ComboFix 11-12-04.03 - Ja 2011-12-04 21:00:31.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1382 [GMT 1:00] Uruchomiony z: H:\ComboFix.exe AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\auth.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\burnlib.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\dsp_sps.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\enc_fhgaac.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\enc_flac.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\enc_lame.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\enc_vorbis.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\enc_wav.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\enc_wma.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_classicart.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_crasher.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_ff.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_find_on_disk.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_hotkeys.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_jumpex.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_ml.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_nopro.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_orgler.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_skinmanager.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_timerestore.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_tray.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_undo.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\gen_win7shell.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_avi.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_cdda.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_dshow.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_flac.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_flv.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_linein.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_midi.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_mkv.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_mod.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_mp3.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_mp4.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_nsv.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_swf.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_vorbis.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_wav.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_wave.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_wm.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\in_wv.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_addons.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_autotag.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_bookmarks.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_devices.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_disc.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_downloads.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_enqplay.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_history.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_impex.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_local.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_nowplaying.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_online.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_orb.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_playlists.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_plg.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_pmp.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_rg.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_transcode.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ml_wire.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\ombrowser.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\out_disk.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\out_ds.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\out_wave.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\playlist.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\pmp_activesync.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\pmp_android.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\pmp_ipod.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\pmp_njb.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\pmp_p4s.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\pmp_usb.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\pmp_wifi.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\tagz.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\vis_avs.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\vis_milk2.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\vis_nsfs.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\winamp.lng c:\docume~1\Ja\USTAWI~1\Temp\WLZ790E.tmp\winampa.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\auth.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\burnlib.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\dsp_sps.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\enc_fhgaac.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\enc_flac.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\enc_lame.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\enc_vorbis.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\enc_wav.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\enc_wma.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_classicart.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_crasher.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_ff.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_find_on_disk.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_hotkeys.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_jumpex.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_ml.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_nopro.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_orgler.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_skinmanager.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_timerestore.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_tray.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_undo.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\gen_win7shell.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_avi.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_cdda.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_dshow.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_flac.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_flv.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_linein.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_midi.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_mkv.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_mod.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_mp3.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_mp4.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_nsv.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_swf.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_vorbis.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_wav.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_wave.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_wm.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\in_wv.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_addons.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_autotag.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_bookmarks.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_devices.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_disc.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_downloads.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_enqplay.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_history.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_impex.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_local.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_nowplaying.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_online.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_orb.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_playlists.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_plg.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_pmp.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_rg.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_transcode.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ml_wire.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\ombrowser.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\out_disk.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\out_ds.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\out_wave.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\playlist.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\pmp_activesync.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\pmp_android.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\pmp_ipod.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\pmp_njb.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\pmp_p4s.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\pmp_usb.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\pmp_wifi.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\tagz.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\vis_avs.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\vis_milk2.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\vis_nsfs.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\winamp.lng c:\documents and settings\Ja\Ustawienia lokalne\Temp\WLZ790E.tmp\winampa.lng c:\windows\system32\AutoRun.inf c:\windows\system32\muzapp.exe c:\windows\system32\usmt\migwiz_a.exe . . ((((((((((((((((((((((((( Pliki utworzone od 2011-11-04 do 2011-12-04 ))))))))))))))))))))))))))))))) . . 2011-12-04 15:23 . 2011-12-04 15:51 -------- d-----w- c:\windows\system32\NtmsData 2011-11-17 16:07 . 2008-09-26 17:01 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys 2011-11-17 16:07 . 2008-09-26 17:01 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys 2011-11-17 16:07 . 2008-09-26 17:01 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys 2011-11-17 16:07 . 2008-09-26 17:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-23 16:35 . 2011-10-23 16:35 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2011-10-20 11:57 . 2011-09-11 07:29 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-10 14:22 . 2011-06-30 18:53 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-10-03 03:06 . 2011-09-02 17:09 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-03 00:37 . 2011-09-02 17:09 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-09-28 07:06 . 2006-03-02 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 09:41 . 2010-03-18 08:09 614400 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41 . 2006-03-02 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 09:41 . 2006-03-02 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-06 14:10 . 2006-03-02 12:00 1859200 ----a-w- c:\windows\system32\win32k.sys 2011-11-21 04:42 . 2011-12-04 16:03 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2006-03-02 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys . [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [-] 2006-03-02 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys . [-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [-] 2008-04-14 . 2AECA45D4AEAACBDCB77AD11184E4601 . 24960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . 2AECA45D4AEAACBDCB77AD11184E4601 . 24960 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2006-03-02 . CC13DB862F929AE33F64C3BEDC01CD31 . 24960 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys . [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2006-03-02 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys . [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [-] 2006-03-02 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys . [-] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [-] 2006-03-02 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys . [-] 2008-04-14 . B98ED6D85339A66A73F32FB569EB6C01 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . B98ED6D85339A66A73F32FB569EB6C01 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2006-03-02 . 210830D2497FEF78694076179AF8C795 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll . [-] 2008-04-14 . 88296F7943F30A1EE3AF735440B92268 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 88296F7943F30A1EE3AF735440B92268 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2006-03-02 . F485FEFC8CC4FD29243D800BE5D275D1 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe . [-] 2008-04-14 . 4FE97D0B1B182DF2A9BDD4C02155EF5E . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . 4FE97D0B1B182DF2A9BDD4C02155EF5E . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2006-03-02 . 3E7B6583269BC118720D0020B03CC71E . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll . [-] 2008-04-14 17:20 . 8A7426E69FFA30EE4DC76CA3E3999121 . 822272 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll [-] 2008-04-14 17:20 . 8A7426E69FFA30EE4DC76CA3E3999121 . 822272 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll [-] 2006-03-02 12:00 . 8797D059EEBD5101CC6257EE2D6B900A . 822272 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll . [-] 2008-04-14 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [-] 2006-03-02 . A6BFD910074B02C8794FC65F39CC6B28 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll . [-] 2009-02-09 . C9E5AC78D9A00B1DE8CE2AD1BDDE7E42 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . A37311D9D628C1042A2836731787F0F3 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll [-] 2009-02-09 . A37311D9D628C1042A2836731787F0F3 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . A37311D9D628C1042A2836731787F0F3 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2009-02-09 . B5D78596EFFBEB82F3B86D9A002538E1 . 399360 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2009-02-09 . 3256C32654CC35DFCFEF42B0C5E4AB89 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll [-] 2008-04-14 . 02396DAB9DD407B06539981F477F3FEC . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2008-04-14 . 02396DAB9DD407B06539981F477F3FEC . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2006-03-02 . 346E5B19FC986FE7185A0C2C43593722 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll . [-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe [-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-09 . 8816E60BF654353E8E0D35ED98875445 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2009-02-09 . ED4E5391100287B9EABF8F2CF4B42235 . 111104 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe [-] 2009-02-09 . 245A46964D7F534E1D20563ACF215E80 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe [-] 2008-04-14 . 3E3AE424E27C4CEFE4CAB368C7B570EA . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2008-04-14 . 3E3AE424E27C4CEFE4CAB368C7B570EA . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2006-03-02 . 3DA8D964D2CC12EF8E8C342471A37917 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe . [-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe [-] 2008-04-14 . DD69EC597AB942C39B950D9C3CE1375D . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe [-] 2008-04-14 . DD69EC597AB942C39B950D9C3CE1375D . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe [-] 2006-03-02 . BEBE8A85954FF460374FD5A0CD21E19B . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe . [-] 2008-04-14 . 51FD2E13D723857B9CA239AE77150F48 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 51FD2E13D723857B9CA239AE77150F48 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2006-03-02 . 0344407089B08548D4FEBA62BB0F32D0 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe . [-] 2010-08-23 . 8B9ED4A686777261B9AFADD2A6D981A0 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2010-08-23 . 8B9ED4A686777261B9AFADD2A6D981A0 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [-] 2010-08-23 . C29639BA7410BCEF8898CBCB07A59CB1 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [-] 2008-04-14 . 0BE00656B7CAEDE754AEE4D7AD13B687 . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll [-] 2008-04-14 . 0BE00656B7CAEDE754AEE4D7AD13B687 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . 737739FACEAD60683AA8D7FF7602FD14 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [-] 2006-03-02 . D38C710AAC3A0D16AF7DF6770C9F6CBB . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2006-03-02 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 2006-03-02 . 492C2DB83085130A993EE3E12D0FD0E1 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll . [-] 2008-04-14 . 6B105FE95F2E9F0B6346044BA59D41C9 . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 6B105FE95F2E9F0B6346044BA59D41C9 . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2006-03-02 . 91723CD7C96C5854149F9CAE820A90DD . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll . [-] 2008-07-07 20:33 . 878FA7B8FFBCFFDAEB05F0484A99562D . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2008-07-07 20:29 . 6AFF804839C85859E0247164FBE5F5BB . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:29 . 6AFF804839C85859E0247164FBE5F5BB . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:29 . 6AFF804839C85859E0247164FBE5F5BB . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:25 . 5BB3E442E43C7BB0F38203F23C920D3C . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:19 . 266EE073842AFF70B1A1460EE0CBBD49 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 17:20 . BE1B1412A3D488C50B8F67F792196108 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2008-04-14 17:20 . BE1B1412A3D488C50B8F67F792196108 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2006-03-02 12:00 . DC54CC79E1FAEFA480A8117C9BF105E1 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll . [-] 2008-04-14 . 2E9A03268E609917B83921EE16FD9CFB . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 2E9A03268E609917B83921EE16FD9CFB . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2006-03-02 . BDB679C04273B19BF46BD0D591FDEEC3 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll . [-] 2009-03-21 . C57B35FBBB25E8314E022F8D13BE5A57 . 1014784 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 2009-03-21 . 77C951B64413E80EEC0359426DCA938B . 1018368 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll [-] 2009-03-21 . 77C951B64413E80EEC0359426DCA938B . 1018368 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . 77C951B64413E80EEC0359426DCA938B . 1018368 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . 6CFFFD4A53F08D1BE0222D859BF93B29 . 1020416 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2009-03-21 . 6B29B8F00F7CDE46C69BDED5253B96B9 . 1017856 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll [-] 2008-04-14 . FCE4ECC34A36EDACF03DBE8DE5E28910 . 1018368 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2008-04-14 . FCE4ECC34A36EDACF03DBE8DE5E28910 . 1018368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2006-03-02 . 578BB2F44597CB53451DED99013573F3 . 1012224 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll . [-] 2008-04-14 . EA8DF0AF49E2616F55BF327549E44368 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . EA8DF0AF49E2616F55BF327549E44368 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2006-03-02 . 7068F13DEFF03488E1A1E27E4BC004E8 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll . [-] 2008-04-14 . A9C89DBAD5EFF7A06B58302778674507 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . A9C89DBAD5EFF7A06B58302778674507 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2006-03-02 . 261DB4366ECB4220EA960F0CA78CABAC . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll . [-] 2008-04-14 . 411864012AC39F2B57319AEF64D336DF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 411864012AC39F2B57319AEF64D336DF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2008-04-14 . 11F8B9042B6F4320B6D4E528664AD693 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll [-] 2006-03-02 . 9AFE931CBC9244A5EB0B9E9D5FA74F44 . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [-] 2006-03-02 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2006-03-02 . 9C6F09D2B217A0BF739AF557C84CD3BD . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll . [-] 2008-06-20 . 300BCC512DE4038F1494230941DB2C2A . 246784 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] 2008-06-20 . 300BCC512DE4038F1494230941DB2C2A . 246784 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll [-] 2008-06-20 . BF80D884E1C60DED1C7CEA3EC6F9DC28 . 246784 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll [-] 2008-06-20 . BF80D884E1C60DED1C7CEA3EC6F9DC28 . 246784 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . D4ABFCD86AF9533EF94F291A1BB3E9A2 . 246784 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll [-] 2008-06-20 . F1590C9B2294DB9ACE3B081ABD596174 . 246784 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 2008-06-20 . 9D1F13706FB5F02D0E8795FB2D03971D . 246784 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 9D1F13706FB5F02D0E8795FB2D03971D . 246784 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-04-14 . 612E31FCAC1040EDD78ECAC81C9F859F . 246784 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll [-] 2008-04-14 . 612E31FCAC1040EDD78ECAC81C9F859F . 246784 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll [-] 2006-03-02 . 83387067B25E000E64B178A62E5DCD24 . 246784 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll . [-] 2009-02-06 . B771DCBE0449C9F0F290092DEC48E698 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll [-] 2009-02-06 . B771DCBE0449C9F0F290092DEC48E698 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll [-] 2008-04-14 . 9858AD0A3FCD83C3B100EDD5852DE540 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . 9858AD0A3FCD83C3B100EDD5852DE540 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2006-03-02 . 8BE1BEBB1447EFFAF5F2135DC098431E . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll . [-] 2008-04-14 . 414C17A2958AEDAC700BBAAFBF999F94 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . 414C17A2958AEDAC700BBAAFBF999F94 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2006-03-02 . B20BB2A65349EF132FA7F2EB51A29E5C . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll . [-] 2008-04-14 . 3F74B6B4E2721272A117D25990141F73 . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 3F74B6B4E2721272A117D25990141F73 . 186368 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2006-03-02 . 3609496AE18FF399920C494270C526F9 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll . [-] 2008-04-14 . 71C6AB6EB8CF1190BAC7075F82BD8F05 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . 71C6AB6EB8CF1190BAC7075F82BD8F05 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2006-03-02 . 3F342B984E9E1ABD58347DA859CD44C6 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll . [-] 2008-04-14 . 8607D35D92528E2DF386F19A960D23CE . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . 8607D35D92528E2DF386F19A960D23CE . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2006-03-02 . BA98327E90022DBD6EE76490E0622E2E . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe . [-] 2008-04-14 . 2340E6977548038C88E39A9ECBB3FADC . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . 2340E6977548038C88E39A9ECBB3FADC . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2006-03-02 . 0A695B77564D8E9333E846B526F95AB2 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll . [-] 2008-04-14 . A435C5C069AFD901751AC323AD238793 . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . A435C5C069AFD901751AC323AD238793 . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2006-03-02 . 0C81764F50F32D376E6E4B9E9F4B01A0 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll . [-] 2008-04-14 . 2A5B37D520508BE6570A3EA79695F5B5 . 26624 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . 2A5B37D520508BE6570A3EA79695F5B5 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2006-03-02 . BD768099B4C44AA631728CB74EB54396 . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe . [-] 2008-04-14 . C0AA2AB856680C44739B41E01F5BD4E9 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . C0AA2AB856680C44739B41E01F5BD4E9 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2006-03-02 . AB82237486B727DD7DAB36A76F38A3A2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll . [-] 2008-04-14 . F43B5623C5CA5BF6D9678FCF19642422 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . F43B5623C5CA5BF6D9678FCF19642422 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2006-03-02 . D30F55D0980533DD1C5AC640E05C49E6 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll . [-] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2006-03-02 . 379098A96E6C165B659DE7E4328010EA . 1033728 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe . [-] 2008-04-14 . FD317A23C3EB2A856E74279FBE04B9C2 . 149504 . . [5.1.2600.5512] . . c:\windows\regedit.exe [-] 2008-04-14 . FD317A23C3EB2A856E74279FBE04B9C2 . 149504 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe [-] 2006-03-02 . C1FD2A565973DE555A36B335644402EB . 149504 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe . [-] 2010-07-16 . C10BDDDBA990C49BD195A60715DD6BEF . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll [-] 2010-07-16 . C10BDDDBA990C49BD195A60715DD6BEF . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll [-] 2010-07-16 . BBA690E74E139B3E0357164A1F065C24 . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll [-] 2008-04-14 . 7A50662D3E47A0D855CE2960ED6CA523 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll [-] 2008-04-14 . 7A50662D3E47A0D855CE2960ED6CA523 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll [-] 2006-03-02 . 0EB888B72FBF4ABE80AAD96B93256FBB . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll . [-] 2010-04-16 . 514F80DF6DCF9BBA1D67CA16BC667787 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll [-] 2010-04-16 . 514F80DF6DCF9BBA1D67CA16BC667787 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll [-] 2010-04-16 . 9B5F828F0D6A7AEA167F7D85CF693BD0 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll [-] 2008-04-14 . CD7F574A9ABDECAB9561DB0B2F7F2143 . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll [-] 2008-04-14 . CD7F574A9ABDECAB9561DB0B2F7F2143 . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll [-] 2006-03-02 . 8E607A6F159621A8737DF29F46EDA1EF . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll . [-] 2008-04-14 . CD928E84EF8FAB1BFB5791E28F7D4E0B . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll [-] 2008-04-14 . CD928E84EF8FAB1BFB5791E28F7D4E0B . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll [-] 2004-08-03 . 84400F3E86B4FFCF7442002029D63786 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll . [-] 2008-04-14 . 1BD41EDA5B869AFC99895C39A8DE36E1 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . 1BD41EDA5B869AFC99895C39A8DE36E1 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2006-03-02 . CBFA30492D70CE3938D8A7783D0C0436 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe . [-] 2009-07-27 . 55AAE86C7C2CADF6972ACD1D76C24A98 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll [-] 2009-07-27 . 55AAE86C7C2CADF6972ACD1D76C24A98 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll [-] 2009-07-27 . 232D5719F86E05B7FE34F038D4FC84B2 . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll [-] 2008-04-14 . 8AD90ED829B8404D962545ED3EFB1129 . 135680 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll [-] 2008-04-14 . 8AD90ED829B8404D962545ED3EFB1129 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2006-03-02 . 7C8E934687C496EDC69FDBBD2C277E63 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll . [-] 2008-04-14 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2006-03-02 . F309D9894FCA821E3C2F557A8032D47A . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll . [-] 2008-04-14 . CC07DA5A1CB214ADDFA50B2FA6935F18 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . CC07DA5A1CB214ADDFA50B2FA6935F18 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2006-03-02 . 1905812AB06A70FF21907FAA10C927D6 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe . [-] 2008-04-14 . 24ED6935771359A5AEF1FE8BF0C56F39 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . 24ED6935771359A5AEF1FE8BF0C56F39 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2006-03-02 . E3C9EF5BCC9EB171BD81051CD19BDED7 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll . [-] 2008-04-14 . 35FCCFD093582FA9098762E6F84EE119 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . 35FCCFD093582FA9098762E6F84EE119 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2006-03-02 . 05684DE2DA55A04C8AAAB5911AFE7643 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll . [-] 2008-04-14 . A9ED600F08A92143253C10EDB5651ECF . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . A9ED600F08A92143253C10EDB5651ECF . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2006-03-02 . F044A12CFFB8E58BC044A2605283A636 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll . [-] 2008-04-14 . B472B59EF98469C91651B751D3442CB8 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . B472B59EF98469C91651B751D3442CB8 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2006-03-02 . A19BFED61736127DB5B8B815AFB35190 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll . [-] 2008-04-14 . DD73C11A5C4D14945846384B90A61A4B . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . DD73C11A5C4D14945846384B90A61A4B . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2006-03-02 . E5F1C9EAD4C6617ACD40CA90882CC7D4 . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll . [-] 2008-04-14 . 2C0B1224AA36B4CA1753302BAA855882 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 2C0B1224AA36B4CA1753302BAA855882 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2006-03-02 . BB754C4BE0B18F0FAF01A7EBDE7025C4 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll . [-] 2008-04-14 . 52E0505408EDD4AB5CCC7F83B67B4299 . 296448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . 52E0505408EDD4AB5CCC7F83B67B4299 . 296448 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2006-03-02 . 2C28157229925280916B3041CCC5FE4B . 296448 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll . [-] 2008-04-14 . 2DEE3DC6EB17D7BB774CE05695BA26D6 . 346112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll [-] 2008-04-14 . 2DEE3DC6EB17D7BB774CE05695BA26D6 . 346112 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll [-] 2006-03-02 . E2012CF69E88C83118472DE4945A27E5 . 346624 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll . [-] 2006-03-02 . 66A42B7DB194E24B973BBCCE840A0F3F . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys . [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys . [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [-] 2006-03-02 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys . [-] 2010-09-18 07:18 . 576D37910F472BB5E62EF14D4B274599 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll [-] 2010-09-18 06:53 . E7A93F4C5154D34F61328D34DE02CD61 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll [-] 2010-09-18 06:53 . E7A93F4C5154D34F61328D34DE02CD61 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll [-] 2008-04-14 17:20 . E43B998C777D43FB8624741B4567BCD9 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll [-] 2008-04-14 17:20 . E43B998C777D43FB8624741B4567BCD9 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll [-] 2006-03-02 12:00 . CFA664EFA06EEE2B02721C1384F51123 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll . [-] 2008-04-14 . 36F3AB18B1BE303DA51DE90A67DE3942 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . 36F3AB18B1BE303DA51DE90A67DE3942 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2006-03-02 . 1D0EBF9EDAE8A61CBF56ED1FF8489FAC . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll . [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll [-] 2006-03-02 12:00 . FA83DF4EE3B86E5CE53A5EA425F3F472 . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll [-] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll . [-] 2010-12-09 . 7E8979CD5018A9927A8A2C859914ED16 . 2070656 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe [-] 2010-12-09 . 720FA9D2F96501ABE8786B24DC48C7B7 . 2028544 . . [5.1.2600.6055] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-12-09 . FBAA6966A914147FE3CE95982D001F4F . 2070656 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2010-12-09 . FBAA6966A914147FE3CE95982D001F4F . 2070656 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2010-02-17 . 1D338CB5FEE6077219965E2BA30E0A14 . 2065024 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe [-] 2010-02-16 . 6BC9DD36EA5D02A9AB398D1EF01D776D . 2018304 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [-] 2010-02-16 . 0438A0A4C1EDA0B57EA1777B74FB99E6 . 2068096 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe [-] 2010-02-16 . 7BC42FA8C8C58F415805473B614F51F0 . 2025984 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe [-] 2010-02-16 . 3BAC4F629D4CA55898A74E987384BD7F . 2068224 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-02-10 . AE8D75A5457D995EACE1B160FCF3D5E4 . 2067328 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [-] 2009-02-09 . 8945CE300E466FDAEFD32A5B1E85DFA8 . 2017280 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe [-] 2009-02-09 . 2DDE205ED520F438FB5FB4004A8702D3 . 2064256 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe [-] 2009-02-09 . E794826D0E77E72F4828A77D064481DE . 2025472 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-02-09 . DBB713C90996F42BA3D4725B438D8332 . 2067456 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-04-14 . 280CD53BA94A32BCA61B5EA01753AED8 . 2025472 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-04-14 . 4BBA965664FAA56B187C27F4CAD7E7C5 . 2067200 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [-] 2006-03-02 . 33FDAD88EEC315EE4CFB147FB19FD2B6 . 2016768 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe . [-] 2008-04-14 17:20 . 3FB5399DBB7001A80D58EDAD64C98225 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 17:20 . 3FB5399DBB7001A80D58EDAD64C98225 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2006-03-02 12:00 . C8CE1566B0537C3F5F7AE1CA458A6697 . 435712 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll . [-] 2008-04-14 . E96A6BAEE0B2A14A38B45830D6E30697 . 186880 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 . E96A6BAEE0B2A14A38B45830D6E30697 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [-] 2006-03-02 . 387D2A06C8E7CCCEA8E9A350C8FE6781 . 185856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll . [-] 2008-04-14 . 4F2DA211B394AF150F00254F346857CD . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 4F2DA211B394AF150F00254F346857CD . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2006-03-02 . 9E46388FE1308B54F843959FBE2764F9 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll . [-] 2008-04-14 . 8881A14051D739A8422C521A83D614DA . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 8881A14051D739A8422C521A83D614DA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2006-03-02 . D87BF452D4BE09490D98EFB05D00FD9D . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll . [-] 2008-04-14 . 277389C269541D4B474BA72CA98A39E4 . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . 277389C269541D4B474BA72CA98A39E4 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2006-03-02 . 1F542A014A9DDB28719630D1D9F1DB94 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll . [-] 2008-04-14 17:20 . 24B2954CAA69D904C1F39A3AC1421044 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 17:20 . 24B2954CAA69D904C1F39A3AC1421044 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2006-03-02 12:00 . 46A2A555FAB1BD80FEBCF40670843942 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll . [-] 2008-04-14 . 2095C42F0026BA1D0F6A4DC07CAEE871 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . 2095C42F0026BA1D0F6A4DC07CAEE871 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2006-03-02 . ACD23BB505C892D56175CC686B5C1509 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll . [-] 2008-04-14 . 5B9FC235221DC3F48DA7318CB0BD4888 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll [-] 2008-04-14 . 5B9FC235221DC3F48DA7318CB0BD4888 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll [-] 2006-03-02 . 5005BF45DF1D444E7639408AFAF8EED5 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll . [-] 2008-04-14 . AF3C3F051675CF688EAD4065FE11542D . 93184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe [-] 2006-03-02 . 94E790CB14279FF3EA244DAF0864B8A6 . 93184 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\iexplore.exe . [-] 2010-12-09 . 8A302601BE409E59260BB8ADE7CC6BC2 . 2194048 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe [-] 2010-12-09 . EEB63BA2A4399E34E96A69088F680FF0 . 2194048 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2010-12-09 . EEB63BA2A4399E34E96A69088F680FF0 . 2194048 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2010-12-09 . 68098C0FA5F262547549F773ABBA9EC1 . 2150400 . . [5.1.2600.6055] . . c:\windows\system32\ntoskrnl.exe [-] 2010-02-17 . 5EBED7B39C87EAE96BBE61F8B9BCAE83 . 2191232 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe [-] 2010-02-16 . E5DE7A6AB1372B7A491204B8C1F2C894 . 2138624 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [-] 2010-02-16 . 5DF3B89453ACA9833B70184DFCE62EA8 . 2188160 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe [-] 2010-02-16 . 34AEC75A373B3833F949B80DD52DAF08 . 2147840 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe [-] 2010-02-16 . 5949F76D27C270BFA32717D8BFC0F51F . 2191360 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-02-10 . 67DD50DFE7736999AE3C59699F9698B4 . 2190464 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . A464E6F3C1278754F29F605DB5E0CFFD . 2137600 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe [-] 2009-02-09 . 9437BE2B30F80F6F4CAD8BEA8D3EF0CD . 2187392 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe [-] 2009-02-09 . F9489C6615A62A5EB3A19FA684AD4415 . 2190336 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [-] 2009-02-09 . AC25F59B244B9199797739004290DEB6 . 2146816 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2008-04-14 . 8CA14ECF04594EABBE93C9FF2E3CBFB1 . 2190336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [-] 2008-04-14 . 1B4B41AC8CDAA66DED8999A7DE212D3E . 2146816 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2006-03-02 . A1B8225D45EF88FA294FE1E371BB594A . 2149888 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe . [-] 2008-04-14 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2006-03-02 . F309D9894FCA821E3C2F557A8032D47A . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll . [-] 2008-04-14 . A672CA3981352F8E9C30FEA056E80A62 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll [-] 2008-04-14 . A672CA3981352F8E9C30FEA056E80A62 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll [-] 2006-03-02 . 000A0D516A2E20441E77AEA44E46B19B . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll . [-] 2008-04-14 . 41508EA375C97DC2B56E5F1AFC067187 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll [-] 2008-04-14 . 41508EA375C97DC2B56E5F1AFC067187 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll [-] 2006-03-02 . C6718154A50FE6C55E382CDBDEDCE7A7 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll . [-] 2008-04-14 . 30A2A72C04597972CF325F2A28410B63 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll [-] 2008-04-14 . 30A2A72C04597972CF325F2A28410B63 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll [-] 2006-03-02 . AB5FC830C5FBAC5DE4C18725D4F4BD7A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll . [-] 2008-04-14 . D6804AD9DBDF13DF147A371EB881020F . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll [-] 2008-04-14 . D6804AD9DBDF13DF147A371EB881020F . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll [-] 2006-03-02 . 408C0FBB97B8B32E7CAF6C129EF18820 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AudioDeck"="c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe" [2007-08-09 528384] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-08-03 13892200] "NvMediaCenter"="NvMCTray.dll" [2011-08-03 111208] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-07-05 1632360] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Winamp\\winamp.exe"= "c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"= "d:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"= "d:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"= "d:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Gadu-Gadu\\gg.exe"= "c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"= "d:\\Program Files\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"= "c:\\Program Files\\PLAY ONLINE\\PLAY ONLINE.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-02-22 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-03-16 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-01-07 248656] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-04-04 297168] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520] R2 CDMA Device Service;CDMA Device Service;c:\program files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [2011-08-31 63488] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-16 2255464] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-04-14 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-02-10 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-02-10 27216] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-08-18 7390560] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-08-31 30312] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;d:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832] S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\39.tmp --> c:\windows\system32\39.tmp [?] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-08-31 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-08-31 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-08-31 136808] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2011-08-31 114280] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Zawartość folderu 'Zaplanowane zadania' . 2011-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-651377827-725345543-1004Core.job - c:\documents and settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-07-02 20:04] . 2011-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-651377827-725345543-1004UA.job - c:\documents and settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-07-02 20:04] . . ------- Skan uzupełniający ------- . IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Save video on Savevid.com - c:\program files\Savevid\redirect.htm TCP: Interfaces\{34C94A43-95B3-4DFB-8EA6-785AA165F83F}: NameServer = 89.108.195.20 217.17.34.10 FF - ProfilePath - c:\documents and settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\0tpx8ozt.default\ . - - - - USUNIĘTO PUSTE WPISY - - - - . AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe AddRemove-26_VIA_driver2 - c:\program files\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-12-04 21:07 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run AudioDeck = c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe 1???????????????????????????????????????????????? . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2] "ImagePath"="\??\c:\windows\system32\39.tmp" . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'explorer.exe'(2808) c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe d:\program files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe c:\windows\system32\RunDLL32.exe c:\program files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe c:\program files\AVG\AVG10\avgui.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Czas ukończenia: 2011-12-04 21:12:01 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2011-12-04 20:11 . Przed: 21 299 339 264 bajtów wolnych Po: 21 401 890 816 bajtów wolnych . - - End Of File - - 758E24F7A67AE4D4518AABE9ABC9F778