GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2014-02-16 23:37:33 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD800BJKT-75F4T0 rev.11.01A11 74,53GB Running: GMER.exe; Driver: C:\DOCUME~1\UYTKOW~1\USTAWI~1\Temp\pxtdapob.sys ---- System - GMER 2.1 ---- SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwAssignProcessToJobObject [0xA90244B0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwCreateThread [0xA90247F0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwDebugActiveProcess [0xA9024AB0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwDuplicateObject [0xA90245D0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwLoadDriver [0xA90248B0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwOpenProcess [0xA9024350] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwOpenThread [0xA9024410] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwProtectVirtualMemory [0xA9024570] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwQueueApcThread [0xA9024630] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwSetContextThread [0xA9024530] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwSetInformationThread [0xA90244F0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwSetSecurityObject [0xA9024670] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwSetSystemInformation [0xA9024870] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwSuspendProcess [0xA90243B0] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwSuspendThread [0xA9024430] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwSystemDebugControl [0xA9024830] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwTerminateProcess [0xA9024370] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwTerminateThread [0xA9024470] SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwWriteVirtualMemory [0xA90245F0] ---- Kernel code sections - GMER 2.1 ---- .text ntkrnlpa.exe!ZwCallbackReturn + 307C 80504964 12 Bytes [B0, 43, 02, A9, 30, 44, 02, ...] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[1784] kernel32.dll!SetUnhandledExceptionFilter 7C8449CD 4 Bytes [C2, 04, 00, 00] .text C:\Program Files\Mozilla Firefox\plugin-container.exe[8420] USER32.dll!DefWindowProcA + 11A 7E37C298 7 Bytes JMP 105F76A0 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\plugin-container.exe[8420] USER32.dll!SetWindowLongA + 19 7E37C2B6 7 Bytes JMP 105F7711 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\plugin-container.exe[8420] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 105FB2EA C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\plugin-container.exe[8420] USER32.dll!GetMenuContextHelpId + 1A 7E3B5319 7 Bytes JMP 105F4E6D C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[16960] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 10001FFD C:\Program Files\Mozilla Firefox\mozglue.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[16960] kernel32.dll!lstrlenW + 43 7C809AEC 7 Bytes JMP 01B10455 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[16960] kernel32.dll!MapViewOfFileEx + 6A 7C80B9A0 7 Bytes JMP 01B1049D C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[16960] kernel32.dll!ValidateLocale + B1C8 7C8449C8 7 Bytes JMP 01725A06 C:\Program Files\Mozilla Firefox\xul.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[16960] GDI32.dll!SetDIBitsToDevice + 20A 77F19E14 7 Bytes JMP 01B104C4 C:\Program Files\Mozilla Firefox\xul.dll ---- Devices - GMER 2.1 ---- AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys AttachedDevice \FileSystem\Fastfat \Fat eamon.sys ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001641dcdfc4 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001641dcdfc4@2421ab341fa3 0xA6 0x01 0xB3 0xFB ... Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001641dcdfc4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001641dcdfc4@2421ab341fa3 0xA6 0x01 0xB3 0xFB ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\{4714AF41-F5B2-11d3-919D-00D0B71030AD}@IndexT -1325217969 ---- Files - GMER 2.1 ---- File C:\RECYCLER\S-1-5-21-1343024091-920026266-1801674531-1003\Dc181.1\51108.crx 242343 bytes File C:\RECYCLER\S-1-5-21-1343024091-920026266-1801674531-1003\Dc181.1\51108.xpi 278459 bytes File C:\RECYCLER\S-1-5-21-1343024091-920026266-1801674531-1003\Dc181.1\Plus-HD-8.1-bho.dll 624128 bytes File C:\RECYCLER\S-1-5-21-1343024091-920026266-1801674531-1003\Dc181.1\Plus-HD-8.1-codedownloader.exe 553984 bytes executable File C:\RECYCLER\S-1-5-21-1343024091-920026266-1801674531-1003\Dc181.1\Plus-HD-8.1-firefoxinstaller.exe 932352 bytes executable File C:\RECYCLER\S-1-5-21-1343024091-920026266-1801674531-1003\Dc181.1\Plus-HD-8.1-validator.exe 2019328 bytes executable File C:\RECYCLER\S-1-5-21-1343024091-920026266-1801674531-1003\Dc181.1\Plus-HD-8.1.ico 9662 bytes File C:\RECYCLER\S-1-5-21-1343024091-920026266-1801674531-1003\Dc181.1\Uninstall.exe 77312 bytes executable File C:\RECYCLER\S-1-5-21-1343024091-920026266-1801674531-1003\Dc181.1\utils.exe 2287625 bytes executable File C:\WINDOWS\$hf_mig$\KB956802 0 bytes File C:\WINDOWS\$hf_mig$\KB956802\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB956802\SP3QFE\gdi32.dll 286720 bytes executable File C:\WINDOWS\$hf_mig$\KB956802\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB956802\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB956802\update 0 bytes File C:\WINDOWS\$hf_mig$\KB956802\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB956802\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB956802\update\KB956802.CAT 10200 bytes File C:\WINDOWS\$hf_mig$\KB956802\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB956802\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB956802\update\update.ver 382 bytes File C:\WINDOWS\$hf_mig$\KB956802\update\updatebr.inf 678 bytes File C:\WINDOWS\$hf_mig$\KB956802\update\update_SP3QFE.inf 26283 bytes File C:\WINDOWS\$hf_mig$\KB956802\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2115168 0 bytes File C:\WINDOWS\$hf_mig$\KB2115168\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2115168\SP3QFE\l3codecx.ax 143422 bytes executable File C:\WINDOWS\$hf_mig$\KB2115168\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2115168\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2115168\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2115168\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2115168\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2115168\update\KB2115168.CAT 7860 bytes File C:\WINDOWS\$hf_mig$\KB2115168\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2115168\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2115168\update\update.ver 204 bytes File C:\WINDOWS\$hf_mig$\KB2115168\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2115168\update\update_SP3QFE.inf 26635 bytes File C:\WINDOWS\$hf_mig$\KB2115168\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2229593 0 bytes File C:\WINDOWS\$hf_mig$\KB2229593\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe 744448 bytes executable File C:\WINDOWS\$hf_mig$\KB2229593\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2229593\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2229593\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2229593\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2229593\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2229593\update\KB2229593.CAT 9146 bytes File C:\WINDOWS\$hf_mig$\KB2229593\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2229593\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2229593\update\update.ver 390 bytes File C:\WINDOWS\$hf_mig$\KB2229593\update\updatebr.inf 679 bytes File C:\WINDOWS\$hf_mig$\KB2229593\update\update_SP3QFE.inf 26896 bytes File C:\WINDOWS\$hf_mig$\KB2229593\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2345886 0 bytes File C:\WINDOWS\$hf_mig$\KB2345886\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2345886\SP3QFE\sprv0415.dll 5632 bytes executable File C:\WINDOWS\$hf_mig$\KB2345886\SP3QFE\srv.sys 357248 bytes executable File C:\WINDOWS\$hf_mig$\KB2345886\SP3QFE\srvsvc.dll 99840 bytes executable File C:\WINDOWS\$hf_mig$\KB2345886\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2345886\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2345886\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2345886\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2345886\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2345886\update\KB2345886.CAT 8864 bytes File C:\WINDOWS\$hf_mig$\KB2345886\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2345886\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2345886\update\update.ver 550 bytes File C:\WINDOWS\$hf_mig$\KB2345886\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2345886\update\update_SP3QFE.inf 27331 bytes File C:\WINDOWS\$hf_mig$\KB2345886\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2347290 0 bytes File C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe 58880 bytes executable File C:\WINDOWS\$hf_mig$\KB2347290\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2347290\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2347290\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2347290\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2347290\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2347290\update\KB2347290.CAT 7860 bytes File C:\WINDOWS\$hf_mig$\KB2347290\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2347290\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2347290\update\update.ver 202 bytes File C:\WINDOWS\$hf_mig$\KB2347290\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2347290\update\update_SP3QFE.inf 26870 bytes File C:\WINDOWS\$hf_mig$\KB2347290\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2387149 0 bytes File C:\WINDOWS\$hf_mig$\KB2387149\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2387149\SP3QFE\mfc40.dll 954368 bytes executable File C:\WINDOWS\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll 953856 bytes executable File C:\WINDOWS\$hf_mig$\KB2387149\SP3QFE\mfc42.dll 974848 bytes executable File C:\WINDOWS\$hf_mig$\KB2387149\SP3QFE\mfc42u.dll 974848 bytes executable File C:\WINDOWS\$hf_mig$\KB2387149\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2387149\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2387149\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2387149\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2387149\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2387149\update\KB2387149.CAT 9965 bytes File C:\WINDOWS\$hf_mig$\KB2387149\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2387149\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2387149\update\update.ver 750 bytes File C:\WINDOWS\$hf_mig$\KB2387149\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2387149\update\update_SP3QFE.inf 27134 bytes File C:\WINDOWS\$hf_mig$\KB2387149\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802 0 bytes File C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntdll.dll 726528 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe 2150400 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe 2070656 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe 2028544 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe 2194048 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2393802\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2393802\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2393802\update\KB2393802.CAT 11198 bytes File C:\WINDOWS\$hf_mig$\KB2393802\update\mpsyschk.dll 16896 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2393802\update\update.ver 1047 bytes File C:\WINDOWS\$hf_mig$\KB2393802\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2393802\update\update_SP3QFE.inf 30407 bytes File C:\WINDOWS\$hf_mig$\KB2393802\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632 0 bytes File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\msadco.dll 143360 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\msado15.dll 565248 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\msado20.tlb 73728 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\msado21.tlb 77824 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\msado25.tlb 98304 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\msado26.tlb 102400 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\msado27.tlb 102400 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\msadomd.dll 180224 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\msadox.dll 200704 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\msjro.dll 102400 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\SP3QFE\odbc32.dll 253952 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2419632\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2419632\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2419632\update\KB2419632.CAT 14920 bytes File C:\WINDOWS\$hf_mig$\KB2419632\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2419632\update\update.ver 2046 bytes File C:\WINDOWS\$hf_mig$\KB2419632\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2419632\update\update_SP3QFE.inf 28159 bytes File C:\WINDOWS\$hf_mig$\KB2419632\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2423089 0 bytes File C:\WINDOWS\$hf_mig$\KB2423089\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2423089\SP3QFE\wab.exe 45568 bytes executable File C:\WINDOWS\$hf_mig$\KB2423089\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2423089\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2423089\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2423089\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2423089\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2423089\update\KB2423089.CAT 7860 bytes File C:\WINDOWS\$hf_mig$\KB2423089\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2423089\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2423089\update\update.ver 194 bytes File C:\WINDOWS\$hf_mig$\KB2423089\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2423089\update\update_SP3QFE.inf 26846 bytes File C:\WINDOWS\$hf_mig$\KB2423089\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2440591 0 bytes File C:\WINDOWS\$hf_mig$\KB2440591\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys 40960 bytes executable File C:\WINDOWS\$hf_mig$\KB2440591\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2440591\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2440591\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2440591\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2440591\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2440591\update\KB2440591.CAT 7860 bytes File C:\WINDOWS\$hf_mig$\KB2440591\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2440591\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2440591\update\update.ver 202 bytes File C:\WINDOWS\$hf_mig$\KB2440591\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2440591\update\update_SP3QFE.inf 26885 bytes File C:\WINDOWS\$hf_mig$\KB2440591\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2443105 0 bytes File C:\WINDOWS\$hf_mig$\KB2443105\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2443105\SP3QFE\isign32.dll 86016 bytes executable File C:\WINDOWS\$hf_mig$\KB2443105\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2443105\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2443105\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2443105\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2443105\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2443105\update\KB2443105.CAT 7860 bytes File C:\WINDOWS\$hf_mig$\KB2443105\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2443105\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2443105\update\update.ver 202 bytes File C:\WINDOWS\$hf_mig$\KB2443105\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2443105\update\update_SP3QFE.inf 26870 bytes File C:\WINDOWS\$hf_mig$\KB2443105\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2478960 0 bytes File C:\WINDOWS\$hf_mig$\KB2478960\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2478960\SP3QFE\lsasrv.dll 732160 bytes executable File C:\WINDOWS\$hf_mig$\KB2478960\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2478960\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2478960\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2478960\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2478960\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2478960\update\KB2478960.CAT 7860 bytes File C:\WINDOWS\$hf_mig$\KB2478960\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2478960\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2478960\update\update.ver 202 bytes File C:\WINDOWS\$hf_mig$\KB2478960\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2478960\update\update_SP3QFE.inf 26898 bytes File C:\WINDOWS\$hf_mig$\KB2478960\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2478971 0 bytes File C:\WINDOWS\$hf_mig$\KB2478971\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2478971\SP3QFE\kerberos.dll 301568 bytes executable File C:\WINDOWS\$hf_mig$\KB2478971\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2478971\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2478971\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2478971\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2478971\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2478971\update\KB2478971.CAT 7860 bytes File C:\WINDOWS\$hf_mig$\KB2478971\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2478971\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2478971\update\update.ver 206 bytes File C:\WINDOWS\$hf_mig$\KB2478971\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2478971\update\update_SP3QFE.inf 26875 bytes File C:\WINDOWS\$hf_mig$\KB2478971\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2479943 0 bytes File C:\WINDOWS\$hf_mig$\KB2479943\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2479943\SP3QFE\encdec.dll 186880 bytes executable File C:\WINDOWS\$hf_mig$\KB2479943\SP3QFE\sbe.dll 270848 bytes executable File C:\WINDOWS\$hf_mig$\KB2479943\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2479943\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2479943\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2479943\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2479943\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2479943\update\KB2479943.CAT 8566 bytes File C:\WINDOWS\$hf_mig$\KB2479943\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2479943\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2479943\update\update.ver 380 bytes File C:\WINDOWS\$hf_mig$\KB2479943\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2479943\update\update_SP3QFE.inf 26933 bytes File C:\WINDOWS\$hf_mig$\KB2479943\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2481109 0 bytes File C:\WINDOWS\$hf_mig$\KB2481109\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2481109\SP3QFE\aaclient.dll 136192 bytes executable File C:\WINDOWS\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe 677888 bytes executable File C:\WINDOWS\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll 2069504 bytes executable File C:\WINDOWS\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll 53248 bytes executable File C:\WINDOWS\$hf_mig$\KB2481109\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2481109\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2481109\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2481109\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2481109\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2481109\update\KB2481109.CAT 9272 bytes File C:\WINDOWS\$hf_mig$\KB2481109\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2481109\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2481109\update\update.ver 579 bytes File C:\WINDOWS\$hf_mig$\KB2481109\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2481109\update\update_SP3QFE.inf 28203 bytes File C:\WINDOWS\$hf_mig$\KB2481109\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2483185 0 bytes File C:\WINDOWS\$hf_mig$\KB2483185\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2483185\SP3QFE\shell32.dll 8492032 bytes executable File C:\WINDOWS\$hf_mig$\KB2483185\SP3QFE\shimgvw.dll 441344 bytes executable File C:\WINDOWS\$hf_mig$\KB2483185\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2483185\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2483185\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2483185\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2483185\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2483185\update\KB2483185.CAT 8566 bytes File C:\WINDOWS\$hf_mig$\KB2483185\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2483185\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2483185\update\update.ver 392 bytes File C:\WINDOWS\$hf_mig$\KB2483185\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2483185\update\update_SP3QFE.inf 28668 bytes File C:\WINDOWS\$hf_mig$\KB2483185\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2485663 0 bytes File C:\WINDOWS\$hf_mig$\KB2485663\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2485663\SP3QFE\mswrd8.wpc 280576 bytes executable File C:\WINDOWS\$hf_mig$\KB2485663\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2485663\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2485663\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2485663\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2485663\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2485663\update\KB2485663.CAT 7860 bytes File C:\WINDOWS\$hf_mig$\KB2485663\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2485663\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2485663\update\update.ver 0 bytes File C:\WINDOWS\$hf_mig$\KB2485663\update\updatebr.inf 0 bytes File C:\WINDOWS\$hf_mig$\KB2485663\update\update_SP3QFE.inf 0 bytes File C:\WINDOWS\$hf_mig$\KB2485663\update\updspapi.dll 0 bytes File C:\WINDOWS\$hf_mig$\KB2506212 0 bytes File C:\WINDOWS\$hf_mig$\KB2506212\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2506212\SP3QFE\mfc42.dll 978944 bytes executable File C:\WINDOWS\$hf_mig$\KB2506212\SP3QFE\mfc42u.dll 974848 bytes executable File C:\WINDOWS\$hf_mig$\KB2506212\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2506212\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2506212\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2506212\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2506212\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2506212\update\KB2506212.CAT 8566 bytes File C:\WINDOWS\$hf_mig$\KB2506212\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2506212\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2506212\update\update.ver 384 bytes File C:\WINDOWS\$hf_mig$\KB2506212\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2506212\update\update_SP3QFE.inf 26953 bytes File C:\WINDOWS\$hf_mig$\KB2506212\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2653956 0 bytes File C:\WINDOWS\$hf_mig$\KB2653956\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2653956\SP3QFE\imagehlp.dll 148480 bytes executable File C:\WINDOWS\$hf_mig$\KB2653956\SP3QFE\wintrust.dll 178176 bytes executable File C:\WINDOWS\$hf_mig$\KB2653956\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2653956\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2653956\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2653956\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2653956\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2653956\update\KB2653956.CAT 8566 bytes File C:\WINDOWS\$hf_mig$\KB2653956\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2653956\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2653956\update\update.ver 394 bytes File C:\WINDOWS\$hf_mig$\KB2653956\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2653956\update\update_SP3QFE.inf 27177 bytes File C:\WINDOWS\$hf_mig$\KB2653956\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2655992 0 bytes File C:\WINDOWS\$hf_mig$\KB2655992\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2655992\SP3QFE\schannel.dll 153088 bytes executable File C:\WINDOWS\$hf_mig$\KB2655992\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2655992\spuninst.exe 0 bytes File C:\WINDOWS\$hf_mig$\KB2655992\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2655992\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2655992\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2655992\update\KB2655992.CAT 8410 bytes File C:\WINDOWS\$hf_mig$\KB2655992\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2655992\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2655992\update\update.ver 206 bytes File C:\WINDOWS\$hf_mig$\KB2655992\update\updatebr.inf 497 bytes File C:\WINDOWS\$hf_mig$\KB2655992\update\update_SP3QFE.inf 26878 bytes File C:\WINDOWS\$hf_mig$\KB2655992\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2661254-v2 0 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\SP3QFE\crypt32.dll 0 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\spmsg.dll 0 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\spuninst.exe 0 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\update\branches.inf 926 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\update\eula.txt 1020 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\update\KB2661254-v2.CAT 8396 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\update\spcustom.dll 26488 bytes executable File C:\WINDOWS\$hf_mig$\KB2661254-v2\update\update.exe 763256 bytes executable File C:\WINDOWS\$hf_mig$\KB2661254-v2\update\update.ver 204 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\update\updatebr.inf 500 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\update\update_SP3QFE.inf 30604 bytes File C:\WINDOWS\$hf_mig$\KB2661254-v2\update\updspapi.dll 398200 bytes executable File C:\WINDOWS\$hf_mig$\KB2661637 0 bytes File C:\WINDOWS\$hf_mig$\KB2661637\SP3QFE 0 bytes File C:\WINDOWS\$hf_mig$\KB2661637\SP3QFE\iacenc.dll 3072 bytes executable File C:\WINDOWS\$hf_mig$\KB2661637\spmsg.dll 19320 bytes executable File C:\WINDOWS\$hf_mig$\KB2661637\spuninst.exe 234360 bytes executable File C:\WINDOWS\$hf_mig$\KB2661637\update 0 bytes File C:\WINDOWS\$hf_mig$\KB2676562 0 bytes File C:\WINDOWS\$hf_mig$\KB2686509 0 bytes File C:\WINDOWS\$hf_mig$\KB2691442 0 bytes File C:\WINDOWS\$hf_mig$\KB2698365 0 bytes File C:\WINDOWS\$hf_mig$\KB2705219-v2 0 bytes File C:\WINDOWS\$hf_mig$\KB2712808 0 bytes ---- EOF - GMER 2.1 ----