43DA85DA19998BEE81 CRC32 Digest: 0x7D4399F5 Rootkit Property: Normal File Size: 11776 bytes
File: c:\windows\system32\netshell.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Network Connections Shell Original FileName: netshell.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x93A40E968C9FF4BBAE8397F55DB8B291D9E4E0A0 MD5 Digest: 0x062F837C1FBDB6A0A75F82EFC2EE8E74 CRC32 Digest: 0xDE6F9AEC Rootkit Property: Normal File Size: 1703936 bytes
File: c:\windows\system32\netui0.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: NT LM UI Common Code - GUI Classes Original FileName: netui0.dll
File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFAABE827C5AF25A3E6E5876BF736F4F74D0D5334 MD5 Digest: 0xAC5DF42FE314C1446B1DAD237BFCFFE0 CRC32 Digest: 0xEEE6EB1F Rootkit Property: Normal File Size: 80896 bytes
File: c:\windows\system32\netui1.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: NT LM UI Common Code - Networking classes Original FileName: netui1.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xCC75ED3D171F5D038E945DE1E31C249B4D51F11A MD5 Digest: 0xED5A816D8E11E03F1937AC3C56826EE4 CRC32 Digest: 0x3226AF77 Rootkit Property: Normal File Size: 245760 bytes
File: c:\windows\system32\normaliz.dll Product: Microsoft Windows Operating System Product Version: 6.0.5441.0
Company: Microsoft Corporation Description: Unicode Normalization DLL Original FileName: normaliz.dll File Version Label: 6.0.5441.0 (winmain(wmbla).060628-1735) File Version Number: 6.0.5441.0 SHA-1 Digest: 0xECD1FC4EBCD524AEFAC77061A8C0B5E4A2A01A8D MD5 Digest: 0x10753A3ADC3E39A3B10CC3F08E98E6B4 CRC32 Digest: 0x80634486 Rootkit Property: Normal File Size: 23552 bytes
File: c:\windows\system32\npptools.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: NPP Tools Helper DLL Original FileName: NPPTools.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFA6948D0F9B020F13BAD7BCB984289D676E0FD3F MD5 Digest: 0x68A131335A20B343923A2957EB1E413D CRC32 Digest: 0x0BFD0E6F Rootkit Property: Normal File Size: 54784 bytes
File: c:\windows\system32\ntdll.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5755 Company: Microsoft Corporation Description: NT Layer DLL Original FileName: ntdll.dll File Version Label: 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) File Version Number: 5.1.2600.5755 SHA-1 Digest: 0xE753D19A2E3B98B2B3B8F02F276092096D10F22D MD5 Digest: 0x911DDF2E16761643A47225F654D811E5 CRC32 Digest: 0x56E74C35 Rootkit Property: Normal File Size: 714752 bytes
File: c:\windows\system32\ntdsapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: NT5DS Original FileName: ntdsapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFFABBDD524C77BA338F0EFBA8F609DFAB6AAB021 MD5 Digest: 0xEC4C0D9BFD9F7E33F8B395AD54E13063 CRC32 Digest: 0x4E8ED6F9
Rootkit Property: Normal File Size: 67072 bytes
File: c:\windows\system32\ntlanman.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Lan Manager Original FileName: ntlanman.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xE4B4479A8B95199F760E921D3BCF964123B6D2B2 MD5 Digest: 0x36468087E22C57A83DF758B3F90DF73F CRC32 Digest: 0x9A79689D Rootkit Property: Normal File Size: 44032 bytes
File: c:\windows\system32\ntlsapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft License Server Interface DLL Original FileName: ntlsapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x40A6726065AE8937C318148703AE197DBF7CEAD4 MD5 Digest: 0xB464BD425D5D09ABE4192234D1577B22 CRC32 Digest: 0x6A0576EE Rootkit Property: Normal File Size: 8192 bytes
File: c:\windows\system32\ntmarta.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows NT MARTA provider Original FileName: ntmarta.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x7E2EA4D88645138E5EDB646157FD702C347BB53A MD5 Digest: 0x549290DBC280C887681D7652978DBBE0 CRC32 Digest: 0x35FC486D Rootkit Property: Normal File Size: 118784 bytes
File: c:\windows\system32\ntmssvc.dll Product: Microsoft Windows Whistler Operating System Product Version: 5.1.2400.5512 Company: Microsoft Corporation Description: Removable Storage Manager
Original FileName: ntmssvc.dll File Version Label: 5.1.2400.5512 File Version Number: 5.1.2400.5512 SHA-1 Digest: 0xEC429EC2F14C9E97F8B99F6A3267DBFE44A92E27 MD5 Digest: 0x156F64A3345BD23C600655FB4D10BC08 CRC32 Digest: 0xFB1AA7D8 Rootkit Property: Normal File Size: 435200 bytes
File: c:\windows\system32\nts.dll Product: Intel Common Base Agent Product Version: 6.12.0.142 Company: LANDesk Software Ltd. Description: NTS Original FileName: NTS.DLL File Version Label: 6.12.0.142 E File Version Number: 6.12.0.142 SHA-1 Digest: 0xD0FC9686FF2D53C8EFDA572FB1F51FEE97D1F396 MD5 Digest: 0x0C343609DF3677E456E168FDB07139F9 CRC32 Digest: 0xE581928A Rootkit Property: Normal File Size: 83752 bytes
File: c:\windows\system32\ntshrui.dll Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Shell extensions for sharing Original FileName: ntshrui.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x590EF8248DCE2107930917B15541ED91BA84E185 MD5 Digest: 0xA70A2D85AD143D6BB823C246CEB699A5 CRC32 Digest: 0xA17F3F5B Rootkit Property: Normal File Size: 143360 bytes
File: c:\windows\system32\oakley.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5886 Company: Microsoft Corporation Description: Oakley Key Manager Original FileName: oakley.dll File Version Label: 5.1.2600.5886 (xpsp_sp3_gdr.091012-1253) File Version Number: 5.1.2600.5886 SHA-1 Digest: 0x0722EDDAFD29D4572BEF110E321F9AC7285712BA MD5 Digest: 0xC5FF8682EADA5B3B27A865F1C3EF9270 CRC32 Digest: 0xEF817BD2 Rootkit Property: Normal File Size: 270336 bytes
File: c:\windows\system32\occache.dll Product: Windows Internet Explorer Product Version: 7.00.6000.17093 Company: Microsoft Corporation Description: Object Control Viewer Original FileName: OCCACHE.DLL File Version Label: 7.00.6000.17093 (vista_gdr.101017-1200) File Version Number: 7.0.6000.17093 SHA-1 Digest: 0xFE9AFF6B8A0179B54B35E61CD8B24800E2B33D35 MD5 Digest: 0x971D01F521285E15B76D67A1754D2891 CRC32 Digest: 0xE3AD79EC Rootkit Property: Normal File Size: 102912 bytes
File: c:\windows\system32\odbc32.dll Product: Microsoft Data Access Components Product Version: 3.525.3012.0 Company: Microsoft Corporation Description: Microsoft Data Access - ODBC Driver Manager Original FileName: ODBC32 File Version Label: 3.525.3012.0 (xpsp_sp3_gdr.101108-1643) File Version Number: 3.525.3012.0 SHA-1 Digest: 0xA3B962AD88002F64BB46379182EB0D949C8207DF MD5 Digest: 0x40B0F98BAD16AD5DEF894E88C3EF8014
CRC32 Digest: 0x7371AFB4 Rootkit Property: Normal File Size: 249856 bytes
File: c:\windows\system32\odbcbcp.dll Product: Microsoft SQL Server Product Version: 3.85.1132 Company: Microsoft Corporation Description: Microsoft BCP for ODBC Original FileName: ODBCBCP File Version Label: 2000.085.1132.00 (xpsp.080413-0852) File Version Number: 2000.85.1132.0 SHA-1 Digest: 0xBF5C3C94701E3009BB1EF98607055F712ABF61E2 MD5 Digest: 0x369F7B1A4F358B976176556A1A331F36 CRC32 Digest: 0x35EE6559 Rootkit Property: Normal File Size: 24576 bytes
File: c:\windows\system32\odbccp32.dll Product: Microsoft Data Access Components Product Version: 3.525.1132.0 Company: Microsoft Corporation Description: Microsoft Data Access - ODBC Installer Original FileName: ODBCCP32 File Version Label: 3.525.1132.0 (xpsp.080413-0852)
File Version Number: 3.525.1132.0 SHA-1 Digest: 0xCC3A2A750B59974F938D30049A56034CFA8EA714 MD5 Digest: 0x2C288AA87E4723AC9FF4D76A192EC3F8 CRC32 Digest: 0xD90B53D6 Rootkit Property: Normal File Size: 106496 bytes
File: c:\windows\system32\odbcint.dll Product: Microsoft Data Access Components Product Version: 3.525.1132.0 Company: Microsoft Corporation Description: Microsoft Data Access - ODBC Resources Original FileName: ODBCINT File Version Label: 3.525.1132.0 (xpsp.080413-0852) File Version Number: 3.525.1132.0 SHA-1 Digest: 0x9CF815158FF84A7153ED6140E37CF42C906A0DE0 MD5 Digest: 0x6B7C6B32F8E84D56C6260D684019FEA2 CRC32 Digest: 0x716DE794 Rootkit Property: Normal File Size: 94208 bytes
File: c:\windows\system32\odbcji32.dll Product: Microsoft Data Access Components Product Version: 4.00.6305.0 Company: Microsoft Corporation
Description: Microsoft ODBC Desktop Driver Pack 3.5 Original FileName: File Version Label: 4.0.6305.0 File Version Number: 4.0.6305.0 SHA-1 Digest: 0x182217E66AFC5465648A15B0DAFB66A67A3BB8B8 MD5 Digest: 0x5CE275CDC5FFB77B1EC29DBDFE4B6689 CRC32 Digest: 0x176915E1 Rootkit Property: Normal File Size: 53279 bytes
File: c:\windows\system32\odbcjt32.dll Product: Microsoft Data Access Components Product Version: 4.00.6305.0 Company: Microsoft Corporation Description: Microsoft ODBC Desktop Driver Pack 3.5 Original FileName: File Version Label: 4.0.6305.0 File Version Number: 4.0.6305.0 SHA-1 Digest: 0xE91D0769D2FB7AE8210A4AD4FD8B885FAB1790F1 MD5 Digest: 0x1B05DCC75FBB903A17E3E0DDAEA8D508 CRC32 Digest: 0x0ED7DF9D Rootkit Property: Normal File Size: 278559 bytes
File: c:\windows\system32\ole32.dll
Product: Microsoft Windows Operating System Product Version: 5.1.2600.6010 Company: Microsoft Corporation Description: Microsoft OLE for Windows Original FileName: OLE32.DLL File Version Label: 5.1.2600.6010 (xpsp_sp3_gdr.100712-1633) File Version Number: 5.1.2600.6010 SHA-1 Digest: 0x9C1934E436A2056853797697B4E6A060637097ED MD5 Digest: 0x7A6A7900B5E322763430BA6FD9A31224 CRC32 Digest: 0x2C4B341E Rootkit Property: Normal File Size: 1288192 bytes
File: c:\windows\system32\oleacc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Active Accessibility Core Component Original FileName: OLEACC.DLL File Version Label: 4.2.5406.0 (xpclient.010817-1148) File Version Number: 4.2.5406.0 SHA-1 Digest: 0xFFE7A3E6FBA7F7CFE1E26FED3F8BE00C47E9E2FC MD5 Digest: 0x5F2DBE3CB563741C8084657BF956CE64 CRC32 Digest: 0x5E164907 Rootkit Property: Normal
File Size: 163328 bytes
File: c:\windows\system32\oleaut32.dll Product: Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Original FileName: File Version Label: 5.1.2600.5512 File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x3168A173D177F470928B468DB777640861DCB32E MD5 Digest: 0x387006CF9983000BAB76DD250D424045 CRC32 Digest: 0x1EE83658 Rootkit Property: Normal File Size: 551936 bytes
File: c:\windows\system32\olepro32.dll Product: Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Original FileName: File Version Label: 5.1.2600.5512 File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x4414A46EFC93A14F4268AFA4925DBB86D9FB3BDC
MD5 Digest: 0x5652F6CE1D9E9D8068B9D29BC21B5409 CRC32 Digest: 0x0EFC6591 Rootkit Property: Normal File Size: 84992 bytes
File: c:\windows\system32\onex.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: IEEE 802.1X supplicant library Original FileName: onex.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB2DCFF6F357A68ABFF957DAD6444AA43310C533E MD5 Digest: 0xCA04959077AFE36369D37B3504740C87 CRC32 Digest: 0xC15BD3F6 Rootkit Property: Normal File Size: 144384 bytes
File: c:\windows\system32\packet.dll Product: WinPcap Product Version: 4.1.0.2001 Company: CACE Technologies, Inc. Description: packet.dll (NT5) Dynamic Link Library Original FileName: packet.dll
File Version Label: 4.1.0.2001 File Version Number: 4.1.0.2001 SHA-1 Digest: 0xB8EFE133D421CCEF04FCF13A4ABA78999DB936E9 MD5 Digest: 0x94EC0B68B4F933CBE5B92523ADC4AE2C CRC32 Digest: 0x98E08A5A Rootkit Property: Normal File Size: 100880 bytes
File: c:\windows\system32\pdclntif.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xC3B1AA769C91C32D45611D22C77A23B3ADCA7421 MD5 Digest: 0x5A361AE0D8D5C8769AE44EAE3BD35A8E CRC32 Digest: 0x92AE3C0E Rootkit Property: Normal File Size: 548864 bytes
File: c:\windows\system32\pdf995mon.dll Product: Product Version:
Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xFDC1B774F6BD315A33456280B247D80EA30ACA20 MD5 Digest: 0xAF238673651EFC0226EA74239B502A6F CRC32 Digest: 0x91FB3BA1 Rootkit Property: Normal File Size: 51716 bytes
File: c:\windows\system32\pdh.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5773 Company: Microsoft Corporation Description: Windows Performance Data Helper DLL Original FileName: PDH.DLL File Version Label: 5.1.2600.5773 (xpsp_sp3_gdr.090306-1225) File Version Number: 5.1.2600.5773 SHA-1 Digest: 0x8BD42FC0E89066C9FCB7638058CB0591A4240B68 MD5 Digest: 0x62CF83A6989312A0DD39BBFFB3D1C166 CRC32 Digest: 0x8AA81D2A Rootkit Property: Normal File Size: 284160 bytes
File: c:\windows\system32\pdprdlg.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x5716DC1685075150F6C7DB298EC18A8F8CD2D2E0 MD5 Digest: 0xAF974F21B7D02F490E2B835E98258BBA CRC32 Digest: 0x5E9F9627 Rootkit Property: Normal File Size: 139264 bytes
File: c:\windows\system32\pdresrc.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0xE6BFC46E3B8BEF7D487D6BD7A7657C8DA08BEE5F MD5 Digest: 0xDE28AE480416BD1CBBF89024981E92F9 CRC32 Digest: 0x5BACA234
Rootkit Property: Normal File Size: 36864 bytes
File: c:\windows\system32\pds.dll Product: Intel Common Base Agent Product Version: 6.12.0.142 Company: LANDesk Software Ltd. Description: PDS API Original FileName: PDS.DLL File Version Label: 6.12.0.142 E File Version Number: 6.12.0.142 SHA-1 Digest: 0x203D6CB147B42DBB6A97D971093A6A1FEE75C224 MD5 Digest: 0x9FA002C00AFBBF4599B86B2E195737FB CRC32 Digest: 0xB755EF97 Rootkit Property: Normal File Size: 83752 bytes
File: c:\windows\system32\perfdisk.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Disk Performance Objects DLL Original FileName: PERFDISK.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x0C18F274BC5DF869D6674C9116600AC93E05FB38 MD5 Digest: 0xABFB673B24A9B3287761D497529FB5B9 CRC32 Digest: 0xCE5E0F7A Rootkit Property: Normal File Size: 26624 bytes
File: c:\windows\system32\perfos.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows System Performance Objects DLL Original FileName: PERFOS.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2A81B74E85E47B0A7550B770691CE1E0545C2A37 MD5 Digest: 0xACDAFCD14EC0ECE89198503746A5C147 CRC32 Digest: 0x9FA2759E Rootkit Property: Normal File Size: 25088 bytes
File: c:\windows\system32\pjlmon.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: PJL Language monitor
Original FileName: PJLMON.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2BFF971DA5E020F06279776F5A381A823E84C552 MD5 Digest: 0x222DE7F5EDB9DDBE628384A1A8BE59CE CRC32 Digest: 0x84B5D55E Rootkit Property: Normal File Size: 15360 bytes
File: c:\windows\system32\portabledeviceapi.dll Product: Microsoft Windows Operating System Product Version: 5.2.5721.5262 Company: Microsoft Corporation Description: Windows Portable Device API Components Original FileName: PortableDeviceApi.dll File Version Label: 5.2.5721.5262 (WMP_11.090130-1421) File Version Number: 5.2.5721.5262 SHA-1 Digest: 0x6B2D75973059CC297C21FE8872A415B9F12DFC95 MD5 Digest: 0xE132AD94798E72ACB650E985984C7F58 CRC32 Digest: 0x3AF598ED Rootkit Property: Normal File Size: 254976 bytes
File: c:\windows\system32\powrprof.dll Product: Microsoft Windows Operating System
Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Power Profile Helper DLL Original FileName: POWRPROF.DLL File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0xA7D14F0DA81B0F10C748936AF8C3E93566F92AE5 MD5 Digest: 0x50A166237A0FA771261275A405646CC0 CRC32 Digest: 0x278004AF Rootkit Property: Normal File Size: 17408 bytes
File: c:\windows\system32\profmap.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Userenv Original FileName: userenv.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xE2E7BD2B2EDA2510301398F230E2AE4B8845A5B7 MD5 Digest: 0xFCFA1C55971CC229D353B3A15ACCD995 CRC32 Digest: 0x3D414BA2 Rootkit Property: Normal File Size: 27648 bytes
File: c:\windows\system32\psapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Process Status Helper Original FileName: PSAPI File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB31A80D13C4E9DC5409F43C1B146ED2FF6DF3F1B MD5 Digest: 0x9CFCB3CA3D83B4EAA133F0644A2C6F31 CRC32 Digest: 0x75BBDCAD Rootkit Property: Normal File Size: 23040 bytes
File: c:\windows\system32\psbase.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Protected Storage default provider Original FileName: psbase.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x86CED32C6FA6343EBAF31AEA2E1C60E05BEE37F0 MD5 Digest: 0x22D89D84E8E081CDA529DBF8C0255A38
CRC32 Digest: 0xA2E621AA Rootkit Property: Normal File Size: 96768 bytes
File: c:\windows\system32\pstorsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Protected storage server Original FileName: Protected storage server File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x933A8424844CE4DE11B82091F96733B8D7FC77C1 MD5 Digest: 0x853D0D0C6F02D7BFDF1CF99DD7553732 CRC32 Digest: 0x4ADEDA3C Rootkit Property: Normal File Size: 34304 bytes
File: c:\windows\system32\qagentrt.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Quarantine Agent Service Run-Time Original FileName: QAgentRT.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5EBE9135EB6F1C7D3C0413C2AD341E330E50694F MD5 Digest: 0x0102140028FAD045756796E1C685D695 CRC32 Digest: 0xF6C84EE9 Rootkit Property: Normal File Size: 291328 bytes
File: c:\windows\system32\qcap.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 6.5.2600.5512 SHA-1 Digest: 0x8D14E32C4206F79A11DB6804FD332B80F976DCDA MD5 Digest: 0x54B0324241BBF3642159918F9A4F16FB CRC32 Digest: 0x93FFA4C3 Rootkit Property: Normal File Size: 192512 bytes
File: c:\windows\system32\qdvd.dll Product: Product Version: Company:
Description: Original FileName: File Version Label: File Version Number: 6.5.2600.5512 SHA-1 Digest: 0x71C576BDE540384ABCE169492C864E16127E4F11 MD5 Digest: 0x56C2D16EB8E6F48F25A1D603AF3C9584 CRC32 Digest: 0x01B955D2 Rootkit Property: Normal File Size: 386048 bytes
File: c:\windows\system32\qedit.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 6.5.2600.5512 SHA-1 Digest: 0x4FB136A79B1EF83411408E7A6C0B808E5DEB4B72 MD5 Digest: 0x0E07F36810F52B580B8A27E67D34D860 CRC32 Digest: 0xAC503C53 Rootkit Property: Normal File Size: 562176 bytes
File: c:\windows\system32\qmgr.dll
Product: Microsoft Windows Operating System Product Version: 6.7.2600.5512 Company: Microsoft Corporation Description: Background Intelligent Transfer Service Original FileName: qmgr.dll File Version Label: 6.7.2600.5512 (xpsp.080413-2108) File Version Number: 6.7.2600.5512 SHA-1 Digest: 0x164E9CE62B4CA39A47872B831C316B97CACC1B7A MD5 Digest: 0x574738F61FCA2935F5265DC4E5691314 CRC32 Digest: 0x52E2619B Rootkit Property: Normal File Size: 409088 bytes
File: c:\windows\system32\quartz.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 6.5.2600.5933 SHA-1 Digest: 0xD2550CFF54EAEF25CC35B68E709F18C752117D63 MD5 Digest: 0x49804C9E6B0B709A0B607DB7E9462AA3 CRC32 Digest: 0xC4A59DCC Rootkit Property: Normal
File Size: 1291776 bytes
File: c:\windows\system32\qutil.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Quarantine Utilities Original FileName: QUtil.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x392C8EB70A466005241A3CCA65DF373291646446 MD5 Digest: 0x8AE93AACC648921BAACB8602991AC4B3 CRC32 Digest: 0x50936CDD Rootkit Property: Normal File Size: 76800 bytes
File: c:\windows\system32\rasadhlp.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Remote Access AutoDial Helper Original FileName: rasadhlp.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x6FDFFDB27F09C9414913E2B56526CE9884520C66
MD5 Digest: 0x6F9BEF24C578D5D6740E080BEDD6A448 CRC32 Digest: 0x3AB3D6CF Rootkit Property: Normal File Size: 7680 bytes
File: c:\windows\system32\rasapi32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Remote Access API Original FileName: rasapi32.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2B764E033D62D37765392A55774C44D8D6E9414F MD5 Digest: 0x92C4F48B62B0B876194584C3FF09CCB6 CRC32 Digest: 0x770061DC Rootkit Property: Normal File Size: 237056 bytes
File: c:\windows\system32\rasauto.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Remote Access AutoDial Manager Original FileName: rasauto.dll
File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x039C0AF32C5121FA10D77E599A3B3D632F48E92A MD5 Digest: 0xAD188BE7BDF94E8DF4CA0A55C00A5073 CRC32 Digest: 0x84EC1C81 Rootkit Property: Normal File Size: 88576 bytes
File: c:\windows\system32\raschap.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5886 Company: Microsoft Corporation Description: Remote Access PPP CHAP Original FileName: raschap.dll File Version Label: 5.1.2600.5886 (xpsp_sp3_gdr.091012-1253) File Version Number: 5.1.2600.5886 SHA-1 Digest: 0x88907FB57B371BCC86D5A05EEFFCE084E64F2F31 MD5 Digest: 0x56CE97FF94B7662A300D359CD6F4D601 CRC32 Digest: 0xC15CF2BE Rootkit Property: Normal File Size: 79872 bytes
File: c:\windows\system32\rasdlg.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: Remote Access Common Dialog API Original FileName: rasdlg.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x435219FA31B2B30AA6DA64C82D63D9CCC6B7F03E MD5 Digest: 0x401A8C0BE0BAA7D7A470F0942244152D CRC32 Digest: 0xB70596BD Rootkit Property: Normal File Size: 658432 bytes
File: c:\windows\system32\rasman.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Remote Access Connection Manager Original FileName: Rasman.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xAB8EAD1EA84AEC88420D0536D67C522080BAF1C5 MD5 Digest: 0x4DEF926F6A0545AE486A03C84F2EE482 CRC32 Digest: 0x17F7DF86 Rootkit Property: Normal File Size: 61440 bytes
File: c:\windows\system32\rasmans.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Remote Access Connection Manager Original FileName: Rasmans.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xC126E4DA985441F7ED3A406EB23672880BD479CA MD5 Digest: 0x76A9A3CBEADD68CC57CDA5E1D7448235 CRC32 Digest: 0xFDF0D491 Rootkit Property: Normal File Size: 186368 bytes
File: c:\windows\system32\rasppp.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Remote Access PPP Original FileName: rasppp.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x621A9BAAC17592C4F298B57EFF32B4F1D652F5E4 MD5 Digest: 0xD0545A010ED2259A740C8414899A938F CRC32 Digest: 0x39664D4C
Rootkit Property: Normal File Size: 210944 bytes
File: c:\windows\system32\rasqec.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: RAS Quarantine Enforcement Client Original FileName: Rasqec.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x43E685B935C13B989C6E66F5BB1DFB5C90340AB8 MD5 Digest: 0xA655C88AA555BB8EF8957BD29408827F CRC32 Digest: 0xBED66C90 Rootkit Property: Normal File Size: 61952 bytes
File: c:\windows\system32\rastapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Remote Access TAPI Compliance Layer Original FileName: Rastapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x0357A3DD57AF6714E164EBD444BC6A8E749D82F4 MD5 Digest: 0x5F7692CEC90E2E9AA32CD58321E234B8 CRC32 Digest: 0xF10B1051 Rootkit Property: Normal File Size: 58368 bytes
File: c:\windows\system32\rastls.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5886 Company: Microsoft Corporation Description: Remote Access PPP EAP-TLS Original FileName: rastls.dll File Version Label: 5.1.2600.5886 (xpsp_sp3_gdr.091012-1253) File Version Number: 5.1.2600.5886 SHA-1 Digest: 0x78A6676B45145741F58E639D8ED4B66FD133B1F9 MD5 Digest: 0xA39BE37C9237DB5F1990D61B268EA555 CRC32 Digest: 0xC19C24D0 Rootkit Property: Normal File Size: 149504 bytes
File: c:\windows\system32\regapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Registry Configuration APIs
Original FileName: regapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x0B43CC40011A36366D3490973E82BCD162BB93DA MD5 Digest: 0xAF11C591F2F4AFF4A6CF699D376F618B CRC32 Digest: 0xBED16F0E Rootkit Property: Normal File Size: 49664 bytes
File: c:\windows\system32\regsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Remote Registry Service Original FileName: REGSVC.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD6CB5C67E557B76303CC61EF72694B7B8F9013A5 MD5 Digest: 0x5B19B557B0C188210A56A6B699D90B8F CRC32 Digest: 0xC89570EB Rootkit Property: Normal File Size: 59904 bytes
File: c:\windows\system32\resutils.dll Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Cluster Resource Utility DLL Original FileName: resutils File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x72B3940D66F245B158582BD54B882313C0B5E7D8 MD5 Digest: 0xF51EBB6FC536A6B2D588FD668D3A8249 CRC32 Digest: 0x69706896 Rootkit Property: Normal File Size: 58880 bytes
File: c:\windows\system32\riched20.dll Product: Microsoft RichEdit Control, version 3.0 Product Version: 3.0 Company: Microsoft Corporation Description: Rich Text Edit Control, v3.0 Original FileName: riched20.dll File Version Label: 5.30.23.1230 File Version Number: 5.30.23.1230 SHA-1 Digest: 0xA9A7D69448D44BF2BBCB61514BDEE9658D12B0E4 MD5 Digest: 0xC1FAEA15E41F62D7BFA7FBC395C24BA6 CRC32 Digest: 0xE13FBE07 Rootkit Property: Normal File Size: 433664 bytes
File: c:\windows\system32\riched32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Wrapper Dll for Richedit 1.0 Original FileName: riched32.dll File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0x59903E96E1EDC257A4850D45AD8C63F17454AE9D MD5 Digest: 0xD4931277DF5393E84A48B27DF40914E3 CRC32 Digest: 0x30613B77 Rootkit Property: Normal File Size: 3584 bytes
File: c:\windows\system32\rpcrt4.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.6022 Company: Microsoft Corporation Description: Remote Procedure Call Runtime Original FileName: rpcrt4.dll File Version Label: 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643) File Version Number: 5.1.2600.6022 SHA-1 Digest: 0xED649542CB1C74752EF0FA7CCEBC388339D4E478 MD5 Digest: 0xD4502F124289A31976130CCCB014C9AA
CRC32 Digest: 0xE9ECB923 Rootkit Property: Normal File Size: 590848 bytes
File: c:\windows\system32\rpcss.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5755 Company: Microsoft Corporation Description: Distributed COM Services Original FileName: rpcss.dll File Version Label: 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) File Version Number: 5.1.2600.5755 SHA-1 Digest: 0x7391155A9976797C2072E013FA3C38197B268DE7 MD5 Digest: 0x6B27A5C03DFB94B4245739065431322C CRC32 Digest: 0x87442341 Rootkit Property: Normal File Size: 401408 bytes
File: c:\windows\system32\rsaenh.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5507 Company: Microsoft Corporation Description: Microsoft Enhanced Cryptographic Provider Original FileName: rsaenh.dll File Version Label: 5.1.2600.5507 (xpsp.080318-1711)
File Version Number: 5.1.2600.5507 SHA-1 Digest: 0x8E8DD9DB03ED502D915DEE9E4F9FD3F10593E27C MD5 Digest: 0x54DAE3EA34802B4ED9AE1C6B1209FA56 CRC32 Digest: 0x3D3E2E74 Rootkit Property: Normal File Size: 208384 bytes
File: c:\windows\system32\rsvp.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.0 Company: Microsoft Corporation Description: Microsoft RSVP Original FileName: rsvp.exe File Version Label: 5.1.2600.0 (xpclient.010817-1148) File Version Number: 5.1.2600.0 SHA-1 Digest: 0xF3AFA282797985C7AD0E48D6D236BE2EF93FD4B9 MD5 Digest: 0x471B3F9741D762ABE75E9DEEA4787E47 CRC32 Digest: 0x9FF36E74 Rootkit Property: Normal File Size: 132608 bytes
File: c:\windows\system32\rsvpsp.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: Microsoft Windows Rsvp 1.0 Service Provider Original FileName: rsvpsp.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x980149E92439FF690253EDB335B3F81484F0C5FB MD5 Digest: 0x72451FD61DDBB0A1FB071B7C3CDE5594 CRC32 Digest: 0x8C7577BA Rootkit Property: Normal File Size: 92672 bytes
File: c:\windows\system32\rtutils.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Routing Utilities Original FileName: RTUTILS.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x1878DB387ED7E53FFD7B8150C26DDAF51560C447 MD5 Digest: 0x876CCF164E08D6B903CD14398E056DD2 CRC32 Digest: 0x0ECAC511 Rootkit Property: Normal File Size: 44032 bytes
File: c:\windows\system32\samlib.dll
Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: SAM Library DLL Original FileName: SAMLib.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA1D75237CEDC30A45117BA1C2040DDFD9F7BB667 MD5 Digest: 0x8329A39D5A402A75A74301D6A62ECDA1 CRC32 Digest: 0xF7AAF5EE Rootkit Property: Normal File Size: 64000 bytes
File: c:\windows\system32\samsrv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: SAM Server DLL Original FileName: samsrv.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x6BAC2D36C3775FDAB8B3CE06002526C0CAF1D4EE MD5 Digest: 0xF05B8CDB7FE0E55DCCFB1D946CE80064 CRC32 Digest: 0x5DAA448B Rootkit Property: Normal
File Size: 415744 bytes
File: c:\windows\system32\scardsvr.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Smart Card Resource Management Server Original FileName: SCardSvr.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x473F1F9D753CE9F5438DC747E464F4D9CBF8D1B6 MD5 Digest: 0x86D007E7A654B9A71D1D7D856B104353 CRC32 Digest: 0x22D15646 Rootkit Property: Normal File Size: 95744 bytes
File: c:\windows\system32\scecli.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Security Configuration Editor Client Engine Original FileName: scecli File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x3A3535122DA168A549D2007123E9AE06146F2002
MD5 Digest: 0xA86BB5E61BF3E39B62AB4C7E7085A084 CRC32 Digest: 0x72380630 Rootkit Property: Normal File Size: 181248 bytes
File: c:\windows\system32\scesrv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Security Configuration Editor Engine Original FileName: scesrv File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5645735BC87F7A0948FD5F04D72A0DE95215C690 MD5 Digest: 0xB24A42A413E694AD73FDFB7FBD492C31 CRC32 Digest: 0x4EFB5F51 Rootkit Property: Normal File Size: 314880 bytes
File: c:\windows\system32\schannel.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.6006 Company: Microsoft Corporation Description: TLS / SSL Security Provider Original FileName: schannel.dll
File Version Label: 5.1.2600.6006 (xpsp_sp3_gdr.100629-1818) File Version Number: 5.1.2600.6006 SHA-1 Digest: 0xEEFFE7CA576150637A240C658F89BD526D51E894 MD5 Digest: 0x30ACE70B3C0242F0D1AC3B4FA708710F CRC32 Digest: 0xCB363DC4 Rootkit Property: Normal File Size: 149504 bytes
File: c:\windows\system32\schedsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Task Scheduler Engine Original FileName: schedsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x758C9FB6F57EE6756837EFB4E0B453467E90633B MD5 Digest: 0x0A9A7365A1CA4319AA7C1D6CD8E4EAFA CRC32 Digest: 0x0F0B6BC3 Rootkit Property: Normal File Size: 192512 bytes
File: c:\windows\system32\sclgntfy.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: Secondary Logon Service Notification DLL Original FileName: SCLGNTFY.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x86840F7152371D7AA669D6EC424FA0A8E2330CC6 MD5 Digest: 0x63FF9068E5BDA0BC9ECD38FBBB216E24 CRC32 Digest: 0xAB2B1EAF Rootkit Property: Normal File Size: 20480 bytes
File: c:\windows\system32\seclogon.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Secondary Logon Service DLL Original FileName: SECLOGON.EXE File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5C4AB46327948B6B877EB0076461F9AD91B0717C MD5 Digest: 0xCBE612E2BB6A10E3563336191EDA1250 CRC32 Digest: 0xC88D3600 Rootkit Property: Normal File Size: 18944 bytes
File: c:\windows\system32\secur32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5834 Company: Microsoft Corporation Description: Security Support Provider Interface Original FileName: security.dll File Version Label: 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305) File Version Number: 5.1.2600.5834 SHA-1 Digest: 0x9A593CBB1A335A58B168007CCBB2DC162CF68845 MD5 Digest: 0x5357826C8A8DD6A07F17C48BB45BE46E CRC32 Digest: 0x3D0002B7 Rootkit Property: Normal File Size: 56832 bytes
File: c:\windows\system32\selnt.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0 SHA-1 Digest: 0x612EB2C742D93F4E5B078ADD6D9CE6FAE28C71FB MD5 Digest: 0x3F806DB86057B458759E8021367B8BED CRC32 Digest: 0x09DA545A
Rootkit Property: Normal File Size: 118784 bytes
File: c:\windows\system32\sens.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: System Event Notification Service (SENS) Original FileName: sens.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x39051EBA6C2A27336D3A8056B0813C21FC595E7D MD5 Digest: 0x7FDD5D0684ECA8C1F68B4D99D124DCD0 CRC32 Digest: 0x763429BD Rootkit Property: Normal File Size: 39424 bytes
File: c:\windows\system32\sensapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: SENS Connectivity API DLL Original FileName: SensApi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512
SHA-1 Digest: 0x64A18E53100F6DB32C39B34A1C49EB5E2EB6AD0D MD5 Digest: 0x3CBA2210FA39C6ED7895634842E930DD CRC32 Digest: 0x328005C5 Rootkit Property: Normal File Size: 7168 bytes
File: c:\windows\system32\sensor.dll Product: ThinkVantage Active Protection System Product Version: 1.54 Company: Lenovo. Description: ThinkVantage Active Protection System - Shock Sensor Module Original FileName: Sensor.dll File Version Label: 1.54.0.0 File Version Number: 1.54.0.0 SHA-1 Digest: 0xF536E41B173C23CEDDFFB81B3852721D42957D61 MD5 Digest: 0xA851D183453D80C34C4439469DF91871 CRC32 Digest: 0x935A8790 Rootkit Property: Normal File Size: 20264 bytes
File: c:\windows\system32\services.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5755 Company: Microsoft Corporation Description: Services and Controller app
Original FileName: services.exe File Version Label: 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) File Version Number: 5.1.2600.5755 SHA-1 Digest: 0xDE3701D2C03D9AE29B2D87ECCAFBBCADF1BFB7E3 MD5 Digest: 0x65DF52F5B8B6E9BBD183505225C37315 CRC32 Digest: 0x6D10AC3D Rootkit Property: Normal File Size: 110592 bytes
File: c:\windows\system32\sessmgr.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Remote Desktop Help Session Manager Original FileName: SessMgr.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFCAA4B2EE3964183797BC8336B946E59E90D182A MD5 Digest: 0x3C37BF86641BDA977C3BF8A840F3B7FA CRC32 Digest: 0x10EABD87 Rootkit Property: Normal File Size: 141312 bytes
File: c:\windows\system32\setupapi.dll Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Setup API Original FileName: SETUPAPI.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x8109DF4E050264532BB5757E9DA4AE12E29B800F MD5 Digest: 0x24192246760E0E64435522E246B1D6C2 CRC32 Digest: 0xE6D51D9A Rootkit Property: Normal File Size: 985088 bytes
File: c:\windows\system32\sfc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows File Protection Original FileName: sfc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xEAC3E355EE3242743D2DFBBC12C47C34B4A13DAA MD5 Digest: 0x96E1C926F22EE1BFBAE82901A35F6BF3 CRC32 Digest: 0x5058DDEF Rootkit Property: Normal File Size: 5120 bytes
File: c:\windows\system32\sfc_os.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows File Protection Original FileName: sfc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x7E12051C5FAA2ABF0107A606B43A9A2528393224 MD5 Digest: 0x6B5DB6789177A4FD0DEBC248041D0739 CRC32 Digest: 0x296E5930 Rootkit Property: Normal File Size: 140288 bytes
File: c:\windows\system32\shdocvw.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.6003 Company: Microsoft Corporation Description: Shell Doc Object and Control Library Original FileName: SHDOCVW.DLL File Version Label: 6.00.2900.6003 (xpsp_sp3_gdr.100623-1635) File Version Number: 6.0.2900.6003 SHA-1 Digest: 0x6121EF8E4C16ED84E6E707C7F6911E4C2107F161 MD5 Digest: 0x900F427863AFA5634CB6ADF9604C735D
CRC32 Digest: 0xEA4A7032 Rootkit Property: Normal File Size: 1509888 bytes
File: c:\windows\system32\shell32.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.6018 Company: Microsoft Corporation Description: Windows Shell Common Dll Original FileName: SHELL32.DLL File Version Label: 6.00.2900.6018 (xpsp_sp3_gdr.100726-1746) File Version Number: 6.0.2900.6018 SHA-1 Digest: 0x1C26A71195ED1158069E97BB826B317FD8DC5C57 MD5 Digest: 0x304CFF53C9C9BEB03607ABE94A8FC781 CRC32 Digest: 0x73D4EFBD Rootkit Property: Normal File Size: 8462336 bytes
File: c:\windows\system32\shfolder.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Shell Folder Service Original FileName: shfolder.dll File Version Label: 6.00.2900.5512 (xpsp.080413-2105)
File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x374CD24B1F7EF578EE9198D68BC34C3D7783A987 MD5 Digest: 0xC14AA05881A35B6D6BB8D55B117EE22D CRC32 Digest: 0x8009EA65 Rootkit Property: Normal File Size: 25088 bytes
File: c:\windows\system32\shgina.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Windows Shell User Logon Original FileName: SHGINA.DLL File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x4D1B73D14ADD580FDE84F452836CBDFBE2AA3189 MD5 Digest: 0xE5EDBD51476DB5001ABF5C82AE5C3DD1 CRC32 Digest: 0xBD6F53AD Rootkit Property: Normal File Size: 68096 bytes
File: c:\windows\system32\shimeng.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: Shim Engine DLL Original FileName: Shim Engine DLL (IAT) File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2AB219118AE324684EB7AAAF72EB4D9360ADE81F MD5 Digest: 0x1F03103598BD817B1078DAB1326DDE11 CRC32 Digest: 0xD62E0F40 Rootkit Property: Normal File Size: 65024 bytes
File: c:\windows\system32\shimgvw.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Windows Picture and Fax Viewer Original FileName: shimgvw.dll File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x2E6B8B3277C0BDFEC7913CBE85EBD59DD684E355 MD5 Digest: 0xCC16718E92E558F22048D5C046D4DE6B CRC32 Digest: 0x53A8D8C0 Rootkit Property: Normal File Size: 438272 bytes
File: c:\windows\system32\shlwapi.dll
Product: Microsoft Windows Operating System Product Version: 6.00.2900.5912 Company: Microsoft Corporation Description: Shell Light-weight Utility Library Original FileName: SHLWAPI.DLL File Version Label: 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454) File Version Number: 6.0.2900.5912 SHA-1 Digest: 0x81F36E4F58C0482984A58114A514C58666EEB791 MD5 Digest: 0xC448A248B743F5FB935C787A5D97268B CRC32 Digest: 0xBDFA6F45 Rootkit Property: Normal File Size: 474112 bytes
File: c:\windows\system32\shmgrate.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows NT User Data Migration Tool Original FileName: shmgrate File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA758D0C6A98264BD0425AB4B5593E868C6BBCF9A MD5 Digest: 0x2B86C9EEE08AF3B536203F1A13B464B5 CRC32 Digest: 0xE8FEED1B Rootkit Property: Normal
File Size: 45056 bytes
File: c:\windows\system32\shscrap.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Shell scrap object handler Original FileName: SHSCRAP.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xE93B4B76F5A733BE953D55C8A7F803859742B947 MD5 Digest: 0xBB6DF8EC2F2AAF61DE7CF7E721AF963A CRC32 Digest: 0x4CC1DD4D Rootkit Property: Normal File Size: 27648 bytes
File: c:\windows\system32\shsvcs.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Windows Shell Services Dll Original FileName: SHSVCS.DLL File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x5738989E5C1300D3E4DE70FF1E5C91EBC025C825
MD5 Digest: 0x1926899BF9FFE2602B63074971700412 CRC32 Digest: 0xB07EEB13 Rootkit Property: Normal File Size: 135168 bytes
File: c:\windows\system32\sl_anet.acm Product: ACELP.net Audio Codec Product Version: 3.02 Company: Sipro Lab Telecom Inc. Description: Audio codec for MS ACM Original FileName: sl_anet.acm File Version Label: 3.02 File Version Number: 3.2.0.0 SHA-1 Digest: 0x147EFE268723A559A4C1552C4DB4C38C58824129 MD5 Digest: 0x0DBB250A89E2E1C9281009AC269F0805 CRC32 Digest: 0x7C58F9A4 Rootkit Property: Normal File Size: 86016 bytes
File: c:\windows\system32\smlogsvc.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Performance Logs and Alerts Service Original FileName: SMLOGSVC.EXE
File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x8CFB37BA72DA56B08EB5637732EFB10C1494320C MD5 Digest: 0xC7ABBC59B43274B1109DF6B24D617051 CRC32 Digest: 0x3363558C Rootkit Property: Normal File Size: 89600 bytes
File: c:\windows\system32\smss.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows NT Session Manager Original FileName: smss.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x406503E95E8BF9B387B201AAC141520E5F266FF4 MD5 Digest: 0x5F816C1F539266D2D4C78694239DA0B5 CRC32 Digest: 0xAA6D1970 Rootkit Property: Normal File Size: 50688 bytes
File: c:\windows\system32\snmpapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: SNMP Utility Library Original FileName: snmpapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x1D85CAE59C91F1EEC53266C3442E6EB6AF40F7E6 MD5 Digest: 0x5C1F0537E61F87B435F56E00B4F20EE8 CRC32 Digest: 0x849DBEB4 Rootkit Property: Normal File Size: 18944 bytes
File: c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll Product: Microsoft Windows Operating System Product Version: 6.0.6001.22204 Company: Microsoft Corporation Description: Microsoft XPS Document Writer Original FileName: MXDWDRV.DLL File Version Label: 6.0.6001.22204 (vistasp1_ldr.080616-1509) File Version Number: 0.3.6001.22204 SHA-1 Digest: 0xCAF9532BC74B902B5D898D8F19926F82F8169BC9 MD5 Digest: 0x63B6E4C603FBDE9299BA77B721265712 CRC32 Digest: 0x3B0DE8D3 Rootkit Property: Normal File Size: 765440 bytes
File: c:\windows\system32\spool\drivers\w32x86\3\ts#tsc-u.dll Product: TSPL Driver Product Version: 7.1.6 M-6 Company: Seagull Scientific, Inc. Description: TSPL Driver Original FileName: tsc-u.dll File Version Label: 7.1.6.6 File Version Number: 7.1.6.6 SHA-1 Digest: 0xF071F090E93CB2A4F9473C668F67234BC1A99821 MD5 Digest: 0x82D774E89BBBC7FD2640A6147844A036 CRC32 Digest: 0x67640DC1 Rootkit Property: Normal File Size: 1988752 bytes
File: c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll Product: Microsoft Windows Operating System Product Version: 6.0.6001.22116 Company: Microsoft Corporation Description: UniDriver User Interface Original FileName: UNIDRVUI.DLL File Version Label: 6.0.6001.22116 (vistasp1_ldr.080215-1730) File Version Number: 0.3.6001.22116 SHA-1 Digest: 0x1CB16CACF32C7EA7FAC5A6F4B0AB949232B5528E MD5 Digest: 0x3182F47A67F86B5DD991E0FB7659D0E3 CRC32 Digest: 0x1BD47B11
Rootkit Property: Normal File Size: 744960 bytes
File: c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll Product: Microsoft Windows Operating System Product Version: 6.1.2600.5635 Company: Microsoft Corporation Description: Print Filter Pipeline Proxy Original FileName: PrintFilterPipelinePrxy.dll File Version Label: 6.1.2600.5635 (xpsp_sp3_qfe.080704-1744) File Version Number: 6.1.2600.5635 SHA-1 Digest: 0x9509730862C86C7CBB74527BE332ACD5BAF4A97E MD5 Digest: 0xEEE7F12D9FF46F68FBC0DA059A359E9E CRC32 Digest: 0x5472E43E Rootkit Property: Normal File Size: 89088 bytes
File: c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll Product: Microsoft Office Document Imaging Product Version: 11.3.8166.2 Company: Microsoft Corporation Description: Microsoft Document Imaging Original FileName: MSPCORE.DLL File Version Label: 11.3.8166.2 File Version Number: 0.3.8166.2
SHA-1 Digest: 0x057910EFEB333D960CB1F1A23F4A7054B916DBC5 MD5 Digest: 0xEA8647A21BCB56C5F15712D4B7407501 CRC32 Digest: 0x128A032C Rootkit Property: Normal File Size: 28552 bytes
File: c:\windows\system32\spoolss.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Spooler SubSystem DLL Original FileName: spoolss.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFF496883F453E05C7266C817D167CD6BFE510309 MD5 Digest: 0x79E3A8C328E7E569C32B0998377D9742 CRC32 Digest: 0x8CA02048 Rootkit Property: Normal File Size: 75264 bytes
File: c:\windows\system32\spoolsv.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.6024 Company: Microsoft Corporation Description: Spooler SubSystem App
Original FileName: spoolsv.exe File Version Label: 5.1.2600.6024 (xpsp_sp3_gdr.100817-1626) File Version Number: 5.1.2600.6024 SHA-1 Digest: 0xE6E904B84332191D44DE729DEB7BFED9BCEF2CE9 MD5 Digest: 0x60784F891563FB1B767F70117FC2428F CRC32 Digest: 0x913C6AAE Rootkit Property: Normal File Size: 58880 bytes
File: c:\windows\system32\srsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: System Restore Service Original FileName: SERVICE.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x09746DBE84432BA54C6DC0B363BA716331C10975 MD5 Digest: 0x3805DF0AC4296A34BA4BF93B346CC378 CRC32 Digest: 0xE6103E47 Rootkit Property: Normal File Size: 171008 bytes
File: c:\windows\system32\srvsvc.dll Product: Microsoft Windows Operating System
Product Version: 5.1.2600.6031 Company: Microsoft Corporation Description: Server Service DLL Original FileName: SRVSVC.DLL File Version Label: 5.1.2600.6031 (xpsp_sp3_gdr.100826-1646) File Version Number: 5.1.2600.6031 SHA-1 Digest: 0x064DEE60E5F82259247A665B59214C14496A2730 MD5 Digest: 0x3A7C3CBE5D96B8AE96CE81F0B22FB527 CRC32 Digest: 0x1E5B488A Rootkit Property: Normal File Size: 99840 bytes
File: c:\windows\system32\ssdpsrv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: SSDP Service DLL Original FileName: ssdpsrv.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x8E9F64025F2A29CB7BC933DD2306C40BFD5FD04E MD5 Digest: 0x0A5679B3714EDAB99E357057EE88FCA6 CRC32 Digest: 0xD5853B1F Rootkit Property: Normal File Size: 71680 bytes
File: c:\windows\system32\ssnetmon.dll Product: Seagull Printer Drivers Product Version: 7.1.6 Company: Seagull Scientific, Inc. Description: Seagull Network Monitor Original FileName: ssnetmon.dll File Version Label: 7.1.6 File Version Number: 7.1.6.0 SHA-1 Digest: 0xA2B707B65CC5F05870DB5D050F49B948A1A69C65 MD5 Digest: 0x1F19FD17ABED39CBC8132BB976B5410D CRC32 Digest: 0xF355FC61 Rootkit Property: Normal File Size: 666768 bytes
File: c:\windows\system32\sti.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Still Image Devices client DLL Original FileName: STI.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x707EF7D5DE7FF952D76703F113FF69920E4F56AA MD5 Digest: 0x3CAEAE7608F1BD7BA873A3B02895B106
CRC32 Digest: 0x1E67ACB2 Rootkit Property: Normal File Size: 68096 bytes
File: c:\windows\system32\stobject.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Systray shell service object Original FileName: stobject.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x28AB6FCB581D93488B826473EC57B9D9C485EFCB MD5 Digest: 0x50512FC9B7878E3C2C147BC17326A7DB CRC32 Digest: 0xE1DE7115 Rootkit Property: Normal File Size: 121856 bytes
File: c:\windows\system32\svchost.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Generic Host Process for Win32 Services Original FileName: svchost.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2111)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x49083AE3725A0488E0A8FBBE1335C745F70C4667 MD5 Digest: 0x27C6D03BCDB8CFEB96B716F3D8BE3E18 CRC32 Digest: 0x6EF02438 Rootkit Property: Normal File Size: 14336 bytes
File: c:\windows\system32\sxs.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Fusion 2.5 Original FileName: SXS.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xC7C0702F8EE09D5D5DA9B9A2995E41B15622E619 MD5 Digest: 0x694503348B586E99D56C0E30AB5B3EF8 CRC32 Digest: 0x62C7C517 Rootkit Property: Normal File Size: 713216 bytes
File: c:\windows\system32\symneti.dll Product: Symantec Security Drivers Product Version: 6.0 Company: Symantec Corporation
Description: Symantec Network Driver Interface Original FileName: SymNeti.dll File Version Label: 6.0.4.402 File Version Number: 6.0.4.402 SHA-1 Digest: 0x63D01F94B352CEF3B7A4314C563221028F7A8127 MD5 Digest: 0xFED2AD326C4F022F11150C9185AFB664 CRC32 Digest: 0xBDACDBE7 Rootkit Property: Normal File Size: 534208 bytes
File: c:\windows\system32\symredir.dll Product: Symantec Security Drivers Product Version: 6.0 Company: Symantec Corporation Description: Redirector Interface DLL Original FileName: SYMREDIR File Version Label: 6.0.4.402 File Version Number: 6.0.4.402 SHA-1 Digest: 0x89EF87316FB73449C8B7E35F2B332152E7A28F84 MD5 Digest: 0xB8AB01047192F91E828FE965E69DCFBC CRC32 Digest: 0x802CBC3D Rootkit Property: Normal File Size: 161472 bytes
File: c:\windows\system32\syncom.dll
Product: COM SDK Product Version: 7.5.17.25 10Aug07 Company: Synaptics, Inc. Description: SynCOM Original FileName: SynCOM.dll File Version Label: 7.5.17.25 10Aug07 File Version Number: 7.5.17.25 SHA-1 Digest: 0x0FA9E31ED7F78EF92A67E3BF7F8EA93FEF92921F MD5 Digest: 0x35AB3ECD0E2060A470AA02E0EE0B653A CRC32 Digest: 0xE5469C45 Rootkit Property: Normal File Size: 73728 bytes
File: c:\windows\system32\syntpapi.dll Product: Progressive Touch Product Version: 7.5.17.25 10Aug07 Company: Synaptics, Inc. Description: SynTPAPI Original FileName: SynTPAPI.dll File Version Label: 7.5.17.25 10Aug07 File Version Number: 7.5.17.25 SHA-1 Digest: 0xE6E749109D87304DBA37DFB87076628839D742AF MD5 Digest: 0xD09E6A7AEF03459FC782364496F3963C CRC32 Digest: 0x2217B8F7 Rootkit Property: Normal
File Size: 94208 bytes
File: c:\windows\system32\syntpfcs.dll Product: Progressive Touch Product Version: 7.5.17.25 10Aug07 Company: Synaptics, Inc. Description: SynTPFcs Original FileName: SynTPFcs.dll File Version Label: 7.5.17.25 10Aug07 File Version Number: 7.5.17.25 SHA-1 Digest: 0xBBEA45AA6663CCB02C4668383F3BAEC919AA5F57 MD5 Digest: 0x833562F810720A242063FAD354C3A602 CRC32 Digest: 0x844498C8 Rootkit Property: Normal File Size: 65536 bytes
File: c:\windows\system32\tapi32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Windows(TM) Telephony API Client DLL Original FileName: TAPI32.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xDCC43381656ECEC8CA33D202A078ED766DCE9CBF
MD5 Digest: 0x00AABF131B4823785818DB99A075A313 CRC32 Digest: 0xD3D0A559 Rootkit Property: Normal File Size: 181760 bytes
File: c:\windows\system32\tapisrv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Windows(TM) Telephony Server Original FileName: TAPISRV.EXE File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x16876B6B89618DC2FDA408B9A1BD2BD7C7FC547A MD5 Digest: 0x3CB78C17BB664637787C9A1C98F79C38 CRC32 Digest: 0x5797C77E Rootkit Property: Normal File Size: 249856 bytes
File: c:\windows\system32\tcpmib.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Standard TCP/IP Port Monitor Helper DLL Original FileName: tcpmib.dll
File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2F98B13B18CB26187B3F3F39894E87F9E4249CF7 MD5 Digest: 0x8357809E111E09393633039769D96281 CRC32 Digest: 0x13843F38 Rootkit Property: Normal File Size: 14848 bytes
File: c:\windows\system32\tcpmon.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Standard TCP/IP Port Monitor DLL Original FileName: tcpmon.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xED3EE1054E98AC224CE9662E469C6386FB515253 MD5 Digest: 0xAE0382AD9C73D343D85E1A50C80B7C20 CRC32 Digest: 0x8ABC138C Rootkit Property: Normal File Size: 45568 bytes
File: c:\windows\system32\termsrv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: Terminal Server Service Original FileName: termsrv.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x86773AED393573D4BD59481185910BBAAF85790F MD5 Digest: 0xFF3477C03BE7201C294C35F684B3479F CRC32 Digest: 0xE086DA80 Rootkit Property: Normal File Size: 295424 bytes
File: c:\windows\system32\themeui.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Windows Theme API Original FileName: ThemeUI.DLL File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x0B9C56F1184DE6E775AE176D0D82102D62C721B5 MD5 Digest: 0xA314EEA2A503A8E04085201E436384A5 CRC32 Digest: 0xB793D462 Rootkit Property: Normal File Size: 385536 bytes
File: c:\windows\system32\tlntsvr.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Telnet Original FileName: tlntsvr.exe File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x1B4296B3D7B5DA0ED84239F1344196486F912276 MD5 Digest: 0xDB7205804759FF62C34E3EFD8A4CC76A CRC32 Digest: 0x3F2843EE Rootkit Property: Normal File Size: 73216 bytes
File: c:\windows\system32\tp4ex.exe Product: TrackPoint Accessibility Features Product Version: 1.11 Company: Lenovo Group Limited Description: TrackPoint Accessibility Features Original FileName: TP4EX.EXE File Version Label: 1.11.00 File Version Number: 1.1.1.0 SHA-1 Digest: 0xAF67A473EB1ECF3003719E5CC86D9E518738A780 MD5 Digest: 0x38F143A10A8E723026499041501B9563 CRC32 Digest: 0xC2A89077
Rootkit Property: Normal File Size: 65536 bytes
File: c:\windows\system32\tphdexlg.exe Product: ThinkVantage Active Protection System Product Version: 1.54 Company: Lenovo. Description: ThinkVantage Active Protection System - HDD Logger Module Original FileName: TPHDEXLG.exe File Version Label: 1.54.0.0 File Version Number: 1.54.0.0 SHA-1 Digest: 0x9DFDDE33B7EDABB92F6A68D4FCEB9A627F320EAA MD5 Digest: 0x3663C0F611711DAC453636AF562F0831 CRC32 Digest: 0xDDCEC38B Rootkit Property: Normal File Size: 37424 bytes
File: c:\windows\system32\tpkmpsvc.exe Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 0.0.0.0
SHA-1 Digest: 0xF7B36CD2437205018F44F3C71F858F4C49462CA9 MD5 Digest: 0xDFB268FF0A6DCB9280015FF527F892FF CRC32 Digest: 0xD4046A5C Rootkit Property: Normal File Size: 32768 bytes
File: c:\windows\system32\tpshocks.exe Product: ThinkVantage Active Protection System Product Version: 1.54 Company: Lenovo. Description: ThinkVantage Active Protection System Original FileName: TpShocks.exe File Version Label: 1.54.0.1 File Version Number: 1.54.0.1 SHA-1 Digest: 0xC3B6DEA18A3F598AE6691590CD810ABEF12312EA MD5 Digest: 0x686CD234BF4B816291A858782C71269B CRC32 Digest: 0xED0AEC48 Rootkit Property: Normal File Size: 181536 bytes
File: c:\windows\system32\trkwks.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Distributed Link Tracking Client
Original FileName: trkwks.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFB900E3DF8FCBD98C3D45414C6F6B67534C5F5FB MD5 Digest: 0x55BCA12F7F523D35CA3CB833C725F54E CRC32 Digest: 0x8B7DDB03 Rootkit Property: Normal File Size: 90112 bytes
File: c:\windows\system32\tsbyuv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5908 Company: Microsoft Corporation Description: Toshiba Video Codec Original FileName: tsbyuv.dll File Version Label: 5.1.2600.5908 (xpsp_sp3_gdr.091127-0541) File Version Number: 5.1.2600.5908 SHA-1 Digest: 0xA9F1AB1581D48C0D29E1E6E9A16B217E2F58BD45 MD5 Digest: 0xB08F8FFBA4570E21A71C38E00CC678E7 CRC32 Digest: 0xE6036469 Rootkit Property: Normal File Size: 8704 bytes
File: c:\windows\system32\tsccvid.dll Product: TechSmith Screen Capture Codec
Product Version: 7.0.0 Company: TechSmith Corporation Description: TechSmith Screen Capture Codec Original FileName: tsccvid.dll File Version Label: 3.0.0 File Version Number: 3.0.0.0 SHA-1 Digest: 0x282A6F0BB43C2AC7B1DC699AA5ECDD8964C4819F MD5 Digest: 0x81C6C0F6A05BF06EC001360A9C7EF476 CRC32 Digest: 0x4FEDA0E9 Rootkit Property: Normal File Size: 594944 bytes
File: c:\windows\system32\tsd32.dll Product: Product Version: Company: Description: Original FileName: File Version Label: File Version Number: 1.3.3.7 SHA-1 Digest: 0x397EBA5DD6DC8C6FF30E9A6A730750BFC70AA028 MD5 Digest: 0x735F504DEEFE4E2AD06360FCE2842DD4 CRC32 Digest: 0x399070E0 Rootkit Property: Normal File Size: 15360 bytes
File: c:\windows\system32\tssoft32.acm Product: DSP GROUP Windows NT(TM) TrueSpeech CODEC Product Version: 1.01 Company: DSP GROUP, INC. Description: DSP Group TrueSpeech(TM) Audio Codec for MSACM V3.50 Original FileName: tssoft32.acm File Version Label: 1.01 File Version Number: 1.1.1.5 SHA-1 Digest: 0x65C82447B37A808BD9664558155F3250CE9B68AE MD5 Digest: 0xE8CD0D7E169ECCE2D4FD829DAAB786ED CRC32 Digest: 0xDD78F4D9 Rootkit Property: Normal File Size: 8192 bytes
File: c:\windows\system32\umpnpmgr.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: User-mode Plug-and-Play Service Original FileName: Umpnpmgr.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x65AE55788D0CAD92E165889C154AC64D9F0598B6 MD5 Digest: 0x2EDFC2A8893435723AD80481803C6D5C
CRC32 Digest: 0x0AADB901 Rootkit Property: Normal File Size: 123392 bytes
File: c:\windows\system32\unimdm.tsp Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Unimodem 5 Service Provider Original FileName: UNIMDM.TSP File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x309282CE45344FA38508CFD6420E7E66E701FA5C MD5 Digest: 0xAACE07FE34FADDDF973CE068A6424957 CRC32 Digest: 0xE03B2B3B Rootkit Property: Normal File Size: 206848 bytes
File: c:\windows\system32\unimdmat.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Unimodem Service Provider AT Mini Driver Original FileName: UNIMDMAT.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x53970EBE28B093890C124A1B416E3378DA91FEFE MD5 Digest: 0x19AE6CBA05B9005698A6DEDCC88F202E CRC32 Digest: 0xFCC0FADE Rootkit Property: Normal File Size: 74240 bytes
File: c:\windows\system32\uniplat.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Unimodem AT Mini Driver Platform Driver for Windows NT Original FileName: UNIPLAT.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xC639AC75DA5D2DFAF0C6A7A590E4F2FB6A5FFF84 MD5 Digest: 0x995252FCC4692B5B97EE17D596C9386E CRC32 Digest: 0xF849DCB1 Rootkit Property: Normal File Size: 13824 bytes
File: c:\windows\system32\upnphost.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: UPnP Device Host Original FileName: unpnhost.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB54F93D7B07C96FFA5AEFA30365763A1F569901D MD5 Digest: 0x1EBAFEB9A3FBDC41B8D9C7F0F687AD91 CRC32 Digest: 0x0988B487 Rootkit Property: Normal File Size: 185856 bytes
File: c:\windows\system32\ups.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: UPS Service Original FileName: ups.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xC60CB7CB3BDFE65D162D8BA35DD84CE44EE61504 MD5 Digest: 0x05365FB38FCA1E98F7A566AAAF5D1815 CRC32 Digest: 0x65AF3E64 Rootkit Property: Normal File Size: 18432 bytes
File: c:\windows\system32\urlmon.dll
Product: Windows Internet Explorer Product Version: 7.00.6000.17093 Company: Microsoft Corporation Description: OLE32 Extensions for Win32 Original FileName: UrlMon.dll File Version Label: 7.00.6000.17093 (vista_gdr.101017-1200) File Version Number: 7.0.6000.17093 SHA-1 Digest: 0xB41BAC558EA3C4B4D13FA0597D4CE598D4CEA748 MD5 Digest: 0x4B4059E49AE0927E67E44E86A3C31C73 CRC32 Digest: 0x3B97518C Rootkit Property: Normal File Size: 1168384 bytes
File: c:\windows\system32\usbmon.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Standard Dynamic Printing Port Monitor DLL Original FileName: DynaMon.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x9400D205FEE7C9312D614679C3D581857F2A5851 MD5 Digest: 0xF26385E8BA4549B5186B774EC0E45D86 CRC32 Digest: 0x7365B2C9 Rootkit Property: Normal
File Size: 16896 bytes
File: c:\windows\system32\usbui.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: USB UI Dll Original FileName: Usbui.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x78896647934DA856A458F65BD16D5AA2090BFF3F MD5 Digest: 0xC2D7189CDD37453234A9BBCB58E50883 CRC32 Digest: 0x1625B212 Rootkit Property: Normal File Size: 74240 bytes
File: c:\windows\system32\user32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows XP USER API Client DLL Original FileName: user32 File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x08FE9FF1FE9B8FD237ADEDB10D65FB0447B91FE5
MD5 Digest: 0xB26B135FF1B9F60C9388B4A7D16F600B CRC32 Digest: 0xF7C72264 Rootkit Property: Normal File Size: 578560 bytes
File: c:\windows\system32\userenv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Userenv Original FileName: userenv.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xC7264E1FE77EA0E6D615077DD7CC6CC06AAA02CD MD5 Digest: 0x43D13C80EBEC0135A3611E0F616F179B CRC32 Digest: 0x1BA99286 Rootkit Property: Normal File Size: 727040 bytes
File: c:\windows\system32\userinit.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Userinit Logon Application Original FileName: USERINIT.EXE
File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x513F8BDF67A5A9E09803CFB61F590B39F2683853 MD5 Digest: 0xA93AEE1928A9D7CE3E16D24EC7380F89 CRC32 Digest: 0x32EB2C8E Rootkit Property: Normal File Size: 26112 bytes
File: c:\windows\system32\usp10.dll Product: Microsoft(R) Uniscribe Unicode script processor Product Version: 1.0420.2600.5969 Company: Microsoft Corporation Description: Uniscribe Unicode script processor Original FileName: Uniscribe File Version Label: 1.0420.2600.5969 (xpsp_sp3_gdr.100416-1716) File Version Number: 1.420.2600.5969 SHA-1 Digest: 0x78867CCDA82084335552D02621D82F94822CB324 MD5 Digest: 0x9E03DC5AB51CFD0190541CE2038D819D CRC32 Digest: 0x80584A23 Rootkit Property: Normal File Size: 406016 bytes
File: c:\windows\system32\uxtheme.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512
Company: Microsoft Corporation Description: Microsoft UxTheme Library Original FileName: UxTheme.dll File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x16C4D24A172BFBC67F488D6B4086B9E10F8EAF4B MD5 Digest: 0x7A2CC3719B255E6B5D74396183B7715B CRC32 Digest: 0xA4A915A5 Rootkit Property: Normal File Size: 218624 bytes
File: c:\windows\system32\version.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Version Checking and File Installation Libraries Original FileName: VERSION.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2105) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xADF263B658136CCB3CDE72D0E6DD634C5A5E5143 MD5 Digest: 0xC7CE131408739B0B3A318BE2D0032719 CRC32 Digest: 0x558B1DAF Rootkit Property: Normal File Size: 18944 bytes
File: c:\windows\system32\vssapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Volume Shadow Copy Requestor/Writer Services API DLL Original FileName: VSSAPI.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x17AC2A72BD6ABA372FEE767E07D5BF8601FB9D60 MD5 Digest: 0xACACB8B14E66109B8ACD6644B5574B9A CRC32 Digest: 0x59064B5D Rootkit Property: Normal File Size: 430592 bytes
File: c:\windows\system32\vssvc.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Volume Shadow Copy Service Original FileName: VSSVC.EXE File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD299FC4D44B5B6DA61B6E7D68A9191B22378A9DD MD5 Digest: 0x7A9DB3A67C333BF0BD42E42B8596854B CRC32 Digest: 0x03D2EDCF
Rootkit Property: Normal File Size: 289792 bytes
File: c:\windows\system32\w32time.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Time Service Original FileName: w32time.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFCFC8C04B5C33C149EB9126D7FB5291E79247B2E MD5 Digest: 0x54AF4B1D5459500EF0937F6D33B1914F CRC32 Digest: 0x6FF7344F Rootkit Property: Normal File Size: 175104 bytes
File: c:\windows\system32\w3ssl.dll Product: Internet Information Services Product Version: 6.0.2600.5512 Company: Microsoft Corporation Description: SSL service for HTTP Original FileName: w3ssl.dll File Version Label: 6.0.2600.5512 (xpsp.080413-0852) File Version Number: 6.0.2600.5512
SHA-1 Digest: 0xF064FB73806387C553992E246CDE51AE79288C3C MD5 Digest: 0x6100A808600F44D999CEBDEF8841C7A3 CRC32 Digest: 0xEE56DBA7 Rootkit Property: Normal File Size: 15872 bytes
File: c:\windows\system32\wbem\esscli.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Original FileName: esscli.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB2D0E8A7B6896438EE491C51E2FA56612C9951A6 MD5 Digest: 0xE4616430709F440CF1809D88DC2366EA CRC32 Digest: 0xF1412F08 Rootkit Property: Normal File Size: 247808 bytes
File: c:\windows\system32\wbem\fastprox.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5755 Company: Microsoft Corporation Description: WMI
Original FileName: fastprox.dll File Version Label: 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) File Version Number: 5.1.2600.5755 SHA-1 Digest: 0x29F6E565319817ADA1C7EDA8E3F506F38F4C23F7 MD5 Digest: 0x378A0AEFB11D8B0DC8C27B9F7604B88D CRC32 Digest: 0x56F7CD3F Rootkit Property: Normal File Size: 473600 bytes
File: c:\windows\system32\wbem\ncprov.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Non-COM WMI Event Provision APIs Original FileName: NCObjAPI.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xA885FD4C17709D7FBC0A9F9971F7C4DB43BF4136 MD5 Digest: 0xD26451B540720A7313A9BCBE794DAF62 CRC32 Digest: 0x458C52A1 Rootkit Property: Normal File Size: 47104 bytes
File: c:\windows\system32\wbem\repdrvfs.dll Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Original FileName: repdrvfs.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x488B362891A75E52484980B3B39248EFC86DE31E MD5 Digest: 0x942A17D2901A31EA68627CBFFCD268CC CRC32 Digest: 0x199FF2AC Rootkit Property: Normal File Size: 178176 bytes
File: c:\windows\system32\wbem\wbemcomn.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Original FileName: wbemcomn.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x787787CE23BC188AEC19CD26E30EE5C19D5CDF45 MD5 Digest: 0xD95C71052E5EF63B55997FB31483D02F CRC32 Digest: 0x8748D13B Rootkit Property: Normal File Size: 214528 bytes
File: c:\windows\system32\wbem\wbemcons.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Standard Event Consumers Original FileName: WbemCons File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x35BD4FE60CF1F35853E45FBA9A61491A686E8264 MD5 Digest: 0x6404807ABC7AF52FA3792697AE638B50 CRC32 Digest: 0x57BD7FA2 Rootkit Property: Normal File Size: 71680 bytes
File: c:\windows\system32\wbem\wbemcore.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Original FileName: wbemcore.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x89EAE0D9E00C6961F79AE8E3A82773A77B8C0598 MD5 Digest: 0xF0BF811622F2DD6C8E26EE4600D83731
CRC32 Digest: 0x4DC5C4D1 Rootkit Property: Normal File Size: 531456 bytes
File: c:\windows\system32\wbem\wbemess.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Original FileName: wbemess.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD86D974398E3814809239B6B5190A43CBD95B96A MD5 Digest: 0x26D881D27CBE51D3614E68D7313EA026 CRC32 Digest: 0x212AB120 Rootkit Property: Normal File Size: 273920 bytes
File: c:\windows\system32\wbem\wbemprox.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Original FileName: wbemprox.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xF2F0ED82F75364F090C2865AA2F9EFE1B9C13B20 MD5 Digest: 0x205ADD80FF8099B1A8101EB490B933D1 CRC32 Digest: 0x342D1851 Rootkit Property: Normal File Size: 18944 bytes
File: c:\windows\system32\wbem\wbemsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Original FileName: wbemsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xC92A0767EEE0B90644EA6968AAE3F7E0CD623D47 MD5 Digest: 0x010472D0AE758227C6F6E6933549C219 CRC32 Digest: 0xBC47F53D Rootkit Property: Normal File Size: 43520 bytes
File: c:\windows\system32\wbem\wmiapsrv.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: WMI Performance Adapter Service Original FileName: WmiApSrv.exe File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x683EB00945019F3BCB86EA2BEDF7780DEE41450F MD5 Digest: 0xE0673F1106E62A68D2257E376079F821 CRC32 Digest: 0xFEE03383 Rootkit Property: Normal File Size: 126464 bytes
File: c:\windows\system32\wbem\wmiprov.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Original FileName: mofd.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x89521E4DBB4CBBF5B335F9792D1C93955CE1FD37 MD5 Digest: 0x960F6D3CD9A1BA6435D7AADD102B297F CRC32 Digest: 0x06512A58 Rootkit Property: Normal File Size: 144896 bytes
File: c:\windows\system32\wbem\wmiprvsd.dll
Product: Microsoft Windows Operating System Product Version: 5.1.2600.5755 Company: Microsoft Corporation Description: WMI Original FileName: Wmiprvsd.dll File Version Label: 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) File Version Number: 5.1.2600.5755 SHA-1 Digest: 0x8594FD790439CC9AC2749EA85013628C8DBBB83A MD5 Digest: 0x071143F687B4F887E21461CA6CC7EB29 CRC32 Digest: 0xD1C4D4CF Rootkit Property: Normal File Size: 453120 bytes
File: c:\windows\system32\wbem\wmiprvse.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5755 Company: Microsoft Corporation Description: WMI Original FileName: Wmiprvse.exe File Version Label: 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) File Version Number: 5.1.2600.5755 SHA-1 Digest: 0xF36CE7091903B73A6905460069877DDC209AD2E7 MD5 Digest: 0x798A9E6828997EEF4517ADA8A2259831 CRC32 Digest: 0x60E9934F Rootkit Property: Normal
File Size: 227840 bytes
File: c:\windows\system32\wbem\wmisvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Original FileName: wmisvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFAB0423A2441D4D432F3E697E057BFD0B017E202 MD5 Digest: 0x2D0E4ED081963804CCC196A0929275B5 CRC32 Digest: 0x9D5A6F61 Rootkit Property: Normal File Size: 144896 bytes
File: c:\windows\system32\wbem\wmiutils.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI Original FileName: wmiutils.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFC506460954CC16DBF5036D26A422A1407E60914
MD5 Digest: 0x3273D1565BF30225C115B480A3BB2C9D CRC32 Digest: 0x8A24AD87 Rootkit Property: Normal File Size: 95232 bytes
File: c:\windows\system32\wbtapi.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: WBTApi DLL Original FileName: WBTApi.dll File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700 SHA-1 Digest: 0xEF540FADBF412F8495BD2E492F4FEEB6AB3D0422 MD5 Digest: 0x29AFBC3B4D46C1598E6015772B16503B CRC32 Digest: 0x7209D53D Rootkit Property: Normal File Size: 507965 bytes
File: c:\windows\system32\wdigest.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5834 Company: Microsoft Corporation Description: Microsoft Digest Access Original FileName: WDIGEST.DLL
File Version Label: 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305) File Version Number: 5.1.2600.5834 SHA-1 Digest: 0x7C117E3A5D78D0DEEBB0BE67D80AC8C9A25F6915 MD5 Digest: 0x3AAF9B35939FF9E58CCD18D41655C2FC CRC32 Digest: 0x919B5C15 Rootkit Property: Normal File Size: 54272 bytes
File: c:\windows\system32\wdmaud.drv Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WDM Audio driver mapper Original FileName: WDMAUD.DRV File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x0F20A07D39C5E746C24A070E0C52093B987023CD MD5 Digest: 0x680B56A8B62D1BCF4A0B2AAAD03D88E4 CRC32 Digest: 0xEEB914CA Rootkit Property: Normal File Size: 23552 bytes
File: c:\windows\system32\webcheck.dll Product: Windows Internet Explorer Product Version: 7.00.6000.17093
Company: Microsoft Corporation Description: Web Site Monitor Original FileName: WEBCHECK.DLL File Version Label: 7.00.6000.17093 (vista_gdr.101017-1200) File Version Number: 7.0.6000.17093 SHA-1 Digest: 0xB24D935424268E63F52B258E53425008A67E6F06 MD5 Digest: 0x579692ADC654211931DCFF96192F7439 CRC32 Digest: 0xB6EF6D7B Rootkit Property: Normal File Size: 233472 bytes
File: c:\windows\system32\webclnt.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Web DAV Service DLL Original FileName: davsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFFDE670E2DDBFB23AD67761943EBA76740033668 MD5 Digest: 0x77A354E28153AD2D5E120A5A8687BC06 CRC32 Digest: 0xE5967737 Rootkit Property: Normal File Size: 68096 bytes
File: c:\windows\system32\wiascr.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WIA Scripting Layer Original FileName: WIAScr.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x4D4897DA84FC31F75C557D3A7C77B28A13AC4ACE MD5 Digest: 0x477BB51076B926E1A68840C267540042 CRC32 Digest: 0x5BC5B7EC Rootkit Property: Normal File Size: 75776 bytes
File: c:\windows\system32\wiaservc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Still Image Devices Service Original FileName: WIASERVC.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x931D552F15F4FCF94B006AD82708FAB817370AD3 MD5 Digest: 0x8BAD69CBAC032D4BBACFCE0306174C30 CRC32 Digest: 0x1F28CA15
Rootkit Property: Normal File Size: 333824 bytes
File: c:\windows\system32\wiashext.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Imaging Devices Shell Folder UI Original FileName: wiashext.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x9496F9056DDA5C47E51FCFA391031BEC2E4A011C MD5 Digest: 0xBF67AC2C1F41BE892B98E9B8E91C0CB8 CRC32 Digest: 0x41002C82 Rootkit Property: Normal File Size: 589312 bytes
File: c:\windows\system32\widcommsdk.dll Product: Bluetooth Software Product Version: 5.1.0.4700 Company: Broadcom Corporation. Description: WidcommSdk DLL Original FileName: WidcommSdk.dll File Version Label: 5.1.0.4700 File Version Number: 5.1.0.4700
SHA-1 Digest: 0x462374F055F17A5F5A6C9370262699E3B743E564 MD5 Digest: 0x9E1EDA1A44EE69305AF96452FD54ECAA CRC32 Digest: 0xC5BFA5A7 Rootkit Property: Normal File Size: 573440 bytes
File: c:\windows\system32\win32spl.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: 32-bit Spooler API DLL Original FileName: win32spl.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xF07F806296C25CCFF4EA993B9BF80A59B45C1D44 MD5 Digest: 0x22DD6D7D4BFE2B8CE705CC950C8AEA4C CRC32 Digest: 0xD75ED312 Rootkit Property: Normal File Size: 102400 bytes
File: c:\windows\system32\winhttp.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5868 Company: Microsoft Corporation Description: Windows HTTP Services
Original FileName: winhttp.dll File Version Label: 5.1.2600.5868 (xpsp_sp3_gdr.090824-1328) File Version Number: 5.1.2600.5868 SHA-1 Digest: 0x101FAF266CBBC95C9DFBDAAA26E0CEEDC97982CD MD5 Digest: 0x8C77ECF3C7DCBB926312B7ECED6ECA75 CRC32 Digest: 0x9374C4AD Rootkit Property: Normal File Size: 354816 bytes
File: c:\windows\system32\wininet.dll Product: Windows Internet Explorer Product Version: 7.00.6000.17093 Company: Microsoft Corporation Description: Internet Extensions for Win32 Original FileName: wininet.dll File Version Label: 7.00.6000.17093 (vista_gdr.101017-1200) File Version Number: 7.0.6000.17093 SHA-1 Digest: 0x00BEBE028CC59D5EAC636831BAE0781A637C7C05 MD5 Digest: 0x67CD1C036ECC93B1B45B07A4AFDA1D96 CRC32 Digest: 0x7DB3A695 Rootkit Property: Normal File Size: 832512 bytes
File: c:\windows\system32\winipsec.dll Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows IPSec SPD Client DLL Original FileName: winipsec.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x95D91D817E081ADE8EB653A907A31A17E2CD1D84 MD5 Digest: 0x248712EA6BA17B9FF0C542A3828375DD CRC32 Digest: 0xABAEACB0 Rootkit Property: Normal File Size: 32256 bytes
File: c:\windows\system32\winlogon.exe Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows NT Logon Application Original FileName: WINLOGON.EXE File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xF77A7CD78877527023EBFB35E83B75EF59D3DF07 MD5 Digest: 0xED0EF0A136DEC83DF69F04118870003E CRC32 Digest: 0xB74C262F Rootkit Property: Normal File Size: 507904 bytes
File: c:\windows\system32\winmm.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: MCI API DLL Original FileName: WINMM.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-0845) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x51F42782ACDC790E4CABF402D71EF0FE24F9AD1B MD5 Digest: 0xF1300D0B4C40754A01DF16F350F0EF60 CRC32 Digest: 0x9676D976 Rootkit Property: Normal File Size: 176128 bytes
File: c:\windows\system32\winrnr.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: LDAP RnR Provider DLL Original FileName: winrnr File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD8FCAAD1C1EB0E3ECEED691F93BA269D834AD22E MD5 Digest: 0xD72B9EC3337B247A666F098F3D6B43DE
CRC32 Digest: 0xA73F0F7A Rootkit Property: Normal File Size: 16896 bytes
File: c:\windows\system32\winscard.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Microsoft Smart Card API Original FileName: winscard.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xB0F303EF25ACBF33112F46BCC9A228C879A4264D MD5 Digest: 0x02988B904C386B500CD08639C4C20EEA CRC32 Digest: 0xB6678208 Rootkit Property: Normal File Size: 99328 bytes
File: c:\windows\system32\winspool.drv Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Spooler Driver Original FileName: winspool.drv File Version Label: 5.1.2600.5512 (xpsp.080413-0852)
File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xE413855355EA0C254B38BA85451A843E1FA526C5 MD5 Digest: 0xBD83ABA61E8ACCC8D9FFB869F29418CE CRC32 Digest: 0x5915D447 Rootkit Property: Normal File Size: 146432 bytes
File: c:\windows\system32\winsrv.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.6001 Company: Microsoft Corporation Description: Windows Server DLL Original FileName: winsrv.dll File Version Label: 5.1.2600.6001 (xpsp_sp3_gdr.100618-1712) File Version Number: 5.1.2600.6001 SHA-1 Digest: 0x9A39B9F97C6EA8984B9971D8C6ADC7C28A0E67E7 MD5 Digest: 0x42B5427FAC23BF6F1F31E466B7FEB084 CRC32 Digest: 0x933D8E6E Rootkit Property: Normal File Size: 293376 bytes
File: c:\windows\system32\winsta.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation
Description: Winstation Library Original FileName: winsta.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x9BBCF260E84B31F633490D5624E828AFAA8D3FF1 MD5 Digest: 0x430CEB794F6E6EF8AC86958C242366D6 CRC32 Digest: 0xC86AD254 Rootkit Property: Normal File Size: 53760 bytes
File: c:\windows\system32\wintrust.dll Product: Microsoft Windows Operating System Product Version: 5.131.2600.5922 Company: Microsoft Corporation Description: Microsoft Trust Verification APIs Original FileName: WINTRUST.DLL File Version Label: 5.131.2600.5922 (xpsp_sp3_gdr.091223-1907) File Version Number: 5.131.2600.5922 SHA-1 Digest: 0x2BB151BFEEAB65C5A32387DA67B1AFE41D76F6B6 MD5 Digest: 0xAEADC4FE32D6D60F36D9B9ACE5C642A2 CRC32 Digest: 0x10F114B4 Rootkit Property: Normal File Size: 177664 bytes
File: c:\windows\system32\wkssvc.dll
Product: Microsoft Windows Operating System Product Version: 5.1.2600.5826 Company: Microsoft Corporation Description: Workstation Service DLL Original FileName: WKSSVC.DLL File Version Label: 5.1.2600.5826 (xpsp_sp3_gdr.090609-1434) File Version Number: 5.1.2600.5826 SHA-1 Digest: 0xB59C7B01D6704B096B757BF34B23F1E00473EA30 MD5 Digest: 0xA8888A5327621856C0CEC4E385F69309 CRC32 Digest: 0x3CF92023 Rootkit Property: Normal File Size: 132096 bytes
File: c:\windows\system32\wldap32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Win32 LDAP API DLL Original FileName: WLDAP32.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x03269DF70BC4FF939F87EF528F8A5FCF2A708624 MD5 Digest: 0x0492CF5870F0E616B0C71695A433D162 CRC32 Digest: 0xC4516D53 Rootkit Property: Normal
File Size: 172032 bytes
File: c:\windows\system32\wlnotify.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Common DLL to receive Winlogon notifications Original FileName: WlNotify.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x792629CB140A25F17D340091101FE43B5DE60A39 MD5 Digest: 0x2CC34E8BB667EEF78899546E12649196 CRC32 Digest: 0x762786A3 Rootkit Property: Normal File Size: 92672 bytes
File: c:\windows\system32\wmadmoe.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Audio 10 Encoder/Transcoder Original FileName: wmadmoe.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x4D80C2E474976147FCC3F46762C164829DC18943
MD5 Digest: 0x98BCCC6D116C8330A6FA3C3AF73DC659 CRC32 Digest: 0x93214848 Rootkit Property: Normal File Size: 1117696 bytes
File: c:\windows\system32\wmasf.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media ASF DLL Original FileName: wmasf.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x37F931BFAC263EB9FB13D1930A8DBD993A82E8E2 MD5 Digest: 0xC77A18954C448DD9F87585247851501A CRC32 Digest: 0xF2D7594B Rootkit Property: Normal File Size: 222208 bytes
File: c:\windows\system32\wmdmps.dll Product: Windows Media Device Manager Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Device Manager Proxy Stub Original FileName: WMDMPS.dll
File Version Label: 11.0.5721.5262 File Version Number: 11.0.5721.5262 SHA-1 Digest: 0xA175B31F9FD23AD20A41AED8D75A5014B3D34B5A MD5 Digest: 0x4DBB48FFE1F5E33429F5F5F6CBC2F1EF CRC32 Digest: 0x6EF71A90 Rootkit Property: Normal File Size: 37376 bytes
File: c:\windows\system32\wmi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: WMI DC and DP functionality Original FileName: wmi.DLL File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFE9DD79573EDC9EC420F4563811B1863D50D0751 MD5 Digest: 0x7B0770526801F05D58C51A3DFB87B4BD CRC32 Digest: 0xD515E233 Rootkit Property: Normal File Size: 5632 bytes
File: c:\windows\system32\wmnetmgr.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262
Company: Microsoft Corporation Description: Windows Media Network Plugin Manager DLL Original FileName: WMNetMgr.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x68E017A2DE393499FE0C65B1CE6CFC8530EA637B MD5 Digest: 0x0629690449F2EB0B46F2E74702436718 CRC32 Digest: 0xF52F9140 Rootkit Property: Normal File Size: 938496 bytes
File: c:\windows\system32\wmp.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5280 Company: Microsoft Corporation Description: Windows Media Player Original FileName: wmp.dll File Version Label: 11.0.5721.5280 (WMP_11.100825-0734) File Version Number: 11.0.5721.5280 SHA-1 Digest: 0x26648A3BB98B58759B9ED99F0D9FB9115B7E9F19 MD5 Digest: 0x77B4BE0C9AA0AC78884D8E7CFB315463 CRC32 Digest: 0xCDBEAF40 Rootkit Property: Normal File Size: 10841088 bytes
File: c:\windows\system32\wmpasf.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Player Filter Shim Original FileName: wmpasf.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x7F41110D4ECA33F9FA6C448889D66F9041DBC69E MD5 Digest: 0xE8A033F8C7BB24E3AB7EA2837E07B840 CRC32 Digest: 0xC01E3588 Rootkit Property: Normal File Size: 211456 bytes
File: c:\windows\system32\wmpeffects.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Player Effects Original FileName: wmpeffects.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x3876F6AB346E2E8A50A12373859A76E095920D4A MD5 Digest: 0xD071C2DF93C0984591C5340E3F197273 CRC32 Digest: 0x480632FF
Rootkit Property: Normal File Size: 295936 bytes
File: c:\windows\system32\wmpencen.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Player Encoding Module Original FileName: WMPEncEn.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x21B23C2BB2253DC98B7E5EF1BDF1C94DF7728DC1 MD5 Digest: 0x5B31E409DBE04CB2A1AE93127BE0C272 CRC32 Digest: 0x8E892CB3 Rootkit Property: Normal File Size: 1661952 bytes
File: c:\windows\system32\wmploc.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Player Resources Original FileName: wmploc.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262
SHA-1 Digest: 0xBEB1EE9D1CB3BA5A8F88934CFA4493C21D20FB92 MD5 Digest: 0x3F476505B239F65C5D67B6686AF097D4 CRC32 Digest: 0xBD936DCB Rootkit Property: Normal File Size: 8231936 bytes
File: c:\windows\system32\wmpps.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Player Proxy Stub Dll Original FileName: wmpps.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x36AFE73B370AE70CC2339898C36CD21A30327B5C MD5 Digest: 0x4FB452BB899F99849716B6565CB8A29E CRC32 Digest: 0xB010C3DF Rootkit Property: Normal File Size: 130048 bytes
File: c:\windows\system32\wmpshell.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Player Launcher
Original FileName: wmpshell.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x6A903BC7930D0D7AE45965734C6E324107DF7786 MD5 Digest: 0x6B3951BF5DB63D0CD27DBFD51EC0B6FA CRC32 Digest: 0x7106B2F1 Rootkit Property: Normal File Size: 99840 bytes
File: c:\windows\system32\wmpsrcwp.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: WMPSrcWp Module Original FileName: WMPSrcWp.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0xDE6A41ED0396F6BB3B7B44E5AC0E523269A995AD MD5 Digest: 0x4225471AF97AD206C1705DD8B10828CE CRC32 Digest: 0x89485657 Rootkit Property: Normal File Size: 204288 bytes
File: c:\windows\system32\wmsdmoe.dll Product: Microsoft Windows Media Services
Product Version: 9.00.00.4503 Company: Microsoft Corporation Description: Windows Media Screen Encoder Original FileName: wmsdmoe.dll File Version Label: 9.00.00.4503 File Version Number: 9.0.0.4503 SHA-1 Digest: 0xC8EB7919CEBDFAEC79AF378CCBF188F42030500E MD5 Digest: 0x22091EFAB019A725FF7FA195A2DBDD43 CRC32 Digest: 0x23CE91C9 Rootkit Property: Normal File Size: 115200 bytes
File: c:\windows\system32\wmspdmoe.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Audio Voice Encoder Original FileName: wmspdmoe.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x085FAB5B31FBCA888CE521420A55AB6B20450BA9 MD5 Digest: 0x386C27FC2DAF7805103F13E18C676BB4 CRC32 Digest: 0x4961DD88 Rootkit Property: Normal File Size: 1329152 bytes
File: c:\windows\system32\wmvcore.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5275 Company: Microsoft Corporation Description: Windows Media Playback/Authoring DLL Original FileName: wmvcore.dll File Version Label: 11.0.5721.5275 (WMP_11.100405-1047) File Version Number: 11.0.5721.5275 SHA-1 Digest: 0xBFA6DD4C3BF596E28E226A7801C45A13A1EC743F MD5 Digest: 0xDFFEC6479C5E00A103A44AC33A1058AA CRC32 Digest: 0x38DE796F Rootkit Property: Normal File Size: 2462720 bytes
File: c:\windows\system32\wmvdmoe.dll Product: Microsoft Windows Media Services Product Version: 7.01.00.3055 Company: Microsoft Corporation Description: Windows Media Video Encoder DMO Original FileName: wmvdmoe.dll File Version Label: 7.01.00.3055 File Version Number: 7.1.0.3055 SHA-1 Digest: 0x89D5C0E3004AF2C9C5C8FBD1DF2047170CAA3DCA MD5 Digest: 0x0C46AB46339F1B338550E8D03BAF9737
CRC32 Digest: 0x054C8BF0 Rootkit Property: Normal File Size: 446464 bytes
File: c:\windows\system32\wmvencod.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Video 9 Encoder Original FileName: wmvencod.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x9B446601973E4468798707FB7A55F9332D9E96D5 MD5 Digest: 0xC61B0714F75B725AFBB0966E8E7BEF59 CRC32 Digest: 0xDEF0ED7D Rootkit Property: Normal File Size: 1575424 bytes
File: c:\windows\system32\wmvsencd.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Screen Encoder Original FileName: wmvsencd.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421)
File Version Number: 11.0.5721.5262 SHA-1 Digest: 0x5EE912AC56DDC6F12A6AC0DC4ED6C41DBC7411F7 MD5 Digest: 0xC768144617EC06AC0E471ED31EF45BD1 CRC32 Digest: 0xF8397FA1 Rootkit Property: Normal File Size: 767488 bytes
File: c:\windows\system32\wmvxencd.dll Product: Microsoft Windows Operating System Product Version: 11.0.5721.5262 Company: Microsoft Corporation Description: Windows Media Video Encoder Original FileName: wmvxencd.dll File Version Label: 11.0.5721.5262 (WMP_11.090130-1421) File Version Number: 11.0.5721.5262 SHA-1 Digest: 0xFBE1B50F0423A051FA7619F15D63D3C2A25C999B MD5 Digest: 0xF8828B8EBDB9A2536D5270377D586755 CRC32 Digest: 0x7683D76C Rootkit Property: Normal File Size: 656896 bytes
File: c:\windows\system32\wpcap.dll Product: WinPcap Product Version: 4.1.0.2001 Company: CACE Technologies, Inc.
Description: wpcap.dll Dynamic Link Library - based on libpcap 1.0rel0b branch (20091008) Original FileName: wpcap.dll File Version Label: 4.1.0.2001 File Version Number: 4.1.0.2001 SHA-1 Digest: 0xD2AFB08D0379BD96E423857963791E2BA00C9645 MD5 Digest: 0x190FB481D293D85B507D071E75BCB05C CRC32 Digest: 0x44B64C18 Rootkit Property: Normal File Size: 281104 bytes
File: c:\windows\system32\wpdshext.dll Product: Microsoft Windows Operating System Product Version: 5.2.5721.5262 Company: Microsoft Corporation Description: Portable Devices Shell Extension Original FileName: wpdshext.dll File Version Label: 5.2.5721.5262 (WMP_11.090130-1421) File Version Number: 5.2.5721.5262 SHA-1 Digest: 0x7F1644F3DD196FB021D3DB1E4E751274FB76B84D MD5 Digest: 0x0B7D7D73E1BE7B8742B1EBFA3D4DCC49 CRC32 Digest: 0x2C711B6A Rootkit Property: Normal File Size: 2603008 bytes
File: c:\windows\system32\ws2_32.dll
Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Socket 2.0 32-Bit DLL Original FileName: ws2_32.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x7CF3366C68E402EB3678046FE97651A586044560 MD5 Digest: 0x2CCC474EB85CEAA3E1FA1726580A3E5A CRC32 Digest: 0x7C519ECA Rootkit Property: Normal File Size: 82432 bytes
File: c:\windows\system32\ws2help.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Socket 2.0 Helper for Windows NT Original FileName: ws2help.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x317CC14A94FCF3D10749EFBCAB330B97F516FFFB MD5 Digest: 0x9789E95E1D88EEB4B922BF3EA7779C28 CRC32 Digest: 0x3F24E096 Rootkit Property: Normal
File Size: 19968 bytes
File: c:\windows\system32\wscsvc.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Security Center Service Original FileName: wscsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2108) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x4D59E3FFA335317E5ECB253C81EFEF67F507C15C MD5 Digest: 0x7C278E6408D1DCE642230C0585A854D5 CRC32 Digest: 0xE07687CC Rootkit Property: Normal File Size: 80896 bytes
File: c:\windows\system32\wsfwds.dll Product: wsfwds Product Version: 5.2.0.117 Company: Atheros Communications, Inc. Description: Atheros Wireless Supplicant Framework(DS) Original FileName: wsfwDs.dll File Version Label: 5.2.0.117 File Version Number: 5.2.0.117 SHA-1 Digest: 0x2F6A3F3F7BBA94B859659F15D0A952BA625C6736
MD5 Digest: 0x075EA2FF30B19A365A556E5529BEBB1A CRC32 Digest: 0xCB0F65FB Rootkit Property: Normal File Size: 254023 bytes
File: c:\windows\system32\wshirda.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Sockets Helper DLL Original FileName: wshirda.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xD63893C712F9A53FF7B3F072B37FB29E04A06941 MD5 Digest: 0x52778FCE46E510B60F513B8882A65CD6 CRC32 Digest: 0x28758E22 Rootkit Property: Normal File Size: 8192 bytes
File: c:\windows\system32\wshtcpip.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Sockets Helper DLL Original FileName: wshtcpip.dll
File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x209A11D3D9078E8A334D9154355ED6129ACE0ABC MD5 Digest: 0x4E3D06D6E68EEDB52565080F55B460D3 CRC32 Digest: 0xF5533E87 Rootkit Property: Normal File Size: 19456 bytes
File: c:\windows\system32\wsimd.dll Product: wsimd Product Version: 5.2.0.117 Company: Atheros Communications, Inc. Description: Atheros Intermediate Driver Interface Original FileName: wsimd.dll File Version Label: 5.2.0.117 File Version Number: 5.2.0.117 SHA-1 Digest: 0x7CBB25AF3B142398AA087A16F8649F951336EE22 MD5 Digest: 0x38A0B747FF3A637A7EED86CEBAEFDDED CRC32 Digest: 0xFA12F60C Rootkit Property: Normal File Size: 249925 bytes
File: c:\windows\system32\wsnmp32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512
Company: Microsoft Corporation Description: Microsoft WinSNMP v2.0 Manager API Original FileName: wsnmp32.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x2BFCD05C5D6EA095A557A77930D8F68D114E4D98 MD5 Digest: 0x277F3E3333F1D10CA428568197FCCE70 CRC32 Digest: 0xA0DB6B23 Rootkit Property: Normal File Size: 41984 bytes
File: c:\windows\system32\wsock32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Socket 32-Bit DLL Original FileName: wsock32.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x42E1C04CE06976A15D87A8B9C8C8F2475FF90C2B MD5 Digest: 0x67156D5A9AC356DC99D7BCCB388E3316 CRC32 Digest: 0xABED57E0 Rootkit Property: Normal File Size: 22528 bytes
File: c:\windows\system32\wtsapi32.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Windows Terminal Server SDK APIs Original FileName: wtsapi32.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2111) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x61732C75B38443875C53C6019771AAEF31791478 MD5 Digest: 0x0E2735281FBB9A764D5584C2A5DCBA59 CRC32 Digest: 0x2C62BB24 Rootkit Property: Normal File Size: 18432 bytes
File: c:\windows\system32\wuaueng.dll Product: Microsoft Windows Operating System Product Version: 7.4.7600.226 Company: Microsoft Corporation Description: Windows Update Agent Original FileName: wuaueng.dll File Version Label: 7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834) File Version Number: 7.4.7600.226 SHA-1 Digest: 0x25FB0FBDD2F8C3B425AF38C2676BBE39A2ED2A9B MD5 Digest: 0x6298277B73C77FA99106B271A7525163 CRC32 Digest: 0x0517D206
Rootkit Property: Normal File Size: 1929952 bytes
File: c:\windows\system32\wuauserv.dll Product: Microsoft Windows Operating System Product Version: 5.4.3790.5512 Company: Microsoft Corporation Description: Windows Update AutoUpdate Service Original FileName: wuauserv.dll File Version Label: 5.4.3790.5512 (xpsp.080413-0852) File Version Number: 5.4.3790.5512 SHA-1 Digest: 0x069934C7356080B8ECE307CC63F870D12E30A84C MD5 Digest: 0x35321FB577CDC98CE3EB3A3EB9E4610A CRC32 Digest: 0xE2B219C4 Rootkit Property: Normal File Size: 6656 bytes
File: c:\windows\system32\wudfplatform.dll Product: Microsoft Windows Operating System Product Version: 6.0.6001.18000 Company: Microsoft Corporation Description: Windows Driver Foundation - User-mode Platform Library Original FileName: WUDFPlatform.dll File Version Label: 6.0.6001.18000 (longhorn_rtm.080118-1840) File Version Number: 6.0.6001.18000
SHA-1 Digest: 0xC65A0FD051C0B7D741C9D4C0606E9902E16AEAF5 MD5 Digest: 0xEED1B6C2B6DD5C2FC1F6709102DC3191 CRC32 Digest: 0x7B0A4C4C Rootkit Property: Normal File Size: 163840 bytes
File: c:\windows\system32\wudfsvc.dll Product: Microsoft Windows Operating System Product Version: 6.0.6001.18000 Company: Microsoft Corporation Description: Windows Driver Foundation - User-mode Driver Framework Service Original FileName: WUDFSvc.dll File Version Label: 6.0.6001.18000 (longhorn_rtm.080118-1840) File Version Number: 6.0.6001.18000 SHA-1 Digest: 0x9EA10F99E1C467BE12FE78F2F516FF7142E15DCF MD5 Digest: 0x575A4190D989F64732119E4114045A4F CRC32 Digest: 0xA71F3F4A Rootkit Property: Normal File Size: 55296 bytes
File: c:\windows\system32\wweb32.dll Product: WordWeb Product Version: 5.0.0.0 Company: Antony Lewis Description: WordWeb thesaurus/dictionary
Original FileName: File Version Label: 5.0.0.0 File Version Number: 5.0.0.0 SHA-1 Digest: 0xA5891BC509D29C548743835B35AF0410729C401D MD5 Digest: 0xDA4314371E5171F7AC474A191A6D78A2 CRC32 Digest: 0xBEB43B56 Rootkit Property: Normal File Size: 1050296 bytes
File: c:\windows\system32\wzcsapi.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Wireless Zero Configuration service API Original FileName: wzcsapi.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0xFA885EFCB1DB0B465470B21516C6D461DCBEE99A MD5 Digest: 0x767FF54A552732CE772C2302025FA82F CRC32 Digest: 0x94ABA9C6 Rootkit Property: Normal File Size: 52736 bytes
File: c:\windows\system32\wzcsvc.dll Product: Microsoft Windows Operating System
Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Wireless Zero Configuration Service Original FileName: wzcsvc.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x5A4EECDA0E985C6F6876897D02D45B806B3F926F MD5 Digest: 0x81DC3F549F44B1C1FFF022DEC9ECF30B CRC32 Digest: 0xAC33DDD7 Rootkit Property: Normal File Size: 483840 bytes
File: c:\windows\system32\xmlprov.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Network Provisioning Service Original FileName: xmlprov.dll File Version Label: 5.1.2600.5512 (xpsp.080413-0852) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x090E95953F71D654EA885AF74D491AD1E6A0F8C7 MD5 Digest: 0x295D21F14C335B53CB8154E5B1F892B9 CRC32 Digest: 0x6A8A2C79 Rootkit Property: Normal File Size: 129024 bytes
File: c:\windows\system32\xpsp2res.dll Product: Microsoft Windows Operating System Product Version: 5.1.2600.5512 Company: Microsoft Corporation Description: Service Pack 2 Messages Original FileName: xpsp2res.dll File Version Label: 5.1.2600.5512 (xpsp.080413-2113) File Version Number: 5.1.2600.5512 SHA-1 Digest: 0x55401355585FAC03B5D6991AF85ABF8DB8FC9042 MD5 Digest: 0x16403217AB6FC5C30C14C6B12098AD4B CRC32 Digest: 0xBF6C4351 Rootkit Property: Normal File Size: 2897920 bytes
File: c:\windows\system32\zipfldr.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.5512 Company: Microsoft Corporation Description: Compressed (zipped) Folders Original FileName: ZIPFLDR.DLL File Version Label: 6.00.2900.5512 (xpsp.080413-2105) File Version Number: 6.0.2900.5512 SHA-1 Digest: 0x18DB98F46FCDFCDD823517CC5A73E209FCA138DA MD5 Digest: 0xC444B433A340C24B51A2DACE9D13FC70
CRC32 Digest: 0xE01D7834 Rootkit Property: Normal File Size: 338432 bytes
File: c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_xww_e6967989\msvcp80.dll Product: Microsoft Visual Studio 2005 Product Version: 8.00.50727.4053 Company: Microsoft Corporation Description: Microsoft C++ Runtime Library Original FileName: MSVCP80.DLL File Version Label: 8.00.50727.4053 File Version Number: 8.0.50727.4053 SHA-1 Digest: 0xBC7CE60270A58450596AA3E3E5D0A99F731333D9 MD5 Digest: 0x8C53CCD787C381CD535D8DCCA12584D8 CRC32 Digest: 0x4EA826D3 Rootkit Property: Normal File Size: 554832 bytes
File: c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_xww_e6967989\msvcr80.dll Product: Microsoft Visual Studio 2005 Product Version: 8.00.50727.4053 Company: Microsoft Corporation Description: Microsoft C Runtime Library Original FileName: MSVCR80.DLL
File Version Label: 8.00.50727.4053 File Version Number: 8.0.50727.4053 SHA-1 Digest: 0x4CCD15BF2C1B1D541AC883B0F42497E8CED6A5A3 MD5 Digest: 0x1169436EE42F860C7DB37A4692B38F0E CRC32 Digest: 0xF4376274 Rootkit Property: Normal File Size: 632656 bytes
File: c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_xww_b77cec8e\mfc80.dll Product: Microsoft Visual Studio 2005 Product Version: 8.00.50727.4053 Company: Microsoft Corporation Description: MFCDLL Shared Library - Retail Version Original FileName: MFC80.DLL File Version Label: 8.00.50727.4053 File Version Number: 8.0.50727.4053 SHA-1 Digest: 0x24C80500A18CB7E60E0FFB37EB623F2AEF9512AB MD5 Digest: 0x4928AB3A304DDF05C354DE3807A4A66B CRC32 Digest: 0xE8DDF49E Rootkit Property: Normal File Size: 1105920 bytes
File: c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_xww_0ccc058c\mfc80enu.dll Product: Microsoft Visual Studio 2005
Product Version: 8.00.50727.4053 Company: Microsoft Corporation Description: MFC Language Specific Resources Original FileName: MFC80ENU.DLL File Version Label: 8.00.50727.4053 File Version Number: 8.0.50727.4053 SHA-1 Digest: 0xF8364B57D585FDAAA21F209E895CE50FA118553A MD5 Digest: 0xD8584C7FB9A1BA8480F9000C1CA1B415 CRC32 Digest: 0x9BB86966 Rootkit Property: Normal File Size: 57344 bytes
File: c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_xww_d495ac4e\msvcp90.dll Product: Microsoft Visual Studio 2008 Product Version: 9.00.30729.4148 Company: Microsoft Corporation Description: Microsoft C++ Runtime Library Original FileName: MSVCP90.DLL File Version Label: 9.00.30729.4148 File Version Number: 9.0.30729.4148 SHA-1 Digest: 0x3322840FEF43C92FB55DC31E682D19970DAF159D MD5 Digest: 0xB2EEE3DEE31F50E082E9C720A6D7757D CRC32 Digest: 0xDC8BFAFD Rootkit Property: Normal File Size: 569664 bytes
File: c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_xww_d495ac4e\msvcr90.dll Product: Microsoft Visual Studio 2008 Product Version: 9.00.30729.4148 Company: Microsoft Corporation Description: Microsoft C Runtime Library Original FileName: MSVCR90.DLL File Version Label: 9.00.30729.4148 File Version Number: 9.0.30729.4148 SHA-1 Digest: 0xF825C40FEE87CC9952A61C8C34E9F6EEE8DA742D MD5 Digest: 0x7538050656FE5D63CB4B80349DD1CFE3 CRC32 Digest: 0x60CFF652 Rootkit Property: Normal File Size: 653120 bytes
File: c:\windows\winsxs\x86_microsoft.windows.commoncontrols_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll Product: Microsoft Windows Operating System Product Version: 6.00.2900.6028 Company: Microsoft Corporation Description: User Experience Controls Library Original FileName: comctl32.DLL File Version Label: 6.0 (xpsp_sp3_qfe.100823-1643) File Version Number: 6.0.2900.6028 SHA-1 Digest: 0x3B0B0A531468DE08C11B2EEA2E37E34325CDC3B7
MD5 Digest: 0x736B12B725AEB2B07F0241A9F680CB10 CRC32 Digest: 0x350BBD1B Rootkit Property: Normal File Size: 1054208 bytes
File: c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.22319_xww_f0b4c2df\gdiplus.dll Product: Microsoft Windows Operating System Product Version: 5.2.6001.22319 Company: Microsoft Corporation Description: Microsoft GDI+ Original FileName: gdiplus File Version Label: 5.2.6001.22319 (vistasp1_ldr.081126-1506) File Version Number: 5.2.6001.22319 SHA-1 Digest: 0x16492BFE4C4E0D2A374934E00A80B8934BD01CA3 MD5 Digest: 0x4721AB485E0C29CD1617A5F296B9CC47 CRC32 Digest: 0x0F8A29EA Rootkit Property: Normal File Size: 1748992 bytes
+----------------------------------------------|AV Products +-----------------------------------------------
+----------------------------------------------|Disk drive(s) Boot Record +-----------------------------------------------
Drive [-C-] Boot Record: 0000 EB 52 90 4E-54 46 53 20-20 20 20 00-02 08 00 00 .R.NTFS ..... 0010 00 00 00 00-00 F8 00 00-3F 00 F0 00-3F 00 00 00 ........?...?... 0020 00 00 00 00-80 00 80 00-50 0A A5 0B-00 00 00 00 ........P....... 0030 00 00 0C 00-00 00 00 00-10 00 00 00-00 00 00 00 ................ 0040 F6 00 00 00-01 00 00 00-BD AB 06 68-DD 06 68 66 ...........h..hf 0050 00 00 00 00-FA 33 C0 8E-D0 BC 00 7C-FB B8 C0 07 .....3.....|.... 0060 8E D8 E8 16-00 B8 00 0D-8E C0 33 DB-C6 06 0E 00 ..........3..... 0070 10 E8 53 00-68 00 0D 68-6A 02 CB 8A-16 24 00 B4 ..S.h..hj....$.. 0080 08 CD 13 73-05 B9 FF FF-8A F1 66 0F-B6 C6 40 66 ...s......f...@f 0090 0F B6 D1 80-E2 3F F7 E2-86 CD C0 ED-06 41 66 0F .....?.......Af. 00A0 B7 C9 66 F7-E1 66 A3 20-00 C3 B4 41-BB AA 55 8A ..f..f. ...A..U. 00B0 16 24 00 CD-13 72 0F 81-FB 55 AA 75-09 F6 C1 01 .$...r...U.u.... 00C0 74 04 FE 06-14 00 C3 66-60 1E 06 66-A1 10 00 66 t......f`..f...f 00D0 03 06 1C 00-66 3B 06 20-00 0F 82 3A-00 1E 66 6A ....f;. ...:..fj 00E0 00 66 50 06-53 66 68 10-00 01 00 80-3E 14 00 00 .fP.Sfh.....>... 00F0 0F 85 0C 00-E8 B3 FF 80-3E 14 00 00-0F 84 61 00 ........>.....a. 0100 B4 42 8A 16-24 00 16 1F-8B F4 CD 13-66 58 5B 07 .B..$.......fX[. 0110 66 58 66 58-1F EB 2D 66-33 D2 66 0F-B7 0E 18 00 fXfX..-f3.f..... 0120 66 F7 F1 FE-C2 8A CA 66-8B D0 66 C1-EA 10 F7 36 f......f..f....6 0130 1A 00 86 D6-8A 16 24 00-8A E8 C0 E4-06 0A CC B8 ......$.........
0140 01 02 CD 13-0F 82 19 00-8C C0 05 20-00 8E C0 66 ........... ...f 0150 FF 06 10 00-FF 0E 0E 00-0F 85 6F FF-07 1F 66 61 ..........o...fa 0160 C3 A0 F8 01-E8 09 00 A0-FB 01 E8 03-00 FB EB FE ................ 0170 B4 01 8B F0-AC 3C 00 74-09 B4 0E BB-07 00 CD 10 .....<.t........ 0180 EB F2 C3 0D-0A 41 20 64-69 73 6B 20-72 65 61 64 .....A disk read 0190 20 65 72 72-6F 72 20 6F-63 63 75 72-72 65 64 00 error occurred. 01A0 0D 0A 4E 54-4C 44 52 20-69 73 20 6D-69 73 73 69 ..NTLDR is missi 01B0 6E 67 00 0D-0A 4E 54 4C-44 52 20 69-73 20 63 6F ng...NTLDR is co 01C0 6D 70 72 65-73 73 65 64-00 0D 0A 50-72 65 73 73 mpressed...Press 01D0 20 43 74 72-6C 2B 41 6C-74 2B 44 65-6C 20 74 6F Ctrl+Alt+Del to 01E0 20 72 65 73-74 61 72 74-0D 0A 00 00-00 00 00 00 restart........ 01F0 00 00 00 00-00 00 00 00-83 A0 B3 C9-00 00 55 AA ..............U.
+----------------------------------------------|Running additional SIC components +-----------------------------------------------
Successfully executed : C:\Documents and Settings\Administrator\My Documents\eBooks\Certifications\virus guides\IMP Virus books\virus removal tools\SIC\SIC_SLR.bin d=.\SICLOG -o=.\Retrieve.lst
+----------------------------------------------|Logging Hidden Files +-----------------------------------------------
You might also like
- OscpDocument3 pagesOscpbxx31426No ratings yet
- Adorage ProtocolDocument14 pagesAdorage ProtocolRon BarrientosNo ratings yet
- Javacore 20110520 131831 7888 0008Document86 pagesJavacore 20110520 131831 7888 0008Marie-Françoise FarnierNo ratings yet
- ZHP DiagDocument41 pagesZHP DiagJayaraj PoojaryNo ratings yet
- Adorage ProtocolDocument8 pagesAdorage ProtocolRajuneshNo ratings yet
- FRSTDocument66 pagesFRSTKM AndhantoNo ratings yet
- WindowsattacksDocument78 pagesWindowsattacksblufakesionNo ratings yet
- 0xc0000005 ErrorDocument12 pages0xc0000005 ErrorTome DimovskiNo ratings yet
- RFA BugreportDocument27 pagesRFA BugreportsergieNo ratings yet
- FRSTDocument14 pagesFRSTicecube44No ratings yet
- ZHP DiagDocument25 pagesZHP DiagMouhat OuadiaNo ratings yet
- FRST - 21-09-2022 14.25.50Document10 pagesFRST - 21-09-2022 14.25.50PabloNo ratings yet
- ZHPDiagDocument48 pagesZHPDiagAnonymous p3i3WlMyNQNo ratings yet
- FixlogDocument11 pagesFixlogDino SeptiawanNo ratings yet
- WCF TouchInput V6220Document5 pagesWCF TouchInput V6220Jacqueline TaylorNo ratings yet
- Fixlog 1Document5 pagesFixlog 1playcftvNo ratings yet
- UsbFix ReportDocument4 pagesUsbFix ReportOUSSAMA TEGNo ratings yet
- FRSTDocument22 pagesFRSTpetr230307No ratings yet
- ZadiaDocument55 pagesZadiadeathcon4No ratings yet
- FRSTDocument11 pagesFRSTJesusNo ratings yet
- ZA ScanDocument6 pagesZA ScanVinicius FormigoniNo ratings yet
- UsbFix ReportDocument3 pagesUsbFix ReportDazdouz MkhalwiNo ratings yet
- TRLOGDocument44 pagesTRLOGSlendy RgNo ratings yet
- Javacore 20110923 103803 7736Document109 pagesJavacore 20110923 103803 7736prakureNo ratings yet
- UntitledDocument3 pagesUntitledLittle gamerNo ratings yet
- Combo FixDocument4 pagesCombo FixChadwick ElliottNo ratings yet
- Siv Vig PostgradDocument23 pagesSiv Vig PostgradEdgard Idme MolinaNo ratings yet
- Yuzu LogDocument618 pagesYuzu LogBluryNo ratings yet
- Combo FixDocument9 pagesCombo FixDaniel MorandiNo ratings yet
- UsbFix ReportDocument4 pagesUsbFix Reportsami kaziNo ratings yet
- UntitledDocument3 pagesUntitledLittle gamerNo ratings yet
- FRST - 24-06-2024 14.13.36Document25 pagesFRST - 24-06-2024 14.13.36devpalsingh2004No ratings yet
- UsbFix ReportDocument3 pagesUsbFix ReportRas HidNo ratings yet
- AdwCleaner (S00)Document2 pagesAdwCleaner (S00)Martin ReppNo ratings yet
- UltimateDocument19 pagesUltimateidelvo8636No ratings yet
- AdwCleaner (C00)Document3 pagesAdwCleaner (C00)Мария ТопчееваNo ratings yet
- FRSTDocument28 pagesFRSTSevii KermiiNo ratings yet
- PS Free SpaceDocument3 pagesPS Free SpaceAhmed R. KhanNo ratings yet
- NeuroDocument25 pagesNeuroBrandon Sneyder Avilan RodriguezNo ratings yet
- Start Up ListDocument3 pagesStart Up Listmohamad burhanNo ratings yet
- ZA ScanDocument5 pagesZA ScanLevi de SousaNo ratings yet
- SQL Express 2019 Log - Registry ItemsDocument1,106 pagesSQL Express 2019 Log - Registry ItemsitNo ratings yet
- FRST Indo DisiniDocument17 pagesFRST Indo DisiniDedy Chasan Aflah MutoharNo ratings yet
- TRLOGDocument10 pagesTRLOGallie343343No ratings yet
- (Resolved) Searchqu ProblemDocument26 pages(Resolved) Searchqu Problemprabhatm_2No ratings yet
- ShortcutDocument13 pagesShortcutSevii KermiiNo ratings yet
- Report 09-08-2023 14,23,03Document110 pagesReport 09-08-2023 14,23,03look at me look at meNo ratings yet
- FRSTDocument15 pagesFRSTAnwarNo ratings yet
- UsbFix ReportDocument2 pagesUsbFix ReportfatNo ratings yet
- UsbFix ReportDocument3 pagesUsbFix Reportfarisse1995No ratings yet
- FRSTDocument166 pagesFRSTJonas LovecorNo ratings yet
- Combo FixDocument9 pagesCombo FixsanjayNo ratings yet
- Registry Scan ReportDocument132 pagesRegistry Scan Reportz_dacheriNo ratings yet
- UsbFix ReportDocument3 pagesUsbFix ReportYorman rodriguez moy0% (1)
- UsbFix ReportDocument2 pagesUsbFix ReportCarmen VerazaNo ratings yet
- SQL Express 2019 (Update) Log - Registry ItemsDocument644 pagesSQL Express 2019 (Update) Log - Registry ItemsitNo ratings yet
- Combofix 1Document10 pagesCombofix 1Nur Faizah AzizanNo ratings yet
- SystemDocument4 pagesSystemseahorse2301No ratings yet
