Dobrý den, prosím o radu. Včera jsem si neopatrností nakazil PC (Win XP Prof. SP3) nějakým bordelem. Vzrostla výtěžnost procesoru, ale ne na 100%, síťový traffic jel na full, ikdyž jsem nic na netu nedělal a měl zavřené prohlížeče (síť jsem odpojil), po určitém čase došlo k zahlcení disku (0b místa), ale nedošlo k pádu do BSOD. PC jsem projel MBAM, který našel nějaké infekce, dal jsem je odstranit, ale problém to nevyřešilo. Tak jsem použil Nástroj pro odstranění škodlivého softwaru, ten taky něco našel a odstranil. Ale problém pořád pokračoval (zahlcování disku, traffic na síti; plus začal vyskakovat win firewall, že chce blokovat Explorer). V kořenovém adresáři C:\ jsem našel složku Avenger, která nešla otevřít a soubor Avenger.txt, který se neustále zvětšoval, až zahltil disk. Něco málo info jsem našel na netu, tak jsem odinstaloval MBAM a použil MBAR, který našel asi 20 infekcí, dal jsem je odstranit, po restartu jsem vymazal složku Avenger a soubor Avenger.txt, které se už neobnovily. Problém je v tom, že MBAR pořád nachází jednu infekci, která se po restartu znova obnoví, ikdyž ji dám odstranit.
Log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jakoub at 2013-11-25 12:15:06
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 39 GB (52%) free of 76 GB
Total RAM: 1918 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:15:11, on 25.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21359)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Skype\Updater\Updater.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Mam2Pan.Exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Jakoub\Plocha\RSIT.exe
C:\Program Files\trend micro\Jakoub.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tipcars.com/applications/a_s ... 9535159000
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mendelu.cz:5555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O4 - HKLM\..\Run: [Mam2Pan] Mam2Pan.Exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwa ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{75688A86-0FB7-4570-BC1B-D4388AD84A7D}: NameServer = 10.0.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\WinVNC4.exe
--
End of file - 6977 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Automatic troubleshooting.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1960408961-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1960408961-839522115-1003UA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Jakoub\Data aplikací\Mozilla\Firefox\Profiles\v0slojlx.default-1350242178437
prefs.js - "browser.startup.homepage" - "seznam.cz"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
mall-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Program Files\TRANSLATOR\WEBIE.DLL [2009-12-24 360448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Program Files\TRANSLATOR\WEBIE.DLL [2009-12-24 360448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Mam2Pan"=C:\WINDOWS\system32\Mam2Pan.Exe [2008-04-11 561152]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Ai Charger]
C:\Program Files\ASUS\ASUS Ai Charger\AiChargerAP.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-04-03 165784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2012-10-06 1843512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F.lux]
C:\Documents and Settings\Jakoub\Local Settings\Apps\F.lux\flux.exe /noshow []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-09-04 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator]
C:\Program Files\HDD Regenerator\Shell.exe [2012-11-18 89888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
C:\Program Files\Mobogenie\DaemonProcess.exe [2013-10-15 735936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter]
C:\Program Files\NetLimiter\NetLimiter.exe [2004-03-31 823296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton SystemWorks]
C:\Program Files\Norton SystemWorks\cfgwiz.exe /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]
C:\WINDOWS\inf\ntvdm.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-06-16 1500160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2009-08-14 18702336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2010-06-08 618496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-06-21 19875432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
C:\WINDOWS\Installer\{AC76BA86-1033-C740-BA7E-100000000002}\SC_Acrobat.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2012-02-24 636256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jakoub^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jakoub^Nabídka Start^Programy^Po spuštění^Jabbim.lnk]
C:\PROGRA~1\Jabbim\jabbim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UxTuneUp"=3
"TuneUp.Defrag"=3
"SwPrv"=3
"ose"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"EapHost"=3
"clr_optimization_v2.0.50727_32"=3
"Ati HotKey Poller"=3
"Adobe LM Service"=3
"hddrsrv"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2012-10-01 66360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:Disabled:ActiveSync RAPI Manager"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Disabled:Průzkumník Windows"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.iv41"=Ir41_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.DIV3"=DivXc32.dll
"VIDC.DIV4"=DivXc32f.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=LameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.WMV3"=wmv9vcm.dll
"wave4"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer4"=wdmaud.drv
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.x264"=x264vfw.dll
"msacm.divxa32"=DivXa32.acm
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 2 months======
2013-11-25 12:15:06 ----D---- C:\rsit
2013-11-25 12:15:06 ----D---- C:\Program Files\trend micro
2013-11-25 11:53:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2013-11-25 10:11:32 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2013-11-25 00:53:30 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2013-11-15 20:39:47 ----D---- C:\Program Files\Mozilla Firefox
2013-11-14 13:08:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 13:08:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 13:08:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 13:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2013-11-10 22:57:24 ----D---- C:\Program Files\Mobogenie
2013-11-10 22:57:23 ----D---- C:\Program Files\SimilarSites
2013-11-10 22:57:18 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\SimilarSites
2013-11-04 21:52:38 ----D---- C:\Program Files\Recover Files
2013-10-30 21:32:13 ----D---- C:\Program Files\Common Files\EZB Systems
2013-10-28 19:45:19 ----D---- C:\Program Files\UltraISO
2013-10-28 19:44:49 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\ImgBurn
2013-10-28 19:40:47 ----D---- C:\Program Files\ImgBurn
2013-10-20 17:18:38 ----D---- C:\Program Files\Common Files\Java
2013-10-20 17:18:32 ----A---- C:\WINDOWS\system32\javaws.exe
2013-10-20 17:18:26 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-20 17:18:26 ----A---- C:\WINDOWS\system32\javaw.exe
2013-10-20 17:18:26 ----A---- C:\WINDOWS\system32\java.exe
2013-10-09 07:05:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$
2013-10-09 07:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2013-10-09 06:59:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2884256$
2013-10-09 06:59:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2868038$
2013-10-09 06:58:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2883150$
2013-10-09 06:58:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$
======List of files/folders modified in the last 2 months======
2013-11-25 12:15:06 ----RD---- C:\Program Files
2013-11-25 12:12:51 ----D---- C:\WINDOWS\system32\drivers
2013-11-25 12:12:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-11-25 11:56:03 ----D---- C:\WINDOWS\system32
2013-11-25 11:56:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-25 11:52:11 ----D---- C:\WINDOWS\Temp
2013-11-25 11:52:04 ----D---- C:\WINDOWS
2013-11-25 11:35:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2013-11-25 11:14:05 ----D---- C:\WINDOWS\Prefetch
2013-11-25 11:03:50 ----D---- C:\Program Files\Winamp
2013-11-25 11:03:50 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\Media Player Classic
2013-11-25 11:03:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-11-25 11:03:42 ----D---- C:\WINDOWS\Debug
2013-11-25 10:41:04 ----D---- C:\WINDOWS\system32\CatRoot2
2013-11-25 10:37:25 ----HD---- C:\WINDOWS\inf
2013-11-25 10:09:50 ----ASH---- C:\boot.ini
2013-11-25 10:09:50 ----A---- C:\WINDOWS\win.ini
2013-11-25 10:09:50 ----A---- C:\WINDOWS\system.ini
2013-11-25 00:50:08 ----D---- C:\WINDOWS\system32\MpEngineStore
2013-11-24 18:12:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2756822$
2013-11-24 17:48:21 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\uTorrent
2013-11-24 17:47:14 ----D---- C:\Program Files\Google
2013-11-24 17:47:03 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-11-24 17:46:37 ----A---- C:\WINDOWS\NeroDigital.ini
2013-11-24 17:45:29 ----A---- C:\WINDOWS\winamp.ini
2013-11-22 12:18:00 ----D---- C:\Různé dokumenty
2013-11-16 07:14:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-15 15:23:50 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\YouTube Downloader
2013-11-14 13:08:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-11-14 13:08:50 ----SHD---- C:\WINDOWS\Installer
2013-11-14 13:08:31 ----D---- C:\Program Files\Internet Explorer
2013-11-14 13:08:28 ----D---- C:\WINDOWS\system32\cs-cz
2013-11-14 13:08:01 ----D---- C:\WINDOWS\system32\MRT
2013-11-14 13:03:27 ----A---- C:\WINDOWS\system32\MRT.exe
2013-11-14 10:22:13 ----A---- C:\WINDOWS\WDICT32.INI
2013-11-04 20:02:57 ----SD---- C:\WINDOWS\Tasks
2013-10-31 21:22:56 ----D---- C:\Program Files\SpeedFan
2013-10-30 21:26:15 ----D---- C:\Program Files\Common Files
2013-10-20 17:18:38 ----SHD---- C:\Config.Msi
2013-10-20 17:18:26 ----D---- C:\Program Files\Java
2013-10-13 08:56:39 ----A---- C:\WINDOWS\system32\wininet.dll
2013-10-13 08:56:39 ----A---- C:\WINDOWS\system32\webcheck.dll
2013-10-13 08:56:38 ----N---- C:\WINDOWS\system32\occache.dll
2013-10-13 08:56:38 ----N---- C:\WINDOWS\system32\mstime.dll
2013-10-13 08:56:38 ----N---- C:\WINDOWS\system32\msrating.dll
2013-10-13 08:56:38 ----N---- C:\WINDOWS\system32\jsproxy.dll
2013-10-13 08:56:38 ----N---- C:\WINDOWS\system32\iernonce.dll
2013-10-13 08:56:38 ----N---- C:\WINDOWS\system32\iepeers.dll
2013-10-13 08:56:38 ----N---- C:\WINDOWS\system32\ieencode.dll
2013-10-13 08:56:38 ----A---- C:\WINDOWS\system32\urlmon.dll
2013-10-13 08:56:38 ----A---- C:\WINDOWS\system32\url.dll
2013-10-13 08:56:38 ----A---- C:\WINDOWS\system32\pngfilt.dll
2013-10-13 08:56:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2013-10-13 08:56:38 ----A---- C:\WINDOWS\system32\mshtml.dll
2013-10-13 08:56:38 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2013-10-13 08:56:38 ----A---- C:\WINDOWS\system32\msfeeds.dll
2013-10-13 08:56:38 ----A---- C:\WINDOWS\system32\iertutil.dll
2013-10-13 08:56:38 ----A---- C:\WINDOWS\system32\ieframe.dll
2013-10-13 08:56:37 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2013-10-13 08:56:37 ----N---- C:\WINDOWS\system32\ieaksie.dll
2013-10-13 08:56:37 ----N---- C:\WINDOWS\system32\ieakeng.dll
2013-10-13 08:56:37 ----N---- C:\WINDOWS\system32\extmgr.dll
2013-10-13 08:56:37 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2013-10-13 08:56:37 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2013-10-13 08:56:37 ----A---- C:\WINDOWS\system32\icardie.dll
2013-10-13 08:56:37 ----A---- C:\WINDOWS\system32\dxtrans.dll
2013-10-13 08:56:37 ----A---- C:\WINDOWS\system32\corpol.dll
2013-10-13 08:56:37 ----A---- C:\WINDOWS\system32\advpack.dll
2013-10-13 08:43:25 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2013-10-13 08:43:25 ----A---- C:\WINDOWS\system32\ieudinit.exe
2013-10-13 08:38:00 ----N---- C:\WINDOWS\system32\ieakui.dll
2013-10-13 08:32:04 ----D---- C:\WINDOWS\Microsoft.NET
2013-10-13 08:00:10 ----D---- C:\WINDOWS\system32\CatRoot
2013-10-12 16:57:30 ----A---- C:\WINDOWS\system32\oakley.dll
2013-10-09 18:38:34 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-09 18:38:32 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-10-09 14:13:11 ----A---- C:\WINDOWS\system32\gdi32.dll
2013-10-09 07:22:41 ----RSD---- C:\WINDOWS\assembly
2013-10-09 07:09:35 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-09 07:07:40 ----D---- C:\WINDOWS\WinSxS
2013-10-07 12:00:01 ----A---- C:\WINDOWS\system32\crypt32.dll
2013-10-05 02:42:42 ----A---- C:\WINDOWS\system32\xpsp4res.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-23 682232]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 NSHE;Guardant Emulator Driver; \??\C:\WINDOWS\system32\Drivers\NSHE.SYS []
R2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2005-03-28 6016]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2007-08-21 72704]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2012-07-08 37160]
R3 btkrnl;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2012-07-08 934312]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2012-09-18 43960]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2012-09-18 39608]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2012-09-18 30392]
R3 MAM2_01;Service for Maya44 MKII 1; C:\WINDOWS\system32\drivers\Mam2Wdm.sys [2008-04-11 22880]
R3 MAM2_AA;Service for Maya44 MKII Audio Driver (EWDM); C:\WINDOWS\system32\drivers\Mam2.sys [2008-04-11 28544]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2009-06-25 3734976]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2005-03-28 4736]
R3 vncmirror;vncmirror; C:\WINDOWS\system32\DRIVERS\vncmirror.sys [2009-07-25 4608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
S1 pdhfqgxs;pdhfqgxs; \??\C:\WINDOWS\system32\drivers\pdhfqgxs.sys []
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2012-09-18 12216]
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 a1b7vjv4;a1b7vjv4; C:\WINDOWS\system32\drivers\a1b7vjv4.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\AN983.sys [2008-04-13 36224]
S3 AR5523;TP-LINK TL-WN620G 11G Wireless Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2012-07-08 556200]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2012-07-08 118440]
S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2012-07-08 37032]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2012-07-08 52136]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-05-02 83864]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 flash;flash; \??\C:\WINDOWS\system32\drivers\flash.sys []
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [2012-09-18 43704]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [2012-09-18 12216]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2006-12-13 20992]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 mv2;mv2; C:\WINDOWS\system32\DRIVERS\mv2.sys [2011-03-03 10688]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-05-02 181912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;Sony Ericsson USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-29 26240]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2012-02-24 365912]
S2 etadpug;Google Update Service (gupdate); C:\Program Files\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\ \ \ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\GoogleUpdate.exe < []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-15 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2012-10-01 295224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 119408]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\WinVNC4.exe [2009-07-25 1492344]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-24 72704]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-30 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-30 136176]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S4 hddrsrv;hddrsrv; C:\Program Files\HDD Regenerator\hrsrv.exe [2012-11-18 81696]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-08 182696]
S4 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-04-21 435016]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-02 1043784]
S4 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
===================================================
První Log z MBAR:
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
http://www.malwarebytes.org
Database version: v2013.11.25.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Jakoub :: KOMPJUTR [administrator]
25.11.2013 10:12:39
mbar-log-2013-11-25 (10-12-39).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 273343
Time elapsed: 15 minute(s), 16 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_*202EETADPUG (Rootkit.0Access) -> Delete on reboot.
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Google Update^❤ (Trojan.0Access) -> Data: -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Google Update^❤ (Trojan.Zaccess) -> Data: -> Delete on reboot.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 14
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\❤≸⋙ (Trojan.0Access) -> Delete on reboot.
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\❤≸⋙\Ⱒ☠⍨ (Trojan.0Access) -> Delete on reboot.
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\❤≸⋙\Ⱒ☠⍨\ﯹ๛ (Trojan.0Access) -> Delete on reboot.
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a} (Trojan.0Access) -> Delete on reboot.
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\L (Trojan.0Access) -> Delete on reboot.
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\U (Trojan.0Access) -> Delete on reboot.
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a} (Trojan.0Access) -> Delete on reboot.
c:\program files\google\desktop\install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\ (Trojan.0Access) -> Delete on reboot.
c:\program files\google\desktop\install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\ \ (Trojan.0Access) -> Delete on reboot.
c:\program files\google\desktop\install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\ \ \ﯹ๛ (Trojan.0Access) -> Delete on reboot.
c:\program files\google\desktop\install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\ \ \ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a} (Trojan.0Access) -> Delete on reboot.
c:\program files\google\desktop\install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\ \ \ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\l (Trojan.0Access) -> Delete on reboot.
c:\program files\google\desktop\install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\ \ \ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\u (Trojan.0Access) -> Delete on reboot.
C:\Program Files\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a} (Trojan.0Access) -> Delete on reboot.
Files Detected: 7
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\GoogleUpdate.exe (Trojan.0Access) -> Delete on reboot.
C:\WINDOWS\assembly\GAC\Desktop.ini (Rootkit.0access) -> Delete on reboot.
C:\WINDOWS\inf\ntvdm.vbe (Malware.Trace) -> Delete on reboot.
C:\WINDOWS\inf\ntvdm.inf (Malware.Trace) -> Delete on reboot.
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Desktop\Install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\@ (Trojan.0Access) -> Delete on reboot.
c:\program files\google\desktop\install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\ \ \ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\l\00000004.@ (Trojan.0Access) -> Delete on reboot.
c:\program files\google\desktop\install\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\ \ \ﯹ๛\{f4235b19-cbd2-fe8f-59f8-3a68abac269a}\l\76603ac3 (Trojan.0Access) -> Delete on reboot.
Physical Sectors Detected: 0
(No malicious items detected)
(end)
========================================================
======================================================
Druhý log z MBAR:
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
http://www.malwarebytes.org
Database version: v2013.11.25.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Jakoub :: KOMPJUTR [administrator]
25.11.2013 11:53:35
mbar-log-2013-11-25 (11-53-35).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 272997
Time elapsed: 15 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_*202EETADPUG (Rootkit.0Access) -> Delete on reboot.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
================================================
Log z Hijackthis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:47:11, on 25.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21359)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Mam2Pan.Exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Jakoub\Plocha\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tipcars.com/applications/a_s ... 9535159000
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mendelu.cz:5555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O4 - HKLM\..\Run: [Mam2Pan] Mam2Pan.Exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwa ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{75688A86-0FB7-4570-BC1B-D4388AD84A7D}: NameServer = 10.0.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\WinVNC4.exe
--
End of file - 7218 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Malware rootkit infekce
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Malware rootkit infekce
Zdravim 
Mate tam peknou mrchu 
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Mate tam peknou mrchu Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe
Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe
Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- Na plose vznikne log Rkill.txt ten mi sem vlozte
- Ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Malware rootkit infekce
Vše proběhlo OK. Tady jsou LOGy
Log z RKillu:
Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 11/25/2013 02:33:06 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\WINDOWS\system32\netdde.exe (PID: 1452) [WD-HEUR]
* C:\WINDOWS\System32\alg.exe (PID: 1788) [WD-HEUR]
* C:\WINDOWS\system32\Mam2Pan.Exe (PID: 524) [WD-HEUR]
3 proccesses terminated!
Possibly Patched Files.
* C:\WINDOWS\system32\services.exe
* C:\WINDOWS\system32\lsass.exe
* C:\WINDOWS\system32\svchost.exe
* C:\WINDOWS\system32\svchost.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\system32\svchost.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\system32\spoolsv.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\system32\ctfmon.exe
* C:\WINDOWS\system32\wbem\wmiprvse.exe
* C:\WINDOWS\system32\wbem\wmiprvse.exe
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* System Restore Disabled
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = dword:00000001
* Reparse Point/Junctions Found (Most likely legitimate)!
* C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e => C:\WINDOWS\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0 [Dir]
* C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e => C:\WINDOWS\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733 [Dir]
* C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.3615.38680__90ba9c70f846762e => C:\WINDOWS\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3615.38680_x-ww_af6b1333 [Dir]
* C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e => C:\WINDOWS\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8 [Dir]
Checking Windows Service Integrity:
* Služba obnovení systému (srservice) is not Running.
Startup Type set to: Automatic
* Ovladač filtru Obnovy systému (sr) is not Running.
Startup Type set to: Disabled
* PolicyAgent [Missing Service]
* RemoteAccess [Missing Service]
Searching for Missing Digital Signatures:
* C:\WINDOWS\System32\appmgmts.dll : 171 008 : 04/14/2008 08:51 AM : 6b8e7a90e576d4fe308f97c69060a171 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\appmgmts.dll : 171 008 : 08/17/2004 03:49 PM : 421184f91eae5c6e78e653c6b32aae84 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\appmgmts.dll : 171 008 : 04/14/2008 08:51 AM : 6b8e7a90e576d4fe308f97c69060a171 [Pos Repl]
* C:\WINDOWS\System32\clipsrv.exe : 33 280 : 04/14/2008 08:52 AM : 064507a8dfa8c5c7e2ffddd3e6f424fa [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe : 33 280 : 08/17/2004 03:49 PM : d3dc45553c8025338e08a60e95b1b91d [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe : 33 280 : 04/14/2008 08:52 AM : 064507a8dfa8c5c7e2ffddd3e6f424fa [Pos Repl]
* C:\WINDOWS\System32\comctl32.dll : 617 472 : 08/23/2010 05:12 PM : e145add7daef759c4f5fb80a180a9c30 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\comctl32.dll : 611 328 : 08/17/2004 03:49 PM : 876c658c44f2bf4af050e5534a9f066f [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2296011$\comctl32.dll : 617 472 : 04/14/2008 08:51 AM : 4f993463dc5f3f80d77a3d34d7bfbfed [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\comctl32.dll : 617 472 : 04/14/2008 08:51 AM : 4f993463dc5f3f80d77a3d34d7bfbfed [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\comctl32.dll : 617 472 : 08/23/2010 05:12 PM : e145add7daef759c4f5fb80a180a9c30 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll : 921 088 : 10/25/2001 01:00 PM : aef3d788dbf40c7c4d204ea45eb0c505 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll : 921 600 : 09/20/2002 06:03 PM : d12f83b2037a01bb97a97f3ea54dd71f [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll : 1 050 624 : 08/17/2004 03:48 PM : f76b3003366a205e05afc0d034c7d3e9 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll : 1 054 208 : 04/14/2008 08:37 AM : d7b7ae36a2eba312ac4b53862019b3f5 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll : 1 054 208 : 08/23/2010 05:12 PM : 8a72a30fdc803dc06755d3b36d966f31 [Pos Repl]
* C:\WINDOWS\System32\comres.dll : 806 912 : 04/14/2008 08:51 AM : e7b375dffb68a16659ca66474a280c47 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\comres.dll : 806 912 : 08/17/2004 03:49 PM : b44f68274ab7b8a54e9ad74aff0efaac [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\comres.dll : 806 912 : 04/14/2008 08:51 AM : e7b375dffb68a16659ca66474a280c47 [Pos Repl]
* C:\WINDOWS\System32\cryptsvc.dll : 62 464 : 04/14/2008 08:51 AM : f3ab0933cbd166d271992f411c27ccaf [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll : 60 416 : 08/17/2004 03:49 PM : 70d2a1756f4b2067658a186c963fcabd [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll : 62 464 : 04/14/2008 08:51 AM : f3ab0933cbd166d271992f411c27ccaf [Pos Repl]
* C:\WINDOWS\System32\csrss.exe : 6 144 : 04/14/2008 08:52 AM : 628ce66e3fd35bfc7969dbac245dc069 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\csrss.exe : 6 144 : 08/17/2004 03:49 PM : 490e6e57e54faf5f23f658ea188405a1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\csrss.exe : 6 144 : 04/14/2008 08:52 AM : 628ce66e3fd35bfc7969dbac245dc069 [Pos Repl]
* C:\WINDOWS\System32\ctfmon.exe : 15 360 : 04/14/2008 08:52 AM : a756b8f0f7bafba6dfe39f7d169f2519 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe : 15 360 : 08/17/2004 03:49 PM : a5baa91475167161dea02ba3c4ca4f59 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe : 15 360 : 04/14/2008 08:52 AM : a756b8f0f7bafba6dfe39f7d169f2519 [Pos Repl]
* C:\WINDOWS\System32\d3d8.dll : 1 179 648 : 04/14/2008 08:51 AM : 0b5ead900c1fa4ed9cce4c1752df9c35 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\d3d8.dll : 1 179 648 : 08/17/2004 03:49 PM : 7f5dc7c324fc197ee641d3909383c8d1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\d3d8.dll : 1 179 648 : 04/14/2008 08:51 AM : 0b5ead900c1fa4ed9cce4c1752df9c35 [Pos Repl]
* C:\WINDOWS\System32\d3d8thk.dll : 8 192 : 04/14/2008 08:51 AM : 9c2859570cdf9a161b31a886051fdc3e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\d3d8thk.dll : 8 192 : 08/17/2004 03:49 PM : 9aa0a6e82de6793983b61cb9a7f4f2a0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\d3d8thk.dll : 8 192 : 04/14/2008 08:51 AM : 9c2859570cdf9a161b31a886051fdc3e [Pos Repl]
* C:\WINDOWS\System32\d3d9.dll : 1 689 088 : 04/14/2008 08:51 AM : 3b8ae11a3419df8239183e94888702fa [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\d3d9.dll : 1 689 088 : 08/17/2004 03:49 PM : a19f5837e52d57db66d9db55bfcc7796 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\d3d9.dll : 1 689 088 : 04/14/2008 08:51 AM : 3b8ae11a3419df8239183e94888702fa [Pos Repl]
* C:\WINDOWS\System32\ddraw.dll : 279 552 : 04/14/2008 08:51 AM : edad701f01ffd9b5799b8fcf1cf6bda7 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ddraw.dll : 266 240 : 08/17/2004 03:49 PM : 0f9a5dd4503e82b085d8b1336b961a81 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ddraw.dll : 279 552 : 04/14/2008 08:51 AM : edad701f01ffd9b5799b8fcf1cf6bda7 [Pos Repl]
* C:\WINDOWS\System32\dllhost.exe : 5 120 : 04/14/2008 08:52 AM : 9a2345509b97a8f8df957631a943666b [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe : 5 120 : 08/17/2004 03:49 PM : 52e64c28764d0139e1246eaa3d608591 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dllhost.exe : 5 120 : 04/14/2008 08:52 AM : 9a2345509b97a8f8df957631a943666b [Pos Repl]
* C:\WINDOWS\System32\dsound.dll : 367 616 : 04/14/2008 08:51 AM : 8e009e7ac012823845d5f39a77f4a27f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dsound.dll : 367 616 : 08/17/2004 03:49 PM : 8ecc475f5bad26db85943f888d62e364 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dsound.dll : 367 616 : 04/14/2008 08:51 AM : 8e009e7ac012823845d5f39a77f4a27f [Pos Repl]
* C:\WINDOWS\System32\dssenh.dll : 138 752 : 04/13/2008 11:07 PM : fede68bf80052bad393afd5c2e60dcb0 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dssenh.dll : 137 216 : 08/03/2004 10:31 PM : cacd2c63a79268d131ea37e85524cc44 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dssenh.dll : 138 752 : 04/13/2008 11:07 PM : fede68bf80052bad393afd5c2e60dcb0 [Pos Repl]
* C:\WINDOWS\System32\es.dll : 253 952 : 07/07/2008 09:29 PM : a371f11ef07653591c8de26afb13ce7f [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll : 253 952 : 07/07/2008 09:25 PM : be68ea4457e2e5717231cf91be5448e0 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\es.dll : 243 200 : 08/17/2004 03:49 PM : 972378b907070f64932a87c90a035487 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB950974$\es.dll : 246 272 : 04/14/2008 08:51 AM : 260c69fd67687b0dc062fc3d31655857 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\es.dll : 246 272 : 04/14/2008 08:51 AM : 260c69fd67687b0dc062fc3d31655857 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\es.dll : 253 952 : 07/07/2008 09:29 PM : a371f11ef07653591c8de26afb13ce7f [Pos Repl]
* C:\WINDOWS\System32\eventlog.dll : 56 320 : 04/14/2008 08:51 AM : 2ee99f67c930931eb404dadce57e976e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll : 55 808 : 08/17/2004 03:49 PM : 6eb66066d5c0175320cfea0a4c74c88f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\eventlog.dll : 56 320 : 04/14/2008 08:51 AM : 2ee99f67c930931eb404dadce57e976e [Pos Repl]
* C:\WINDOWS\System32\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\hid.dll : 20 992 : 08/17/2004 03:49 PM : 4b388fee5ba36d08d073e5ec7acdc997 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
* C:\WINDOWS\System32\hnetcfg.dll : 345 088 : 04/14/2008 08:51 AM : ed18adee4aa21eb26977260152d7241a [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\hnetcfg.dll : 345 088 : 08/17/2004 03:49 PM : faaba83be47c5b15f620faa53267a9b8 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\hnetcfg.dll : 345 088 : 04/14/2008 08:51 AM : ed18adee4aa21eb26977260152d7241a [Pos Repl]
* C:\WINDOWS\System32\imm32.dll : 110 080 : 04/14/2008 08:51 AM : 6c60ca8ac7470ac01cfd3d24c7283cd1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\imm32.dll : 110 080 : 08/17/2004 03:49 PM : 2413635113361e54b62f0c40e4e4dae6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\imm32.dll : 110 080 : 04/14/2008 08:51 AM : 6c60ca8ac7470ac01cfd3d24c7283cd1 [Pos Repl]
* C:\WINDOWS\System32\ipsecsvc.dll : 183 808 : 04/14/2008 08:51 AM : d76d39056ef8b8c09bc544754448e48f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ipsecsvc.dll : 182 784 : 08/17/2004 03:49 PM : 030b997eb7de1ada071fe5d6efcf3ed3 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ipsecsvc.dll : 183 808 : 04/14/2008 08:51 AM : d76d39056ef8b8c09bc544754448e48f [Pos Repl]
* C:\WINDOWS\System32\ksuser.dll : 4 096 : 04/14/2008 07:51 AM : af6a4bcde2343e8562d3003a1740cc96 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ksuser.dll : 4 096 : 08/17/2004 03:49 PM : fc727882241cd48e243868dd8401ab60 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ksuser.dll : 4 096 : 04/14/2008 08:51 AM : af6a4bcde2343e8562d3003a1740cc96 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ksuser.dll : 4 096 : 04/14/2008 08:51 AM : af6a4bcde2343e8562d3003a1740cc96 [Pos Repl]
* C:\WINDOWS\System32\linkinfo.dll : 19 968 : 04/14/2008 08:51 AM : 7fde9fc15765e02b23e1756930165ad1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\linkinfo.dll : 18 944 : 08/17/2004 03:49 PM : ee1f842db2ae412136643b0814d770a6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\linkinfo.dll : 19 968 : 04/14/2008 08:51 AM : 7fde9fc15765e02b23e1756930165ad1 [Pos Repl]
* C:\WINDOWS\System32\lpk.dll : 22 016 : 04/14/2008 08:51 AM : c66ba7bd13c8fb8bec4863b88641c763 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\lpk.dll : 22 016 : 08/17/2004 03:49 PM : bfe8dc7aae7cb1c86243d77b340dc304 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\lpk.dll : 22 016 : 04/14/2008 08:51 AM : c66ba7bd13c8fb8bec4863b88641c763 [Pos Repl]
* C:\WINDOWS\System32\lsass.exe : 13 312 : 04/14/2008 08:52 AM : ed0a176354487ceed65b80a7148ab739 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\lsass.exe : 13 312 : 08/17/2004 03:49 PM : 82a362fe1d4980b71b588d9c10748511 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\lsass.exe : 13 312 : 04/14/2008 08:52 AM : ed0a176354487ceed65b80a7148ab739 [Pos Repl]
* C:\WINDOWS\System32\mfc40u.dll : 953 856 : 09/18/2010 07:53 AM : 9bb005df755c4ede048221dfd4a28a87 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll : 953 856 : 09/18/2010 08:18 AM : 2bc3ed47acb42f664d5d1d247f2553aa [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\mfc40u.dll : 924 432 : 10/25/2001 01:00 PM : a9d81c87bef253d4ce3a5f8cee2526c4 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2387149$\mfc40u.dll : 927 504 : 04/14/2008 08:51 AM : 7c3351f60b759d5d917e68342ae3307c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mfc40u.dll : 927 504 : 04/14/2008 08:51 AM : 7c3351f60b759d5d917e68342ae3307c [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mfc40u.dll : 953 856 : 09/18/2010 07:53 AM : 9bb005df755c4ede048221dfd4a28a87 [Pos Repl]
* C:\WINDOWS\System32\midimap.dll : 18 944 : 04/14/2008 08:51 AM : 160a1500ddbe42f8793e3ad341e4bec4 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\midimap.dll : 18 944 : 08/17/2004 03:49 PM : b356dd67178b22a8c2fbd47316ccb43b [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\midimap.dll : 18 944 : 04/14/2008 08:51 AM : 160a1500ddbe42f8793e3ad341e4bec4 [Pos Repl]
* C:\WINDOWS\System32\msgsvc.dll : 33 792 : 04/14/2008 08:51 AM : 221cd1c815b8a6b79389c3f5d1018de8 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msgsvc.dll : 33 792 : 08/17/2004 03:49 PM : 8b2fcbd881879b55be40b41f12ffc431 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msgsvc.dll : 33 792 : 04/14/2008 08:51 AM : 221cd1c815b8a6b79389c3f5d1018de8 [Pos Repl]
* C:\WINDOWS\System32\msimg32.dll : 4 608 : 04/14/2008 08:51 AM : 627551a1011199bce013d0f4b6cacecf [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msimg32.dll : 4 608 : 08/17/2004 03:49 PM : 227163195e9495bd99c915ef5f42445c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msimg32.dll : 4 608 : 04/14/2008 08:51 AM : 627551a1011199bce013d0f4b6cacecf [Pos Repl]
* C:\WINDOWS\System32\msprivs.dll : 48 128 : 04/13/2008 09:53 PM : c6bb1d1500db4a0e224cb65e6c7e8a80 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msprivs.dll : 48 128 : 08/17/2004 03:48 PM : 4f3348d753fc2c6d46300f65d77b840b [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msprivs.dll : 48 128 : 04/13/2008 09:53 PM : c6bb1d1500db4a0e224cb65e6c7e8a80 [Pos Repl]
* C:\WINDOWS\System32\msvcrt.dll : 343 040 : 04/14/2008 08:51 AM : d165dfcb4ea452510e53416f573018bb [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msvcrt.dll : 343 040 : 08/17/2004 03:49 PM : 91cc3e4ccdbbf8e224182c76c87e454f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msvcrt.dll : 343 040 : 04/14/2008 08:51 AM : d165dfcb4ea452510e53416f573018bb [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll : 322 560 : 10/25/2001 01:00 PM : 4200be3808f6406dbe45a7b88dae5035 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll : 323 072 : 08/29/2002 01:04 AM : 1b2c477d8847e4123dd8761d2e9008f7 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll : 343 040 : 08/17/2004 03:48 PM : ab47015b67531572be46c0c08222c84c [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll : 343 040 : 04/14/2008 08:37 AM : ec8d5e09c6ca5f52858a5eb71f308fdf [Pos Repl]
* C:\WINDOWS\System32\mswsock.dll : 247 296 : 06/20/2008 05:04 PM : 39ee7c3bfbc64ba87cc8cf67386e814c [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll : 247 296 : 06/20/2008 06:44 PM : b6cec406351ea5ef131416d5f52d006f [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll : 247 296 : 06/20/2008 06:44 PM : b6cec406351ea5ef131416d5f52d006f [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll : 247 296 : 08/17/2004 03:49 PM : 64c078bd4efd441c3f159edc5ea4420a [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll : 247 296 : 06/20/2008 06:49 PM : 1289b7611ccd6cb27596ae92cbf03e35 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll : 247 296 : 04/14/2008 08:51 AM : aac97dab5f8a0573cf10e0eac42a7724 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mswsock.dll : 247 296 : 04/14/2008 08:51 AM : aac97dab5f8a0573cf10e0eac42a7724 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mswsock.dll : 247 296 : 06/20/2008 05:04 PM : 39ee7c3bfbc64ba87cc8cf67386e814c [Pos Repl]
* C:\WINDOWS\System32\netlogon.dll : 407 040 : 04/14/2008 08:51 AM : c2ed0e3408f50bbc149d4f0936e67832 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll : 407 040 : 08/17/2004 03:49 PM : 2591cadaef7d2242039255028e577688 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\netlogon.dll : 407 040 : 04/14/2008 08:51 AM : c2ed0e3408f50bbc149d4f0936e67832 [Pos Repl]
* C:\WINDOWS\System32\netman.dll : 198 144 : 04/14/2008 08:51 AM : 72e1e9e2977be08bdeedb6d8fd9d4d40 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\netman.dll : 198 144 : 08/17/2004 03:49 PM : af342d2781225a8769686e0d47e3123e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\netman.dll : 198 144 : 04/14/2008 08:51 AM : 72e1e9e2977be08bdeedb6d8fd9d4d40 [Pos Repl]
* C:\WINDOWS\System32\ntmssvc.dll : 435 712 : 04/14/2008 08:51 AM : 023dd70573d644f3d9c8b1258a7bfd08 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ntmssvc.dll : 435 712 : 08/17/2004 03:49 PM : d8d2b13ba93ae830b1a637df571d1195 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll : 435 712 : 04/14/2008 08:51 AM : 023dd70573d644f3d9c8b1258a7bfd08 [Pos Repl]
* C:\WINDOWS\System32\olepro32.dll : 84 992 : 04/14/2008 08:51 AM : 16c195ebc0a3ec35c48d0c2d9a346bab [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\olepro32.dll : 83 456 : 08/17/2004 03:49 PM : 33f14f23dfae4b43cdd4e535cd7c1963 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\olepro32.dll : 84 992 : 04/14/2008 08:51 AM : 16c195ebc0a3ec35c48d0c2d9a346bab [Pos Repl]
* C:\WINDOWS\System32\perfctrs.dll : 39 936 : 04/14/2008 08:51 AM : 1682285f7c0934c764a0ebbc568153ca [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\perfctrs.dll : 39 936 : 08/17/2004 03:49 PM : 6c08ff4b76506676617e03c34eccfb11 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\perfctrs.dll : 39 936 : 04/14/2008 08:51 AM : 1682285f7c0934c764a0ebbc568153ca [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\perfctrs.dll : 39 936 : 04/14/2008 08:51 AM : 1682285f7c0934c764a0ebbc568153ca [Pos Repl]
* C:\WINDOWS\System32\powrprof.dll : 17 408 : 04/14/2008 08:51 AM : 9fa69781caa7a1da981a24f240a61a60 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\powrprof.dll : 17 408 : 08/17/2004 03:49 PM : 134b95a1d8fafd74a68e4b2116defa7d [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\powrprof.dll : 17 408 : 04/14/2008 08:51 AM : 9fa69781caa7a1da981a24f240a61a60 [Pos Repl]
* C:\WINDOWS\System32\psbase.dll : 96 768 : 04/14/2008 08:51 AM : 3d8593aa6cb1c610ccc4ee4a2079841c [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\psbase.dll : 96 768 : 08/17/2004 03:49 PM : 23519ecbdbb26ab19dd03cc4aa14d9c6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\psbase.dll : 96 768 : 04/14/2008 08:51 AM : 3d8593aa6cb1c610ccc4ee4a2079841c [Pos Repl]
* C:\WINDOWS\System32\pstorsvc.dll : 33 792 : 04/14/2008 08:51 AM : d92dbed30dbf45e7d2700596bb491b03 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\pstorsvc.dll : 33 792 : 08/17/2004 03:49 PM : 183a46179fdc11b6b9ae655be81c76da [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\pstorsvc.dll : 33 792 : 04/14/2008 08:51 AM : d92dbed30dbf45e7d2700596bb491b03 [Pos Repl]
* C:\WINDOWS\System32\qmgr.dll : 409 088 : 04/14/2008 08:51 AM : 19395d092fd85ddc2d9c7729cf5a2ac8 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll : 382 464 : 08/17/2004 03:49 PM : e774a26610ec92674273486612c11cfc [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\qmgr.dll : 409 088 : 04/14/2008 08:51 AM : 19395d092fd85ddc2d9c7729cf5a2ac8 [Pos Repl]
+-> C:\WINDOWS\system32\bits\qmgr.dll : 409 088 : 04/14/2008 08:51 AM : 19395d092fd85ddc2d9c7729cf5a2ac8 [Pos Repl]
* C:\WINDOWS\System32\rasadhlp.dll : 7 680 : 04/14/2008 08:51 AM : b26098f3dc08d841de3d79c38accb807 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\rasadhlp.dll : 8 192 : 08/17/2004 03:49 PM : 630a1012af129918d2e2d70727d69351 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rasadhlp.dll : 7 680 : 04/14/2008 08:51 AM : b26098f3dc08d841de3d79c38accb807 [Pos Repl]
* C:\WINDOWS\System32\regsvc.dll : 59 904 : 04/14/2008 08:51 AM : 8f31505484a190d5b22274708799f4ec [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\regsvc.dll : 59 904 : 08/17/2004 03:49 PM : 5b21208fcf8970bb61fe98e19d828714 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\regsvc.dll : 59 904 : 04/14/2008 08:51 AM : 8f31505484a190d5b22274708799f4ec [Pos Repl]
* C:\WINDOWS\System32\rpcss.dll : 401 408 : 02/09/2009 11:56 AM : be27674d1cbc3214aec84b4336a38bbf [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll : 401 408 : 02/09/2009 11:59 AM : c0bd34a62508ba68f146e22ce45919f9 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\rpcss.dll : 395 776 : 08/17/2004 03:49 PM : c72c15ee57e248c66e57c76cab086cf2 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll : 399 360 : 04/14/2008 08:51 AM : c868f3ae15cf71a93f2aa3a32856d839 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rpcss.dll : 399 360 : 04/14/2008 08:51 AM : c868f3ae15cf71a93f2aa3a32856d839 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\rpcss.dll : 401 408 : 02/09/2009 11:56 AM : be27674d1cbc3214aec84b4336a38bbf [Pos Repl]
* C:\WINDOWS\System32\scecli.dll : 185 856 : 04/14/2008 08:51 AM : 830ce8951c71f361d7d2f38416cc8bc1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\scecli.dll : 184 832 : 08/17/2004 03:49 PM : 07119058d451cb7ea4317bcfda8599a6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\scecli.dll : 185 856 : 04/14/2008 08:51 AM : 830ce8951c71f361d7d2f38416cc8bc1 [Pos Repl]
* C:\WINDOWS\System32\schedsvc.dll : 192 512 : 04/14/2008 08:51 AM : 3ff232a7731621b8902d81d42418c93c [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\schedsvc.dll : 190 976 : 08/17/2004 03:49 PM : 29ac93307c6182dbe336bca314947f28 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\schedsvc.dll : 192 512 : 04/14/2008 08:51 AM : 3ff232a7731621b8902d81d42418c93c [Pos Repl]
* C:\WINDOWS\System32\services.exe : 111 104 : 02/09/2009 12:25 AM : 9ef697af07bb8dd82c3b02ca953a95b7 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe : 111 104 : 02/09/2009 12:18 AM : 3d107d45ccfdb266e91d84b52cd7f430 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\services.exe : 108 544 : 08/17/2004 03:49 PM : 6e401e61f952fbbf708afbecefafae81 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB956572$\services.exe : 108 544 : 04/14/2008 08:52 AM : f0d2ae69035092bf22dad6b50fab85c2 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\services.exe : 108 544 : 04/14/2008 08:52 AM : f0d2ae69035092bf22dad6b50fab85c2 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\services.exe : 111 104 : 02/09/2009 12:25 AM : 9ef697af07bb8dd82c3b02ca953a95b7 [Pos Repl]
* C:\WINDOWS\System32\setupapi.dll : 991 744 : 04/14/2008 08:51 AM : 0e93a7f2be83af906d9eafb370300caa [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\setupapi.dll : 990 208 : 08/17/2004 03:49 PM : 16dba3c4c38b72ae88f3e7a6b4bf82f1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\setupapi.dll : 991 744 : 04/14/2008 08:51 AM : 0e93a7f2be83af906d9eafb370300caa [Pos Repl]
* C:\WINDOWS\System32\sfc.dll : 5 120 : 04/14/2008 08:51 AM : 5ee949255babc0b17c09ddb2e59e3878 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sfc.dll : 5 120 : 08/17/2004 03:49 PM : 6cc2d21488333133ae0c9f44f6051cb7 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sfc.dll : 5 120 : 04/14/2008 08:51 AM : 5ee949255babc0b17c09ddb2e59e3878 [Pos Repl]
* C:\WINDOWS\System32\sfcfiles.dll : 1 571 840 : 04/14/2008 08:51 AM : 56a6034e7764e23d9114223eb3523925 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll : 1 548 288 : 08/17/2004 03:49 PM : 5ca2e2ba624d6f2c7a581c91e70394cb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll : 1 571 840 : 04/14/2008 08:51 AM : 56a6034e7764e23d9114223eb3523925 [Pos Repl]
* C:\WINDOWS\System32\shsvcs.dll : 135 168 : 07/28/2009 00:19 AM : ee9a2b9ea968a792a053c9d1a86bf870 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB971029\SP3QFE\shsvcs.dll : 135 168 : 07/27/2009 11:22 PM : 54a6bf743e0517528a5064ceaeb40ea7 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\shsvcs.dll : 134 656 : 08/17/2004 03:49 PM : 8ba76bd2a943f642f267a296a15776d2 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB971029$\shsvcs.dll : 135 168 : 04/14/2008 08:51 AM : b927443008910b412bec72fc41c1bad0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\shsvcs.dll : 135 168 : 04/14/2008 08:51 AM : b927443008910b412bec72fc41c1bad0 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\shsvcs.dll : 135 168 : 07/28/2009 00:19 AM : ee9a2b9ea968a792a053c9d1a86bf870 [Pos Repl]
* C:\WINDOWS\System32\smss.exe : 50 688 : 04/14/2008 08:52 AM : 9b08a8c6331c2da9c30377bcb4262721 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\smss.exe : 50 688 : 08/17/2004 03:49 PM : 04b69d49d7fc3358a372e97db6d39447 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\smss.exe : 50 688 : 04/14/2008 08:52 AM : 9b08a8c6331c2da9c30377bcb4262721 [Pos Repl]
* C:\WINDOWS\System32\spoolsv.exe : 58 880 : 08/17/2010 02:17 PM : 60784f891563fb1b767f70117fc2428f [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe : 58 880 : 08/17/2010 02:19 PM : 258dd5d4283fd9f9a7166be9ae45ce73 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe : 57 856 : 08/17/2004 03:49 PM : 21b6faa88044a41640e03ebb68be93e8 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe : 57 856 : 04/14/2008 08:52 AM : cb1090bca0e7b40d0b5b4e4d66531809 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe : 57 856 : 04/14/2008 08:52 AM : cb1090bca0e7b40d0b5b4e4d66531809 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\spoolsv.exe : 58 880 : 08/17/2010 02:17 PM : 60784f891563fb1b767f70117fc2428f [Pos Repl]
* C:\WINDOWS\System32\srsvc.dll : 171 008 : 04/14/2008 08:52 AM : 35b91147124f64ac8081a2edb9ea4dee [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\srsvc.dll : 170 496 : 08/17/2004 03:49 PM : 3cd57f31a64d32fdb28918b16d1e6aac [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\srsvc.dll : 171 008 : 04/14/2008 08:52 AM : 35b91147124f64ac8081a2edb9ea4dee [Pos Repl]
* C:\WINDOWS\System32\ssdpsrv.dll : 71 680 : 04/14/2008 08:52 AM : becd5271dc4e3b7c3d035f790fcbc1e5 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ssdpsrv.dll : 71 680 : 08/17/2004 03:49 PM : 88c28f53f53438dafcd95e99c837c61e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ssdpsrv.dll : 71 680 : 04/14/2008 08:52 AM : becd5271dc4e3b7c3d035f790fcbc1e5 [Pos Repl]
* C:\WINDOWS\System32\svchost.exe : 14 336 : 04/14/2008 08:52 AM : be4a520e29b6391f49e79ccc52044d93 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\svchost.exe : 14 336 : 08/17/2004 03:49 PM : dfba2915b0bf58abb288cd4c9318cb3f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\svchost.exe : 14 336 : 04/14/2008 08:52 AM : be4a520e29b6391f49e79ccc52044d93 [Pos Repl]
* C:\WINDOWS\System32\tapisrv.dll : 249 856 : 04/14/2008 08:52 AM : c2546cd7a398476f9df5614b2ae160e8 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tapisrv.dll : 246 272 : 08/17/2004 03:49 PM : 37162d29cd61519e6f5ea0de99786ff6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tapisrv.dll : 249 856 : 04/14/2008 08:52 AM : c2546cd7a398476f9df5614b2ae160e8 [Pos Repl]
* C:\WINDOWS\System32\termsrv.dll : 295 936 : 04/14/2008 08:52 AM : a75dd6fc3dbee4fff5ebc9f2c28bb66e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\termsrv.dll : 295 936 : 08/17/2004 03:49 PM : 2f5919f2f6ee7a845893d9c3aa2bc56a [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\termsrv.dll : 295 936 : 04/14/2008 08:52 AM : a75dd6fc3dbee4fff5ebc9f2c28bb66e [Pos Repl]
* C:\WINDOWS\System32\upnphost.dll : 186 368 : 04/14/2008 08:52 AM : 651bd90dcee5b7bdc74a2eb7c9266f9e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\upnphost.dll : 185 344 : 08/17/2004 03:49 PM : 984fc1518b0d5b31d76f0e63608e0500 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\upnphost.dll : 186 368 : 04/14/2008 08:52 AM : 651bd90dcee5b7bdc74a2eb7c9266f9e [Pos Repl]
* C:\WINDOWS\System32\user32.dll : 578 560 : 04/14/2008 08:52 AM : e16e0990967374e76f3e40cacafd3d53 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\user32.dll : 577 024 : 08/17/2004 03:49 PM : 1b4ccc59980da34e75f20e42b283b027 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\user32.dll : 578 560 : 04/14/2008 08:52 AM : e16e0990967374e76f3e40cacafd3d53 [Pos Repl]
* C:\WINDOWS\System32\userinit.exe : 26 112 : 04/14/2008 08:52 AM : 7dc1830f22e7d275b438127b68030239 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\userinit.exe : 24 576 : 08/17/2004 03:49 PM : 836f7960362ff95c5d49e40b891f2cfc [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\userinit.exe : 26 112 : 04/14/2008 08:52 AM : 7dc1830f22e7d275b438127b68030239 [Pos Repl]
* C:\WINDOWS\System32\UxTheme.dll : 219 648 : 04/14/2008 08:52 AM : e04a8dc5c740c679ef62a614d9339ecf [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\uxtheme.dll : 219 648 : 08/17/2004 03:49 PM : 0d3c98f2d11978d67dd4102471cfbfac [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\uxtheme.dll : 219 648 : 04/14/2008 08:52 AM : e04a8dc5c740c679ef62a614d9339ecf [Pos Repl]
* C:\WINDOWS\System32\version.dll : 18 944 : 04/14/2008 08:52 AM : 614f8186bdab926e3b1d8927a4161b54 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\version.dll : 18 944 : 08/17/2004 03:49 PM : e472bda53a4dcd2142143af9fd25c99a [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\version.dll : 18 944 : 04/14/2008 08:52 AM : 614f8186bdab926e3b1d8927a4161b54 [Pos Repl]
* C:\WINDOWS\System32\w32time.dll : 176 640 : 04/14/2008 08:52 AM : fa4e1cdba256787f2149f4aad07bc91f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\w32time.dll : 176 128 : 08/17/2004 03:49 PM : 2ceebb402187ae56b585701f3d191fb3 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\w32time.dll : 176 640 : 04/14/2008 08:52 AM : fa4e1cdba256787f2149f4aad07bc91f [Pos Repl]
* C:\WINDOWS\System32\wbem\wmiprvse.exe : 227 840 : 02/06/2009 11:10 AM : 798a9e6828997eef4517ada8a2259831 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\wmiprvse.exe : 227 840 : 02/06/2009 11:15 AM : f520ab392d58c0a1070268032d809382 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe : 218 112 : 08/17/2004 03:49 PM : ef897ddcd9e269b83f03f328698aae7a [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB956572$\wmiprvse.exe : 218 112 : 04/14/2008 08:52 AM : edf9ca5598b7ea3f91a1f1104ee665db [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe : 218 112 : 04/14/2008 08:52 AM : edf9ca5598b7ea3f91a1f1104ee665db [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wmiprvse.exe : 227 840 : 02/06/2009 11:10 AM : 798a9e6828997eef4517ada8a2259831 [Pos Repl]
* C:\WINDOWS\System32\wdigest.dll : 54 272 : 06/25/2009 09:27 AM : a06d566df5918e78dcf80596b17d2c9a [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\wdigest.dll : 54 272 : 06/25/2009 09:42 AM : afededb8e5350b1fa90b90619fb85b67 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\wdigest.dll : 49 152 : 08/17/2004 03:49 PM : 36a876e71d71ec0dd06cbd53e744c2b4 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB968389$\wdigest.dll : 49 152 : 04/14/2008 08:52 AM : f4b1e8d41e8452069c99ef7cc8b89ba6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wdigest.dll : 49 152 : 04/14/2008 08:52 AM : f4b1e8d41e8452069c99ef7cc8b89ba6 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wdigest.dll : 54 272 : 06/25/2009 09:27 AM : a06d566df5918e78dcf80596b17d2c9a [Pos Repl]
* C:\WINDOWS\System32\wiaservc.dll : 334 336 : 04/14/2008 08:52 AM : c1cdd9275f6a115bb0ae1d55d8d27ba6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\wiaservc.dll : 333 824 : 08/17/2004 03:49 PM : 0645ccdddd27f96eea3534c1def736d9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wiaservc.dll : 334 336 : 04/14/2008 08:52 AM : c1cdd9275f6a115bb0ae1d55d8d27ba6 [Pos Repl]
* C:\WINDOWS\System32\winlogon.exe : 507 904 : 04/14/2008 08:52 AM : cddb1f8e1aea356f3ad106f2cf9b7fea [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe : 502 272 : 08/17/2004 03:49 PM : 221c29ae1b4cc61d11d8b27de78b2307 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\winlogon.exe : 507 904 : 04/14/2008 08:52 AM : cddb1f8e1aea356f3ad106f2cf9b7fea [Pos Repl]
* C:\WINDOWS\System32\ws2_32.dll : 82 432 : 04/14/2008 08:52 AM : 951d473917c51f21496d914cf6e5ddd1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll : 82 944 : 08/17/2004 03:49 PM : 382e9b87f1282e697c67af84e34e35e2 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll : 82 432 : 04/14/2008 08:52 AM : 951d473917c51f21496d914cf6e5ddd1 [Pos Repl]
* C:\WINDOWS\System32\ws2help.dll : 19 968 : 04/14/2008 08:52 AM : 859f7735f199c90403340183a3ddfb78 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ws2help.dll : 19 968 : 08/17/2004 03:49 PM : c2b86666fc44b48903ad6016d15a23df [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ws2help.dll : 19 968 : 04/14/2008 08:52 AM : 859f7735f199c90403340183a3ddfb78 [Pos Repl]
* C:\WINDOWS\System32\wscntfy.exe : 13 824 : 04/14/2008 08:52 AM : 278a14bedef58687eaf8bec056a78d8b [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe : 13 824 : 08/17/2004 03:49 PM : 93f75ff033baa186d08115d73bfe3d32 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe : 13 824 : 04/14/2008 08:52 AM : 278a14bedef58687eaf8bec056a78d8b [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wscntfy.exe : 13 824 : 04/14/2008 08:52 AM : 278a14bedef58687eaf8bec056a78d8b [Pos Repl]
* C:\WINDOWS\System32\xmlprov.dll : 129 024 : 04/14/2008 08:52 AM : eaa4bb9edb3fb10cf8979fe65e63658f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\xmlprov.dll : 129 536 : 08/17/2004 03:49 PM : 9b835d4c64860b155a1701d5092ec9e4 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll : 129 024 : 04/14/2008 08:52 AM : eaa4bb9edb3fb10cf8979fe65e63658f [Pos Repl]
* C:\WINDOWS\explorer.exe : 1 034 240 : 04/14/2008 08:52 AM : 27afd587c462e280ee046b8cca3c2cd1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\explorer.exe : 1 032 704 : 08/17/2004 03:49 PM : 53114d57ab73a406ac7f602227781a99 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\explorer.exe : 1 034 240 : 04/14/2008 08:52 AM : 27afd587c462e280ee046b8cca3c2cd1 [Pos Repl]
* C:\WINDOWS\System32\drivers\acpiec.sys : 11 776 : 10/25/2001 01:00 PM : afdff022a01f0b11c776f0860c3b282f [NoSig]
* C:\WINDOWS\System32\drivers\acpi.sys : 188 288 : 04/14/2008 07:35 AM : 4fe34f1f3126b61fcc6b2043aa8112c9 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\acpi.sys : 188 288 : 08/17/2004 03:43 PM : fa2fbcda96d2385f773b059fe5a125a6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\acpi.sys : 188 288 : 04/14/2008 07:35 AM : 4fe34f1f3126b61fcc6b2043aa8112c9 [Pos Repl]
* C:\WINDOWS\System32\drivers\aec.sys : 142 592 : 04/13/2008 10:09 PM : 8bed39e3c35d6a489438b8141717a557 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\aec.sys : 142 464 : 08/03/2004 10:39 PM : 841f385c6cfaf66b58fbd898722bb4f0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\aec.sys : 142 592 : 04/13/2008 10:09 PM : 8bed39e3c35d6a489438b8141717a557 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\aec.sys : 142 592 : 04/13/2008 10:09 PM : 8bed39e3c35d6a489438b8141717a557 [Pos Repl]
* C:\WINDOWS\System32\drivers\afd.sys : 138 496 : 08/17/2011 02:49 PM : 1e44bc1e83d8fd2305f8d452db109cf9 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys : 138 496 : 02/16/2011 02:25 PM : 8d499b1276012eb907e7a9e0f4d8fda4 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys : 138 496 : 10/16/2008 04:07 PM : 38d7b715504da4741df35e3594fe2099 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys : 138 496 : 08/17/2011 02:41 PM : f6b7b1ecd7b41736bdb6ff4b092bcb79 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys : 138 496 : 06/20/2008 12:48 AM : d6ee6014241d034e63c49a50cb2b442a [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys : 138 496 : 08/14/2008 11:34 AM : 4d43e74f2a1239d53929b82600f1971c [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\afd.sys : 138 496 : 08/03/2004 11:14 PM : 5ac495f4cb807b2b98ad2ad591e6d92e [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2503665$\afd.sys : 138 496 : 10/16/2008 03:43 PM : 7618d5218f2a614672ec61a80d854a37 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2509553$\afd.sys : 138 496 : 08/14/2008 11:04 AM : 7e775010ef291da96ad17ca4b17137d7 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2592799$\afd.sys : 138 496 : 02/16/2011 02:22 PM : 355556d9e580915118cd7ef736653a89 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB951748$\afd.sys : 138 112 : 04/14/2008 00:49 AM : 322d0e36693d6e24a2398bee62a268cd [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB956803$\afd.sys : 138 496 : 06/20/2008 12:40 AM : e3049b90fe06f3f740b7cfda44995e2c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\afd.sys : 138 112 : 04/14/2008 00:49 AM : 322d0e36693d6e24a2398bee62a268cd [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\afd.sys : 138 496 : 08/17/2011 02:49 PM : 1e44bc1e83d8fd2305f8d452db109cf9 [Pos Repl]
* C:\WINDOWS\System32\drivers\agp440.sys : 42 368 : 04/14/2008 00:06 AM : 08fd04aa961bdc77fb983f328334e3d7 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\agp440.sys : 42 368 : 08/03/2004 11:07 PM : 2c428fa0c3e3a01ed93c9b2a27d8d4bb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\agp440.sys : 42 368 : 04/14/2008 00:06 AM : 08fd04aa961bdc77fb983f328334e3d7 [Pos Repl]
* C:\WINDOWS\System32\drivers\amdk6.sys : 41 216 : 04/14/2008 07:38 AM : aa2d3a86f7b551aa227b17efaeab7d22 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\amdk6.sys : 40 832 : 08/17/2004 03:43 PM : f4e1072598a00a5fb74fc08bc97e33de [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\amdk6.sys : 41 216 : 04/14/2008 07:38 AM : aa2d3a86f7b551aa227b17efaeab7d22 [Pos Repl]
* C:\WINDOWS\System32\drivers\amdk7.sys : 41 600 : 04/14/2008 07:38 AM : 3980814f8027d27ea003e2e3d9d4f604 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\amdk7.sys : 41 216 : 08/17/2004 03:43 PM : 2cc3bf45ac3180fe29c199bd95f09601 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\amdk7.sys : 41 600 : 04/14/2008 07:38 AM : 3980814f8027d27ea003e2e3d9d4f604 [Pos Repl]
* C:\WINDOWS\System32\drivers\arp1394.sys : 60 800 : 04/14/2008 00:21 AM : b5b8a80875c1dededa8b02765642c32f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\arp1394.sys : 60 800 : 08/03/2004 10:58 PM : f0d692b0bffb46e30eb3cea168bbc49f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\arp1394.sys : 60 800 : 04/14/2008 00:21 AM : b5b8a80875c1dededa8b02765642c32f [Pos Repl]
* C:\WINDOWS\System32\drivers\asyncmac.sys : 14 336 : 04/14/2008 00:27 AM : b153affac761e7f5fcfa822b9c4e97bc [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\asyncmac.sys : 14 336 : 08/03/2004 11:05 PM : 02000abf34af4c218c35d257024807d6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\asyncmac.sys : 14 336 : 04/14/2008 00:27 AM : b153affac761e7f5fcfa822b9c4e97bc [Pos Repl]
* C:\WINDOWS\System32\drivers\atapi.sys : 96 512 : 04/14/2008 00:10 AM : 9f3a2f5aa6875c72bf062c712cfa2674 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\atapi.sys : 95 360 : 08/03/2004 10:59 PM : cdfe4411a69c224bd1d11b2da92dac51 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\atapi.sys : 96 512 : 04/14/2008 00:10 AM : 9f3a2f5aa6875c72bf062c712cfa2674 [Pos Repl]
* C:\WINDOWS\System32\drivers\audstub.sys : 3 072 : 08/17/2001 10:59 PM : d9f724aa26c010a217c97606b160ed68 [NoSig]
* C:\WINDOWS\System32\drivers\beep.sys : 4 224 : 10/25/2001 01:00 PM : da1f27d85e0d1525f6621372e7b685e9 [NoSig]
+-> C:\WINDOWS\system32\dllcache\beep.sys : 4 224 : 10/25/2001 01:00 PM : da1f27d85e0d1525f6621372e7b685e9 [Pos Repl]
* C:\WINDOWS\System32\drivers\bridge.sys : 71 552 : 04/14/2008 00:23 AM : f934d1b230f84e1d19dd00ac5a7a83ed [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\bridge.sys : 71 552 : 08/03/2004 10:59 PM : e4e6a0922e3d983728c9ad4e8d466954 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\bridge.sys : 71 552 : 04/14/2008 00:23 AM : f934d1b230f84e1d19dd00ac5a7a83ed [Pos Repl]
* C:\WINDOWS\System32\drivers\bthport.sys : 272 128 : 06/14/2008 06:35 PM : f338662a6c1fc11dd9508f6dff2c06a2 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys : 272 128 : 06/14/2008 06:40 PM : 1d310260167097c7b582790826b0f501 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\bthport.sys : 274 304 : 08/17/2004 03:43 PM : c4084076346ff43f3005477644710657 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys : 272 896 : 04/14/2008 07:45 AM : 164f186e09f26ba47b89e4db9b0aaf1e [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\bthport.sys : 272 128 : 06/14/2008 06:35 PM : f338662a6c1fc11dd9508f6dff2c06a2 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\bthport.sys : 272 896 : 04/14/2008 07:45 AM : 164f186e09f26ba47b89e4db9b0aaf1e [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\bthport.sys : 272 128 : 06/14/2008 06:35 PM : f338662a6c1fc11dd9508f6dff2c06a2 [Pos Repl]
* C:\WINDOWS\System32\drivers\cbidf2k.sys : 13 952 : 10/25/2001 01:00 PM : 90a673fc8e12a79afbed2576f6a7aaf9 [NoSig]
* C:\WINDOWS\System32\drivers\cdaudio.sys : 18 688 : 10/25/2001 01:00 PM : c1b486a7658353d33a10cc15211a873b [NoSig]
* C:\WINDOWS\System32\drivers\cdfs.sys : 63 744 : 04/14/2008 00:44 AM : c885b02847f5d2fd45a24e219ed93b32 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\cdfs.sys : 63 744 : 08/03/2004 11:14 PM : cd7d5152df32b47f4e36f710b35aae02 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\cdfs.sys : 63 744 : 04/14/2008 00:44 AM : c885b02847f5d2fd45a24e219ed93b32 [Pos Repl]
* C:\WINDOWS\System32\drivers\cdrom.sys : 62 976 : 04/14/2008 00:10 AM : 1f4260cc5b42272d71f79e570a27a4fe [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys : 49 536 : 08/03/2004 10:59 PM : af9c19b3100fe010496b1a27181fbf72 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\cdrom.sys : 62 976 : 04/14/2008 00:10 AM : 1f4260cc5b42272d71f79e570a27a4fe [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\cdrom.sys : 62 592 : 12/22/2009 07:39 PM : 7b53584d94e9d8716b2de91d5f1cb42d [Pos Repl]
* C:\WINDOWS\System32\drivers\classpnp.sys : 49 536 : 04/14/2008 00:46 AM : fe47dd8fe6d7768ff94ebec6c74b2719 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\classpnp.sys : 49 664 : 08/03/2004 11:14 PM : d86173b401470f06d9810f7962969ddf [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\classpnp.sys : 49 536 : 04/14/2008 00:46 AM : fe47dd8fe6d7768ff94ebec6c74b2719 [Pos Repl]
* C:\WINDOWS\System32\drivers\cpqdap01.sys : 11 776 : 10/25/2001 01:00 PM : 9624293e55ad405415862b504ca95b73 [NoSig]
* C:\WINDOWS\System32\drivers\crusoe.sys : 40 576 : 04/14/2008 07:56 AM : 57ffb078b71f5b5e7a3dff40f0f47711 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\crusoe.sys : 40 320 : 08/17/2004 03:44 PM : 80419d8e6dbdb8c25cbafc8269243cf7 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\crusoe.sys : 40 576 : 04/14/2008 07:56 AM : 57ffb078b71f5b5e7a3dff40f0f47711 [Pos Repl]
* C:\WINDOWS\System32\drivers\diskdump.sys : 14 208 : 04/14/2008 00:10 AM : e65e2353a5d74ea89971cb918eeeb2f6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\diskdump.sys : 14 208 : 08/03/2004 10:59 PM : d16c81677a9be399c63cd2ea486472a5 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\diskdump.sys : 14 208 : 04/14/2008 00:10 AM : e65e2353a5d74ea89971cb918eeeb2f6 [Pos Repl]
* C:\WINDOWS\System32\drivers\disk.sys : 36 352 : 04/14/2008 00:10 AM : 044452051f3e02e7963599fc8f4f3e25 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\disk.sys : 36 352 : 08/03/2004 10:59 PM : 00ca44e4534865f8a3b64f7c0984bff0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\disk.sys : 36 352 : 04/14/2008 00:10 AM : 044452051f3e02e7963599fc8f4f3e25 [Pos Repl]
* C:\WINDOWS\System32\drivers\dmboot.sys : 800 000 : 04/14/2008 08:00 AM : db5fd2bf5b07dc54bfcb3664ff05bd7c [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dmboot.sys : 800 000 : 08/17/2004 03:45 PM : e1968edec81c430108feb23ab07bdb14 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dmboot.sys : 800 000 : 04/14/2008 08:00 AM : db5fd2bf5b07dc54bfcb3664ff05bd7c [Pos Repl]
* C:\WINDOWS\System32\drivers\dmio.sys : 153 856 : 04/14/2008 08:01 AM : fff1720af51171f32f1ead5cf71f2810 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dmio.sys : 153 856 : 08/17/2004 03:45 PM : 1b1520a82e396e46b9ae9fa6b03ff6c6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dmio.sys : 153 856 : 04/14/2008 08:01 AM : fff1720af51171f32f1ead5cf71f2810 [Pos Repl]
* C:\WINDOWS\System32\drivers\dmload.sys : 5 888 : 10/25/2001 01:00 PM : e9317282a63ca4d188c0df5e09c6ac5f [NoSig]
+-> C:\WINDOWS\system32\dllcache\dmload.sys : 5 888 : 10/25/2001 01:00 PM : e9317282a63ca4d188c0df5e09c6ac5f [Pos Repl]
* C:\WINDOWS\System32\drivers\DMusic.sys : 52 864 : 04/14/2008 00:15 AM : 8a208dfcf89792a484e76c40e5f50b45 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dmusic.sys : 52 864 : 08/03/2004 11:07 PM : a6f881284ac1150e37d9ae47ff601267 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dmusic.sys : 52 864 : 04/14/2008 00:15 AM : 8a208dfcf89792a484e76c40e5f50b45 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\dmusic.sys : 52 864 : 04/14/2008 00:15 AM : 8a208dfcf89792a484e76c40e5f50b45 [Pos Repl]
* C:\WINDOWS\System32\drivers\drmkaud.sys : 2 944 : 04/14/2008 00:15 AM : 8f5fcff8e8848afac920905fbd9d33c8 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys : 2 944 : 08/03/2004 11:07 PM : 1ed4dbbae9f5d558dbba4cc450e3eb2e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\drmkaud.sys : 2 944 : 04/14/2008 00:15 AM : 8f5fcff8e8848afac920905fbd9d33c8 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\drmkaud.sys : 2 944 : 04/14/2008 00:15 AM : 8f5fcff8e8848afac920905fbd9d33c8 [Pos Repl]
* C:\WINDOWS\System32\drivers\drmk.sys : 60 160 : 04/13/2008 11:15 PM : 6cb08593487f5701d2d2254e693eafce [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\drmk.sys : 60 288 : 08/03/2004 11:08 PM : ff86422268de771d571e123eb7092c6a [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\drmk.sys : 60 160 : 04/14/2008 00:15 AM : 6cb08593487f5701d2d2254e693eafce [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\drmk.sys : 60 160 : 04/14/2008 00:15 AM : 6cb08593487f5701d2d2254e693eafce [Pos Repl]
* C:\WINDOWS\System32\drivers\dxapi.sys : 10 496 : 10/25/2001 01:00 PM : fe97d0343acfdebdd578fc67cc91fa87 [NoSig]
+-> C:\WINDOWS\system32\dllcache\dxapi.sys : 10 496 : 10/25/2001 01:00 PM : fe97d0343acfdebdd578fc67cc91fa87 [Pos Repl]
* C:\WINDOWS\System32\drivers\dxg.sys : 71 168 : 04/14/2008 00:08 AM : ac7280566a7bb85cb3291f04ddc1198e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dxg.sys : 71 040 : 08/03/2004 11:00 PM : d3dac8432110aad0b02a58b4459ab835 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dxg.sys : 71 168 : 04/14/2008 00:08 AM : ac7280566a7bb85cb3291f04ddc1198e [Pos Repl]
* C:\WINDOWS\System32\drivers\dxgthk.sys : 3 328 : 10/25/2001 01:00 PM : a73f5d6705b1d820c19b18782e176efd [NoSig]
+-> C:\WINDOWS\system32\dllcache\dxgthk.sys : 3 328 : 10/25/2001 01:00 PM : a73f5d6705b1d820c19b18782e176efd [Pos Repl]
* C:\WINDOWS\System32\drivers\fastfat.sys : 143 744 : 04/14/2008 00:44 AM : 38d332a6d56af32635675f132548343e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys : 143 360 : 08/03/2004 11:14 PM : 3117f595e9615e04f05a54fc15a03b20 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\fastfat.sys : 143 744 : 04/14/2008 00:44 AM : 38d332a6d56af32635675f132548343e [Pos Repl]
* C:\WINDOWS\System32\drivers\fdc.sys : 27 392 : 04/14/2008 00:10 AM : 92cdd60b6730b9f50f6a1a0c1f8cdc81 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\fdc.sys : 27 392 : 08/03/2004 10:59 PM : ced2e8396a8838e59d8fd529c680e02c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\fdc.sys : 27 392 : 04/14/2008 00:10 AM : 92cdd60b6730b9f50f6a1a0c1f8cdc81 [Pos Repl]
* C:\WINDOWS\System32\drivers\fips.sys : 44 544 : 04/14/2008 07:43 AM : ac366695a0796560aa37215ad5762aaf [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\fips.sys : 34 944 : 10/25/2001 01:00 PM : 266dab58619b17bdf37fabbd48d875ca [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\fips.sys : 44 544 : 04/14/2008 07:43 AM : ac366695a0796560aa37215ad5762aaf [Pos Repl]
* C:\WINDOWS\System32\drivers\flpydisk.sys : 20 480 : 04/14/2008 00:10 AM : 9d27e7b80bfcdf1cdd9b555862d5e7f0 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\flpydisk.sys : 20 480 : 08/03/2004 10:59 PM : 0dd1de43115b93f4d85e889d7a86f548 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\flpydisk.sys : 20 480 : 04/14/2008 00:10 AM : 9d27e7b80bfcdf1cdd9b555862d5e7f0 [Pos Repl]
* C:\WINDOWS\System32\drivers\fltMgr.sys : 129 792 : 04/14/2008 00:03 AM : b2cf4b0786f8212cb92ed2b50c6db6b0 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\fltmgr.sys : 124 800 : 08/03/2004 11:01 PM : 157754f0df355a9e0a6f54721914f9c6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\fltmgr.sys : 129 792 : 04/14/2008 00:03 AM : b2cf4b0786f8212cb92ed2b50c6db6b0 [Pos Repl]
* C:\WINDOWS\System32\drivers\fs_rec.sys : 7 936 : 10/25/2001 01:00 PM : 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a [NoSig]
+-> C:\WINDOWS\system32\dllcache\fs_rec.sys : 7 936 : 10/25/2001 01:00 PM : 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a [Pos Repl]
* C:\WINDOWS\System32\drivers\fsvga.sys : 12 160 : 10/25/2001 01:00 PM : 9996a605d10e8c7daa29a380eaef51ae [NoSig]
* C:\WINDOWS\System32\drivers\ftdisk.sys : 125 184 : 10/25/2001 01:00 PM : 4e664d8541db4a66b73a24257e322e1f [NoSig]
* C:\WINDOWS\System32\drivers\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\hidclass.sys : 36 224 : 08/03/2004 11:08 PM : 378055ab8dda86228683c697c4e11685 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\hidclass.sys : 36 864 : 04/14/2008 00:15 AM : 1af592532532a402ed7c060f6954004f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [Pos Repl]
* C:\WINDOWS\System32\drivers\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\hidusb.sys : 9 600 : 10/25/2001 01:00 PM : 1de6783b918f540149aa69943bdfeba8 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\hidusb.sys : 10 368 : 04/14/2008 00:15 AM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
* C:\WINDOWS\System32\drivers\http.sys : 265 728 : 10/20/2009 05:20 PM : f80a415ef82cd06ffaf0d971528ead38 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB970430\SP3QFE\http.sys : 265 728 : 10/20/2009 04:21 PM : 937031c085718c1c04a9c0864625ec6b [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\http.sys : 263 040 : 08/03/2004 11:00 PM : c19b522a9ae0bbc3293397f3055e80a1 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB970430$\http.sys : 264 832 : 04/14/2008 00:23 AM : f6aacf5bce2893e0c1754afeb672e5c9 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\http.sys : 265 728 : 10/20/2009 05:20 PM : f80a415ef82cd06ffaf0d971528ead38 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\http.sys : 264 832 : 04/14/2008 00:23 AM : f6aacf5bce2893e0c1754afeb672e5c9 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\http.sys : 265 728 : 10/20/2009 05:20 PM : f80a415ef82cd06ffaf0d971528ead38 [Pos Repl]
* C:\WINDOWS\System32\drivers\i8042prt.sys : 52 096 : 04/14/2008 07:51 AM : c528e27945367191e7bae364930b6932 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys : 52 352 : 08/17/2004 03:44 PM : 0f42de9909b5dbf2c48dd1a79d491af5 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys : 52 096 : 04/14/2008 07:51 AM : c528e27945367191e7bae364930b6932 [Pos Repl]
* C:\WINDOWS\System32\drivers\imapi.sys : 42 112 : 04/14/2008 00:11 AM : 083a052659f5310dd8b6a6cb05edcf8e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\imapi.sys : 41 856 : 08/03/2004 11:00 PM : f8aa320c6a0409c0380e5d8a99d76ec6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\imapi.sys : 42 112 : 04/14/2008 00:11 AM : 083a052659f5310dd8b6a6cb05edcf8e [Pos Repl]
* C:\WINDOWS\System32\drivers\intelppm.sys : 40 192 : 04/14/2008 07:55 AM : 27b290d632af2cf3cf40bfddb7370985 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\intelppm.sys : 39 936 : 08/17/2004 03:44 PM : 10a3ac0f0df720ad3c3fd13861d50eb9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\intelppm.sys : 40 192 : 04/14/2008 07:55 AM : 27b290d632af2cf3cf40bfddb7370985 [Pos Repl]
* C:\WINDOWS\System32\drivers\ip6fw.sys : 36 608 : 04/14/2008 00:23 AM : 3bb22519a194418d5fec05d800a19ad0 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ip6fw.sys : 29 056 : 08/03/2004 11:00 PM : 4448006b6bc60e6c027932cfc38d6855 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys : 36 608 : 04/14/2008 00:23 AM : 3bb22519a194418d5fec05d800a19ad0 [Pos Repl]
* C:\WINDOWS\System32\drivers\ipfltdrv.sys : 32 896 : 10/25/2001 01:00 PM : 731f22ba402ee4b62748adaf6363c182 [NoSig]
+-> C:\WINDOWS\system32\dllcache\ipfltdrv.sys : 32 896 : 10/25/2001 01:00 PM : 731f22ba402ee4b62748adaf6363c182 [Pos Repl]
* C:\WINDOWS\System32\drivers\ipinip.sys : 20 864 : 04/14/2008 00:27 AM : b87ab476dcf76e72010632b5550955f5 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ipinip.sys : 20 992 : 08/03/2004 11:04 PM : e1ec7f5da720b640cd8fb8424f1b14bb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ipinip.sys : 20 864 : 04/14/2008 00:27 AM : b87ab476dcf76e72010632b5550955f5 [Pos Repl]
* C:\WINDOWS\System32\drivers\ipnat.sys : 152 832 : 04/14/2008 00:27 AM : cc748ea12c6effde940ee98098bf96bb [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ipnat.sys : 134 912 : 08/03/2004 11:04 PM : b5a8e215ac29d24d60b4d1250ef05ace [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ipnat.sys : 152 832 : 04/14/2008 00:27 AM : cc748ea12c6effde940ee98098bf96bb [Pos Repl]
* C:\WINDOWS\System32\drivers\ipsec.sys : 75 264 : 04/14/2008 00:49 AM : 23c74d75e36e7158768dd63d92789a91 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys : 74 752 : 08/03/2004 11:14 PM : 64537aa5c003a6afeee1df819062d0d1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ipsec.sys : 75 264 : 04/14/2008 00:49 AM : 23c74d75e36e7158768dd63d92789a91 [Pos Repl]
* C:\WINDOWS\System32\drivers\irenum.sys : 11 264 : 04/14/2008 00:24 AM : c93c9ff7b04d772627a3646d89f7bf89 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\irenum.sys : 11 264 : 08/03/2004 11:00 PM : 50708daa1b1cbb7d6ac1cf8f56a24410 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\irenum.sys : 11 264 : 04/14/2008 00:24 AM : c93c9ff7b04d772627a3646d89f7bf89 [Pos Repl]
* C:\WINDOWS\System32\drivers\isapnp.sys : 37 248 : 04/14/2008 07:57 AM : cc9f8a2d60aed1a51a3ac34c59b987ae [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys : 35 840 : 10/25/2001 01:00 PM : 1091528512e4dd7ed5fddcc4df1c53d7 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\isapnp.sys : 37 248 : 04/14/2008 07:57 AM : cc9f8a2d60aed1a51a3ac34c59b987ae [Pos Repl]
* C:\WINDOWS\System32\drivers\kbdclass.sys : 24 576 : 04/14/2008 07:59 AM : 1b6162fe7f66b1a71a4b70f941c4aa9b [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys : 24 576 : 08/17/2004 03:45 PM : 6f877bf8dc01a550cd666f3bedb2213c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys : 24 576 : 04/14/2008 07:59 AM : 1b6162fe7f66b1a71a4b70f941c4aa9b [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\kbdclass.sys : 24 576 : 04/14/2008 06:59 AM : 1b6162fe7f66b1a71a4b70f941c4aa9b [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\kbdclass.sys : 24 576 : 04/14/2008 06:59 AM : 1b6162fe7f66b1a71a4b70f941c4aa9b [Pos Repl]
* C:\WINDOWS\System32\drivers\kmixer.sys : 172 416 : 04/14/2008 00:15 AM : 692bcf44383d056aed41b045a323d378 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\kmixer.sys : 171 776 : 08/03/2004 11:07 PM : d93cad07c5683db066b0b2d2d3790ead [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\kmixer.sys : 172 416 : 04/14/2008 00:15 AM : 692bcf44383d056aed41b045a323d378 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\kmixer.sys : 172 416 : 04/14/2008 00:15 AM : 692bcf44383d056aed41b045a323d378 [Pos Repl]
* C:\WINDOWS\System32\drivers\ksecdd.sys : 92 928 : 06/24/2009 12:18 AM : b467646c54cc746128904e1654c750c1 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\ksecdd.sys : 92 928 : 06/24/2009 11:28 AM : c6ebf1d6ad71df30db49b8d3287e1368 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\ksecdd.sys : 92 032 : 08/03/2004 10:59 PM : eb7ffe87fd367ea8fca0506f74a87fbb [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB968389$\ksecdd.sys : 92 288 : 04/14/2008 00:01 AM : 1705745d900dabf2d89f90ebaddc7517 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ksecdd.sys : 92 288 : 04/14/2008 00:01 AM : 1705745d900dabf2d89f90ebaddc7517 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ksecdd.sys : 92 928 : 06/24/2009 12:18 AM : b467646c54cc746128904e1654c750c1 [Pos Repl]
* C:\WINDOWS\System32\drivers\ks.sys : 141 056 : 04/13/2008 11:46 PM : 0753515f78df7f271a5e61c20bcd36a1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ks.sys : 140 928 : 08/03/2004 11:15 PM : b9540e258f952650de8dec68719a5c97 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ks.sys : 141 056 : 04/14/2008 00:46 AM : 0753515f78df7f271a5e61c20bcd36a1 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ks.sys : 141 056 : 04/14/2008 00:46 AM : 0753515f78df7f271a5e61c20bcd36a1 [Pos Repl]
* C:\WINDOWS\System32\drivers\mcd.sys : 7 680 : 10/25/2001 01:00 PM : d1f8be91ed4ddb671d42e473e3fe71ab [NoSig]
+-> C:\WINDOWS\system32\dllcache\mcd.sys : 7 680 : 10/25/2001 01:00 PM : d1f8be91ed4ddb671d42e473e3fe71ab [Pos Repl]
* C:\WINDOWS\System32\drivers\mf.sys : 63 744 : 04/14/2008 00:06 AM : a7da20ab18a1bdae28b0f349e57da0d1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mf.sys : 63 744 : 08/03/2004 11:07 PM : 729d83e56c29c510258a6e9e79ffddc3 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mf.sys : 63 744 : 04/14/2008 00:06 AM : a7da20ab18a1bdae28b0f349e57da0d1 [Pos Repl]
* C:\WINDOWS\System32\drivers\mnmdd.sys : 4 224 : 10/25/2001 01:00 PM : 4ae068242760a1fb6e1a44bf4e16afa6 [NoSig]
+-> C:\WINDOWS\system32\dllcache\mnmdd.sys : 4 224 : 10/25/2001 01:00 PM : 4ae068242760a1fb6e1a44bf4e16afa6 [Pos Repl]
* C:\WINDOWS\System32\drivers\modem.sys : 30 080 : 04/14/2008 07:36 AM : 44032b0c6d9954d3fd26438330b99ee7 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\modem.sys : 30 080 : 08/17/2004 03:43 PM : 60210deb037846afe521ebf349964f6b [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\modem.sys : 30 080 : 04/14/2008 07:36 AM : 44032b0c6d9954d3fd26438330b99ee7 [Pos Repl]
* C:\WINDOWS\System32\drivers\mouclass.sys : 23 040 : 04/14/2008 06:36 AM : 4cb582831dbde63ce43b45d771218374 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mouclass.sys : 23 040 : 08/17/2004 03:43 PM : b160ec94114715675509115986400fd9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mouclass.sys : 23 040 : 04/14/2008 07:36 AM : 4cb582831dbde63ce43b45d771218374 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\mouclass.sys : 23 040 : 04/14/2008 06:36 AM : 4cb582831dbde63ce43b45d771218374 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\mouclass.sys : 23 040 : 04/14/2008 06:36 AM : 4cb582831dbde63ce43b45d771218374 [Pos Repl]
* C:\WINDOWS\System32\drivers\mouhid.sys : 12 160 : 10/24/2001 10:54 AM : bb269eba740737ab749b214d568b6812 [NoSig]
+-> C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\mouhid.sys : 12 160 : 10/24/2001 10:54 AM : bb269eba740737ab749b214d568b6812 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\mouhid.sys : 12 160 : 10/24/2001 10:54 AM : bb269eba740737ab749b214d568b6812 [Pos Repl]
* C:\WINDOWS\System32\drivers\mountmgr.sys : 42 368 : 04/14/2008 00:09 AM : a80b9a0bad1b73637dbcbba7df72d3fd [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mountmgr.sys : 42 240 : 08/03/2004 10:58 PM : 65653f3b4477f3c63e68a9659f85ee2e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys : 42 368 : 04/14/2008 00:09 AM : a80b9a0bad1b73637dbcbba7df72d3fd [Pos Repl]
* C:\WINDOWS\System32\drivers\mqac.sys : 92 544 : 04/14/2008 00:09 AM : 70c14f5cca5cf73f8a645c73a01d8726 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mqac.sys : 72 960 : 08/03/2004 10:58 PM : db07b0088cdfd20c2a22e675120ede34 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mqac.sys : 92 544 : 04/14/2008 00:09 AM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
* C:\WINDOWS\System32\drivers\mrxdav.sys : 180 608 : 04/14/2008 00:02 AM : 11d42bb6206f33fbb3ba0288d3ef81bd [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mrxdav.sys : 181 248 : 08/03/2004 11:00 PM : 46edcc8f2db2f322c24f48785cb46366 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mrxdav.sys : 180 608 : 04/14/2008 00:02 AM : 11d42bb6206f33fbb3ba0288d3ef81bd [Pos Repl]
* C:\WINDOWS\System32\drivers\mrxsmb.sys : 456 320 : 07/15/2011 02:29 PM : 7d304a5eb4344ebeeab53a2fe3ffb9f0 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys : 457 472 : 02/17/2011 02:19 PM : fb7dfd15d760ad339837a470f0e780d3 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys : 457 856 : 04/29/2011 05:47 PM : 8dd801e28eb76fda2a38907882a0036f [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys : 457 856 : 07/15/2011 02:29 PM : fb2fccc70f7174c7bf64f48e96d3adf4 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys : 455 936 : 10/24/2008 12:41 AM : 7170ab42b51954def2781a4d1cce65f4 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys : 456 832 : 12/04/2009 06:25 PM : 602549d1e8a622e5746991f6c56b21ca [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys : 457 216 : 02/24/2010 12:57 AM : d09b9f0b9960dd41e73127b7814c115f [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys : 451 456 : 08/03/2004 11:15 PM : 1fd607fc67f7f7c633c3da65bfc53d18 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2511455$\mrxsmb.sys : 455 680 : 02/24/2010 02:11 PM : f3aefb11abc521122b67095044169e98 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2536276$\mrxsmb.sys : 455 936 : 02/17/2011 02:18 PM : 0ea4d8ed179b75f8afa7998ba22285ca [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2536276-v2$\mrxsmb.sys : 456 320 : 04/29/2011 05:19 PM : 0dc719e9b15e902346e87e9dcd5751fa [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB957097$\mrxsmb.sys : 456 576 : 04/14/2008 00:47 AM : 68755f0ff16070178b54674fe5b847b0 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB978251$\mrxsmb.sys : 455 296 : 10/24/2008 12:21 AM : 60ae98742484e7ab80c3c1450e708148 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB980232$\mrxsmb.sys : 455 424 : 12/04/2009 07:22 PM : 421f7b922cec5a5f340e7574a98f7b7c [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\mrxsmb.sys : 456 320 : 07/15/2011 02:29 PM : 7d304a5eb4344ebeeab53a2fe3ffb9f0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mrxsmb.sys : 456 576 : 04/14/2008 00:47 AM : 68755f0ff16070178b54674fe5b847b0 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mrxsmb.sys : 456 320 : 07/15/2011 02:29 PM : 7d304a5eb4344ebeeab53a2fe3ffb9f0 [Pos Repl]
* C:\WINDOWS\System32\drivers\msfs.sys : 19 072 : 04/14/2008 00:02 AM : c941ea2454ba8350021d774daf0f1027 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msfs.sys : 19 072 : 08/03/2004 11:00 PM : 561b3a4333ca2dbdba28b5b956822519 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msfs.sys : 19 072 : 04/14/2008 00:02 AM : c941ea2454ba8350021d774daf0f1027 [Pos Repl]
* C:\WINDOWS\System32\drivers\msgpc.sys : 35 072 : 04/14/2008 00:26 AM : 0a02c63c8b144bd8c86b103dee7c86a2 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msgpc.sys : 35 072 : 08/03/2004 11:04 PM : c0f1d4a21de5a415df8170616703debf [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msgpc.sys : 35 072 : 04/14/2008 00:26 AM : 0a02c63c8b144bd8c86b103dee7c86a2 [Pos Repl]
* C:\WINDOWS\System32\drivers\MSKSSRV.sys : 7 552 : 04/14/2008 00:09 AM : d1575e71568f4d9e14ca56b7b0453bf1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mskssrv.sys : 7 552 : 08/03/2004 10:58 PM : ae431a8dd3c1d0d0610cdbac16057ad0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mskssrv.sys : 7 552 : 04/14/2008 00:09 AM : d1575e71568f4d9e14ca56b7b0453bf1 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mskssrv.sys : 7 552 : 04/14/2008 00:09 AM : d1575e71568f4d9e14ca56b7b0453bf1 [Pos Repl]
* C:\WINDOWS\System32\drivers\MSPCLOCK.sys : 5 376 : 04/14/2008 00:09 AM : 325bb26842fc7ccc1fcce2c457317f3e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mspclock.sys : 5 376 : 08/03/2004 10:58 PM : 13e75fef9dfeb08eeded9d0246e1f448 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mspclock.sys : 5 376 : 04/14/2008 00:09 AM : 325bb26842fc7ccc1fcce2c457317f3e [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mspclock.sys : 5 376 : 04/14/2008 00:09 AM : 325bb26842fc7ccc1fcce2c457317f3e [Pos Repl]
* C:\WINDOWS\System32\drivers\MSPQM.sys : 4 992 : 04/14/2008 00:09 AM : bad59648ba099da4a17680b39730cb3d [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mspqm.sys : 4 992 : 08/03/2004 10:58 PM : 1988a33ff19242576c3d0ef9ce785da7 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mspqm.sys : 4 992 : 04/14/2008 00:09 AM : bad59648ba099da4a17680b39730cb3d [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mspqm.sys : 4 992 : 04/14/2008 00:09 AM : bad59648ba099da4a17680b39730cb3d [Pos Repl]
* C:\WINDOWS\System32\drivers\mssmbios.sys : 15 488 : 04/14/2008 00:06 AM : af5f4f3f14a8ea2c26de30f7a1e17136 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mssmbios.sys : 15 488 : 08/03/2004 11:07 PM : 469541f8bfd2b32659d5d463a6714bce [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mssmbios.sys : 15 488 : 04/14/2008 00:06 AM : af5f4f3f14a8ea2c26de30f7a1e17136 [Pos Repl]
* C:\WINDOWS\System32\drivers\mup.sys : 105 472 : 04/21/2011 02:37 PM : de6a75f5c270e756c5508d94b6cf68f5 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2535512\SP3QFE\mup.sys : 105 472 : 04/21/2011 02:52 PM : f7b1ad991491f02af6da70b00b8bf114 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\mup.sys : 107 904 : 08/03/2004 11:15 PM : 82035e0f41c2dd05ae41d27fe6cf7de1 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2535512$\mup.sys : 105 344 : 04/14/2008 00:47 AM : 2f625d11385b1a94360bfc70aaefdee1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mup.sys : 105 344 : 04/14/2008 00:47 AM : 2f625d11385b1a94360bfc70aaefdee1 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mup.sys : 105 472 : 04/21/2011 02:37 PM : de6a75f5c270e756c5508d94b6cf68f5 [Pos Repl]
* C:\WINDOWS\System32\drivers\ndis.sys : 182 656 : 04/14/2008 00:50 AM : 1df7f42665c94b825322fae71721130d [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ndis.sys : 182 912 : 08/03/2004 11:14 PM : 558635d3af1c7546d26067d5d9b6959e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ndis.sys : 182 656 : 04/14/2008 00:50 AM : 1df7f42665c94b825322fae71721130d [Pos Repl]
* C:\WINDOWS\System32\drivers\ndistapi.sys : 10 496 : 07/08/2011 03:02 PM : 0109c4f3850dfbab279542515386ae22 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2566454\SP3QFE\ndistapi.sys : 10 496 : 07/08/2011 02:51 PM : 091735a5f20acb1dc147383a905ae002 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\ndistapi.sys : 9 600 : 10/25/2001 01:00 PM : 08d43bbdacdf23f34d79e44ed35c1b4c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2566454$\ndistapi.sys : 10 112 : 04/14/2008 00:27 AM : 1ab3d00c991ab086e69db84b6c0ed78f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ndistapi.sys : 10 112 : 04/14/2008 00:27 AM : 1ab3d00c991ab086e69db84b6c0ed78f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ndistapi.sys : 10 496 : 07/08/2011 03:02 PM : 0109c4f3850dfbab279542515386ae22 [Pos Repl]
* C:\WINDOWS\System32\drivers\ndisuio.sys : 14 592 : 04/14/2008 00:26 AM : f927a4434c5028758a842943ef1a3849 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ndisuio.sys : 12 928 : 08/03/2004 11:03 PM : 34d6cd56409da9a7ed573e1c90a308bf [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ndisuio.sys : 14 592 : 04/14/2008 00:26 AM : f927a4434c5028758a842943ef1a3849 [Pos Repl]
* C:\WINDOWS\System32\drivers\ndiswan.sys : 91 520 : 04/14/2008 00:50 AM : edc1531a49c80614b2cfda43ca8659ab [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ndiswan.sys : 91 776 : 08/03/2004 11:14 PM : 0b90e255a9490166ab368cd55a529893 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ndiswan.sys : 91 520 : 04/14/2008 00:50 AM : edc1531a49c80614b2cfda43ca8659ab [Pos Repl]
* C:\WINDOWS\System32\drivers\ndproxy.sys : 40 960 : 11/02/2010 04:17 PM : 9282bd12dfb069d3889eb3fcc1000a9b [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys : 40 960 : 11/03/2010 06:55 AM : 816460bd4b4acd27937d1d0813e2e9e9 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\ndproxy.sys : 38 016 : 10/25/2001 01:00 PM : 59fc3fb44d2669bc144fd87826bb571f [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2440591$\ndproxy.sys : 40 576 : 04/14/2008 00:27 AM : 6215023940cfd3702b46abc304e1d45a [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ndproxy.sys : 40 576 : 04/14/2008 00:27 AM : 6215023940cfd3702b46abc304e1d45a [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ndproxy.sys : 40 960 : 11/02/2010 04:17 PM : 9282bd12dfb069d3889eb3fcc1000a9b [Pos Repl]
* C:\WINDOWS\System32\drivers\netbios.sys : 34 688 : 04/14/2008 00:26 AM : 5d81cf9a2f1a3a756b66cf684911cdf0 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\netbios.sys : 34 560 : 08/03/2004 11:03 PM : 3a2aca8fc1d7786902ca434998d7ceb4 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\netbios.sys : 34 688 : 04/14/2008 00:26 AM : 5d81cf9a2f1a3a756b66cf684911cdf0 [Pos Repl]
* C:\WINDOWS\System32\drivers\netbt.sys : 162 816 : 04/14/2008 00:51 AM : 74b2b2f5bea5e9a3dc021d685551bd3d [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\netbt.sys : 162 816 : 08/03/2004 11:14 PM : 0c80e410cd2f47134407ee7dd19cc86b [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\netbt.sys : 162 816 : 04/14/2008 00:51 AM : 74b2b2f5bea5e9a3dc021d685551bd3d [Pos Repl]
* C:\WINDOWS\System32\drivers\nic1394.sys : 61 824 : 04/14/2008 00:21 AM : e9e47cfb2d461fa0fc75b7a74c6383ea [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\nic1394.sys : 61 824 : 08/03/2004 10:58 PM : 5c5c53db4fef16cf87b9911c7e8c6fbc [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\nic1394.sys : 61 824 : 04/14/2008 00:21 AM : e9e47cfb2d461fa0fc75b7a74c6383ea [Pos Repl]
* C:\WINDOWS\System32\drivers\nikedrv.sys : 12 032 : 10/25/2001 01:00 PM : be984d604d91c217355cdd3737aad25d [NoSig]
* C:\WINDOWS\System32\drivers\nmnt.sys : 40 320 : 04/14/2008 00:23 AM : 1e421a6bcf2203cc61b821ada9de878b [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\nmnt.sys : 40 320 : 08/03/2004 10:59 PM : 60cf8c7192b3614f240838ddbaa4a245 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\nmnt.sys : 40 320 : 04/14/2008 00:23 AM : 1e421a6bcf2203cc61b821ada9de878b [Pos Repl]
* C:\WINDOWS\System32\drivers\npfs.sys : 30 848 : 04/14/2008 00:02 AM : 3182d64ae053d6fb034f44b6def8034a [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\npfs.sys : 30 848 : 08/03/2004 11:00 PM : 4f601bcb8f64ea3ac0994f98fed03f8e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\npfs.sys : 30 848 : 04/14/2008 00:02 AM : 3182d64ae053d6fb034f44b6def8034a [Pos Repl]
* C:\WINDOWS\System32\drivers\ntfs.sys : 574 976 : 04/14/2008 00:45 AM : 78a08dd6a8d65e697c18e1db01c5cdca [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys : 574 592 : 08/03/2004 11:15 PM : b78be402c3f63dd55521f73876951cdd [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ntfs.sys : 574 976 : 04/14/2008 00:45 AM : 78a08dd6a8d65e697c18e1db01c5cdca [Pos Repl]
* C:\WINDOWS\System32\drivers\null.sys : 2 944 : 10/25/2001 01:00 PM : 73c1e1f395918bc2c6dd67af7591a3ad [NoSig]
+-> C:\WINDOWS\system32\dllcache\null.sys : 2 944 : 10/25/2001 01:00 PM : 73c1e1f395918bc2c6dd67af7591a3ad [Pos Repl]
* C:\WINDOWS\System32\drivers\nwlnkflt.sys : 12 416 : 10/25/2001 01:00 PM : b305f3fad35083837ef46a0bbce2fc57 [NoSig]
+-> C:\WINDOWS\system32\dllcache\nwlnkflt.sys : 12 416 : 10/25/2001 01:00 PM : b305f3fad35083837ef46a0bbce2fc57 [Pos Repl]
* C:\WINDOWS\System32\drivers\nwlnkfwd.sys : 32 512 : 10/25/2001 01:00 PM : c99b3415198d1aab7227f2c88fd664b9 [NoSig]
+-> C:\WINDOWS\system32\dllcache\nwlnkfwd.sys : 32 512 : 10/25/2001 01:00 PM : c99b3415198d1aab7227f2c88fd664b9 [Pos Repl]
* C:\WINDOWS\System32\drivers\nwlnkipx.sys : 88 320 : 04/14/2008 00:26 AM : 8b8b1be2dba4025da6786c645f77f123 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\nwlnkipx.sys : 88 448 : 08/03/2004 11:03 PM : 79ea3fcda7067977625b3363a2657c80 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\nwlnkipx.sys : 88 320 : 04/14/2008 00:26 AM : 8b8b1be2dba4025da6786c645f77f123 [Pos Repl]
* C:\WINDOWS\System32\drivers\nwlnknb.sys : 63 232 : 10/25/2001 01:00 PM : 56d34a67c05e94e16377c60609741ff8 [NoSig]
+-> C:\WINDOWS\system32\dllcache\nwlnknb.sys : 63 232 : 10/25/2001 01:00 PM : 56d34a67c05e94e16377c60609741ff8 [Pos Repl]
* C:\WINDOWS\System32\drivers\nwlnkspx.sys : 55 936 : 10/25/2001 01:00 PM : c0bb7d1615e1acbdc99757f6ceaf8cf0 [NoSig]
+-> C:\WINDOWS\system32\dllcache\nwlnkspx.sys : 55 936 : 10/25/2001 01:00 PM : c0bb7d1615e1acbdc99757f6ceaf8cf0 [Pos Repl]
* C:\WINDOWS\System32\drivers\nwrdr.sys : 163 584 : 04/14/2008 00:04 AM : 36b9b950e3d2e100970a48d8bad86740 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\nwrdr.sys : 163 584 : 08/03/2004 11:02 PM : 03373a79440473062c6f3aedec6a49c8 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\nwrdr.sys : 163 584 : 04/14/2008 00:04 AM : 36b9b950e3d2e100970a48d8bad86740 [Pos Repl]
* C:\WINDOWS\System32\drivers\oprghdlr.sys : 3 456 : 10/25/2001 01:00 PM : 4bb30ddc53ebc76895e38694580cdfe9 [NoSig]
* C:\WINDOWS\System32\drivers\p3.sys : 46 592 : 04/14/2008 08:10 AM : 3fc38e7fbe91db40c34731195f4116c2 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\p3.sys : 46 336 : 08/17/2004 03:43 PM : 2d2d0eda3635522e932b1118aea4681d [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\p3.sys : 46 592 : 04/14/2008 08:10 AM : 3fc38e7fbe91db40c34731195f4116c2 [Pos Repl]
* C:\WINDOWS\System32\drivers\parport.sys : 80 000 : 04/14/2008 08:10 AM : 46f8db73b4a53e543f8e371dc7c75bae [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\parport.sys : 80 000 : 08/17/2004 03:43 PM : 76a18caa2fefb28a4ced38d76837e86e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\parport.sys : 80 000 : 04/14/2008 08:10 AM : 46f8db73b4a53e543f8e371dc7c75bae [Pos Repl]
* C:\WINDOWS\System32\drivers\partmgr.sys : 19 712 : 04/14/2008 00:10 AM : beb3ba25197665d82ec7065b724171c6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\partmgr.sys : 18 688 : 10/25/2001 01:00 PM : 3334430c29dc338092f79c38ef7b4cd0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\partmgr.sys : 19 712 : 04/14/2008 00:10 AM : beb3ba25197665d82ec7065b724171c6 [Pos Repl]
* C:\WINDOWS\System32\drivers\parvdm.sys : 6 784 : 10/25/2001 01:00 PM : 1fae19d0457176318bba4a8795656ebc [NoSig]
+-> C:\WINDOWS\system32\dllcache\parvdm.sys : 6 784 : 10/25/2001 01:00 PM : 1fae19d0457176318bba4a8795656ebc [Pos Repl]
* C:\WINDOWS\System32\drivers\pciidex.sys : 24 960 : 04/14/2008 00:10 AM : 52e60f29221d0d1ac16737e8dbf7c3e9 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\pciidex.sys : 25 088 : 08/03/2004 10:59 PM : 520b91ab011456b940d9b05fc91108ff [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\pciidex.sys : 24 960 : 04/14/2008 00:10 AM : 52e60f29221d0d1ac16737e8dbf7c3e9 [Pos Repl]
* C:\WINDOWS\System32\drivers\pci.sys : 68 736 : 04/14/2008 08:10 AM : 6ce351d149cb4befc702951e471e1730 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\pci.sys : 68 736 : 08/17/2004 03:43 PM : b7979f37bb7b9df2230046134955e6e7 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\pci.sys : 68 736 : 04/14/2008 08:10 AM : 6ce351d149cb4befc702951e471e1730 [Pos Repl]
* C:\WINDOWS\System32\drivers\pcmcia.sys : 120 064 : 04/14/2008 08:10 AM : 4fc31e6c19a5ce5198b1abff94cae758 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\pcmcia.sys : 119 808 : 08/17/2004 03:43 PM : 90505755634407d4ef4c6dea60fc1df9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\pcmcia.sys : 120 064 : 04/14/2008 08:10 AM : 4fc31e6c19a5ce5198b1abff94cae758 [Pos Repl]
* C:\WINDOWS\System32\drivers\portcls.sys : 146 048 : 04/13/2008 11:49 PM : e82a496c3961efc6828b508c310ce98f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\portcls.sys : 145 792 : 08/03/2004 11:15 PM : 5b0f00e43a7094c0b7e433cb42c79164 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\portcls.sys : 146 048 : 04/14/2008 00:49 AM : e82a496c3961efc6828b508c310ce98f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\portcls.sys : 146 048 : 04/14/2008 00:49 AM : e82a496c3961efc6828b508c310ce98f [Pos Repl]
* C:\WINDOWS\System32\drivers\processr.sys : 39 680 : 04/14/2008 07:41 AM : 7eb15dce4ec3a0220bd796a15c18186e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\processr.sys : 39 168 : 08/17/2004 03:43 PM : 9a10e4fd13824823da50d4758bd0a645 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\processr.sys : 39 680 : 04/14/2008 07:41 AM : 7eb15dce4ec3a0220bd796a15c18186e [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\processr.sys : 39 168 : 08/17/2004 03:43 PM : 9a10e4fd13824823da50d4758bd0a645 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\processr.sys : 39 168 : 08/17/2004 03:43 PM : 9a10e4fd13824823da50d4758bd0a645 [Pos Repl]
* C:\WINDOWS\System32\drivers\psched.sys : 69 120 : 04/14/2008 00:26 AM : 09298ec810b07e5d582cb3a3f9255424 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\psched.sys : 69 120 : 08/03/2004 11:04 PM : 48671f327553dcf1d27f6197f622a668 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\psched.sys : 69 120 : 04/14/2008 00:26 AM : 09298ec810b07e5d582cb3a3f9255424 [Pos Repl]
* C:\WINDOWS\System32\drivers\ptilink.sys : 17 792 : 10/25/2001 01:00 PM : 80d317bd1c3dbc5d4fe7b1678c60cadd [NoSig]
+-> C:\WINDOWS\system32\dllcache\ptilink.sys : 17 792 : 10/25/2001 01:00 PM : 80d317bd1c3dbc5d4fe7b1678c60cadd [Pos Repl]
* C:\WINDOWS\System32\drivers\rasacd.sys : 8 832 : 10/25/2001 01:00 PM : fe0d99d6f31e4fad8159f690d68ded9c [NoSig]
+-> C:\WINDOWS\system32\dllcache\rasacd.sys : 8 832 : 10/25/2001 01:00 PM : fe0d99d6f31e4fad8159f690d68ded9c [Pos Repl]
* C:\WINDOWS\System32\drivers\rasl2tp.sys : 51 328 : 04/14/2008 00:49 AM : 11b4a627bc9614b885c4969bfa5ff8a6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\rasl2tp.sys : 51 328 : 08/03/2004 11:14 PM : 98faeb4a4dcf812ba1c6fca4aa3e115c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rasl2tp.sys : 51 328 : 04/14/2008 00:49 AM : 11b4a627bc9614b885c4969bfa5ff8a6 [Pos Repl]
* C:\WINDOWS\System32\drivers\raspppoe.sys : 41 472 : 04/14/2008 00:27 AM : 5bc962f2654137c9909c3d4603587dee [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\raspppoe.sys : 41 472 : 08/03/2004 11:05 PM : 7306eeed8895454cbed4669be9f79faa [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\raspppoe.sys : 41 472 : 04/14/2008 00:27 AM : 5bc962f2654137c9909c3d4603587dee [Pos Repl]
* C:\WINDOWS\System32\drivers\raspptp.sys : 48 384 : 04/14/2008 00:49 AM : efeec01b1d3cf84f16ddd24d9d9d8f99 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\raspptp.sys : 48 384 : 08/03/2004 11:14 PM : 1c5cc65aac0783c344f16353e60b72ac [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\raspptp.sys : 48 384 : 04/14/2008 00:49 AM : efeec01b1d3cf84f16ddd24d9d9d8f99 [Pos Repl]
* C:\WINDOWS\System32\drivers\raspti.sys : 16 512 : 10/25/2001 01:00 PM : fdbb1d60066fcfbb7452fd8f9829b242 [NoSig]
+-> C:\WINDOWS\system32\dllcache\raspti.sys : 16 512 : 10/25/2001 01:00 PM : fdbb1d60066fcfbb7452fd8f9829b242 [Pos Repl]
* C:\WINDOWS\System32\drivers\rawwan.sys : 34 432 : 10/25/2001 01:00 PM : 01524cd237223b18adbb48f70083f101 [NoSig]
+-> C:\WINDOWS\system32\dllcache\rawwan.sys : 34 432 : 10/25/2001 01:00 PM : 01524cd237223b18adbb48f70083f101 [Pos Repl]
* C:\WINDOWS\System32\drivers\rdbss.sys : 175 744 : 04/14/2008 00:58 AM : 7ad224ad1a1437fe28d89cf22b17780a [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\rdbss.sys : 176 512 : 08/03/2004 11:20 PM : 29d66245adba878fff574cd66abd2884 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rdbss.sys : 175 744 : 04/14/2008 00:58 AM : 7ad224ad1a1437fe28d89cf22b17780a [Pos Repl]
* C:\WINDOWS\System32\drivers\rdpcdd.sys : 4 224 : 10/25/2001 01:00 PM : 4912d5b403614ce99c28420f75353332 [NoSig]
+-> C:\WINDOWS\system32\dllcache\rdpcdd.sys : 4 224 : 10/25/2001 01:00 PM : 4912d5b403614ce99c28420f75353332 [Pos Repl]
* C:\WINDOWS\System32\drivers\rdpdr.sys : 196 224 : 04/14/2008 00:02 AM : 15cabd0f7c00c47c70124907916af3f1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\rdpdr.sys : 196 864 : 08/03/2004 11:01 PM : a2cae2c60bc37e0751ef9dda7ceaf4ad [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rdpdr.sys : 196 224 : 04/14/2008 00:02 AM : 15cabd0f7c00c47c70124907916af3f1 [Pos Repl]
* C:\WINDOWS\System32\drivers\redbook.sys : 58 496 : 04/14/2008 07:44 AM : 611bfd220305be3a85ae876ea47d4aa5 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\redbook.sys : 58 240 : 08/17/2004 03:43 PM : aba13d33e1f888c9a68599a48a8840d6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\redbook.sys : 58 496 : 04/14/2008 07:44 AM : 611bfd220305be3a85ae876ea47d4aa5 [Pos Repl]
* C:\WINDOWS\System32\drivers\rmcast.sys : 203 136 : 05/08/2008 03:02 PM : 96f7a9a7bf0c9c0440a967440065d33c [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys : 203 136 : 05/08/2008 02:58 PM : c711645c76b8ed87c021bf6165e52795 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\rmcast.sys : 200 064 : 10/25/2001 01:00 PM : 35e81b908ae4e97fc7bdf4607c516ff4 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys : 202 624 : 04/14/2008 00:25 AM : ecff394d65671efde5a872eb9ef4f2d5 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rmcast.sys : 202 624 : 04/14/2008 00:25 AM : ecff394d65671efde5a872eb9ef4f2d5 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\rmcast.sys : 203 136 : 05/08/2008 03:02 PM : 96f7a9a7bf0c9c0440a967440065d33c [Pos Repl]
* C:\WINDOWS\System32\drivers\rndismp.sys : 30 592 : 04/14/2008 00:26 AM : 601844cbcf617ff8c868130ca5b2039d [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\rndismp.sys : 30 080 : 08/03/2004 11:04 PM : 7ce8b277f3207ea82d7d22ad348befc6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rndismp.sys : 30 592 : 04/14/2008 00:26 AM : 601844cbcf617ff8c868130ca5b2039d [Pos Repl]
* C:\WINDOWS\System32\drivers\rootmdm.sys : 5 888 : 10/25/2001 01:00 PM : d8b0b4ade32574b2d9c5cc34dc0dbbe7 [NoSig]
+-> C:\WINDOWS\system32\dllcache\rootmdm.sys : 5 888 : 10/25/2001 01:00 PM : d8b0b4ade32574b2d9c5cc34dc0dbbe7 [Pos Repl]
* C:\WINDOWS\System32\drivers\scsiport.sys : 96 384 : 04/14/2008 00:10 AM : 76c465f570e90c28942d52ccb2580a10 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\scsiport.sys : 96 256 : 08/03/2004 10:59 PM : d7fd0ff761e28ac0ea35ad71e0cd67e9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\scsiport.sys : 96 384 : 04/14/2008 00:10 AM : 76c465f570e90c28942d52ccb2580a10 [Pos Repl]
* C:\WINDOWS\System32\drivers\sdbus.sys : 79 232 : 04/14/2008 00:06 AM : 8d04819a3ce51b9eb47e5689b44d43c4 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sdbus.sys : 67 584 : 08/03/2004 11:07 PM : 02fc71b020ec8700ee8a46c58bc6f276 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sdbus.sys : 79 232 : 04/14/2008 00:06 AM : 8d04819a3ce51b9eb47e5689b44d43c4 [Pos Repl]
* C:\WINDOWS\System32\drivers\serenum.sys : 15 744 : 04/14/2008 00:10 AM : 0f29512ccd6bead730039fb4bd2c85ce [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\serenum.sys : 15 488 : 08/03/2004 10:59 PM : a2d868aeeff612e70e213c451a70cafb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\serenum.sys : 15 744 : 04/14/2008 00:10 AM : 0f29512ccd6bead730039fb4bd2c85ce [Pos Repl]
* C:\WINDOWS\System32\drivers\serial.sys : 64 256 : 04/14/2008 07:51 AM : b842729337c9b921615c40d3c1a1af96 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\serial.sys : 64 640 : 08/17/2004 03:44 PM : c1ddbc85251551a840212999da3d95f3 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\serial.sys : 64 256 : 04/14/2008 07:51 AM : b842729337c9b921615c40d3c1a1af96 [Pos Repl]
* C:\WINDOWS\System32\drivers\sffdisk.sys : 11 904 : 04/14/2008 00:10 AM : 0fa803c64df0914b41f807ea276bf2a6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sffdisk.sys : 11 136 : 08/03/2004 10:59 PM : 1d9f1bec651815741f088a8fb88e17ee [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sffdisk.sys : 11 904 : 04/14/2008 00:10 AM : 0fa803c64df0914b41f807ea276bf2a6 [Pos Repl]
* C:\WINDOWS\System32\drivers\sffp_sd.sys : 11 008 : 04/14/2008 00:10 AM : c17c331e435ed8737525c86a7557b3ac [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sffp_sd.sys : 10 240 : 08/03/2004 10:59 PM : 586499fd312ffd7f78553f408e71682e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sffp_sd.sys : 11 008 : 04/14/2008 00:10 AM : c17c331e435ed8737525c86a7557b3ac [Pos Repl]
* C:\WINDOWS\System32\drivers\sfloppy.sys : 11 392 : 04/14/2008 00:10 AM : 8e6b8c671615d126fdc553d1e2de5562 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys : 11 392 : 08/03/2004 10:59 PM : 0d13b6df6e9e101013a7afb0ce629fe0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys : 11 392 : 04/14/2008 00:10 AM : 8e6b8c671615d126fdc553d1e2de5562 [Pos Repl]
* C:\WINDOWS\System32\drivers\smclib.sys : 14 592 : 10/25/2001 01:00 PM : 017daecf0ed3aa731313433601ec40fa [NoSig]
+-> C:\WINDOWS\system32\dllcache\smclib.sys : 14 592 : 10/25/2001 01:00 PM : 017daecf0ed3aa731313433601ec40fa [Pos Repl]
Log z RKillu:
Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 11/25/2013 02:33:06 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\WINDOWS\system32\netdde.exe (PID: 1452) [WD-HEUR]
* C:\WINDOWS\System32\alg.exe (PID: 1788) [WD-HEUR]
* C:\WINDOWS\system32\Mam2Pan.Exe (PID: 524) [WD-HEUR]
3 proccesses terminated!
Possibly Patched Files.
* C:\WINDOWS\system32\services.exe
* C:\WINDOWS\system32\lsass.exe
* C:\WINDOWS\system32\svchost.exe
* C:\WINDOWS\system32\svchost.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\system32\svchost.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\system32\spoolsv.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\system32\ctfmon.exe
* C:\WINDOWS\system32\wbem\wmiprvse.exe
* C:\WINDOWS\system32\wbem\wmiprvse.exe
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* System Restore Disabled
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = dword:00000001
* Reparse Point/Junctions Found (Most likely legitimate)!
* C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e => C:\WINDOWS\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0 [Dir]
* C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e => C:\WINDOWS\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733 [Dir]
* C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.3615.38680__90ba9c70f846762e => C:\WINDOWS\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3615.38680_x-ww_af6b1333 [Dir]
* C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e => C:\WINDOWS\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8 [Dir]
Checking Windows Service Integrity:
* Služba obnovení systému (srservice) is not Running.
Startup Type set to: Automatic
* Ovladač filtru Obnovy systému (sr) is not Running.
Startup Type set to: Disabled
* PolicyAgent [Missing Service]
* RemoteAccess [Missing Service]
Searching for Missing Digital Signatures:
* C:\WINDOWS\System32\appmgmts.dll : 171 008 : 04/14/2008 08:51 AM : 6b8e7a90e576d4fe308f97c69060a171 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\appmgmts.dll : 171 008 : 08/17/2004 03:49 PM : 421184f91eae5c6e78e653c6b32aae84 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\appmgmts.dll : 171 008 : 04/14/2008 08:51 AM : 6b8e7a90e576d4fe308f97c69060a171 [Pos Repl]
* C:\WINDOWS\System32\clipsrv.exe : 33 280 : 04/14/2008 08:52 AM : 064507a8dfa8c5c7e2ffddd3e6f424fa [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe : 33 280 : 08/17/2004 03:49 PM : d3dc45553c8025338e08a60e95b1b91d [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe : 33 280 : 04/14/2008 08:52 AM : 064507a8dfa8c5c7e2ffddd3e6f424fa [Pos Repl]
* C:\WINDOWS\System32\comctl32.dll : 617 472 : 08/23/2010 05:12 PM : e145add7daef759c4f5fb80a180a9c30 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\comctl32.dll : 611 328 : 08/17/2004 03:49 PM : 876c658c44f2bf4af050e5534a9f066f [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2296011$\comctl32.dll : 617 472 : 04/14/2008 08:51 AM : 4f993463dc5f3f80d77a3d34d7bfbfed [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\comctl32.dll : 617 472 : 04/14/2008 08:51 AM : 4f993463dc5f3f80d77a3d34d7bfbfed [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\comctl32.dll : 617 472 : 08/23/2010 05:12 PM : e145add7daef759c4f5fb80a180a9c30 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll : 921 088 : 10/25/2001 01:00 PM : aef3d788dbf40c7c4d204ea45eb0c505 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll : 921 600 : 09/20/2002 06:03 PM : d12f83b2037a01bb97a97f3ea54dd71f [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll : 1 050 624 : 08/17/2004 03:48 PM : f76b3003366a205e05afc0d034c7d3e9 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll : 1 054 208 : 04/14/2008 08:37 AM : d7b7ae36a2eba312ac4b53862019b3f5 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll : 1 054 208 : 08/23/2010 05:12 PM : 8a72a30fdc803dc06755d3b36d966f31 [Pos Repl]
* C:\WINDOWS\System32\comres.dll : 806 912 : 04/14/2008 08:51 AM : e7b375dffb68a16659ca66474a280c47 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\comres.dll : 806 912 : 08/17/2004 03:49 PM : b44f68274ab7b8a54e9ad74aff0efaac [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\comres.dll : 806 912 : 04/14/2008 08:51 AM : e7b375dffb68a16659ca66474a280c47 [Pos Repl]
* C:\WINDOWS\System32\cryptsvc.dll : 62 464 : 04/14/2008 08:51 AM : f3ab0933cbd166d271992f411c27ccaf [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll : 60 416 : 08/17/2004 03:49 PM : 70d2a1756f4b2067658a186c963fcabd [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll : 62 464 : 04/14/2008 08:51 AM : f3ab0933cbd166d271992f411c27ccaf [Pos Repl]
* C:\WINDOWS\System32\csrss.exe : 6 144 : 04/14/2008 08:52 AM : 628ce66e3fd35bfc7969dbac245dc069 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\csrss.exe : 6 144 : 08/17/2004 03:49 PM : 490e6e57e54faf5f23f658ea188405a1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\csrss.exe : 6 144 : 04/14/2008 08:52 AM : 628ce66e3fd35bfc7969dbac245dc069 [Pos Repl]
* C:\WINDOWS\System32\ctfmon.exe : 15 360 : 04/14/2008 08:52 AM : a756b8f0f7bafba6dfe39f7d169f2519 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe : 15 360 : 08/17/2004 03:49 PM : a5baa91475167161dea02ba3c4ca4f59 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe : 15 360 : 04/14/2008 08:52 AM : a756b8f0f7bafba6dfe39f7d169f2519 [Pos Repl]
* C:\WINDOWS\System32\d3d8.dll : 1 179 648 : 04/14/2008 08:51 AM : 0b5ead900c1fa4ed9cce4c1752df9c35 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\d3d8.dll : 1 179 648 : 08/17/2004 03:49 PM : 7f5dc7c324fc197ee641d3909383c8d1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\d3d8.dll : 1 179 648 : 04/14/2008 08:51 AM : 0b5ead900c1fa4ed9cce4c1752df9c35 [Pos Repl]
* C:\WINDOWS\System32\d3d8thk.dll : 8 192 : 04/14/2008 08:51 AM : 9c2859570cdf9a161b31a886051fdc3e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\d3d8thk.dll : 8 192 : 08/17/2004 03:49 PM : 9aa0a6e82de6793983b61cb9a7f4f2a0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\d3d8thk.dll : 8 192 : 04/14/2008 08:51 AM : 9c2859570cdf9a161b31a886051fdc3e [Pos Repl]
* C:\WINDOWS\System32\d3d9.dll : 1 689 088 : 04/14/2008 08:51 AM : 3b8ae11a3419df8239183e94888702fa [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\d3d9.dll : 1 689 088 : 08/17/2004 03:49 PM : a19f5837e52d57db66d9db55bfcc7796 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\d3d9.dll : 1 689 088 : 04/14/2008 08:51 AM : 3b8ae11a3419df8239183e94888702fa [Pos Repl]
* C:\WINDOWS\System32\ddraw.dll : 279 552 : 04/14/2008 08:51 AM : edad701f01ffd9b5799b8fcf1cf6bda7 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ddraw.dll : 266 240 : 08/17/2004 03:49 PM : 0f9a5dd4503e82b085d8b1336b961a81 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ddraw.dll : 279 552 : 04/14/2008 08:51 AM : edad701f01ffd9b5799b8fcf1cf6bda7 [Pos Repl]
* C:\WINDOWS\System32\dllhost.exe : 5 120 : 04/14/2008 08:52 AM : 9a2345509b97a8f8df957631a943666b [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe : 5 120 : 08/17/2004 03:49 PM : 52e64c28764d0139e1246eaa3d608591 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dllhost.exe : 5 120 : 04/14/2008 08:52 AM : 9a2345509b97a8f8df957631a943666b [Pos Repl]
* C:\WINDOWS\System32\dsound.dll : 367 616 : 04/14/2008 08:51 AM : 8e009e7ac012823845d5f39a77f4a27f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dsound.dll : 367 616 : 08/17/2004 03:49 PM : 8ecc475f5bad26db85943f888d62e364 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dsound.dll : 367 616 : 04/14/2008 08:51 AM : 8e009e7ac012823845d5f39a77f4a27f [Pos Repl]
* C:\WINDOWS\System32\dssenh.dll : 138 752 : 04/13/2008 11:07 PM : fede68bf80052bad393afd5c2e60dcb0 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dssenh.dll : 137 216 : 08/03/2004 10:31 PM : cacd2c63a79268d131ea37e85524cc44 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dssenh.dll : 138 752 : 04/13/2008 11:07 PM : fede68bf80052bad393afd5c2e60dcb0 [Pos Repl]
* C:\WINDOWS\System32\es.dll : 253 952 : 07/07/2008 09:29 PM : a371f11ef07653591c8de26afb13ce7f [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll : 253 952 : 07/07/2008 09:25 PM : be68ea4457e2e5717231cf91be5448e0 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\es.dll : 243 200 : 08/17/2004 03:49 PM : 972378b907070f64932a87c90a035487 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB950974$\es.dll : 246 272 : 04/14/2008 08:51 AM : 260c69fd67687b0dc062fc3d31655857 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\es.dll : 246 272 : 04/14/2008 08:51 AM : 260c69fd67687b0dc062fc3d31655857 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\es.dll : 253 952 : 07/07/2008 09:29 PM : a371f11ef07653591c8de26afb13ce7f [Pos Repl]
* C:\WINDOWS\System32\eventlog.dll : 56 320 : 04/14/2008 08:51 AM : 2ee99f67c930931eb404dadce57e976e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll : 55 808 : 08/17/2004 03:49 PM : 6eb66066d5c0175320cfea0a4c74c88f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\eventlog.dll : 56 320 : 04/14/2008 08:51 AM : 2ee99f67c930931eb404dadce57e976e [Pos Repl]
* C:\WINDOWS\System32\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\hid.dll : 20 992 : 08/17/2004 03:49 PM : 4b388fee5ba36d08d073e5ec7acdc997 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\hid.dll : 20 992 : 04/14/2008 08:51 AM : ffb0a2d2b73a64979cd29c15b3b0a9d5 [Pos Repl]
* C:\WINDOWS\System32\hnetcfg.dll : 345 088 : 04/14/2008 08:51 AM : ed18adee4aa21eb26977260152d7241a [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\hnetcfg.dll : 345 088 : 08/17/2004 03:49 PM : faaba83be47c5b15f620faa53267a9b8 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\hnetcfg.dll : 345 088 : 04/14/2008 08:51 AM : ed18adee4aa21eb26977260152d7241a [Pos Repl]
* C:\WINDOWS\System32\imm32.dll : 110 080 : 04/14/2008 08:51 AM : 6c60ca8ac7470ac01cfd3d24c7283cd1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\imm32.dll : 110 080 : 08/17/2004 03:49 PM : 2413635113361e54b62f0c40e4e4dae6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\imm32.dll : 110 080 : 04/14/2008 08:51 AM : 6c60ca8ac7470ac01cfd3d24c7283cd1 [Pos Repl]
* C:\WINDOWS\System32\ipsecsvc.dll : 183 808 : 04/14/2008 08:51 AM : d76d39056ef8b8c09bc544754448e48f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ipsecsvc.dll : 182 784 : 08/17/2004 03:49 PM : 030b997eb7de1ada071fe5d6efcf3ed3 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ipsecsvc.dll : 183 808 : 04/14/2008 08:51 AM : d76d39056ef8b8c09bc544754448e48f [Pos Repl]
* C:\WINDOWS\System32\ksuser.dll : 4 096 : 04/14/2008 07:51 AM : af6a4bcde2343e8562d3003a1740cc96 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ksuser.dll : 4 096 : 08/17/2004 03:49 PM : fc727882241cd48e243868dd8401ab60 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ksuser.dll : 4 096 : 04/14/2008 08:51 AM : af6a4bcde2343e8562d3003a1740cc96 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ksuser.dll : 4 096 : 04/14/2008 08:51 AM : af6a4bcde2343e8562d3003a1740cc96 [Pos Repl]
* C:\WINDOWS\System32\linkinfo.dll : 19 968 : 04/14/2008 08:51 AM : 7fde9fc15765e02b23e1756930165ad1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\linkinfo.dll : 18 944 : 08/17/2004 03:49 PM : ee1f842db2ae412136643b0814d770a6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\linkinfo.dll : 19 968 : 04/14/2008 08:51 AM : 7fde9fc15765e02b23e1756930165ad1 [Pos Repl]
* C:\WINDOWS\System32\lpk.dll : 22 016 : 04/14/2008 08:51 AM : c66ba7bd13c8fb8bec4863b88641c763 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\lpk.dll : 22 016 : 08/17/2004 03:49 PM : bfe8dc7aae7cb1c86243d77b340dc304 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\lpk.dll : 22 016 : 04/14/2008 08:51 AM : c66ba7bd13c8fb8bec4863b88641c763 [Pos Repl]
* C:\WINDOWS\System32\lsass.exe : 13 312 : 04/14/2008 08:52 AM : ed0a176354487ceed65b80a7148ab739 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\lsass.exe : 13 312 : 08/17/2004 03:49 PM : 82a362fe1d4980b71b588d9c10748511 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\lsass.exe : 13 312 : 04/14/2008 08:52 AM : ed0a176354487ceed65b80a7148ab739 [Pos Repl]
* C:\WINDOWS\System32\mfc40u.dll : 953 856 : 09/18/2010 07:53 AM : 9bb005df755c4ede048221dfd4a28a87 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll : 953 856 : 09/18/2010 08:18 AM : 2bc3ed47acb42f664d5d1d247f2553aa [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\mfc40u.dll : 924 432 : 10/25/2001 01:00 PM : a9d81c87bef253d4ce3a5f8cee2526c4 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2387149$\mfc40u.dll : 927 504 : 04/14/2008 08:51 AM : 7c3351f60b759d5d917e68342ae3307c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mfc40u.dll : 927 504 : 04/14/2008 08:51 AM : 7c3351f60b759d5d917e68342ae3307c [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mfc40u.dll : 953 856 : 09/18/2010 07:53 AM : 9bb005df755c4ede048221dfd4a28a87 [Pos Repl]
* C:\WINDOWS\System32\midimap.dll : 18 944 : 04/14/2008 08:51 AM : 160a1500ddbe42f8793e3ad341e4bec4 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\midimap.dll : 18 944 : 08/17/2004 03:49 PM : b356dd67178b22a8c2fbd47316ccb43b [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\midimap.dll : 18 944 : 04/14/2008 08:51 AM : 160a1500ddbe42f8793e3ad341e4bec4 [Pos Repl]
* C:\WINDOWS\System32\msgsvc.dll : 33 792 : 04/14/2008 08:51 AM : 221cd1c815b8a6b79389c3f5d1018de8 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msgsvc.dll : 33 792 : 08/17/2004 03:49 PM : 8b2fcbd881879b55be40b41f12ffc431 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msgsvc.dll : 33 792 : 04/14/2008 08:51 AM : 221cd1c815b8a6b79389c3f5d1018de8 [Pos Repl]
* C:\WINDOWS\System32\msimg32.dll : 4 608 : 04/14/2008 08:51 AM : 627551a1011199bce013d0f4b6cacecf [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msimg32.dll : 4 608 : 08/17/2004 03:49 PM : 227163195e9495bd99c915ef5f42445c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msimg32.dll : 4 608 : 04/14/2008 08:51 AM : 627551a1011199bce013d0f4b6cacecf [Pos Repl]
* C:\WINDOWS\System32\msprivs.dll : 48 128 : 04/13/2008 09:53 PM : c6bb1d1500db4a0e224cb65e6c7e8a80 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msprivs.dll : 48 128 : 08/17/2004 03:48 PM : 4f3348d753fc2c6d46300f65d77b840b [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msprivs.dll : 48 128 : 04/13/2008 09:53 PM : c6bb1d1500db4a0e224cb65e6c7e8a80 [Pos Repl]
* C:\WINDOWS\System32\msvcrt.dll : 343 040 : 04/14/2008 08:51 AM : d165dfcb4ea452510e53416f573018bb [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msvcrt.dll : 343 040 : 08/17/2004 03:49 PM : 91cc3e4ccdbbf8e224182c76c87e454f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msvcrt.dll : 343 040 : 04/14/2008 08:51 AM : d165dfcb4ea452510e53416f573018bb [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll : 322 560 : 10/25/2001 01:00 PM : 4200be3808f6406dbe45a7b88dae5035 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll : 323 072 : 08/29/2002 01:04 AM : 1b2c477d8847e4123dd8761d2e9008f7 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll : 343 040 : 08/17/2004 03:48 PM : ab47015b67531572be46c0c08222c84c [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll : 343 040 : 04/14/2008 08:37 AM : ec8d5e09c6ca5f52858a5eb71f308fdf [Pos Repl]
* C:\WINDOWS\System32\mswsock.dll : 247 296 : 06/20/2008 05:04 PM : 39ee7c3bfbc64ba87cc8cf67386e814c [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll : 247 296 : 06/20/2008 06:44 PM : b6cec406351ea5ef131416d5f52d006f [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll : 247 296 : 06/20/2008 06:44 PM : b6cec406351ea5ef131416d5f52d006f [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll : 247 296 : 08/17/2004 03:49 PM : 64c078bd4efd441c3f159edc5ea4420a [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll : 247 296 : 06/20/2008 06:49 PM : 1289b7611ccd6cb27596ae92cbf03e35 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll : 247 296 : 04/14/2008 08:51 AM : aac97dab5f8a0573cf10e0eac42a7724 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mswsock.dll : 247 296 : 04/14/2008 08:51 AM : aac97dab5f8a0573cf10e0eac42a7724 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mswsock.dll : 247 296 : 06/20/2008 05:04 PM : 39ee7c3bfbc64ba87cc8cf67386e814c [Pos Repl]
* C:\WINDOWS\System32\netlogon.dll : 407 040 : 04/14/2008 08:51 AM : c2ed0e3408f50bbc149d4f0936e67832 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll : 407 040 : 08/17/2004 03:49 PM : 2591cadaef7d2242039255028e577688 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\netlogon.dll : 407 040 : 04/14/2008 08:51 AM : c2ed0e3408f50bbc149d4f0936e67832 [Pos Repl]
* C:\WINDOWS\System32\netman.dll : 198 144 : 04/14/2008 08:51 AM : 72e1e9e2977be08bdeedb6d8fd9d4d40 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\netman.dll : 198 144 : 08/17/2004 03:49 PM : af342d2781225a8769686e0d47e3123e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\netman.dll : 198 144 : 04/14/2008 08:51 AM : 72e1e9e2977be08bdeedb6d8fd9d4d40 [Pos Repl]
* C:\WINDOWS\System32\ntmssvc.dll : 435 712 : 04/14/2008 08:51 AM : 023dd70573d644f3d9c8b1258a7bfd08 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ntmssvc.dll : 435 712 : 08/17/2004 03:49 PM : d8d2b13ba93ae830b1a637df571d1195 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll : 435 712 : 04/14/2008 08:51 AM : 023dd70573d644f3d9c8b1258a7bfd08 [Pos Repl]
* C:\WINDOWS\System32\olepro32.dll : 84 992 : 04/14/2008 08:51 AM : 16c195ebc0a3ec35c48d0c2d9a346bab [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\olepro32.dll : 83 456 : 08/17/2004 03:49 PM : 33f14f23dfae4b43cdd4e535cd7c1963 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\olepro32.dll : 84 992 : 04/14/2008 08:51 AM : 16c195ebc0a3ec35c48d0c2d9a346bab [Pos Repl]
* C:\WINDOWS\System32\perfctrs.dll : 39 936 : 04/14/2008 08:51 AM : 1682285f7c0934c764a0ebbc568153ca [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\perfctrs.dll : 39 936 : 08/17/2004 03:49 PM : 6c08ff4b76506676617e03c34eccfb11 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\perfctrs.dll : 39 936 : 04/14/2008 08:51 AM : 1682285f7c0934c764a0ebbc568153ca [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\perfctrs.dll : 39 936 : 04/14/2008 08:51 AM : 1682285f7c0934c764a0ebbc568153ca [Pos Repl]
* C:\WINDOWS\System32\powrprof.dll : 17 408 : 04/14/2008 08:51 AM : 9fa69781caa7a1da981a24f240a61a60 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\powrprof.dll : 17 408 : 08/17/2004 03:49 PM : 134b95a1d8fafd74a68e4b2116defa7d [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\powrprof.dll : 17 408 : 04/14/2008 08:51 AM : 9fa69781caa7a1da981a24f240a61a60 [Pos Repl]
* C:\WINDOWS\System32\psbase.dll : 96 768 : 04/14/2008 08:51 AM : 3d8593aa6cb1c610ccc4ee4a2079841c [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\psbase.dll : 96 768 : 08/17/2004 03:49 PM : 23519ecbdbb26ab19dd03cc4aa14d9c6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\psbase.dll : 96 768 : 04/14/2008 08:51 AM : 3d8593aa6cb1c610ccc4ee4a2079841c [Pos Repl]
* C:\WINDOWS\System32\pstorsvc.dll : 33 792 : 04/14/2008 08:51 AM : d92dbed30dbf45e7d2700596bb491b03 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\pstorsvc.dll : 33 792 : 08/17/2004 03:49 PM : 183a46179fdc11b6b9ae655be81c76da [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\pstorsvc.dll : 33 792 : 04/14/2008 08:51 AM : d92dbed30dbf45e7d2700596bb491b03 [Pos Repl]
* C:\WINDOWS\System32\qmgr.dll : 409 088 : 04/14/2008 08:51 AM : 19395d092fd85ddc2d9c7729cf5a2ac8 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll : 382 464 : 08/17/2004 03:49 PM : e774a26610ec92674273486612c11cfc [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\qmgr.dll : 409 088 : 04/14/2008 08:51 AM : 19395d092fd85ddc2d9c7729cf5a2ac8 [Pos Repl]
+-> C:\WINDOWS\system32\bits\qmgr.dll : 409 088 : 04/14/2008 08:51 AM : 19395d092fd85ddc2d9c7729cf5a2ac8 [Pos Repl]
* C:\WINDOWS\System32\rasadhlp.dll : 7 680 : 04/14/2008 08:51 AM : b26098f3dc08d841de3d79c38accb807 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\rasadhlp.dll : 8 192 : 08/17/2004 03:49 PM : 630a1012af129918d2e2d70727d69351 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rasadhlp.dll : 7 680 : 04/14/2008 08:51 AM : b26098f3dc08d841de3d79c38accb807 [Pos Repl]
* C:\WINDOWS\System32\regsvc.dll : 59 904 : 04/14/2008 08:51 AM : 8f31505484a190d5b22274708799f4ec [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\regsvc.dll : 59 904 : 08/17/2004 03:49 PM : 5b21208fcf8970bb61fe98e19d828714 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\regsvc.dll : 59 904 : 04/14/2008 08:51 AM : 8f31505484a190d5b22274708799f4ec [Pos Repl]
* C:\WINDOWS\System32\rpcss.dll : 401 408 : 02/09/2009 11:56 AM : be27674d1cbc3214aec84b4336a38bbf [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll : 401 408 : 02/09/2009 11:59 AM : c0bd34a62508ba68f146e22ce45919f9 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\rpcss.dll : 395 776 : 08/17/2004 03:49 PM : c72c15ee57e248c66e57c76cab086cf2 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll : 399 360 : 04/14/2008 08:51 AM : c868f3ae15cf71a93f2aa3a32856d839 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rpcss.dll : 399 360 : 04/14/2008 08:51 AM : c868f3ae15cf71a93f2aa3a32856d839 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\rpcss.dll : 401 408 : 02/09/2009 11:56 AM : be27674d1cbc3214aec84b4336a38bbf [Pos Repl]
* C:\WINDOWS\System32\scecli.dll : 185 856 : 04/14/2008 08:51 AM : 830ce8951c71f361d7d2f38416cc8bc1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\scecli.dll : 184 832 : 08/17/2004 03:49 PM : 07119058d451cb7ea4317bcfda8599a6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\scecli.dll : 185 856 : 04/14/2008 08:51 AM : 830ce8951c71f361d7d2f38416cc8bc1 [Pos Repl]
* C:\WINDOWS\System32\schedsvc.dll : 192 512 : 04/14/2008 08:51 AM : 3ff232a7731621b8902d81d42418c93c [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\schedsvc.dll : 190 976 : 08/17/2004 03:49 PM : 29ac93307c6182dbe336bca314947f28 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\schedsvc.dll : 192 512 : 04/14/2008 08:51 AM : 3ff232a7731621b8902d81d42418c93c [Pos Repl]
* C:\WINDOWS\System32\services.exe : 111 104 : 02/09/2009 12:25 AM : 9ef697af07bb8dd82c3b02ca953a95b7 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe : 111 104 : 02/09/2009 12:18 AM : 3d107d45ccfdb266e91d84b52cd7f430 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\services.exe : 108 544 : 08/17/2004 03:49 PM : 6e401e61f952fbbf708afbecefafae81 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB956572$\services.exe : 108 544 : 04/14/2008 08:52 AM : f0d2ae69035092bf22dad6b50fab85c2 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\services.exe : 108 544 : 04/14/2008 08:52 AM : f0d2ae69035092bf22dad6b50fab85c2 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\services.exe : 111 104 : 02/09/2009 12:25 AM : 9ef697af07bb8dd82c3b02ca953a95b7 [Pos Repl]
* C:\WINDOWS\System32\setupapi.dll : 991 744 : 04/14/2008 08:51 AM : 0e93a7f2be83af906d9eafb370300caa [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\setupapi.dll : 990 208 : 08/17/2004 03:49 PM : 16dba3c4c38b72ae88f3e7a6b4bf82f1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\setupapi.dll : 991 744 : 04/14/2008 08:51 AM : 0e93a7f2be83af906d9eafb370300caa [Pos Repl]
* C:\WINDOWS\System32\sfc.dll : 5 120 : 04/14/2008 08:51 AM : 5ee949255babc0b17c09ddb2e59e3878 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sfc.dll : 5 120 : 08/17/2004 03:49 PM : 6cc2d21488333133ae0c9f44f6051cb7 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sfc.dll : 5 120 : 04/14/2008 08:51 AM : 5ee949255babc0b17c09ddb2e59e3878 [Pos Repl]
* C:\WINDOWS\System32\sfcfiles.dll : 1 571 840 : 04/14/2008 08:51 AM : 56a6034e7764e23d9114223eb3523925 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll : 1 548 288 : 08/17/2004 03:49 PM : 5ca2e2ba624d6f2c7a581c91e70394cb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll : 1 571 840 : 04/14/2008 08:51 AM : 56a6034e7764e23d9114223eb3523925 [Pos Repl]
* C:\WINDOWS\System32\shsvcs.dll : 135 168 : 07/28/2009 00:19 AM : ee9a2b9ea968a792a053c9d1a86bf870 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB971029\SP3QFE\shsvcs.dll : 135 168 : 07/27/2009 11:22 PM : 54a6bf743e0517528a5064ceaeb40ea7 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\shsvcs.dll : 134 656 : 08/17/2004 03:49 PM : 8ba76bd2a943f642f267a296a15776d2 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB971029$\shsvcs.dll : 135 168 : 04/14/2008 08:51 AM : b927443008910b412bec72fc41c1bad0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\shsvcs.dll : 135 168 : 04/14/2008 08:51 AM : b927443008910b412bec72fc41c1bad0 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\shsvcs.dll : 135 168 : 07/28/2009 00:19 AM : ee9a2b9ea968a792a053c9d1a86bf870 [Pos Repl]
* C:\WINDOWS\System32\smss.exe : 50 688 : 04/14/2008 08:52 AM : 9b08a8c6331c2da9c30377bcb4262721 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\smss.exe : 50 688 : 08/17/2004 03:49 PM : 04b69d49d7fc3358a372e97db6d39447 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\smss.exe : 50 688 : 04/14/2008 08:52 AM : 9b08a8c6331c2da9c30377bcb4262721 [Pos Repl]
* C:\WINDOWS\System32\spoolsv.exe : 58 880 : 08/17/2010 02:17 PM : 60784f891563fb1b767f70117fc2428f [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe : 58 880 : 08/17/2010 02:19 PM : 258dd5d4283fd9f9a7166be9ae45ce73 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe : 57 856 : 08/17/2004 03:49 PM : 21b6faa88044a41640e03ebb68be93e8 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe : 57 856 : 04/14/2008 08:52 AM : cb1090bca0e7b40d0b5b4e4d66531809 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe : 57 856 : 04/14/2008 08:52 AM : cb1090bca0e7b40d0b5b4e4d66531809 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\spoolsv.exe : 58 880 : 08/17/2010 02:17 PM : 60784f891563fb1b767f70117fc2428f [Pos Repl]
* C:\WINDOWS\System32\srsvc.dll : 171 008 : 04/14/2008 08:52 AM : 35b91147124f64ac8081a2edb9ea4dee [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\srsvc.dll : 170 496 : 08/17/2004 03:49 PM : 3cd57f31a64d32fdb28918b16d1e6aac [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\srsvc.dll : 171 008 : 04/14/2008 08:52 AM : 35b91147124f64ac8081a2edb9ea4dee [Pos Repl]
* C:\WINDOWS\System32\ssdpsrv.dll : 71 680 : 04/14/2008 08:52 AM : becd5271dc4e3b7c3d035f790fcbc1e5 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ssdpsrv.dll : 71 680 : 08/17/2004 03:49 PM : 88c28f53f53438dafcd95e99c837c61e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ssdpsrv.dll : 71 680 : 04/14/2008 08:52 AM : becd5271dc4e3b7c3d035f790fcbc1e5 [Pos Repl]
* C:\WINDOWS\System32\svchost.exe : 14 336 : 04/14/2008 08:52 AM : be4a520e29b6391f49e79ccc52044d93 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\svchost.exe : 14 336 : 08/17/2004 03:49 PM : dfba2915b0bf58abb288cd4c9318cb3f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\svchost.exe : 14 336 : 04/14/2008 08:52 AM : be4a520e29b6391f49e79ccc52044d93 [Pos Repl]
* C:\WINDOWS\System32\tapisrv.dll : 249 856 : 04/14/2008 08:52 AM : c2546cd7a398476f9df5614b2ae160e8 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tapisrv.dll : 246 272 : 08/17/2004 03:49 PM : 37162d29cd61519e6f5ea0de99786ff6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tapisrv.dll : 249 856 : 04/14/2008 08:52 AM : c2546cd7a398476f9df5614b2ae160e8 [Pos Repl]
* C:\WINDOWS\System32\termsrv.dll : 295 936 : 04/14/2008 08:52 AM : a75dd6fc3dbee4fff5ebc9f2c28bb66e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\termsrv.dll : 295 936 : 08/17/2004 03:49 PM : 2f5919f2f6ee7a845893d9c3aa2bc56a [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\termsrv.dll : 295 936 : 04/14/2008 08:52 AM : a75dd6fc3dbee4fff5ebc9f2c28bb66e [Pos Repl]
* C:\WINDOWS\System32\upnphost.dll : 186 368 : 04/14/2008 08:52 AM : 651bd90dcee5b7bdc74a2eb7c9266f9e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\upnphost.dll : 185 344 : 08/17/2004 03:49 PM : 984fc1518b0d5b31d76f0e63608e0500 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\upnphost.dll : 186 368 : 04/14/2008 08:52 AM : 651bd90dcee5b7bdc74a2eb7c9266f9e [Pos Repl]
* C:\WINDOWS\System32\user32.dll : 578 560 : 04/14/2008 08:52 AM : e16e0990967374e76f3e40cacafd3d53 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\user32.dll : 577 024 : 08/17/2004 03:49 PM : 1b4ccc59980da34e75f20e42b283b027 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\user32.dll : 578 560 : 04/14/2008 08:52 AM : e16e0990967374e76f3e40cacafd3d53 [Pos Repl]
* C:\WINDOWS\System32\userinit.exe : 26 112 : 04/14/2008 08:52 AM : 7dc1830f22e7d275b438127b68030239 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\userinit.exe : 24 576 : 08/17/2004 03:49 PM : 836f7960362ff95c5d49e40b891f2cfc [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\userinit.exe : 26 112 : 04/14/2008 08:52 AM : 7dc1830f22e7d275b438127b68030239 [Pos Repl]
* C:\WINDOWS\System32\UxTheme.dll : 219 648 : 04/14/2008 08:52 AM : e04a8dc5c740c679ef62a614d9339ecf [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\uxtheme.dll : 219 648 : 08/17/2004 03:49 PM : 0d3c98f2d11978d67dd4102471cfbfac [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\uxtheme.dll : 219 648 : 04/14/2008 08:52 AM : e04a8dc5c740c679ef62a614d9339ecf [Pos Repl]
* C:\WINDOWS\System32\version.dll : 18 944 : 04/14/2008 08:52 AM : 614f8186bdab926e3b1d8927a4161b54 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\version.dll : 18 944 : 08/17/2004 03:49 PM : e472bda53a4dcd2142143af9fd25c99a [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\version.dll : 18 944 : 04/14/2008 08:52 AM : 614f8186bdab926e3b1d8927a4161b54 [Pos Repl]
* C:\WINDOWS\System32\w32time.dll : 176 640 : 04/14/2008 08:52 AM : fa4e1cdba256787f2149f4aad07bc91f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\w32time.dll : 176 128 : 08/17/2004 03:49 PM : 2ceebb402187ae56b585701f3d191fb3 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\w32time.dll : 176 640 : 04/14/2008 08:52 AM : fa4e1cdba256787f2149f4aad07bc91f [Pos Repl]
* C:\WINDOWS\System32\wbem\wmiprvse.exe : 227 840 : 02/06/2009 11:10 AM : 798a9e6828997eef4517ada8a2259831 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\wmiprvse.exe : 227 840 : 02/06/2009 11:15 AM : f520ab392d58c0a1070268032d809382 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe : 218 112 : 08/17/2004 03:49 PM : ef897ddcd9e269b83f03f328698aae7a [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB956572$\wmiprvse.exe : 218 112 : 04/14/2008 08:52 AM : edf9ca5598b7ea3f91a1f1104ee665db [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe : 218 112 : 04/14/2008 08:52 AM : edf9ca5598b7ea3f91a1f1104ee665db [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wmiprvse.exe : 227 840 : 02/06/2009 11:10 AM : 798a9e6828997eef4517ada8a2259831 [Pos Repl]
* C:\WINDOWS\System32\wdigest.dll : 54 272 : 06/25/2009 09:27 AM : a06d566df5918e78dcf80596b17d2c9a [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\wdigest.dll : 54 272 : 06/25/2009 09:42 AM : afededb8e5350b1fa90b90619fb85b67 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\wdigest.dll : 49 152 : 08/17/2004 03:49 PM : 36a876e71d71ec0dd06cbd53e744c2b4 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB968389$\wdigest.dll : 49 152 : 04/14/2008 08:52 AM : f4b1e8d41e8452069c99ef7cc8b89ba6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wdigest.dll : 49 152 : 04/14/2008 08:52 AM : f4b1e8d41e8452069c99ef7cc8b89ba6 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wdigest.dll : 54 272 : 06/25/2009 09:27 AM : a06d566df5918e78dcf80596b17d2c9a [Pos Repl]
* C:\WINDOWS\System32\wiaservc.dll : 334 336 : 04/14/2008 08:52 AM : c1cdd9275f6a115bb0ae1d55d8d27ba6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\wiaservc.dll : 333 824 : 08/17/2004 03:49 PM : 0645ccdddd27f96eea3534c1def736d9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wiaservc.dll : 334 336 : 04/14/2008 08:52 AM : c1cdd9275f6a115bb0ae1d55d8d27ba6 [Pos Repl]
* C:\WINDOWS\System32\winlogon.exe : 507 904 : 04/14/2008 08:52 AM : cddb1f8e1aea356f3ad106f2cf9b7fea [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe : 502 272 : 08/17/2004 03:49 PM : 221c29ae1b4cc61d11d8b27de78b2307 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\winlogon.exe : 507 904 : 04/14/2008 08:52 AM : cddb1f8e1aea356f3ad106f2cf9b7fea [Pos Repl]
* C:\WINDOWS\System32\ws2_32.dll : 82 432 : 04/14/2008 08:52 AM : 951d473917c51f21496d914cf6e5ddd1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll : 82 944 : 08/17/2004 03:49 PM : 382e9b87f1282e697c67af84e34e35e2 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll : 82 432 : 04/14/2008 08:52 AM : 951d473917c51f21496d914cf6e5ddd1 [Pos Repl]
* C:\WINDOWS\System32\ws2help.dll : 19 968 : 04/14/2008 08:52 AM : 859f7735f199c90403340183a3ddfb78 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ws2help.dll : 19 968 : 08/17/2004 03:49 PM : c2b86666fc44b48903ad6016d15a23df [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ws2help.dll : 19 968 : 04/14/2008 08:52 AM : 859f7735f199c90403340183a3ddfb78 [Pos Repl]
* C:\WINDOWS\System32\wscntfy.exe : 13 824 : 04/14/2008 08:52 AM : 278a14bedef58687eaf8bec056a78d8b [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe : 13 824 : 08/17/2004 03:49 PM : 93f75ff033baa186d08115d73bfe3d32 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe : 13 824 : 04/14/2008 08:52 AM : 278a14bedef58687eaf8bec056a78d8b [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wscntfy.exe : 13 824 : 04/14/2008 08:52 AM : 278a14bedef58687eaf8bec056a78d8b [Pos Repl]
* C:\WINDOWS\System32\xmlprov.dll : 129 024 : 04/14/2008 08:52 AM : eaa4bb9edb3fb10cf8979fe65e63658f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\xmlprov.dll : 129 536 : 08/17/2004 03:49 PM : 9b835d4c64860b155a1701d5092ec9e4 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll : 129 024 : 04/14/2008 08:52 AM : eaa4bb9edb3fb10cf8979fe65e63658f [Pos Repl]
* C:\WINDOWS\explorer.exe : 1 034 240 : 04/14/2008 08:52 AM : 27afd587c462e280ee046b8cca3c2cd1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\explorer.exe : 1 032 704 : 08/17/2004 03:49 PM : 53114d57ab73a406ac7f602227781a99 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\explorer.exe : 1 034 240 : 04/14/2008 08:52 AM : 27afd587c462e280ee046b8cca3c2cd1 [Pos Repl]
* C:\WINDOWS\System32\drivers\acpiec.sys : 11 776 : 10/25/2001 01:00 PM : afdff022a01f0b11c776f0860c3b282f [NoSig]
* C:\WINDOWS\System32\drivers\acpi.sys : 188 288 : 04/14/2008 07:35 AM : 4fe34f1f3126b61fcc6b2043aa8112c9 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\acpi.sys : 188 288 : 08/17/2004 03:43 PM : fa2fbcda96d2385f773b059fe5a125a6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\acpi.sys : 188 288 : 04/14/2008 07:35 AM : 4fe34f1f3126b61fcc6b2043aa8112c9 [Pos Repl]
* C:\WINDOWS\System32\drivers\aec.sys : 142 592 : 04/13/2008 10:09 PM : 8bed39e3c35d6a489438b8141717a557 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\aec.sys : 142 464 : 08/03/2004 10:39 PM : 841f385c6cfaf66b58fbd898722bb4f0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\aec.sys : 142 592 : 04/13/2008 10:09 PM : 8bed39e3c35d6a489438b8141717a557 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\aec.sys : 142 592 : 04/13/2008 10:09 PM : 8bed39e3c35d6a489438b8141717a557 [Pos Repl]
* C:\WINDOWS\System32\drivers\afd.sys : 138 496 : 08/17/2011 02:49 PM : 1e44bc1e83d8fd2305f8d452db109cf9 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys : 138 496 : 02/16/2011 02:25 PM : 8d499b1276012eb907e7a9e0f4d8fda4 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys : 138 496 : 10/16/2008 04:07 PM : 38d7b715504da4741df35e3594fe2099 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys : 138 496 : 08/17/2011 02:41 PM : f6b7b1ecd7b41736bdb6ff4b092bcb79 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys : 138 496 : 06/20/2008 12:48 AM : d6ee6014241d034e63c49a50cb2b442a [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys : 138 496 : 08/14/2008 11:34 AM : 4d43e74f2a1239d53929b82600f1971c [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\afd.sys : 138 496 : 08/03/2004 11:14 PM : 5ac495f4cb807b2b98ad2ad591e6d92e [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2503665$\afd.sys : 138 496 : 10/16/2008 03:43 PM : 7618d5218f2a614672ec61a80d854a37 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2509553$\afd.sys : 138 496 : 08/14/2008 11:04 AM : 7e775010ef291da96ad17ca4b17137d7 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2592799$\afd.sys : 138 496 : 02/16/2011 02:22 PM : 355556d9e580915118cd7ef736653a89 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB951748$\afd.sys : 138 112 : 04/14/2008 00:49 AM : 322d0e36693d6e24a2398bee62a268cd [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB956803$\afd.sys : 138 496 : 06/20/2008 12:40 AM : e3049b90fe06f3f740b7cfda44995e2c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\afd.sys : 138 112 : 04/14/2008 00:49 AM : 322d0e36693d6e24a2398bee62a268cd [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\afd.sys : 138 496 : 08/17/2011 02:49 PM : 1e44bc1e83d8fd2305f8d452db109cf9 [Pos Repl]
* C:\WINDOWS\System32\drivers\agp440.sys : 42 368 : 04/14/2008 00:06 AM : 08fd04aa961bdc77fb983f328334e3d7 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\agp440.sys : 42 368 : 08/03/2004 11:07 PM : 2c428fa0c3e3a01ed93c9b2a27d8d4bb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\agp440.sys : 42 368 : 04/14/2008 00:06 AM : 08fd04aa961bdc77fb983f328334e3d7 [Pos Repl]
* C:\WINDOWS\System32\drivers\amdk6.sys : 41 216 : 04/14/2008 07:38 AM : aa2d3a86f7b551aa227b17efaeab7d22 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\amdk6.sys : 40 832 : 08/17/2004 03:43 PM : f4e1072598a00a5fb74fc08bc97e33de [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\amdk6.sys : 41 216 : 04/14/2008 07:38 AM : aa2d3a86f7b551aa227b17efaeab7d22 [Pos Repl]
* C:\WINDOWS\System32\drivers\amdk7.sys : 41 600 : 04/14/2008 07:38 AM : 3980814f8027d27ea003e2e3d9d4f604 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\amdk7.sys : 41 216 : 08/17/2004 03:43 PM : 2cc3bf45ac3180fe29c199bd95f09601 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\amdk7.sys : 41 600 : 04/14/2008 07:38 AM : 3980814f8027d27ea003e2e3d9d4f604 [Pos Repl]
* C:\WINDOWS\System32\drivers\arp1394.sys : 60 800 : 04/14/2008 00:21 AM : b5b8a80875c1dededa8b02765642c32f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\arp1394.sys : 60 800 : 08/03/2004 10:58 PM : f0d692b0bffb46e30eb3cea168bbc49f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\arp1394.sys : 60 800 : 04/14/2008 00:21 AM : b5b8a80875c1dededa8b02765642c32f [Pos Repl]
* C:\WINDOWS\System32\drivers\asyncmac.sys : 14 336 : 04/14/2008 00:27 AM : b153affac761e7f5fcfa822b9c4e97bc [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\asyncmac.sys : 14 336 : 08/03/2004 11:05 PM : 02000abf34af4c218c35d257024807d6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\asyncmac.sys : 14 336 : 04/14/2008 00:27 AM : b153affac761e7f5fcfa822b9c4e97bc [Pos Repl]
* C:\WINDOWS\System32\drivers\atapi.sys : 96 512 : 04/14/2008 00:10 AM : 9f3a2f5aa6875c72bf062c712cfa2674 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\atapi.sys : 95 360 : 08/03/2004 10:59 PM : cdfe4411a69c224bd1d11b2da92dac51 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\atapi.sys : 96 512 : 04/14/2008 00:10 AM : 9f3a2f5aa6875c72bf062c712cfa2674 [Pos Repl]
* C:\WINDOWS\System32\drivers\audstub.sys : 3 072 : 08/17/2001 10:59 PM : d9f724aa26c010a217c97606b160ed68 [NoSig]
* C:\WINDOWS\System32\drivers\beep.sys : 4 224 : 10/25/2001 01:00 PM : da1f27d85e0d1525f6621372e7b685e9 [NoSig]
+-> C:\WINDOWS\system32\dllcache\beep.sys : 4 224 : 10/25/2001 01:00 PM : da1f27d85e0d1525f6621372e7b685e9 [Pos Repl]
* C:\WINDOWS\System32\drivers\bridge.sys : 71 552 : 04/14/2008 00:23 AM : f934d1b230f84e1d19dd00ac5a7a83ed [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\bridge.sys : 71 552 : 08/03/2004 10:59 PM : e4e6a0922e3d983728c9ad4e8d466954 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\bridge.sys : 71 552 : 04/14/2008 00:23 AM : f934d1b230f84e1d19dd00ac5a7a83ed [Pos Repl]
* C:\WINDOWS\System32\drivers\bthport.sys : 272 128 : 06/14/2008 06:35 PM : f338662a6c1fc11dd9508f6dff2c06a2 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys : 272 128 : 06/14/2008 06:40 PM : 1d310260167097c7b582790826b0f501 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\bthport.sys : 274 304 : 08/17/2004 03:43 PM : c4084076346ff43f3005477644710657 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys : 272 896 : 04/14/2008 07:45 AM : 164f186e09f26ba47b89e4db9b0aaf1e [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\bthport.sys : 272 128 : 06/14/2008 06:35 PM : f338662a6c1fc11dd9508f6dff2c06a2 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\bthport.sys : 272 896 : 04/14/2008 07:45 AM : 164f186e09f26ba47b89e4db9b0aaf1e [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\bthport.sys : 272 128 : 06/14/2008 06:35 PM : f338662a6c1fc11dd9508f6dff2c06a2 [Pos Repl]
* C:\WINDOWS\System32\drivers\cbidf2k.sys : 13 952 : 10/25/2001 01:00 PM : 90a673fc8e12a79afbed2576f6a7aaf9 [NoSig]
* C:\WINDOWS\System32\drivers\cdaudio.sys : 18 688 : 10/25/2001 01:00 PM : c1b486a7658353d33a10cc15211a873b [NoSig]
* C:\WINDOWS\System32\drivers\cdfs.sys : 63 744 : 04/14/2008 00:44 AM : c885b02847f5d2fd45a24e219ed93b32 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\cdfs.sys : 63 744 : 08/03/2004 11:14 PM : cd7d5152df32b47f4e36f710b35aae02 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\cdfs.sys : 63 744 : 04/14/2008 00:44 AM : c885b02847f5d2fd45a24e219ed93b32 [Pos Repl]
* C:\WINDOWS\System32\drivers\cdrom.sys : 62 976 : 04/14/2008 00:10 AM : 1f4260cc5b42272d71f79e570a27a4fe [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys : 49 536 : 08/03/2004 10:59 PM : af9c19b3100fe010496b1a27181fbf72 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\cdrom.sys : 62 976 : 04/14/2008 00:10 AM : 1f4260cc5b42272d71f79e570a27a4fe [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\cdrom.sys : 62 592 : 12/22/2009 07:39 PM : 7b53584d94e9d8716b2de91d5f1cb42d [Pos Repl]
* C:\WINDOWS\System32\drivers\classpnp.sys : 49 536 : 04/14/2008 00:46 AM : fe47dd8fe6d7768ff94ebec6c74b2719 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\classpnp.sys : 49 664 : 08/03/2004 11:14 PM : d86173b401470f06d9810f7962969ddf [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\classpnp.sys : 49 536 : 04/14/2008 00:46 AM : fe47dd8fe6d7768ff94ebec6c74b2719 [Pos Repl]
* C:\WINDOWS\System32\drivers\cpqdap01.sys : 11 776 : 10/25/2001 01:00 PM : 9624293e55ad405415862b504ca95b73 [NoSig]
* C:\WINDOWS\System32\drivers\crusoe.sys : 40 576 : 04/14/2008 07:56 AM : 57ffb078b71f5b5e7a3dff40f0f47711 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\crusoe.sys : 40 320 : 08/17/2004 03:44 PM : 80419d8e6dbdb8c25cbafc8269243cf7 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\crusoe.sys : 40 576 : 04/14/2008 07:56 AM : 57ffb078b71f5b5e7a3dff40f0f47711 [Pos Repl]
* C:\WINDOWS\System32\drivers\diskdump.sys : 14 208 : 04/14/2008 00:10 AM : e65e2353a5d74ea89971cb918eeeb2f6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\diskdump.sys : 14 208 : 08/03/2004 10:59 PM : d16c81677a9be399c63cd2ea486472a5 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\diskdump.sys : 14 208 : 04/14/2008 00:10 AM : e65e2353a5d74ea89971cb918eeeb2f6 [Pos Repl]
* C:\WINDOWS\System32\drivers\disk.sys : 36 352 : 04/14/2008 00:10 AM : 044452051f3e02e7963599fc8f4f3e25 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\disk.sys : 36 352 : 08/03/2004 10:59 PM : 00ca44e4534865f8a3b64f7c0984bff0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\disk.sys : 36 352 : 04/14/2008 00:10 AM : 044452051f3e02e7963599fc8f4f3e25 [Pos Repl]
* C:\WINDOWS\System32\drivers\dmboot.sys : 800 000 : 04/14/2008 08:00 AM : db5fd2bf5b07dc54bfcb3664ff05bd7c [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dmboot.sys : 800 000 : 08/17/2004 03:45 PM : e1968edec81c430108feb23ab07bdb14 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dmboot.sys : 800 000 : 04/14/2008 08:00 AM : db5fd2bf5b07dc54bfcb3664ff05bd7c [Pos Repl]
* C:\WINDOWS\System32\drivers\dmio.sys : 153 856 : 04/14/2008 08:01 AM : fff1720af51171f32f1ead5cf71f2810 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dmio.sys : 153 856 : 08/17/2004 03:45 PM : 1b1520a82e396e46b9ae9fa6b03ff6c6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dmio.sys : 153 856 : 04/14/2008 08:01 AM : fff1720af51171f32f1ead5cf71f2810 [Pos Repl]
* C:\WINDOWS\System32\drivers\dmload.sys : 5 888 : 10/25/2001 01:00 PM : e9317282a63ca4d188c0df5e09c6ac5f [NoSig]
+-> C:\WINDOWS\system32\dllcache\dmload.sys : 5 888 : 10/25/2001 01:00 PM : e9317282a63ca4d188c0df5e09c6ac5f [Pos Repl]
* C:\WINDOWS\System32\drivers\DMusic.sys : 52 864 : 04/14/2008 00:15 AM : 8a208dfcf89792a484e76c40e5f50b45 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dmusic.sys : 52 864 : 08/03/2004 11:07 PM : a6f881284ac1150e37d9ae47ff601267 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dmusic.sys : 52 864 : 04/14/2008 00:15 AM : 8a208dfcf89792a484e76c40e5f50b45 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\dmusic.sys : 52 864 : 04/14/2008 00:15 AM : 8a208dfcf89792a484e76c40e5f50b45 [Pos Repl]
* C:\WINDOWS\System32\drivers\drmkaud.sys : 2 944 : 04/14/2008 00:15 AM : 8f5fcff8e8848afac920905fbd9d33c8 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys : 2 944 : 08/03/2004 11:07 PM : 1ed4dbbae9f5d558dbba4cc450e3eb2e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\drmkaud.sys : 2 944 : 04/14/2008 00:15 AM : 8f5fcff8e8848afac920905fbd9d33c8 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\drmkaud.sys : 2 944 : 04/14/2008 00:15 AM : 8f5fcff8e8848afac920905fbd9d33c8 [Pos Repl]
* C:\WINDOWS\System32\drivers\drmk.sys : 60 160 : 04/13/2008 11:15 PM : 6cb08593487f5701d2d2254e693eafce [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\drmk.sys : 60 288 : 08/03/2004 11:08 PM : ff86422268de771d571e123eb7092c6a [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\drmk.sys : 60 160 : 04/14/2008 00:15 AM : 6cb08593487f5701d2d2254e693eafce [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\drmk.sys : 60 160 : 04/14/2008 00:15 AM : 6cb08593487f5701d2d2254e693eafce [Pos Repl]
* C:\WINDOWS\System32\drivers\dxapi.sys : 10 496 : 10/25/2001 01:00 PM : fe97d0343acfdebdd578fc67cc91fa87 [NoSig]
+-> C:\WINDOWS\system32\dllcache\dxapi.sys : 10 496 : 10/25/2001 01:00 PM : fe97d0343acfdebdd578fc67cc91fa87 [Pos Repl]
* C:\WINDOWS\System32\drivers\dxg.sys : 71 168 : 04/14/2008 00:08 AM : ac7280566a7bb85cb3291f04ddc1198e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dxg.sys : 71 040 : 08/03/2004 11:00 PM : d3dac8432110aad0b02a58b4459ab835 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dxg.sys : 71 168 : 04/14/2008 00:08 AM : ac7280566a7bb85cb3291f04ddc1198e [Pos Repl]
* C:\WINDOWS\System32\drivers\dxgthk.sys : 3 328 : 10/25/2001 01:00 PM : a73f5d6705b1d820c19b18782e176efd [NoSig]
+-> C:\WINDOWS\system32\dllcache\dxgthk.sys : 3 328 : 10/25/2001 01:00 PM : a73f5d6705b1d820c19b18782e176efd [Pos Repl]
* C:\WINDOWS\System32\drivers\fastfat.sys : 143 744 : 04/14/2008 00:44 AM : 38d332a6d56af32635675f132548343e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys : 143 360 : 08/03/2004 11:14 PM : 3117f595e9615e04f05a54fc15a03b20 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\fastfat.sys : 143 744 : 04/14/2008 00:44 AM : 38d332a6d56af32635675f132548343e [Pos Repl]
* C:\WINDOWS\System32\drivers\fdc.sys : 27 392 : 04/14/2008 00:10 AM : 92cdd60b6730b9f50f6a1a0c1f8cdc81 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\fdc.sys : 27 392 : 08/03/2004 10:59 PM : ced2e8396a8838e59d8fd529c680e02c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\fdc.sys : 27 392 : 04/14/2008 00:10 AM : 92cdd60b6730b9f50f6a1a0c1f8cdc81 [Pos Repl]
* C:\WINDOWS\System32\drivers\fips.sys : 44 544 : 04/14/2008 07:43 AM : ac366695a0796560aa37215ad5762aaf [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\fips.sys : 34 944 : 10/25/2001 01:00 PM : 266dab58619b17bdf37fabbd48d875ca [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\fips.sys : 44 544 : 04/14/2008 07:43 AM : ac366695a0796560aa37215ad5762aaf [Pos Repl]
* C:\WINDOWS\System32\drivers\flpydisk.sys : 20 480 : 04/14/2008 00:10 AM : 9d27e7b80bfcdf1cdd9b555862d5e7f0 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\flpydisk.sys : 20 480 : 08/03/2004 10:59 PM : 0dd1de43115b93f4d85e889d7a86f548 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\flpydisk.sys : 20 480 : 04/14/2008 00:10 AM : 9d27e7b80bfcdf1cdd9b555862d5e7f0 [Pos Repl]
* C:\WINDOWS\System32\drivers\fltMgr.sys : 129 792 : 04/14/2008 00:03 AM : b2cf4b0786f8212cb92ed2b50c6db6b0 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\fltmgr.sys : 124 800 : 08/03/2004 11:01 PM : 157754f0df355a9e0a6f54721914f9c6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\fltmgr.sys : 129 792 : 04/14/2008 00:03 AM : b2cf4b0786f8212cb92ed2b50c6db6b0 [Pos Repl]
* C:\WINDOWS\System32\drivers\fs_rec.sys : 7 936 : 10/25/2001 01:00 PM : 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a [NoSig]
+-> C:\WINDOWS\system32\dllcache\fs_rec.sys : 7 936 : 10/25/2001 01:00 PM : 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a [Pos Repl]
* C:\WINDOWS\System32\drivers\fsvga.sys : 12 160 : 10/25/2001 01:00 PM : 9996a605d10e8c7daa29a380eaef51ae [NoSig]
* C:\WINDOWS\System32\drivers\ftdisk.sys : 125 184 : 10/25/2001 01:00 PM : 4e664d8541db4a66b73a24257e322e1f [NoSig]
* C:\WINDOWS\System32\drivers\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\hidclass.sys : 36 224 : 08/03/2004 11:08 PM : 378055ab8dda86228683c697c4e11685 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\hidclass.sys : 36 864 : 04/14/2008 00:15 AM : 1af592532532a402ed7c060f6954004f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\hidclass.sys : 36 864 : 04/13/2008 11:15 PM : 1af592532532a402ed7c060f6954004f [Pos Repl]
* C:\WINDOWS\System32\drivers\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\hidusb.sys : 9 600 : 10/25/2001 01:00 PM : 1de6783b918f540149aa69943bdfeba8 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\hidusb.sys : 10 368 : 04/14/2008 00:15 AM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\hidusb.sys : 10 368 : 04/13/2008 11:15 PM : ccf82c5ec8a7326c3066de870c06daf1 [Pos Repl]
* C:\WINDOWS\System32\drivers\http.sys : 265 728 : 10/20/2009 05:20 PM : f80a415ef82cd06ffaf0d971528ead38 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB970430\SP3QFE\http.sys : 265 728 : 10/20/2009 04:21 PM : 937031c085718c1c04a9c0864625ec6b [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\http.sys : 263 040 : 08/03/2004 11:00 PM : c19b522a9ae0bbc3293397f3055e80a1 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB970430$\http.sys : 264 832 : 04/14/2008 00:23 AM : f6aacf5bce2893e0c1754afeb672e5c9 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\http.sys : 265 728 : 10/20/2009 05:20 PM : f80a415ef82cd06ffaf0d971528ead38 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\http.sys : 264 832 : 04/14/2008 00:23 AM : f6aacf5bce2893e0c1754afeb672e5c9 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\http.sys : 265 728 : 10/20/2009 05:20 PM : f80a415ef82cd06ffaf0d971528ead38 [Pos Repl]
* C:\WINDOWS\System32\drivers\i8042prt.sys : 52 096 : 04/14/2008 07:51 AM : c528e27945367191e7bae364930b6932 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys : 52 352 : 08/17/2004 03:44 PM : 0f42de9909b5dbf2c48dd1a79d491af5 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys : 52 096 : 04/14/2008 07:51 AM : c528e27945367191e7bae364930b6932 [Pos Repl]
* C:\WINDOWS\System32\drivers\imapi.sys : 42 112 : 04/14/2008 00:11 AM : 083a052659f5310dd8b6a6cb05edcf8e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\imapi.sys : 41 856 : 08/03/2004 11:00 PM : f8aa320c6a0409c0380e5d8a99d76ec6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\imapi.sys : 42 112 : 04/14/2008 00:11 AM : 083a052659f5310dd8b6a6cb05edcf8e [Pos Repl]
* C:\WINDOWS\System32\drivers\intelppm.sys : 40 192 : 04/14/2008 07:55 AM : 27b290d632af2cf3cf40bfddb7370985 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\intelppm.sys : 39 936 : 08/17/2004 03:44 PM : 10a3ac0f0df720ad3c3fd13861d50eb9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\intelppm.sys : 40 192 : 04/14/2008 07:55 AM : 27b290d632af2cf3cf40bfddb7370985 [Pos Repl]
* C:\WINDOWS\System32\drivers\ip6fw.sys : 36 608 : 04/14/2008 00:23 AM : 3bb22519a194418d5fec05d800a19ad0 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ip6fw.sys : 29 056 : 08/03/2004 11:00 PM : 4448006b6bc60e6c027932cfc38d6855 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys : 36 608 : 04/14/2008 00:23 AM : 3bb22519a194418d5fec05d800a19ad0 [Pos Repl]
* C:\WINDOWS\System32\drivers\ipfltdrv.sys : 32 896 : 10/25/2001 01:00 PM : 731f22ba402ee4b62748adaf6363c182 [NoSig]
+-> C:\WINDOWS\system32\dllcache\ipfltdrv.sys : 32 896 : 10/25/2001 01:00 PM : 731f22ba402ee4b62748adaf6363c182 [Pos Repl]
* C:\WINDOWS\System32\drivers\ipinip.sys : 20 864 : 04/14/2008 00:27 AM : b87ab476dcf76e72010632b5550955f5 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ipinip.sys : 20 992 : 08/03/2004 11:04 PM : e1ec7f5da720b640cd8fb8424f1b14bb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ipinip.sys : 20 864 : 04/14/2008 00:27 AM : b87ab476dcf76e72010632b5550955f5 [Pos Repl]
* C:\WINDOWS\System32\drivers\ipnat.sys : 152 832 : 04/14/2008 00:27 AM : cc748ea12c6effde940ee98098bf96bb [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ipnat.sys : 134 912 : 08/03/2004 11:04 PM : b5a8e215ac29d24d60b4d1250ef05ace [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ipnat.sys : 152 832 : 04/14/2008 00:27 AM : cc748ea12c6effde940ee98098bf96bb [Pos Repl]
* C:\WINDOWS\System32\drivers\ipsec.sys : 75 264 : 04/14/2008 00:49 AM : 23c74d75e36e7158768dd63d92789a91 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys : 74 752 : 08/03/2004 11:14 PM : 64537aa5c003a6afeee1df819062d0d1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ipsec.sys : 75 264 : 04/14/2008 00:49 AM : 23c74d75e36e7158768dd63d92789a91 [Pos Repl]
* C:\WINDOWS\System32\drivers\irenum.sys : 11 264 : 04/14/2008 00:24 AM : c93c9ff7b04d772627a3646d89f7bf89 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\irenum.sys : 11 264 : 08/03/2004 11:00 PM : 50708daa1b1cbb7d6ac1cf8f56a24410 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\irenum.sys : 11 264 : 04/14/2008 00:24 AM : c93c9ff7b04d772627a3646d89f7bf89 [Pos Repl]
* C:\WINDOWS\System32\drivers\isapnp.sys : 37 248 : 04/14/2008 07:57 AM : cc9f8a2d60aed1a51a3ac34c59b987ae [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys : 35 840 : 10/25/2001 01:00 PM : 1091528512e4dd7ed5fddcc4df1c53d7 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\isapnp.sys : 37 248 : 04/14/2008 07:57 AM : cc9f8a2d60aed1a51a3ac34c59b987ae [Pos Repl]
* C:\WINDOWS\System32\drivers\kbdclass.sys : 24 576 : 04/14/2008 07:59 AM : 1b6162fe7f66b1a71a4b70f941c4aa9b [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys : 24 576 : 08/17/2004 03:45 PM : 6f877bf8dc01a550cd666f3bedb2213c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys : 24 576 : 04/14/2008 07:59 AM : 1b6162fe7f66b1a71a4b70f941c4aa9b [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\kbdclass.sys : 24 576 : 04/14/2008 06:59 AM : 1b6162fe7f66b1a71a4b70f941c4aa9b [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\kbdclass.sys : 24 576 : 04/14/2008 06:59 AM : 1b6162fe7f66b1a71a4b70f941c4aa9b [Pos Repl]
* C:\WINDOWS\System32\drivers\kmixer.sys : 172 416 : 04/14/2008 00:15 AM : 692bcf44383d056aed41b045a323d378 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\kmixer.sys : 171 776 : 08/03/2004 11:07 PM : d93cad07c5683db066b0b2d2d3790ead [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\kmixer.sys : 172 416 : 04/14/2008 00:15 AM : 692bcf44383d056aed41b045a323d378 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\kmixer.sys : 172 416 : 04/14/2008 00:15 AM : 692bcf44383d056aed41b045a323d378 [Pos Repl]
* C:\WINDOWS\System32\drivers\ksecdd.sys : 92 928 : 06/24/2009 12:18 AM : b467646c54cc746128904e1654c750c1 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\ksecdd.sys : 92 928 : 06/24/2009 11:28 AM : c6ebf1d6ad71df30db49b8d3287e1368 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\ksecdd.sys : 92 032 : 08/03/2004 10:59 PM : eb7ffe87fd367ea8fca0506f74a87fbb [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB968389$\ksecdd.sys : 92 288 : 04/14/2008 00:01 AM : 1705745d900dabf2d89f90ebaddc7517 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ksecdd.sys : 92 288 : 04/14/2008 00:01 AM : 1705745d900dabf2d89f90ebaddc7517 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ksecdd.sys : 92 928 : 06/24/2009 12:18 AM : b467646c54cc746128904e1654c750c1 [Pos Repl]
* C:\WINDOWS\System32\drivers\ks.sys : 141 056 : 04/13/2008 11:46 PM : 0753515f78df7f271a5e61c20bcd36a1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ks.sys : 140 928 : 08/03/2004 11:15 PM : b9540e258f952650de8dec68719a5c97 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ks.sys : 141 056 : 04/14/2008 00:46 AM : 0753515f78df7f271a5e61c20bcd36a1 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ks.sys : 141 056 : 04/14/2008 00:46 AM : 0753515f78df7f271a5e61c20bcd36a1 [Pos Repl]
* C:\WINDOWS\System32\drivers\mcd.sys : 7 680 : 10/25/2001 01:00 PM : d1f8be91ed4ddb671d42e473e3fe71ab [NoSig]
+-> C:\WINDOWS\system32\dllcache\mcd.sys : 7 680 : 10/25/2001 01:00 PM : d1f8be91ed4ddb671d42e473e3fe71ab [Pos Repl]
* C:\WINDOWS\System32\drivers\mf.sys : 63 744 : 04/14/2008 00:06 AM : a7da20ab18a1bdae28b0f349e57da0d1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mf.sys : 63 744 : 08/03/2004 11:07 PM : 729d83e56c29c510258a6e9e79ffddc3 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mf.sys : 63 744 : 04/14/2008 00:06 AM : a7da20ab18a1bdae28b0f349e57da0d1 [Pos Repl]
* C:\WINDOWS\System32\drivers\mnmdd.sys : 4 224 : 10/25/2001 01:00 PM : 4ae068242760a1fb6e1a44bf4e16afa6 [NoSig]
+-> C:\WINDOWS\system32\dllcache\mnmdd.sys : 4 224 : 10/25/2001 01:00 PM : 4ae068242760a1fb6e1a44bf4e16afa6 [Pos Repl]
* C:\WINDOWS\System32\drivers\modem.sys : 30 080 : 04/14/2008 07:36 AM : 44032b0c6d9954d3fd26438330b99ee7 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\modem.sys : 30 080 : 08/17/2004 03:43 PM : 60210deb037846afe521ebf349964f6b [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\modem.sys : 30 080 : 04/14/2008 07:36 AM : 44032b0c6d9954d3fd26438330b99ee7 [Pos Repl]
* C:\WINDOWS\System32\drivers\mouclass.sys : 23 040 : 04/14/2008 06:36 AM : 4cb582831dbde63ce43b45d771218374 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mouclass.sys : 23 040 : 08/17/2004 03:43 PM : b160ec94114715675509115986400fd9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mouclass.sys : 23 040 : 04/14/2008 07:36 AM : 4cb582831dbde63ce43b45d771218374 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\mouclass.sys : 23 040 : 04/14/2008 06:36 AM : 4cb582831dbde63ce43b45d771218374 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\mouclass.sys : 23 040 : 04/14/2008 06:36 AM : 4cb582831dbde63ce43b45d771218374 [Pos Repl]
* C:\WINDOWS\System32\drivers\mouhid.sys : 12 160 : 10/24/2001 10:54 AM : bb269eba740737ab749b214d568b6812 [NoSig]
+-> C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\mouhid.sys : 12 160 : 10/24/2001 10:54 AM : bb269eba740737ab749b214d568b6812 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\mouhid.sys : 12 160 : 10/24/2001 10:54 AM : bb269eba740737ab749b214d568b6812 [Pos Repl]
* C:\WINDOWS\System32\drivers\mountmgr.sys : 42 368 : 04/14/2008 00:09 AM : a80b9a0bad1b73637dbcbba7df72d3fd [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mountmgr.sys : 42 240 : 08/03/2004 10:58 PM : 65653f3b4477f3c63e68a9659f85ee2e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys : 42 368 : 04/14/2008 00:09 AM : a80b9a0bad1b73637dbcbba7df72d3fd [Pos Repl]
* C:\WINDOWS\System32\drivers\mqac.sys : 92 544 : 04/14/2008 00:09 AM : 70c14f5cca5cf73f8a645c73a01d8726 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mqac.sys : 72 960 : 08/03/2004 10:58 PM : db07b0088cdfd20c2a22e675120ede34 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mqac.sys : 92 544 : 04/14/2008 00:09 AM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
* C:\WINDOWS\System32\drivers\mrxdav.sys : 180 608 : 04/14/2008 00:02 AM : 11d42bb6206f33fbb3ba0288d3ef81bd [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mrxdav.sys : 181 248 : 08/03/2004 11:00 PM : 46edcc8f2db2f322c24f48785cb46366 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mrxdav.sys : 180 608 : 04/14/2008 00:02 AM : 11d42bb6206f33fbb3ba0288d3ef81bd [Pos Repl]
* C:\WINDOWS\System32\drivers\mrxsmb.sys : 456 320 : 07/15/2011 02:29 PM : 7d304a5eb4344ebeeab53a2fe3ffb9f0 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys : 457 472 : 02/17/2011 02:19 PM : fb7dfd15d760ad339837a470f0e780d3 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys : 457 856 : 04/29/2011 05:47 PM : 8dd801e28eb76fda2a38907882a0036f [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys : 457 856 : 07/15/2011 02:29 PM : fb2fccc70f7174c7bf64f48e96d3adf4 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys : 455 936 : 10/24/2008 12:41 AM : 7170ab42b51954def2781a4d1cce65f4 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys : 456 832 : 12/04/2009 06:25 PM : 602549d1e8a622e5746991f6c56b21ca [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys : 457 216 : 02/24/2010 12:57 AM : d09b9f0b9960dd41e73127b7814c115f [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys : 451 456 : 08/03/2004 11:15 PM : 1fd607fc67f7f7c633c3da65bfc53d18 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2511455$\mrxsmb.sys : 455 680 : 02/24/2010 02:11 PM : f3aefb11abc521122b67095044169e98 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2536276$\mrxsmb.sys : 455 936 : 02/17/2011 02:18 PM : 0ea4d8ed179b75f8afa7998ba22285ca [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2536276-v2$\mrxsmb.sys : 456 320 : 04/29/2011 05:19 PM : 0dc719e9b15e902346e87e9dcd5751fa [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB957097$\mrxsmb.sys : 456 576 : 04/14/2008 00:47 AM : 68755f0ff16070178b54674fe5b847b0 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB978251$\mrxsmb.sys : 455 296 : 10/24/2008 12:21 AM : 60ae98742484e7ab80c3c1450e708148 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB980232$\mrxsmb.sys : 455 424 : 12/04/2009 07:22 PM : 421f7b922cec5a5f340e7574a98f7b7c [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\mrxsmb.sys : 456 320 : 07/15/2011 02:29 PM : 7d304a5eb4344ebeeab53a2fe3ffb9f0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mrxsmb.sys : 456 576 : 04/14/2008 00:47 AM : 68755f0ff16070178b54674fe5b847b0 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mrxsmb.sys : 456 320 : 07/15/2011 02:29 PM : 7d304a5eb4344ebeeab53a2fe3ffb9f0 [Pos Repl]
* C:\WINDOWS\System32\drivers\msfs.sys : 19 072 : 04/14/2008 00:02 AM : c941ea2454ba8350021d774daf0f1027 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msfs.sys : 19 072 : 08/03/2004 11:00 PM : 561b3a4333ca2dbdba28b5b956822519 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msfs.sys : 19 072 : 04/14/2008 00:02 AM : c941ea2454ba8350021d774daf0f1027 [Pos Repl]
* C:\WINDOWS\System32\drivers\msgpc.sys : 35 072 : 04/14/2008 00:26 AM : 0a02c63c8b144bd8c86b103dee7c86a2 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\msgpc.sys : 35 072 : 08/03/2004 11:04 PM : c0f1d4a21de5a415df8170616703debf [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\msgpc.sys : 35 072 : 04/14/2008 00:26 AM : 0a02c63c8b144bd8c86b103dee7c86a2 [Pos Repl]
* C:\WINDOWS\System32\drivers\MSKSSRV.sys : 7 552 : 04/14/2008 00:09 AM : d1575e71568f4d9e14ca56b7b0453bf1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mskssrv.sys : 7 552 : 08/03/2004 10:58 PM : ae431a8dd3c1d0d0610cdbac16057ad0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mskssrv.sys : 7 552 : 04/14/2008 00:09 AM : d1575e71568f4d9e14ca56b7b0453bf1 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mskssrv.sys : 7 552 : 04/14/2008 00:09 AM : d1575e71568f4d9e14ca56b7b0453bf1 [Pos Repl]
* C:\WINDOWS\System32\drivers\MSPCLOCK.sys : 5 376 : 04/14/2008 00:09 AM : 325bb26842fc7ccc1fcce2c457317f3e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mspclock.sys : 5 376 : 08/03/2004 10:58 PM : 13e75fef9dfeb08eeded9d0246e1f448 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mspclock.sys : 5 376 : 04/14/2008 00:09 AM : 325bb26842fc7ccc1fcce2c457317f3e [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mspclock.sys : 5 376 : 04/14/2008 00:09 AM : 325bb26842fc7ccc1fcce2c457317f3e [Pos Repl]
* C:\WINDOWS\System32\drivers\MSPQM.sys : 4 992 : 04/14/2008 00:09 AM : bad59648ba099da4a17680b39730cb3d [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mspqm.sys : 4 992 : 08/03/2004 10:58 PM : 1988a33ff19242576c3d0ef9ce785da7 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mspqm.sys : 4 992 : 04/14/2008 00:09 AM : bad59648ba099da4a17680b39730cb3d [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mspqm.sys : 4 992 : 04/14/2008 00:09 AM : bad59648ba099da4a17680b39730cb3d [Pos Repl]
* C:\WINDOWS\System32\drivers\mssmbios.sys : 15 488 : 04/14/2008 00:06 AM : af5f4f3f14a8ea2c26de30f7a1e17136 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\mssmbios.sys : 15 488 : 08/03/2004 11:07 PM : 469541f8bfd2b32659d5d463a6714bce [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mssmbios.sys : 15 488 : 04/14/2008 00:06 AM : af5f4f3f14a8ea2c26de30f7a1e17136 [Pos Repl]
* C:\WINDOWS\System32\drivers\mup.sys : 105 472 : 04/21/2011 02:37 PM : de6a75f5c270e756c5508d94b6cf68f5 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2535512\SP3QFE\mup.sys : 105 472 : 04/21/2011 02:52 PM : f7b1ad991491f02af6da70b00b8bf114 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\mup.sys : 107 904 : 08/03/2004 11:15 PM : 82035e0f41c2dd05ae41d27fe6cf7de1 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2535512$\mup.sys : 105 344 : 04/14/2008 00:47 AM : 2f625d11385b1a94360bfc70aaefdee1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mup.sys : 105 344 : 04/14/2008 00:47 AM : 2f625d11385b1a94360bfc70aaefdee1 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mup.sys : 105 472 : 04/21/2011 02:37 PM : de6a75f5c270e756c5508d94b6cf68f5 [Pos Repl]
* C:\WINDOWS\System32\drivers\ndis.sys : 182 656 : 04/14/2008 00:50 AM : 1df7f42665c94b825322fae71721130d [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ndis.sys : 182 912 : 08/03/2004 11:14 PM : 558635d3af1c7546d26067d5d9b6959e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ndis.sys : 182 656 : 04/14/2008 00:50 AM : 1df7f42665c94b825322fae71721130d [Pos Repl]
* C:\WINDOWS\System32\drivers\ndistapi.sys : 10 496 : 07/08/2011 03:02 PM : 0109c4f3850dfbab279542515386ae22 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2566454\SP3QFE\ndistapi.sys : 10 496 : 07/08/2011 02:51 PM : 091735a5f20acb1dc147383a905ae002 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\ndistapi.sys : 9 600 : 10/25/2001 01:00 PM : 08d43bbdacdf23f34d79e44ed35c1b4c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2566454$\ndistapi.sys : 10 112 : 04/14/2008 00:27 AM : 1ab3d00c991ab086e69db84b6c0ed78f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ndistapi.sys : 10 112 : 04/14/2008 00:27 AM : 1ab3d00c991ab086e69db84b6c0ed78f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ndistapi.sys : 10 496 : 07/08/2011 03:02 PM : 0109c4f3850dfbab279542515386ae22 [Pos Repl]
* C:\WINDOWS\System32\drivers\ndisuio.sys : 14 592 : 04/14/2008 00:26 AM : f927a4434c5028758a842943ef1a3849 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ndisuio.sys : 12 928 : 08/03/2004 11:03 PM : 34d6cd56409da9a7ed573e1c90a308bf [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ndisuio.sys : 14 592 : 04/14/2008 00:26 AM : f927a4434c5028758a842943ef1a3849 [Pos Repl]
* C:\WINDOWS\System32\drivers\ndiswan.sys : 91 520 : 04/14/2008 00:50 AM : edc1531a49c80614b2cfda43ca8659ab [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ndiswan.sys : 91 776 : 08/03/2004 11:14 PM : 0b90e255a9490166ab368cd55a529893 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ndiswan.sys : 91 520 : 04/14/2008 00:50 AM : edc1531a49c80614b2cfda43ca8659ab [Pos Repl]
* C:\WINDOWS\System32\drivers\ndproxy.sys : 40 960 : 11/02/2010 04:17 PM : 9282bd12dfb069d3889eb3fcc1000a9b [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys : 40 960 : 11/03/2010 06:55 AM : 816460bd4b4acd27937d1d0813e2e9e9 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\ndproxy.sys : 38 016 : 10/25/2001 01:00 PM : 59fc3fb44d2669bc144fd87826bb571f [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2440591$\ndproxy.sys : 40 576 : 04/14/2008 00:27 AM : 6215023940cfd3702b46abc304e1d45a [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ndproxy.sys : 40 576 : 04/14/2008 00:27 AM : 6215023940cfd3702b46abc304e1d45a [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ndproxy.sys : 40 960 : 11/02/2010 04:17 PM : 9282bd12dfb069d3889eb3fcc1000a9b [Pos Repl]
* C:\WINDOWS\System32\drivers\netbios.sys : 34 688 : 04/14/2008 00:26 AM : 5d81cf9a2f1a3a756b66cf684911cdf0 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\netbios.sys : 34 560 : 08/03/2004 11:03 PM : 3a2aca8fc1d7786902ca434998d7ceb4 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\netbios.sys : 34 688 : 04/14/2008 00:26 AM : 5d81cf9a2f1a3a756b66cf684911cdf0 [Pos Repl]
* C:\WINDOWS\System32\drivers\netbt.sys : 162 816 : 04/14/2008 00:51 AM : 74b2b2f5bea5e9a3dc021d685551bd3d [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\netbt.sys : 162 816 : 08/03/2004 11:14 PM : 0c80e410cd2f47134407ee7dd19cc86b [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\netbt.sys : 162 816 : 04/14/2008 00:51 AM : 74b2b2f5bea5e9a3dc021d685551bd3d [Pos Repl]
* C:\WINDOWS\System32\drivers\nic1394.sys : 61 824 : 04/14/2008 00:21 AM : e9e47cfb2d461fa0fc75b7a74c6383ea [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\nic1394.sys : 61 824 : 08/03/2004 10:58 PM : 5c5c53db4fef16cf87b9911c7e8c6fbc [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\nic1394.sys : 61 824 : 04/14/2008 00:21 AM : e9e47cfb2d461fa0fc75b7a74c6383ea [Pos Repl]
* C:\WINDOWS\System32\drivers\nikedrv.sys : 12 032 : 10/25/2001 01:00 PM : be984d604d91c217355cdd3737aad25d [NoSig]
* C:\WINDOWS\System32\drivers\nmnt.sys : 40 320 : 04/14/2008 00:23 AM : 1e421a6bcf2203cc61b821ada9de878b [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\nmnt.sys : 40 320 : 08/03/2004 10:59 PM : 60cf8c7192b3614f240838ddbaa4a245 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\nmnt.sys : 40 320 : 04/14/2008 00:23 AM : 1e421a6bcf2203cc61b821ada9de878b [Pos Repl]
* C:\WINDOWS\System32\drivers\npfs.sys : 30 848 : 04/14/2008 00:02 AM : 3182d64ae053d6fb034f44b6def8034a [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\npfs.sys : 30 848 : 08/03/2004 11:00 PM : 4f601bcb8f64ea3ac0994f98fed03f8e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\npfs.sys : 30 848 : 04/14/2008 00:02 AM : 3182d64ae053d6fb034f44b6def8034a [Pos Repl]
* C:\WINDOWS\System32\drivers\ntfs.sys : 574 976 : 04/14/2008 00:45 AM : 78a08dd6a8d65e697c18e1db01c5cdca [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys : 574 592 : 08/03/2004 11:15 PM : b78be402c3f63dd55521f73876951cdd [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ntfs.sys : 574 976 : 04/14/2008 00:45 AM : 78a08dd6a8d65e697c18e1db01c5cdca [Pos Repl]
* C:\WINDOWS\System32\drivers\null.sys : 2 944 : 10/25/2001 01:00 PM : 73c1e1f395918bc2c6dd67af7591a3ad [NoSig]
+-> C:\WINDOWS\system32\dllcache\null.sys : 2 944 : 10/25/2001 01:00 PM : 73c1e1f395918bc2c6dd67af7591a3ad [Pos Repl]
* C:\WINDOWS\System32\drivers\nwlnkflt.sys : 12 416 : 10/25/2001 01:00 PM : b305f3fad35083837ef46a0bbce2fc57 [NoSig]
+-> C:\WINDOWS\system32\dllcache\nwlnkflt.sys : 12 416 : 10/25/2001 01:00 PM : b305f3fad35083837ef46a0bbce2fc57 [Pos Repl]
* C:\WINDOWS\System32\drivers\nwlnkfwd.sys : 32 512 : 10/25/2001 01:00 PM : c99b3415198d1aab7227f2c88fd664b9 [NoSig]
+-> C:\WINDOWS\system32\dllcache\nwlnkfwd.sys : 32 512 : 10/25/2001 01:00 PM : c99b3415198d1aab7227f2c88fd664b9 [Pos Repl]
* C:\WINDOWS\System32\drivers\nwlnkipx.sys : 88 320 : 04/14/2008 00:26 AM : 8b8b1be2dba4025da6786c645f77f123 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\nwlnkipx.sys : 88 448 : 08/03/2004 11:03 PM : 79ea3fcda7067977625b3363a2657c80 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\nwlnkipx.sys : 88 320 : 04/14/2008 00:26 AM : 8b8b1be2dba4025da6786c645f77f123 [Pos Repl]
* C:\WINDOWS\System32\drivers\nwlnknb.sys : 63 232 : 10/25/2001 01:00 PM : 56d34a67c05e94e16377c60609741ff8 [NoSig]
+-> C:\WINDOWS\system32\dllcache\nwlnknb.sys : 63 232 : 10/25/2001 01:00 PM : 56d34a67c05e94e16377c60609741ff8 [Pos Repl]
* C:\WINDOWS\System32\drivers\nwlnkspx.sys : 55 936 : 10/25/2001 01:00 PM : c0bb7d1615e1acbdc99757f6ceaf8cf0 [NoSig]
+-> C:\WINDOWS\system32\dllcache\nwlnkspx.sys : 55 936 : 10/25/2001 01:00 PM : c0bb7d1615e1acbdc99757f6ceaf8cf0 [Pos Repl]
* C:\WINDOWS\System32\drivers\nwrdr.sys : 163 584 : 04/14/2008 00:04 AM : 36b9b950e3d2e100970a48d8bad86740 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\nwrdr.sys : 163 584 : 08/03/2004 11:02 PM : 03373a79440473062c6f3aedec6a49c8 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\nwrdr.sys : 163 584 : 04/14/2008 00:04 AM : 36b9b950e3d2e100970a48d8bad86740 [Pos Repl]
* C:\WINDOWS\System32\drivers\oprghdlr.sys : 3 456 : 10/25/2001 01:00 PM : 4bb30ddc53ebc76895e38694580cdfe9 [NoSig]
* C:\WINDOWS\System32\drivers\p3.sys : 46 592 : 04/14/2008 08:10 AM : 3fc38e7fbe91db40c34731195f4116c2 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\p3.sys : 46 336 : 08/17/2004 03:43 PM : 2d2d0eda3635522e932b1118aea4681d [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\p3.sys : 46 592 : 04/14/2008 08:10 AM : 3fc38e7fbe91db40c34731195f4116c2 [Pos Repl]
* C:\WINDOWS\System32\drivers\parport.sys : 80 000 : 04/14/2008 08:10 AM : 46f8db73b4a53e543f8e371dc7c75bae [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\parport.sys : 80 000 : 08/17/2004 03:43 PM : 76a18caa2fefb28a4ced38d76837e86e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\parport.sys : 80 000 : 04/14/2008 08:10 AM : 46f8db73b4a53e543f8e371dc7c75bae [Pos Repl]
* C:\WINDOWS\System32\drivers\partmgr.sys : 19 712 : 04/14/2008 00:10 AM : beb3ba25197665d82ec7065b724171c6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\partmgr.sys : 18 688 : 10/25/2001 01:00 PM : 3334430c29dc338092f79c38ef7b4cd0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\partmgr.sys : 19 712 : 04/14/2008 00:10 AM : beb3ba25197665d82ec7065b724171c6 [Pos Repl]
* C:\WINDOWS\System32\drivers\parvdm.sys : 6 784 : 10/25/2001 01:00 PM : 1fae19d0457176318bba4a8795656ebc [NoSig]
+-> C:\WINDOWS\system32\dllcache\parvdm.sys : 6 784 : 10/25/2001 01:00 PM : 1fae19d0457176318bba4a8795656ebc [Pos Repl]
* C:\WINDOWS\System32\drivers\pciidex.sys : 24 960 : 04/14/2008 00:10 AM : 52e60f29221d0d1ac16737e8dbf7c3e9 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\pciidex.sys : 25 088 : 08/03/2004 10:59 PM : 520b91ab011456b940d9b05fc91108ff [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\pciidex.sys : 24 960 : 04/14/2008 00:10 AM : 52e60f29221d0d1ac16737e8dbf7c3e9 [Pos Repl]
* C:\WINDOWS\System32\drivers\pci.sys : 68 736 : 04/14/2008 08:10 AM : 6ce351d149cb4befc702951e471e1730 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\pci.sys : 68 736 : 08/17/2004 03:43 PM : b7979f37bb7b9df2230046134955e6e7 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\pci.sys : 68 736 : 04/14/2008 08:10 AM : 6ce351d149cb4befc702951e471e1730 [Pos Repl]
* C:\WINDOWS\System32\drivers\pcmcia.sys : 120 064 : 04/14/2008 08:10 AM : 4fc31e6c19a5ce5198b1abff94cae758 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\pcmcia.sys : 119 808 : 08/17/2004 03:43 PM : 90505755634407d4ef4c6dea60fc1df9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\pcmcia.sys : 120 064 : 04/14/2008 08:10 AM : 4fc31e6c19a5ce5198b1abff94cae758 [Pos Repl]
* C:\WINDOWS\System32\drivers\portcls.sys : 146 048 : 04/13/2008 11:49 PM : e82a496c3961efc6828b508c310ce98f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\portcls.sys : 145 792 : 08/03/2004 11:15 PM : 5b0f00e43a7094c0b7e433cb42c79164 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\portcls.sys : 146 048 : 04/14/2008 00:49 AM : e82a496c3961efc6828b508c310ce98f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\portcls.sys : 146 048 : 04/14/2008 00:49 AM : e82a496c3961efc6828b508c310ce98f [Pos Repl]
* C:\WINDOWS\System32\drivers\processr.sys : 39 680 : 04/14/2008 07:41 AM : 7eb15dce4ec3a0220bd796a15c18186e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\processr.sys : 39 168 : 08/17/2004 03:43 PM : 9a10e4fd13824823da50d4758bd0a645 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\processr.sys : 39 680 : 04/14/2008 07:41 AM : 7eb15dce4ec3a0220bd796a15c18186e [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\processr.sys : 39 168 : 08/17/2004 03:43 PM : 9a10e4fd13824823da50d4758bd0a645 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\processr.sys : 39 168 : 08/17/2004 03:43 PM : 9a10e4fd13824823da50d4758bd0a645 [Pos Repl]
* C:\WINDOWS\System32\drivers\psched.sys : 69 120 : 04/14/2008 00:26 AM : 09298ec810b07e5d582cb3a3f9255424 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\psched.sys : 69 120 : 08/03/2004 11:04 PM : 48671f327553dcf1d27f6197f622a668 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\psched.sys : 69 120 : 04/14/2008 00:26 AM : 09298ec810b07e5d582cb3a3f9255424 [Pos Repl]
* C:\WINDOWS\System32\drivers\ptilink.sys : 17 792 : 10/25/2001 01:00 PM : 80d317bd1c3dbc5d4fe7b1678c60cadd [NoSig]
+-> C:\WINDOWS\system32\dllcache\ptilink.sys : 17 792 : 10/25/2001 01:00 PM : 80d317bd1c3dbc5d4fe7b1678c60cadd [Pos Repl]
* C:\WINDOWS\System32\drivers\rasacd.sys : 8 832 : 10/25/2001 01:00 PM : fe0d99d6f31e4fad8159f690d68ded9c [NoSig]
+-> C:\WINDOWS\system32\dllcache\rasacd.sys : 8 832 : 10/25/2001 01:00 PM : fe0d99d6f31e4fad8159f690d68ded9c [Pos Repl]
* C:\WINDOWS\System32\drivers\rasl2tp.sys : 51 328 : 04/14/2008 00:49 AM : 11b4a627bc9614b885c4969bfa5ff8a6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\rasl2tp.sys : 51 328 : 08/03/2004 11:14 PM : 98faeb4a4dcf812ba1c6fca4aa3e115c [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rasl2tp.sys : 51 328 : 04/14/2008 00:49 AM : 11b4a627bc9614b885c4969bfa5ff8a6 [Pos Repl]
* C:\WINDOWS\System32\drivers\raspppoe.sys : 41 472 : 04/14/2008 00:27 AM : 5bc962f2654137c9909c3d4603587dee [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\raspppoe.sys : 41 472 : 08/03/2004 11:05 PM : 7306eeed8895454cbed4669be9f79faa [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\raspppoe.sys : 41 472 : 04/14/2008 00:27 AM : 5bc962f2654137c9909c3d4603587dee [Pos Repl]
* C:\WINDOWS\System32\drivers\raspptp.sys : 48 384 : 04/14/2008 00:49 AM : efeec01b1d3cf84f16ddd24d9d9d8f99 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\raspptp.sys : 48 384 : 08/03/2004 11:14 PM : 1c5cc65aac0783c344f16353e60b72ac [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\raspptp.sys : 48 384 : 04/14/2008 00:49 AM : efeec01b1d3cf84f16ddd24d9d9d8f99 [Pos Repl]
* C:\WINDOWS\System32\drivers\raspti.sys : 16 512 : 10/25/2001 01:00 PM : fdbb1d60066fcfbb7452fd8f9829b242 [NoSig]
+-> C:\WINDOWS\system32\dllcache\raspti.sys : 16 512 : 10/25/2001 01:00 PM : fdbb1d60066fcfbb7452fd8f9829b242 [Pos Repl]
* C:\WINDOWS\System32\drivers\rawwan.sys : 34 432 : 10/25/2001 01:00 PM : 01524cd237223b18adbb48f70083f101 [NoSig]
+-> C:\WINDOWS\system32\dllcache\rawwan.sys : 34 432 : 10/25/2001 01:00 PM : 01524cd237223b18adbb48f70083f101 [Pos Repl]
* C:\WINDOWS\System32\drivers\rdbss.sys : 175 744 : 04/14/2008 00:58 AM : 7ad224ad1a1437fe28d89cf22b17780a [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\rdbss.sys : 176 512 : 08/03/2004 11:20 PM : 29d66245adba878fff574cd66abd2884 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rdbss.sys : 175 744 : 04/14/2008 00:58 AM : 7ad224ad1a1437fe28d89cf22b17780a [Pos Repl]
* C:\WINDOWS\System32\drivers\rdpcdd.sys : 4 224 : 10/25/2001 01:00 PM : 4912d5b403614ce99c28420f75353332 [NoSig]
+-> C:\WINDOWS\system32\dllcache\rdpcdd.sys : 4 224 : 10/25/2001 01:00 PM : 4912d5b403614ce99c28420f75353332 [Pos Repl]
* C:\WINDOWS\System32\drivers\rdpdr.sys : 196 224 : 04/14/2008 00:02 AM : 15cabd0f7c00c47c70124907916af3f1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\rdpdr.sys : 196 864 : 08/03/2004 11:01 PM : a2cae2c60bc37e0751ef9dda7ceaf4ad [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rdpdr.sys : 196 224 : 04/14/2008 00:02 AM : 15cabd0f7c00c47c70124907916af3f1 [Pos Repl]
* C:\WINDOWS\System32\drivers\redbook.sys : 58 496 : 04/14/2008 07:44 AM : 611bfd220305be3a85ae876ea47d4aa5 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\redbook.sys : 58 240 : 08/17/2004 03:43 PM : aba13d33e1f888c9a68599a48a8840d6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\redbook.sys : 58 496 : 04/14/2008 07:44 AM : 611bfd220305be3a85ae876ea47d4aa5 [Pos Repl]
* C:\WINDOWS\System32\drivers\rmcast.sys : 203 136 : 05/08/2008 03:02 PM : 96f7a9a7bf0c9c0440a967440065d33c [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys : 203 136 : 05/08/2008 02:58 PM : c711645c76b8ed87c021bf6165e52795 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\rmcast.sys : 200 064 : 10/25/2001 01:00 PM : 35e81b908ae4e97fc7bdf4607c516ff4 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys : 202 624 : 04/14/2008 00:25 AM : ecff394d65671efde5a872eb9ef4f2d5 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rmcast.sys : 202 624 : 04/14/2008 00:25 AM : ecff394d65671efde5a872eb9ef4f2d5 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\rmcast.sys : 203 136 : 05/08/2008 03:02 PM : 96f7a9a7bf0c9c0440a967440065d33c [Pos Repl]
* C:\WINDOWS\System32\drivers\rndismp.sys : 30 592 : 04/14/2008 00:26 AM : 601844cbcf617ff8c868130ca5b2039d [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\rndismp.sys : 30 080 : 08/03/2004 11:04 PM : 7ce8b277f3207ea82d7d22ad348befc6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\rndismp.sys : 30 592 : 04/14/2008 00:26 AM : 601844cbcf617ff8c868130ca5b2039d [Pos Repl]
* C:\WINDOWS\System32\drivers\rootmdm.sys : 5 888 : 10/25/2001 01:00 PM : d8b0b4ade32574b2d9c5cc34dc0dbbe7 [NoSig]
+-> C:\WINDOWS\system32\dllcache\rootmdm.sys : 5 888 : 10/25/2001 01:00 PM : d8b0b4ade32574b2d9c5cc34dc0dbbe7 [Pos Repl]
* C:\WINDOWS\System32\drivers\scsiport.sys : 96 384 : 04/14/2008 00:10 AM : 76c465f570e90c28942d52ccb2580a10 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\scsiport.sys : 96 256 : 08/03/2004 10:59 PM : d7fd0ff761e28ac0ea35ad71e0cd67e9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\scsiport.sys : 96 384 : 04/14/2008 00:10 AM : 76c465f570e90c28942d52ccb2580a10 [Pos Repl]
* C:\WINDOWS\System32\drivers\sdbus.sys : 79 232 : 04/14/2008 00:06 AM : 8d04819a3ce51b9eb47e5689b44d43c4 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sdbus.sys : 67 584 : 08/03/2004 11:07 PM : 02fc71b020ec8700ee8a46c58bc6f276 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sdbus.sys : 79 232 : 04/14/2008 00:06 AM : 8d04819a3ce51b9eb47e5689b44d43c4 [Pos Repl]
* C:\WINDOWS\System32\drivers\serenum.sys : 15 744 : 04/14/2008 00:10 AM : 0f29512ccd6bead730039fb4bd2c85ce [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\serenum.sys : 15 488 : 08/03/2004 10:59 PM : a2d868aeeff612e70e213c451a70cafb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\serenum.sys : 15 744 : 04/14/2008 00:10 AM : 0f29512ccd6bead730039fb4bd2c85ce [Pos Repl]
* C:\WINDOWS\System32\drivers\serial.sys : 64 256 : 04/14/2008 07:51 AM : b842729337c9b921615c40d3c1a1af96 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\serial.sys : 64 640 : 08/17/2004 03:44 PM : c1ddbc85251551a840212999da3d95f3 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\serial.sys : 64 256 : 04/14/2008 07:51 AM : b842729337c9b921615c40d3c1a1af96 [Pos Repl]
* C:\WINDOWS\System32\drivers\sffdisk.sys : 11 904 : 04/14/2008 00:10 AM : 0fa803c64df0914b41f807ea276bf2a6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sffdisk.sys : 11 136 : 08/03/2004 10:59 PM : 1d9f1bec651815741f088a8fb88e17ee [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sffdisk.sys : 11 904 : 04/14/2008 00:10 AM : 0fa803c64df0914b41f807ea276bf2a6 [Pos Repl]
* C:\WINDOWS\System32\drivers\sffp_sd.sys : 11 008 : 04/14/2008 00:10 AM : c17c331e435ed8737525c86a7557b3ac [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sffp_sd.sys : 10 240 : 08/03/2004 10:59 PM : 586499fd312ffd7f78553f408e71682e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sffp_sd.sys : 11 008 : 04/14/2008 00:10 AM : c17c331e435ed8737525c86a7557b3ac [Pos Repl]
* C:\WINDOWS\System32\drivers\sfloppy.sys : 11 392 : 04/14/2008 00:10 AM : 8e6b8c671615d126fdc553d1e2de5562 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys : 11 392 : 08/03/2004 10:59 PM : 0d13b6df6e9e101013a7afb0ce629fe0 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys : 11 392 : 04/14/2008 00:10 AM : 8e6b8c671615d126fdc553d1e2de5562 [Pos Repl]
* C:\WINDOWS\System32\drivers\smclib.sys : 14 592 : 10/25/2001 01:00 PM : 017daecf0ed3aa731313433601ec40fa [NoSig]
+-> C:\WINDOWS\system32\dllcache\smclib.sys : 14 592 : 10/25/2001 01:00 PM : 017daecf0ed3aa731313433601ec40fa [Pos Repl]
Re: Malware rootkit infekce
* C:\WINDOWS\System32\drivers\sonydcam.sys : 25 344 : 04/14/2008 00:16 AM : 489703624dac94ed943c2abda022a1cd [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sonydcam.sys : 25 472 : 08/03/2004 11:09 PM : addc9e4757a68ab60562ad3cb9c288d6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sonydcam.sys : 25 344 : 04/14/2008 00:16 AM : 489703624dac94ed943c2abda022a1cd [Pos Repl]
* C:\WINDOWS\System32\drivers\splitter.sys : 6 272 : 04/14/2008 00:15 AM : ab8b92451ecb048a4d1de7c3ffcb4a9f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\splitter.sys : 6 400 : 08/03/2004 11:07 PM : 8e186b8f23295d1e42c573b82b80d548 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\splitter.sys : 6 272 : 04/14/2008 00:15 AM : ab8b92451ecb048a4d1de7c3ffcb4a9f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\splitter.sys : 6 272 : 04/14/2008 00:15 AM : ab8b92451ecb048a4d1de7c3ffcb4a9f [Pos Repl]
* C:\WINDOWS\System32\drivers\sr.sys : 73 344 : 04/14/2008 08:11 AM : 94610c8653635e4459316a0050d55ce7 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sr.sys : 73 344 : 08/17/2004 03:45 PM : a74035ea526db97d9d50d2143a55f5cf [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sr.sys : 73 344 : 04/14/2008 08:11 AM : 94610c8653635e4459316a0050d55ce7 [Pos Repl]
* C:\WINDOWS\System32\drivers\srv.sys : 357 888 : 02/17/2011 02:18 PM : 47ddfc2f003f7f9f0592c6874962a2e7 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2345886\SP3QFE\srv.sys : 357 248 : 08/26/2010 02:37 PM : 70cd8b8dd2a680b128617c19eb0ab94f [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB2508429\SP3QFE\srv.sys : 357 888 : 02/17/2011 02:19 PM : 9b390283569ea58d43d2586032b892f5 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB958687\SP3QFE\srv.sys : 333 952 : 12/11/2008 01:33 PM : e89b42b216bc86ada4345908284519cb [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB971468\SP3QFE\srv.sys : 353 792 : 01/01/2010 08:58 AM : 30efed0c77d59ae0cacb0b5c756767ed [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB982214\SP3QFE\srv.sys : 354 304 : 06/21/2010 03:18 PM : 422e4508508015c7d12f40bf9763f158 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\srv.sys : 336 256 : 08/03/2004 11:14 PM : 20b7e396720353e4117d64d9dcb926ca [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2345886$\srv.sys : 354 304 : 06/21/2010 04:27 PM : da852e3e0bf1cea75d756f9866241e57 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2508429$\srv.sys : 357 248 : 08/26/2010 02:39 PM : 0f6aefad3641a657e18081f52d0c15af [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB958687$\srv.sys : 334 848 : 04/14/2008 00:45 AM : 5252605079810904e31c332e241cd59b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB971468$\srv.sys : 333 952 : 12/11/2008 11:57 AM : 3bb03f2ba89d2be417206c373d2af17c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB982214$\srv.sys : 353 792 : 12/31/2009 05:50 PM : 89220b427890aa1dffd1a02648ae51c3 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\srv.sys : 334 848 : 04/14/2008 00:45 AM : 5252605079810904e31c332e241cd59b [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\srv.sys : 357 888 : 02/17/2011 02:18 PM : 47ddfc2f003f7f9f0592c6874962a2e7 [Pos Repl]
* C:\WINDOWS\System32\drivers\stream.sys : 49 408 : 04/13/2008 11:15 PM : 3e5d89099ded9e86e5639f411693218f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\stream.sys : 48 640 : 08/03/2004 11:08 PM : c43356072eb3e88cd62958db10cead47 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\stream.sys : 49 408 : 04/14/2008 00:15 AM : 3e5d89099ded9e86e5639f411693218f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\stream.sys : 49 408 : 04/14/2008 00:15 AM : 3e5d89099ded9e86e5639f411693218f [Pos Repl]
* C:\WINDOWS\System32\drivers\swenum.sys : 4 352 : 04/14/2008 00:09 AM : 3941d127aef12e93addf6fe6ee027e0f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\swenum.sys : 4 352 : 08/03/2004 10:58 PM : 03c1bae4766e2450219d20b993d6e046 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\swenum.sys : 4 352 : 04/14/2008 00:09 AM : 3941d127aef12e93addf6fe6ee027e0f [Pos Repl]
* C:\WINDOWS\System32\drivers\swmidi.sys : 56 576 : 04/14/2008 00:15 AM : 8ce882bcc6cf8a62f2b2323d95cb3d01 [NoSig]
+-> C:\WINDOWS\ServicePackFiles\i386\swmidi.sys : 56 576 : 04/14/2008 00:15 AM : 8ce882bcc6cf8a62f2b2323d95cb3d01 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\swmidi.sys : 56 576 : 04/14/2008 00:15 AM : 8ce882bcc6cf8a62f2b2323d95cb3d01 [Pos Repl]
* C:\WINDOWS\System32\drivers\sysaudio.sys : 60 800 : 04/14/2008 00:45 AM : 8b83f3ed0f1688b4958f77cd6d2bf290 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sysaudio.sys : 60 800 : 08/03/2004 11:15 PM : 650ad082d46bac0e64c9c0e0928492fd [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sysaudio.sys : 60 800 : 04/14/2008 00:45 AM : 8b83f3ed0f1688b4958f77cd6d2bf290 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\sysaudio.sys : 60 800 : 04/14/2008 00:45 AM : 8b83f3ed0f1688b4958f77cd6d2bf290 [Pos Repl]
* C:\WINDOWS\System32\drivers\tape.sys : 14 976 : 04/14/2008 00:10 AM : fd6093e3decd925f1cffc8a0dd539d72 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tape.sys : 14 976 : 08/03/2004 11:00 PM : a2a9ca0d1a9ac1ff54220aa0789fe5cf [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tape.sys : 14 976 : 04/14/2008 00:10 AM : fd6093e3decd925f1cffc8a0dd539d72 [Pos Repl]
* C:\WINDOWS\System32\drivers\tcpip6.sys : 226 880 : 02/11/2010 01:02 PM : 4e53bbcc4be37d7a4bd6ef1098c89ff7 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys : 225 856 : 06/20/2008 12:16 AM : 026a94e4eb2960fdc96a447b5391d56a [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys : 225 856 : 06/20/2008 12:16 AM : 026a94e4eb2960fdc96a447b5391d56a [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB978338\SP3QFE\tcpip6.sys : 226 880 : 02/11/2010 12:36 AM : f4a3c6abe7818b1b53f58fa1adb605cd [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\tcpip6.sys : 223 616 : 08/03/2004 11:07 PM : 4d58bb1ae8841aafd8790ad7e1e3b8ea [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys : 225 664 : 04/14/2008 00:30 AM : aa7a55536096d646dc7ab0ac5641e9e8 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB978338$\tcpip6.sys : 225 856 : 06/20/2008 12:08 AM : fb9f32acc1d3ad523f7ec900b66fc1bb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tcpip6.sys : 225 664 : 04/14/2008 00:30 AM : aa7a55536096d646dc7ab0ac5641e9e8 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\tcpip6.sys : 226 880 : 02/11/2010 01:02 PM : 4e53bbcc4be37d7a4bd6ef1098c89ff7 [Pos Repl]
* C:\WINDOWS\System32\Drivers\tcpip.sys : 361 600 : 06/20/2008 12:51 AM : 9aefa14bd6b182d61e3119fa5f436d3d [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys : 361 600 : 06/20/2008 12:59 AM : ad978a1b783b5719720cff204b666c8e [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys : 361 600 : 06/20/2008 12:59 AM : ad978a1b783b5719720cff204b666c8e [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys : 359 040 : 08/03/2004 11:14 PM : 9f4b36614a0fc234525ba224957de55c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys : 361 344 : 04/14/2008 00:50 AM : 93ea8d04ec73a85db02eb8805988f733 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tcpip.sys : 361 344 : 04/14/2008 00:50 AM : 93ea8d04ec73a85db02eb8805988f733 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\tcpip.sys : 361 600 : 06/20/2008 12:51 AM : 9aefa14bd6b182d61e3119fa5f436d3d [Pos Repl]
* C:\WINDOWS\System32\drivers\tdi.sys : 19 072 : 04/14/2008 00:30 AM : 0539d5e53587f82d1b4fd74c5be205cf [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tdi.sys : 18 560 : 08/03/2004 11:07 PM : 6891b74ab9a016064e82a419388d0601 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tdi.sys : 19 072 : 04/14/2008 00:30 AM : 0539d5e53587f82d1b4fd74c5be205cf [Pos Repl]
* C:\WINDOWS\System32\drivers\tdpipe.sys : 12 040 : 04/14/2008 08:53 AM : 6471a66807f5e104e4885f5b67349397 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys : 12 040 : 08/17/2004 03:49 PM : 38d437cf2d98965f239b0abcd66dcb0f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys : 12 040 : 04/14/2008 08:53 AM : 6471a66807f5e104e4885f5b67349397 [Pos Repl]
* C:\WINDOWS\System32\drivers\tdtcp.sys : 21 896 : 04/14/2008 08:53 AM : c56b6d0402371cf3700eb322ef3aaf61 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys : 21 896 : 08/17/2004 03:49 PM : ed0580af02502d00ad8c4c066b156be9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys : 21 896 : 04/14/2008 08:53 AM : c56b6d0402371cf3700eb322ef3aaf61 [Pos Repl]
* C:\WINDOWS\System32\drivers\termdd.sys : 40 840 : 04/14/2008 08:53 AM : 88155247177638048422893737429d9e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\termdd.sys : 40 840 : 08/17/2004 03:49 PM : a540a99c281d933f3d69d55e48727f47 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\termdd.sys : 40 840 : 04/14/2008 08:53 AM : 88155247177638048422893737429d9e [Pos Repl]
* C:\WINDOWS\System32\drivers\tosdvd.sys : 51 712 : 10/25/2001 01:00 PM : 699450901c5ccfd82357cbc531cedd23 [NoSig]
* C:\WINDOWS\System32\drivers\tunmp.sys : 12 288 : 04/14/2008 00:26 AM : 8f861eda21c05857eb8197300a92501c [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tunmp.sys : 12 416 : 08/03/2004 11:03 PM : 87a0e9e18c10a9e454238e3330e2a26d [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tunmp.sys : 12 288 : 04/14/2008 00:26 AM : 8f861eda21c05857eb8197300a92501c [Pos Repl]
* C:\WINDOWS\System32\drivers\udfs.sys : 66 048 : 04/14/2008 00:02 AM : 5787b80c2e3c5e2f56c2a233d91fa2c9 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\udfs.sys : 66 176 : 08/03/2004 11:00 PM : 12f70256f140cd7d52c58c7048fde657 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\udfs.sys : 66 048 : 04/14/2008 00:02 AM : 5787b80c2e3c5e2f56c2a233d91fa2c9 [Pos Repl]
* C:\WINDOWS\System32\drivers\update.sys : 384 768 : 04/14/2008 00:09 AM : 402ddc88356b1bac0ee3dd1580c76a31 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\update.sys : 209 408 : 08/03/2004 10:58 PM : aff2e5045961bbc0a602bb6f95eb1345 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\update.sys : 384 768 : 04/14/2008 00:09 AM : 402ddc88356b1bac0ee3dd1580c76a31 [Pos Repl]
* C:\WINDOWS\System32\drivers\usbcamd2.sys : 25 728 : 04/14/2008 00:15 AM : ce97845d2e3f0d274b8bac1ed07c6149 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbcamd2.sys : 23 936 : 10/25/2001 01:00 PM : 61018ba9df6b63e51d9753c980e73ec2 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbcamd2.sys : 25 728 : 04/14/2008 00:15 AM : ce97845d2e3f0d274b8bac1ed07c6149 [Pos Repl]
* C:\WINDOWS\System32\drivers\usbcamd.sys : 25 600 : 04/14/2008 00:15 AM : 1c1a47b40c23358245aa8d0443b6935e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbcamd.sys : 23 808 : 10/25/2001 01:00 PM : 2654eecc6fb13603ebddcd5c8ea943d1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbcamd.sys : 25 600 : 04/14/2008 00:15 AM : 1c1a47b40c23358245aa8d0443b6935e [Pos Repl]
* C:\WINDOWS\System32\drivers\usbccgp.sys : 32 128 : 04/13/2008 11:15 PM : 173f317ce0db8e21322e71b7e60a27e8 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbccgp.sys : 31 616 : 08/03/2004 11:08 PM : bffd9f120cc63bcbaa3d840f3eef9f79 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\usbccgp.sys : 32 384 : 08/09/2013 01:55 AM : 1b611611c28d2df25bc057d79c6f13fc [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbccgp.sys : 32 128 : 04/14/2008 00:15 AM : 173f317ce0db8e21322e71b7e60a27e8 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbccgp.sys : 32 384 : 08/09/2013 01:55 AM : 1b611611c28d2df25bc057d79c6f13fc [Pos Repl]
* C:\WINDOWS\System32\drivers\usbd.sys : 4 736 : 10/25/2001 01:00 PM : 596eb39b50d6ebd9b734dc4ae0544693 [NoSig]
+-> C:\WINDOWS\Driver Cache\i386\usbd.sys : 5 376 : 08/09/2013 01:55 AM : 04fe5ef6ed4818ec4839ea5c611a6310 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbd.sys : 5 376 : 08/09/2013 01:55 AM : 04fe5ef6ed4818ec4839ea5c611a6310 [Pos Repl]
* C:\WINDOWS\System32\drivers\usbhub.sys : 59 520 : 04/14/2008 00:15 AM : 1ab3cdde553b6e064d2e754efe20285c [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbhub.sys : 57 600 : 08/03/2004 11:08 PM : c72f40947f92cea56a8fb532edf025f1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbhub.sys : 59 520 : 04/14/2008 00:15 AM : 1ab3cdde553b6e064d2e754efe20285c [Pos Repl]
* C:\WINDOWS\System32\drivers\usbintel.sys : 15 872 : 04/14/2008 00:15 AM : 290913dc4f1125e5a82de52579a44c43 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbintel.sys : 16 000 : 08/03/2004 11:08 PM : 2853fd4c4489e0f8bfcf78efcdb7e998 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbintel.sys : 15 872 : 04/14/2008 00:15 AM : 290913dc4f1125e5a82de52579a44c43 [Pos Repl]
* C:\WINDOWS\System32\drivers\usbport.sys : 143 872 : 04/14/2008 00:15 AM : 791912e524cc2cc6f50b5f2b52d1eb71 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbport.sys : 142 976 : 08/03/2004 11:08 PM : 2034ca78f9c6e787b4b76d81ac888351 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\usbport.sys : 144 128 : 08/09/2013 01:55 AM : 6df35ca139c3bc15cc74390abb114efe [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbport.sys : 143 872 : 04/14/2008 00:15 AM : 791912e524cc2cc6f50b5f2b52d1eb71 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbport.sys : 144 128 : 08/09/2013 01:55 AM : 6df35ca139c3bc15cc74390abb114efe [Pos Repl]
* C:\WINDOWS\System32\drivers\USBSTOR.sys : 26 368 : 04/14/2008 00:15 AM : a32426d9b14a089eaa1d922e0c5801a9 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys : 26 496 : 08/03/2004 11:08 PM : 6cd7b22193718f1d17a47a1cd6d37e75 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbstor.sys : 26 368 : 04/14/2008 00:15 AM : a32426d9b14a089eaa1d922e0c5801a9 [Pos Repl]
* C:\WINDOWS\System32\drivers\vga.sys : 20 992 : 04/14/2008 00:14 AM : 0d3a8fafceacd8b7625cd549757a7df1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\vga.sys : 20 992 : 08/03/2004 11:07 PM : 8a60edd72b4ea5aea8202daf0e427925 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\vga.sys : 20 992 : 04/14/2008 00:14 AM : 0d3a8fafceacd8b7625cd549757a7df1 [Pos Repl]
* C:\WINDOWS\System32\drivers\videoprt.sys : 81 664 : 04/14/2008 00:14 AM : e28726b72c46821a28830e077d39a55b [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\videoprt.sys : 79 744 : 08/03/2004 11:07 PM : d5a9d123f5ed7c9965a481bd20cf66d8 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\videoprt.sys : 81 664 : 04/14/2008 00:14 AM : e28726b72c46821a28830e077d39a55b [Pos Repl]
* C:\WINDOWS\System32\drivers\volsnap.sys : 52 480 : 04/14/2008 07:42 AM : 28a4b296b47782173c346e376cb374d1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys : 52 480 : 08/17/2004 03:44 PM : cd8cce067f7e9cbd762c00bdddecaa34 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\volsnap.sys : 52 480 : 04/14/2008 07:42 AM : 28a4b296b47782173c346e376cb374d1 [Pos Repl]
* C:\WINDOWS\System32\drivers\wanarp.sys : 34 560 : 04/14/2008 00:27 AM : e20b95baedb550f32dd489265c1da1f6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\wanarp.sys : 34 560 : 08/03/2004 11:04 PM : 984ef0b9788abf89974cfed4bfbaacbc [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wanarp.sys : 34 560 : 04/14/2008 00:27 AM : e20b95baedb550f32dd489265c1da1f6 [Pos Repl]
* C:\WINDOWS\System32\drivers\wdmaud.sys : 83 072 : 04/14/2008 00:47 AM : 6768acf64b18196494413695f0c3a00f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\wdmaud.sys : 82 944 : 08/03/2004 11:15 PM : 2797f33ebf50466020c430ee4f037933 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wdmaud.sys : 83 072 : 04/14/2008 00:47 AM : 6768acf64b18196494413695f0c3a00f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wdmaud.sys : 83 072 : 04/14/2008 00:47 AM : 6768acf64b18196494413695f0c3a00f [Pos Repl]
* C:\WINDOWS\System32\drivers\wmilib.sys : 4 352 : 10/25/2001 01:00 PM : 2f31b7f954bed437f2c75026c65caf7b [NoSig]
+-> C:\WINDOWS\system32\dllcache\wmilib.sys : 4 352 : 10/25/2001 01:00 PM : 2f31b7f954bed437f2c75026c65caf7b [Pos Repl]
* C:\WINDOWS\System32\drivers\ws2ifsl.sys : 12 032 : 10/25/2001 01:00 PM : 6abe6e225adb5a751622a9cc3bc19ce8 [NoSig]
+-> C:\WINDOWS\system32\dllcache\ws2ifsl.sys : 12 032 : 10/25/2001 01:00 PM : 6abe6e225adb5a751622a9cc3bc19ce8 [Pos Repl]
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 localhost
Program finished at: 11/25/2013 02:35:04 PM
Execution time: 0 hours(s), 1 minute(s), and 58 seconds(s)
+-> C:\WINDOWS\$NtServicePackUninstall$\sonydcam.sys : 25 472 : 08/03/2004 11:09 PM : addc9e4757a68ab60562ad3cb9c288d6 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sonydcam.sys : 25 344 : 04/14/2008 00:16 AM : 489703624dac94ed943c2abda022a1cd [Pos Repl]
* C:\WINDOWS\System32\drivers\splitter.sys : 6 272 : 04/14/2008 00:15 AM : ab8b92451ecb048a4d1de7c3ffcb4a9f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\splitter.sys : 6 400 : 08/03/2004 11:07 PM : 8e186b8f23295d1e42c573b82b80d548 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\splitter.sys : 6 272 : 04/14/2008 00:15 AM : ab8b92451ecb048a4d1de7c3ffcb4a9f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\splitter.sys : 6 272 : 04/14/2008 00:15 AM : ab8b92451ecb048a4d1de7c3ffcb4a9f [Pos Repl]
* C:\WINDOWS\System32\drivers\sr.sys : 73 344 : 04/14/2008 08:11 AM : 94610c8653635e4459316a0050d55ce7 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sr.sys : 73 344 : 08/17/2004 03:45 PM : a74035ea526db97d9d50d2143a55f5cf [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sr.sys : 73 344 : 04/14/2008 08:11 AM : 94610c8653635e4459316a0050d55ce7 [Pos Repl]
* C:\WINDOWS\System32\drivers\srv.sys : 357 888 : 02/17/2011 02:18 PM : 47ddfc2f003f7f9f0592c6874962a2e7 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2345886\SP3QFE\srv.sys : 357 248 : 08/26/2010 02:37 PM : 70cd8b8dd2a680b128617c19eb0ab94f [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB2508429\SP3QFE\srv.sys : 357 888 : 02/17/2011 02:19 PM : 9b390283569ea58d43d2586032b892f5 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB958687\SP3QFE\srv.sys : 333 952 : 12/11/2008 01:33 PM : e89b42b216bc86ada4345908284519cb [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB971468\SP3QFE\srv.sys : 353 792 : 01/01/2010 08:58 AM : 30efed0c77d59ae0cacb0b5c756767ed [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB982214\SP3QFE\srv.sys : 354 304 : 06/21/2010 03:18 PM : 422e4508508015c7d12f40bf9763f158 [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\srv.sys : 336 256 : 08/03/2004 11:14 PM : 20b7e396720353e4117d64d9dcb926ca [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2345886$\srv.sys : 354 304 : 06/21/2010 04:27 PM : da852e3e0bf1cea75d756f9866241e57 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB2508429$\srv.sys : 357 248 : 08/26/2010 02:39 PM : 0f6aefad3641a657e18081f52d0c15af [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB958687$\srv.sys : 334 848 : 04/14/2008 00:45 AM : 5252605079810904e31c332e241cd59b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB971468$\srv.sys : 333 952 : 12/11/2008 11:57 AM : 3bb03f2ba89d2be417206c373d2af17c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB982214$\srv.sys : 353 792 : 12/31/2009 05:50 PM : 89220b427890aa1dffd1a02648ae51c3 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\srv.sys : 334 848 : 04/14/2008 00:45 AM : 5252605079810904e31c332e241cd59b [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\srv.sys : 357 888 : 02/17/2011 02:18 PM : 47ddfc2f003f7f9f0592c6874962a2e7 [Pos Repl]
* C:\WINDOWS\System32\drivers\stream.sys : 49 408 : 04/13/2008 11:15 PM : 3e5d89099ded9e86e5639f411693218f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\stream.sys : 48 640 : 08/03/2004 11:08 PM : c43356072eb3e88cd62958db10cead47 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\stream.sys : 49 408 : 04/14/2008 00:15 AM : 3e5d89099ded9e86e5639f411693218f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\stream.sys : 49 408 : 04/14/2008 00:15 AM : 3e5d89099ded9e86e5639f411693218f [Pos Repl]
* C:\WINDOWS\System32\drivers\swenum.sys : 4 352 : 04/14/2008 00:09 AM : 3941d127aef12e93addf6fe6ee027e0f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\swenum.sys : 4 352 : 08/03/2004 10:58 PM : 03c1bae4766e2450219d20b993d6e046 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\swenum.sys : 4 352 : 04/14/2008 00:09 AM : 3941d127aef12e93addf6fe6ee027e0f [Pos Repl]
* C:\WINDOWS\System32\drivers\swmidi.sys : 56 576 : 04/14/2008 00:15 AM : 8ce882bcc6cf8a62f2b2323d95cb3d01 [NoSig]
+-> C:\WINDOWS\ServicePackFiles\i386\swmidi.sys : 56 576 : 04/14/2008 00:15 AM : 8ce882bcc6cf8a62f2b2323d95cb3d01 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\swmidi.sys : 56 576 : 04/14/2008 00:15 AM : 8ce882bcc6cf8a62f2b2323d95cb3d01 [Pos Repl]
* C:\WINDOWS\System32\drivers\sysaudio.sys : 60 800 : 04/14/2008 00:45 AM : 8b83f3ed0f1688b4958f77cd6d2bf290 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sysaudio.sys : 60 800 : 08/03/2004 11:15 PM : 650ad082d46bac0e64c9c0e0928492fd [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sysaudio.sys : 60 800 : 04/14/2008 00:45 AM : 8b83f3ed0f1688b4958f77cd6d2bf290 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\sysaudio.sys : 60 800 : 04/14/2008 00:45 AM : 8b83f3ed0f1688b4958f77cd6d2bf290 [Pos Repl]
* C:\WINDOWS\System32\drivers\tape.sys : 14 976 : 04/14/2008 00:10 AM : fd6093e3decd925f1cffc8a0dd539d72 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tape.sys : 14 976 : 08/03/2004 11:00 PM : a2a9ca0d1a9ac1ff54220aa0789fe5cf [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tape.sys : 14 976 : 04/14/2008 00:10 AM : fd6093e3decd925f1cffc8a0dd539d72 [Pos Repl]
* C:\WINDOWS\System32\drivers\tcpip6.sys : 226 880 : 02/11/2010 01:02 PM : 4e53bbcc4be37d7a4bd6ef1098c89ff7 [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys : 225 856 : 06/20/2008 12:16 AM : 026a94e4eb2960fdc96a447b5391d56a [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys : 225 856 : 06/20/2008 12:16 AM : 026a94e4eb2960fdc96a447b5391d56a [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB978338\SP3QFE\tcpip6.sys : 226 880 : 02/11/2010 12:36 AM : f4a3c6abe7818b1b53f58fa1adb605cd [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\tcpip6.sys : 223 616 : 08/03/2004 11:07 PM : 4d58bb1ae8841aafd8790ad7e1e3b8ea [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys : 225 664 : 04/14/2008 00:30 AM : aa7a55536096d646dc7ab0ac5641e9e8 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB978338$\tcpip6.sys : 225 856 : 06/20/2008 12:08 AM : fb9f32acc1d3ad523f7ec900b66fc1bb [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tcpip6.sys : 225 664 : 04/14/2008 00:30 AM : aa7a55536096d646dc7ab0ac5641e9e8 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\tcpip6.sys : 226 880 : 02/11/2010 01:02 PM : 4e53bbcc4be37d7a4bd6ef1098c89ff7 [Pos Repl]
* C:\WINDOWS\System32\Drivers\tcpip.sys : 361 600 : 06/20/2008 12:51 AM : 9aefa14bd6b182d61e3119fa5f436d3d [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys : 361 600 : 06/20/2008 12:59 AM : ad978a1b783b5719720cff204b666c8e [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys : 361 600 : 06/20/2008 12:59 AM : ad978a1b783b5719720cff204b666c8e [Pos Repl]
+-> C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys : 359 040 : 08/03/2004 11:14 PM : 9f4b36614a0fc234525ba224957de55c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys : 361 344 : 04/14/2008 00:50 AM : 93ea8d04ec73a85db02eb8805988f733 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tcpip.sys : 361 344 : 04/14/2008 00:50 AM : 93ea8d04ec73a85db02eb8805988f733 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\tcpip.sys : 361 600 : 06/20/2008 12:51 AM : 9aefa14bd6b182d61e3119fa5f436d3d [Pos Repl]
* C:\WINDOWS\System32\drivers\tdi.sys : 19 072 : 04/14/2008 00:30 AM : 0539d5e53587f82d1b4fd74c5be205cf [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tdi.sys : 18 560 : 08/03/2004 11:07 PM : 6891b74ab9a016064e82a419388d0601 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tdi.sys : 19 072 : 04/14/2008 00:30 AM : 0539d5e53587f82d1b4fd74c5be205cf [Pos Repl]
* C:\WINDOWS\System32\drivers\tdpipe.sys : 12 040 : 04/14/2008 08:53 AM : 6471a66807f5e104e4885f5b67349397 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys : 12 040 : 08/17/2004 03:49 PM : 38d437cf2d98965f239b0abcd66dcb0f [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys : 12 040 : 04/14/2008 08:53 AM : 6471a66807f5e104e4885f5b67349397 [Pos Repl]
* C:\WINDOWS\System32\drivers\tdtcp.sys : 21 896 : 04/14/2008 08:53 AM : c56b6d0402371cf3700eb322ef3aaf61 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys : 21 896 : 08/17/2004 03:49 PM : ed0580af02502d00ad8c4c066b156be9 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys : 21 896 : 04/14/2008 08:53 AM : c56b6d0402371cf3700eb322ef3aaf61 [Pos Repl]
* C:\WINDOWS\System32\drivers\termdd.sys : 40 840 : 04/14/2008 08:53 AM : 88155247177638048422893737429d9e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\termdd.sys : 40 840 : 08/17/2004 03:49 PM : a540a99c281d933f3d69d55e48727f47 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\termdd.sys : 40 840 : 04/14/2008 08:53 AM : 88155247177638048422893737429d9e [Pos Repl]
* C:\WINDOWS\System32\drivers\tosdvd.sys : 51 712 : 10/25/2001 01:00 PM : 699450901c5ccfd82357cbc531cedd23 [NoSig]
* C:\WINDOWS\System32\drivers\tunmp.sys : 12 288 : 04/14/2008 00:26 AM : 8f861eda21c05857eb8197300a92501c [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\tunmp.sys : 12 416 : 08/03/2004 11:03 PM : 87a0e9e18c10a9e454238e3330e2a26d [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\tunmp.sys : 12 288 : 04/14/2008 00:26 AM : 8f861eda21c05857eb8197300a92501c [Pos Repl]
* C:\WINDOWS\System32\drivers\udfs.sys : 66 048 : 04/14/2008 00:02 AM : 5787b80c2e3c5e2f56c2a233d91fa2c9 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\udfs.sys : 66 176 : 08/03/2004 11:00 PM : 12f70256f140cd7d52c58c7048fde657 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\udfs.sys : 66 048 : 04/14/2008 00:02 AM : 5787b80c2e3c5e2f56c2a233d91fa2c9 [Pos Repl]
* C:\WINDOWS\System32\drivers\update.sys : 384 768 : 04/14/2008 00:09 AM : 402ddc88356b1bac0ee3dd1580c76a31 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\update.sys : 209 408 : 08/03/2004 10:58 PM : aff2e5045961bbc0a602bb6f95eb1345 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\update.sys : 384 768 : 04/14/2008 00:09 AM : 402ddc88356b1bac0ee3dd1580c76a31 [Pos Repl]
* C:\WINDOWS\System32\drivers\usbcamd2.sys : 25 728 : 04/14/2008 00:15 AM : ce97845d2e3f0d274b8bac1ed07c6149 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbcamd2.sys : 23 936 : 10/25/2001 01:00 PM : 61018ba9df6b63e51d9753c980e73ec2 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbcamd2.sys : 25 728 : 04/14/2008 00:15 AM : ce97845d2e3f0d274b8bac1ed07c6149 [Pos Repl]
* C:\WINDOWS\System32\drivers\usbcamd.sys : 25 600 : 04/14/2008 00:15 AM : 1c1a47b40c23358245aa8d0443b6935e [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbcamd.sys : 23 808 : 10/25/2001 01:00 PM : 2654eecc6fb13603ebddcd5c8ea943d1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbcamd.sys : 25 600 : 04/14/2008 00:15 AM : 1c1a47b40c23358245aa8d0443b6935e [Pos Repl]
* C:\WINDOWS\System32\drivers\usbccgp.sys : 32 128 : 04/13/2008 11:15 PM : 173f317ce0db8e21322e71b7e60a27e8 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbccgp.sys : 31 616 : 08/03/2004 11:08 PM : bffd9f120cc63bcbaa3d840f3eef9f79 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\usbccgp.sys : 32 384 : 08/09/2013 01:55 AM : 1b611611c28d2df25bc057d79c6f13fc [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbccgp.sys : 32 128 : 04/14/2008 00:15 AM : 173f317ce0db8e21322e71b7e60a27e8 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbccgp.sys : 32 384 : 08/09/2013 01:55 AM : 1b611611c28d2df25bc057d79c6f13fc [Pos Repl]
* C:\WINDOWS\System32\drivers\usbd.sys : 4 736 : 10/25/2001 01:00 PM : 596eb39b50d6ebd9b734dc4ae0544693 [NoSig]
+-> C:\WINDOWS\Driver Cache\i386\usbd.sys : 5 376 : 08/09/2013 01:55 AM : 04fe5ef6ed4818ec4839ea5c611a6310 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbd.sys : 5 376 : 08/09/2013 01:55 AM : 04fe5ef6ed4818ec4839ea5c611a6310 [Pos Repl]
* C:\WINDOWS\System32\drivers\usbhub.sys : 59 520 : 04/14/2008 00:15 AM : 1ab3cdde553b6e064d2e754efe20285c [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbhub.sys : 57 600 : 08/03/2004 11:08 PM : c72f40947f92cea56a8fb532edf025f1 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbhub.sys : 59 520 : 04/14/2008 00:15 AM : 1ab3cdde553b6e064d2e754efe20285c [Pos Repl]
* C:\WINDOWS\System32\drivers\usbintel.sys : 15 872 : 04/14/2008 00:15 AM : 290913dc4f1125e5a82de52579a44c43 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbintel.sys : 16 000 : 08/03/2004 11:08 PM : 2853fd4c4489e0f8bfcf78efcdb7e998 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbintel.sys : 15 872 : 04/14/2008 00:15 AM : 290913dc4f1125e5a82de52579a44c43 [Pos Repl]
* C:\WINDOWS\System32\drivers\usbport.sys : 143 872 : 04/14/2008 00:15 AM : 791912e524cc2cc6f50b5f2b52d1eb71 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbport.sys : 142 976 : 08/03/2004 11:08 PM : 2034ca78f9c6e787b4b76d81ac888351 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\usbport.sys : 144 128 : 08/09/2013 01:55 AM : 6df35ca139c3bc15cc74390abb114efe [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbport.sys : 143 872 : 04/14/2008 00:15 AM : 791912e524cc2cc6f50b5f2b52d1eb71 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbport.sys : 144 128 : 08/09/2013 01:55 AM : 6df35ca139c3bc15cc74390abb114efe [Pos Repl]
* C:\WINDOWS\System32\drivers\USBSTOR.sys : 26 368 : 04/14/2008 00:15 AM : a32426d9b14a089eaa1d922e0c5801a9 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys : 26 496 : 08/03/2004 11:08 PM : 6cd7b22193718f1d17a47a1cd6d37e75 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\usbstor.sys : 26 368 : 04/14/2008 00:15 AM : a32426d9b14a089eaa1d922e0c5801a9 [Pos Repl]
* C:\WINDOWS\System32\drivers\vga.sys : 20 992 : 04/14/2008 00:14 AM : 0d3a8fafceacd8b7625cd549757a7df1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\vga.sys : 20 992 : 08/03/2004 11:07 PM : 8a60edd72b4ea5aea8202daf0e427925 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\vga.sys : 20 992 : 04/14/2008 00:14 AM : 0d3a8fafceacd8b7625cd549757a7df1 [Pos Repl]
* C:\WINDOWS\System32\drivers\videoprt.sys : 81 664 : 04/14/2008 00:14 AM : e28726b72c46821a28830e077d39a55b [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\videoprt.sys : 79 744 : 08/03/2004 11:07 PM : d5a9d123f5ed7c9965a481bd20cf66d8 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\videoprt.sys : 81 664 : 04/14/2008 00:14 AM : e28726b72c46821a28830e077d39a55b [Pos Repl]
* C:\WINDOWS\System32\drivers\volsnap.sys : 52 480 : 04/14/2008 07:42 AM : 28a4b296b47782173c346e376cb374d1 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys : 52 480 : 08/17/2004 03:44 PM : cd8cce067f7e9cbd762c00bdddecaa34 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\volsnap.sys : 52 480 : 04/14/2008 07:42 AM : 28a4b296b47782173c346e376cb374d1 [Pos Repl]
* C:\WINDOWS\System32\drivers\wanarp.sys : 34 560 : 04/14/2008 00:27 AM : e20b95baedb550f32dd489265c1da1f6 [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\wanarp.sys : 34 560 : 08/03/2004 11:04 PM : 984ef0b9788abf89974cfed4bfbaacbc [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wanarp.sys : 34 560 : 04/14/2008 00:27 AM : e20b95baedb550f32dd489265c1da1f6 [Pos Repl]
* C:\WINDOWS\System32\drivers\wdmaud.sys : 83 072 : 04/14/2008 00:47 AM : 6768acf64b18196494413695f0c3a00f [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\wdmaud.sys : 82 944 : 08/03/2004 11:15 PM : 2797f33ebf50466020c430ee4f037933 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\wdmaud.sys : 83 072 : 04/14/2008 00:47 AM : 6768acf64b18196494413695f0c3a00f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wdmaud.sys : 83 072 : 04/14/2008 00:47 AM : 6768acf64b18196494413695f0c3a00f [Pos Repl]
* C:\WINDOWS\System32\drivers\wmilib.sys : 4 352 : 10/25/2001 01:00 PM : 2f31b7f954bed437f2c75026c65caf7b [NoSig]
+-> C:\WINDOWS\system32\dllcache\wmilib.sys : 4 352 : 10/25/2001 01:00 PM : 2f31b7f954bed437f2c75026c65caf7b [Pos Repl]
* C:\WINDOWS\System32\drivers\ws2ifsl.sys : 12 032 : 10/25/2001 01:00 PM : 6abe6e225adb5a751622a9cc3bc19ce8 [NoSig]
+-> C:\WINDOWS\system32\dllcache\ws2ifsl.sys : 12 032 : 10/25/2001 01:00 PM : 6abe6e225adb5a751622a9cc3bc19ce8 [Pos Repl]
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 localhost
Program finished at: 11/25/2013 02:35:04 PM
Execution time: 0 hours(s), 1 minute(s), and 58 seconds(s)
Re: Malware rootkit infekce
LOG z ComboFIXu:
ComboFix 13-11-23.02 - Jakoub 25.11.2013 14:39:48.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1918.1304 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jakoub\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
c:\windows\system32\SET106.tmp
c:\windows\system32\SET107.tmp
c:\windows\system32\SET108.tmp
c:\windows\system32\SET109.tmp
c:\windows\system32\SET10A.tmp
c:\windows\system32\SET10B.tmp
c:\windows\system32\SET118.tmp
c:\windows\system32\SET11A.tmp
c:\windows\system32\SET121.tmp
c:\windows\system32\SETF1.tmp
c:\windows\system32\SETFD.tmp
c:\windows\system32\UNWISE.EXE
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_mv2
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-25 do 2013-11-25 )))))))))))))))))))))))))))))))
.
.
2013-11-25 13:31 . 2013-11-25 13:31 -------- d--h--w- c:\windows\PIF
2013-11-25 12:16 . 2013-11-25 13:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2013-11-25 12:14 . 2013-11-25 12:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Adobe
2013-11-25 12:14 . 2013-11-25 12:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Temp
2013-11-25 11:15 . 2013-11-25 11:15 -------- d-----w- C:\rsit
2013-11-25 11:15 . 2013-11-25 11:15 -------- d-----w- c:\program files\trend micro
2013-11-25 09:11 . 2013-11-25 12:15 47064 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-11-24 23:53 . 2013-11-25 12:16 105176 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-11-24 16:47 . 2013-11-24 16:47 1498112 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll
2013-11-10 21:58 . 2013-11-10 21:58 -------- d-----w- c:\documents and settings\Jakoub\Local Settings\Data aplikací\cache
2013-11-10 21:58 . 2013-11-11 08:07 -------- d-----w- c:\documents and settings\Jakoub\Local Settings\Data aplikací\Mobogenie
2013-11-10 21:57 . 2013-11-10 22:05 -------- d-----w- c:\program files\Mobogenie
2013-11-10 21:57 . 2013-11-10 21:57 -------- d-----w- c:\program files\SimilarSites
2013-11-10 21:57 . 2013-11-10 21:57 -------- d-----w- c:\documents and settings\Jakoub\Data aplikací\SimilarSites
2013-11-04 20:52 . 2013-11-04 20:52 -------- d-----w- c:\program files\Recover Files
2013-10-30 20:32 . 2013-10-30 20:32 -------- d-----w- c:\program files\Common Files\EZB Systems
2013-10-28 18:45 . 2013-10-30 20:32 -------- d-----w- c:\program files\UltraISO
2013-10-28 18:44 . 2013-10-28 18:44 -------- d-----w- c:\documents and settings\Jakoub\Data aplikací\ImgBurn
2013-10-28 18:40 . 2013-10-28 18:40 -------- d-----w- c:\program files\ImgBurn
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-13 07:56 . 2002-09-20 17:05 841216 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:56 . 2009-12-23 18:09 78336 ------w- c:\windows\system32\ieencode.dll
2013-10-13 07:56 . 2002-09-20 17:05 1830912 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:56 . 2001-10-25 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2013-10-12 15:57 . 2002-09-20 17:04 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 17:38 . 2012-06-13 13:59 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-09 17:38 . 2011-05-15 18:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 17:38 . 2013-06-12 15:37 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-09 13:13 . 2002-09-20 17:03 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-08 05:50 . 2013-10-20 16:18 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-08 05:29 . 2012-06-14 09:35 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-07 11:00 . 2002-09-20 17:03 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:42 . 2008-05-05 06:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-01 09:33 . 2012-10-15 16:06 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-09-04 13:47 . 2007-10-04 07:12 1024000 ----a-w- c:\windows\system32\ieframe.dll.mui
2013-08-29 07:01 . 2002-09-20 16:41 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-29 00:56 . 2010-05-30 18:53 26240 ----a-w- c:\windows\system32\drivers\usbser.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\kbdclass.sys
[-] 2004-08-17 . 6F877BF8DC01A550CD666F3BEDB2213C . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
.
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-17 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2004-08-17 . AF342D2781225A8769686E0D47E3123E . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll
.
[-] 2008-04-14 07:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 07:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2004-08-17 14:49 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-17 . E774A26610EC92674273486612C11CFC . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
.
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2004-08-17 . 21B6FAA88044A41640E03EBB68BE93E8 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-03 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2004-08-17 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2004-08-17 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2002-09-20 . D12F83B2037A01BB97A97F3EA54DD71F . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
[-] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-17 . 70D2A1756F4B2067658A186C963FCABD . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 07:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 07:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2004-08-17 14:49 . 972378B907070F64932A87C90A035487 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-17 . 2413635113361E54B62F0C40E4E4DAE6 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2004-08-17 . EE1F842DB2AE412136643B0814D770A6 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-17 . BFE8DC7AAE7CB1C86243D77B340DC304 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-17 . 91CC3E4CCDBBF8E224182C76C87E454F . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-17 . AB47015B67531572BE46C0C08222C84C . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2002-08-29 . 1B2C477D8847E4123DD8761D2E9008F7 . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll
[-] 2001-10-25 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
.
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-17 . 64C078BD4EFD441C3F159EDC5EA4420A . 247296 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-17 . 2591CADAEF7D2242039255028E577688 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-17 . 134B95A1D8FAFD74A68E4B2116DEFA7D . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-17 . 07119058D451CB7EA4317BCFDA8599A6 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-17 . 6CC2D21488333133AE0C9F44F6051CB7 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-17 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2004-08-17 . 37162D29CD61519E6F5EA0DE99786FF6 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2004-08-17 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-17 . 836F7960362FF95C5D49E40B891F2CFC . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-17 . 382E9B87F1282E697C67AF84E34E35E2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-17 . C2B86666FC44B48903AD6016D15A23DF . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2004-08-17 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2004-08-17 . FC727882241CD48E243868DD8401AB60 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-17 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 54A6BF743E0517528A5064CEAEB40EA7 . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2004-08-17 . 8BA76BD2A943F642F267A296A15776D2 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
.
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msimg32.dll
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . c:\windows\system32\msimg32.dll
[-] 2004-08-17 . 227163195E9495BD99C915EF5F42445C . 4608 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msimg32.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
[-] 2004-08-17 . 93F75FF033BAA186D08115D73BFE3D32 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-17 . 9B835D4C64860B155A1701D5092EC9E4 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[-] 2010-12-09 . AB5CE6ECA795C0AAD55D6584293D7B51 . 713216 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
[-] 2010-12-09 . 0A12141F94F9C7A478AF490454320E97 . 713216 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
[-] 2010-12-09 . 0A12141F94F9C7A478AF490454320E97 . 713216 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll
[-] 2009-02-09 . AAD43A0B688335A38807CEEAC70DD3EE . 710144 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
[-] 2009-02-09 . 342F3C858DFEFC3A0722DADEA3F3EAAB . 709632 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll
[-] 2008-04-14 . 61F18E4177B5E1C74CA45A0052AD8197 . 700928 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll
[-] 2008-04-14 . 61F18E4177B5E1C74CA45A0052AD8197 . 700928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll
[-] 2004-08-17 . 24B856F2FA9CBA678E067B398EAC1BED . 702976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntdll.dll
.
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\msctfime.ime
[-] 2004-08-17 . 93B9E2450B9E5D7F650C72B6E05FD81E . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-17 . 6EB66066D5C0175320CFEA0A4C74C88F . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-17 . 5CA2E2BA624D6F2C7A581C91E70394CB . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-03 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-17 . 5B21208FCF8970BB61FE98E19D828714 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-17 . 29AC93307C6182DBE336BCA314947F28 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-17 . 88C28F53F53438DAFCD95E99C837C61E . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-17 . 2F5919F2F6EE7A845893D9C3AA2BC56A . 295936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2004-08-17 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-17 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-03 21:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[-] 2010-09-18 07:18 . 2BC3ED47ACB42F664D5D1D247F2553AA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 07:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 07:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2001-10-25 12:00 . A9D81C87BEF253D4CE3A5F8CEE2526C4 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-17 . 8B2FCBD881879B55BE40B41F12FFC431 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[-] 2008-04-14 07:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 07:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-17 14:49 . D8D2B13BA93AE830B1A637DF571D1195 . 435712 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2004-08-17 . 984FC1518B0D5B31D76F0E63608E0500 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-17 . 8ECC475F5BAD26DB85943F888D62E364 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-17 . A19F5837E52D57DB66D9DB55BFCC7796 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-17 . 0F9A5DD4503E82B085D8B1336B961A81 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[-] 2008-04-14 07:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 07:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-17 14:49 . 33F14F23DFAE4B43CDD4E535CD7C1963 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
[-] 2004-08-17 . 6C08FF4B76506676617E03C34ECCFB11 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-17 . E472BDA53A4DCD2142143AF9FD25C99A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-17 . 2CEEBB402187AE56B585701F3D191FB3 . 176128 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2004-08-17 . 0645CCDDDD27F96EEA3534C1DEF736D9 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2004-08-17 . B356DD67178B22A8C2FBD47316CCB43B . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2004-08-17 . 630A1012AF129918D2E2D70727D69351 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
.
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[-] 2004-08-17 . B75F372796170EBD15DF35AE9963BFB8 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1BingDesktopOverlays]
@="{B82655E9-B81D-4A97-8154-0D84A4C048E4}"
[HKEY_CLASSES_ROOT\CLSID\{B82655E9-B81D-4A97-8154-0D84A4C048E4}]
2013-11-24 16:47 1739264 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mam2Pan"="Mam2Pan.Exe" [2008-04-11 561152]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2012-10-01 07:22 66360 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jakoub^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\Jakoub\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jakoub^Nabídka Start^Programy^Po spuštění^Jabbim.lnk]
path=c:\documents and settings\Jakoub\Nabídka Start\Programy\Po spuštění\Jabbim.lnk
backup=c:\windows\pss\Jabbim.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-04-03 22:29 165784 ----a-w- c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2012-10-06 08:16 1843512 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-04 19:54 136176 ----atw- c:\documents and settings\Jakoub\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator]
2012-11-18 15:36 89888 ----a-w- c:\program files\HDD Regenerator\Shell.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 05:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-06-16 05:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
2013-10-15 08:37 735936 ----a-w- c:\program files\Mobogenie\DaemonProcess.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter]
2004-03-31 13:23 823296 -c--a-w- c:\program files\NetLimiter\NetLimiter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2011-06-16 13:21 1500160 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08 417792 -c--a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-08-14 06:08 18702336 -c--a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2010-06-08 03:15 618496 ----a-w- c:\windows\Samsung\PanelMgr\SSMMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-06-21 07:58 19875432 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UxTuneUp"=3 (0x3)
"TuneUp.Defrag"=3 (0x3)
"SwPrv"=3 (0x3)
"ose"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"EapHost"=3 (0x3)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"Ati HotKey Poller"=3 (0x3)
"Adobe LM Service"=3 (0x3)
"hddrsrv"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.12.2009 19:25 682232]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\drivers\NSHE.SYS [24.5.2013 9:33 97792]
R2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [3.3.2011 1:29 6016]
R3 MAM2_01;Service for Maya44 MKII 1;c:\windows\system32\drivers\Mam2Wdm.sys [4.10.2008 14:00 22880]
R3 MAM2_AA;Service for Maya44 MKII Audio Driver (EWDM);c:\windows\system32\drivers\Mam2.sys [4.10.2008 14:00 28544]
S1 pdhfqgxs;pdhfqgxs;\??\c:\windows\system32\drivers\pdhfqgxs.sys --> c:\windows\system32\drivers\pdhfqgxs.sys [?]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [15.10.2012 16:56 12216]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [21.6.2013 8:53 162408]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [23.12.2009 21:36 1684736]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [22.6.2013 9:58 83864]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 flash;flash;c:\windows\system32\drivers\flash.sys [21.7.2010 20:22 8064]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [18.9.2012 10:32 43704]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [18.9.2012 10:32 12216]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [9.9.2011 11:43 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [9.9.2011 11:43 8576]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [22.6.2013 9:58 181912]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 6:24 10064]
S4 hddrsrv;hddrsrv;c:\program files\HDD Regenerator\hrsrv.exe [18.11.2012 16:36 81696]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2.2.2010 11:21 1043784]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - POLICYAGENT
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 17:38]
.
2013-11-25 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2010-02-02 10:28]
.
2013-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-30 21:51]
.
2013-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-30 21:51]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.tipcars.com/applications/a_start.ph ... 9535159000
uInternet Settings,ProxyServer = proxy.mendelu.cz:5555
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\TRANSLATOR\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\TRANSLATOR\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\TRANSLATOR\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\TRANSLATOR\WEBIE.DLL
TCP: Interfaces\{75688A86-0FB7-4570-BC1B-D4388AD84A7D}: NameServer = 10.0.0.138
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Jakoub\Data aplikací\Mozilla\Firefox\Profiles\v0slojlx.default-1350242178437\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Acrobat Assistant 7 - c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-ASUS Ai Charger - c:\program files\ASUS\ASUS Ai Charger\AiChargerAP.exe
MSConfigStartUp-Badoo Desktop - c:\documents and settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe
MSConfigStartUp-F - c:\documents and settings\Jakoub\Local Settings\Apps\F.lux\flux.exe
MSConfigStartUp-Facebook Update - c:\documents and settings\Jakoub\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
MSConfigStartUp-Norton SystemWorks - c:\program files\Norton SystemWorks\cfgwiz.exe
MSConfigStartUp-NtVdmSrv - c:\windows\inf\ntvdm.vbe
MSConfigStartUp-Symantec NetDriver Monitor - c:\progra~1\SYMNET~1\SNDMon.exe
AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-25 14:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(848)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(3264)
c:\documents and settings\All Users\Data aplikací\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll
c:\windows\system32\msi.dll
c:\documents and settings\All Users\Data aplikací\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\netdde.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\Mam2Pan.Exe
.
**************************************************************************
.
Celkový čas: 2013-11-25 14:50:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-25 13:50
.
Před spuštěním: Volných bajtů: 40 798 212 096
Po spuštění: Volných bajtů: 40 979 111 936
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - E8ADBD58CE76B51BBE1B2CC66A568B52
413FC2A0C716421B3158746D63736515
ComboFix 13-11-23.02 - Jakoub 25.11.2013 14:39:48.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1918.1304 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jakoub\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
c:\windows\system32\SET106.tmp
c:\windows\system32\SET107.tmp
c:\windows\system32\SET108.tmp
c:\windows\system32\SET109.tmp
c:\windows\system32\SET10A.tmp
c:\windows\system32\SET10B.tmp
c:\windows\system32\SET118.tmp
c:\windows\system32\SET11A.tmp
c:\windows\system32\SET121.tmp
c:\windows\system32\SETF1.tmp
c:\windows\system32\SETFD.tmp
c:\windows\system32\UNWISE.EXE
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_mv2
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-25 do 2013-11-25 )))))))))))))))))))))))))))))))
.
.
2013-11-25 13:31 . 2013-11-25 13:31 -------- d--h--w- c:\windows\PIF
2013-11-25 12:16 . 2013-11-25 13:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2013-11-25 12:14 . 2013-11-25 12:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Adobe
2013-11-25 12:14 . 2013-11-25 12:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Temp
2013-11-25 11:15 . 2013-11-25 11:15 -------- d-----w- C:\rsit
2013-11-25 11:15 . 2013-11-25 11:15 -------- d-----w- c:\program files\trend micro
2013-11-25 09:11 . 2013-11-25 12:15 47064 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-11-24 23:53 . 2013-11-25 12:16 105176 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-11-24 16:47 . 2013-11-24 16:47 1498112 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll
2013-11-10 21:58 . 2013-11-10 21:58 -------- d-----w- c:\documents and settings\Jakoub\Local Settings\Data aplikací\cache
2013-11-10 21:58 . 2013-11-11 08:07 -------- d-----w- c:\documents and settings\Jakoub\Local Settings\Data aplikací\Mobogenie
2013-11-10 21:57 . 2013-11-10 22:05 -------- d-----w- c:\program files\Mobogenie
2013-11-10 21:57 . 2013-11-10 21:57 -------- d-----w- c:\program files\SimilarSites
2013-11-10 21:57 . 2013-11-10 21:57 -------- d-----w- c:\documents and settings\Jakoub\Data aplikací\SimilarSites
2013-11-04 20:52 . 2013-11-04 20:52 -------- d-----w- c:\program files\Recover Files
2013-10-30 20:32 . 2013-10-30 20:32 -------- d-----w- c:\program files\Common Files\EZB Systems
2013-10-28 18:45 . 2013-10-30 20:32 -------- d-----w- c:\program files\UltraISO
2013-10-28 18:44 . 2013-10-28 18:44 -------- d-----w- c:\documents and settings\Jakoub\Data aplikací\ImgBurn
2013-10-28 18:40 . 2013-10-28 18:40 -------- d-----w- c:\program files\ImgBurn
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-13 07:56 . 2002-09-20 17:05 841216 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:56 . 2009-12-23 18:09 78336 ------w- c:\windows\system32\ieencode.dll
2013-10-13 07:56 . 2002-09-20 17:05 1830912 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:56 . 2001-10-25 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2013-10-12 15:57 . 2002-09-20 17:04 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 17:38 . 2012-06-13 13:59 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-09 17:38 . 2011-05-15 18:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 17:38 . 2013-06-12 15:37 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-09 13:13 . 2002-09-20 17:03 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-08 05:50 . 2013-10-20 16:18 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-08 05:29 . 2012-06-14 09:35 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-07 11:00 . 2002-09-20 17:03 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:42 . 2008-05-05 06:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-01 09:33 . 2012-10-15 16:06 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-09-04 13:47 . 2007-10-04 07:12 1024000 ----a-w- c:\windows\system32\ieframe.dll.mui
2013-08-29 07:01 . 2002-09-20 16:41 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-29 00:56 . 2010-05-30 18:53 26240 ----a-w- c:\windows\system32\drivers\usbser.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\kbdclass.sys
[-] 2004-08-17 . 6F877BF8DC01A550CD666F3BEDB2213C . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
.
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-17 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2004-08-17 . AF342D2781225A8769686E0D47E3123E . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll
.
[-] 2008-04-14 07:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 07:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2004-08-17 14:49 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-17 . E774A26610EC92674273486612C11CFC . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
.
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2004-08-17 . 21B6FAA88044A41640E03EBB68BE93E8 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-03 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2004-08-17 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2004-08-17 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2002-09-20 . D12F83B2037A01BB97A97F3EA54DD71F . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
[-] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-17 . 70D2A1756F4B2067658A186C963FCABD . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 07:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 07:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2004-08-17 14:49 . 972378B907070F64932A87C90A035487 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-17 . 2413635113361E54B62F0C40E4E4DAE6 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2004-08-17 . EE1F842DB2AE412136643B0814D770A6 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-17 . BFE8DC7AAE7CB1C86243D77B340DC304 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-17 . 91CC3E4CCDBBF8E224182C76C87E454F . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-17 . AB47015B67531572BE46C0C08222C84C . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2002-08-29 . 1B2C477D8847E4123DD8761D2E9008F7 . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll
[-] 2001-10-25 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
.
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-17 . 64C078BD4EFD441C3F159EDC5EA4420A . 247296 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-17 . 2591CADAEF7D2242039255028E577688 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-17 . 134B95A1D8FAFD74A68E4B2116DEFA7D . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-17 . 07119058D451CB7EA4317BCFDA8599A6 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-17 . 6CC2D21488333133AE0C9F44F6051CB7 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-17 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2004-08-17 . 37162D29CD61519E6F5EA0DE99786FF6 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2004-08-17 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-17 . 836F7960362FF95C5D49E40B891F2CFC . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-17 . 382E9B87F1282E697C67AF84E34E35E2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-17 . C2B86666FC44B48903AD6016D15A23DF . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2004-08-17 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2004-08-17 . FC727882241CD48E243868DD8401AB60 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-17 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 54A6BF743E0517528A5064CEAEB40EA7 . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2004-08-17 . 8BA76BD2A943F642F267A296A15776D2 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
.
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msimg32.dll
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . c:\windows\system32\msimg32.dll
[-] 2004-08-17 . 227163195E9495BD99C915EF5F42445C . 4608 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msimg32.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
[-] 2004-08-17 . 93F75FF033BAA186D08115D73BFE3D32 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-17 . 9B835D4C64860B155A1701D5092EC9E4 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[-] 2010-12-09 . AB5CE6ECA795C0AAD55D6584293D7B51 . 713216 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
[-] 2010-12-09 . 0A12141F94F9C7A478AF490454320E97 . 713216 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
[-] 2010-12-09 . 0A12141F94F9C7A478AF490454320E97 . 713216 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll
[-] 2009-02-09 . AAD43A0B688335A38807CEEAC70DD3EE . 710144 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
[-] 2009-02-09 . 342F3C858DFEFC3A0722DADEA3F3EAAB . 709632 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll
[-] 2008-04-14 . 61F18E4177B5E1C74CA45A0052AD8197 . 700928 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll
[-] 2008-04-14 . 61F18E4177B5E1C74CA45A0052AD8197 . 700928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll
[-] 2004-08-17 . 24B856F2FA9CBA678E067B398EAC1BED . 702976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntdll.dll
.
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\msctfime.ime
[-] 2004-08-17 . 93B9E2450B9E5D7F650C72B6E05FD81E . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-17 . 6EB66066D5C0175320CFEA0A4C74C88F . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-17 . 5CA2E2BA624D6F2C7A581C91E70394CB . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-03 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-17 . 5B21208FCF8970BB61FE98E19D828714 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-17 . 29AC93307C6182DBE336BCA314947F28 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-17 . 88C28F53F53438DAFCD95E99C837C61E . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-17 . 2F5919F2F6EE7A845893D9C3AA2BC56A . 295936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2004-08-17 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-17 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-03 21:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[-] 2010-09-18 07:18 . 2BC3ED47ACB42F664D5D1D247F2553AA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 07:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 07:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2001-10-25 12:00 . A9D81C87BEF253D4CE3A5F8CEE2526C4 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-17 . 8B2FCBD881879B55BE40B41F12FFC431 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[-] 2008-04-14 07:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 07:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-17 14:49 . D8D2B13BA93AE830B1A637DF571D1195 . 435712 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2004-08-17 . 984FC1518B0D5B31D76F0E63608E0500 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-17 . 8ECC475F5BAD26DB85943F888D62E364 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-17 . A19F5837E52D57DB66D9DB55BFCC7796 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-17 . 0F9A5DD4503E82B085D8B1336B961A81 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[-] 2008-04-14 07:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 07:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-17 14:49 . 33F14F23DFAE4B43CDD4E535CD7C1963 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
[-] 2004-08-17 . 6C08FF4B76506676617E03C34ECCFB11 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-17 . E472BDA53A4DCD2142143AF9FD25C99A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-17 . 2CEEBB402187AE56B585701F3D191FB3 . 176128 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2004-08-17 . 0645CCDDDD27F96EEA3534C1DEF736D9 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2004-08-17 . B356DD67178B22A8C2FBD47316CCB43B . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2004-08-17 . 630A1012AF129918D2E2D70727D69351 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
.
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[-] 2004-08-17 . B75F372796170EBD15DF35AE9963BFB8 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1BingDesktopOverlays]
@="{B82655E9-B81D-4A97-8154-0D84A4C048E4}"
[HKEY_CLASSES_ROOT\CLSID\{B82655E9-B81D-4A97-8154-0D84A4C048E4}]
2013-11-24 16:47 1739264 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mam2Pan"="Mam2Pan.Exe" [2008-04-11 561152]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2012-10-01 07:22 66360 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jakoub^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\Jakoub\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jakoub^Nabídka Start^Programy^Po spuštění^Jabbim.lnk]
path=c:\documents and settings\Jakoub\Nabídka Start\Programy\Po spuštění\Jabbim.lnk
backup=c:\windows\pss\Jabbim.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-04-03 22:29 165784 ----a-w- c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2012-10-06 08:16 1843512 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-04 19:54 136176 ----atw- c:\documents and settings\Jakoub\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator]
2012-11-18 15:36 89888 ----a-w- c:\program files\HDD Regenerator\Shell.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 05:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-06-16 05:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
2013-10-15 08:37 735936 ----a-w- c:\program files\Mobogenie\DaemonProcess.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter]
2004-03-31 13:23 823296 -c--a-w- c:\program files\NetLimiter\NetLimiter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2011-06-16 13:21 1500160 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08 417792 -c--a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-08-14 06:08 18702336 -c--a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2010-06-08 03:15 618496 ----a-w- c:\windows\Samsung\PanelMgr\SSMMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-06-21 07:58 19875432 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UxTuneUp"=3 (0x3)
"TuneUp.Defrag"=3 (0x3)
"SwPrv"=3 (0x3)
"ose"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"EapHost"=3 (0x3)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"Ati HotKey Poller"=3 (0x3)
"Adobe LM Service"=3 (0x3)
"hddrsrv"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.12.2009 19:25 682232]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\drivers\NSHE.SYS [24.5.2013 9:33 97792]
R2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [3.3.2011 1:29 6016]
R3 MAM2_01;Service for Maya44 MKII 1;c:\windows\system32\drivers\Mam2Wdm.sys [4.10.2008 14:00 22880]
R3 MAM2_AA;Service for Maya44 MKII Audio Driver (EWDM);c:\windows\system32\drivers\Mam2.sys [4.10.2008 14:00 28544]
S1 pdhfqgxs;pdhfqgxs;\??\c:\windows\system32\drivers\pdhfqgxs.sys --> c:\windows\system32\drivers\pdhfqgxs.sys [?]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [15.10.2012 16:56 12216]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [21.6.2013 8:53 162408]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [23.12.2009 21:36 1684736]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [22.6.2013 9:58 83864]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 flash;flash;c:\windows\system32\drivers\flash.sys [21.7.2010 20:22 8064]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [18.9.2012 10:32 43704]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [18.9.2012 10:32 12216]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [9.9.2011 11:43 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [9.9.2011 11:43 8576]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [22.6.2013 9:58 181912]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 6:24 10064]
S4 hddrsrv;hddrsrv;c:\program files\HDD Regenerator\hrsrv.exe [18.11.2012 16:36 81696]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2.2.2010 11:21 1043784]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - POLICYAGENT
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 17:38]
.
2013-11-25 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2010-02-02 10:28]
.
2013-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-30 21:51]
.
2013-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-30 21:51]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.tipcars.com/applications/a_start.ph ... 9535159000
uInternet Settings,ProxyServer = proxy.mendelu.cz:5555
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\TRANSLATOR\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\TRANSLATOR\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\TRANSLATOR\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\TRANSLATOR\WEBIE.DLL
TCP: Interfaces\{75688A86-0FB7-4570-BC1B-D4388AD84A7D}: NameServer = 10.0.0.138
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Jakoub\Data aplikací\Mozilla\Firefox\Profiles\v0slojlx.default-1350242178437\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Acrobat Assistant 7 - c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-ASUS Ai Charger - c:\program files\ASUS\ASUS Ai Charger\AiChargerAP.exe
MSConfigStartUp-Badoo Desktop - c:\documents and settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe
MSConfigStartUp-F - c:\documents and settings\Jakoub\Local Settings\Apps\F.lux\flux.exe
MSConfigStartUp-Facebook Update - c:\documents and settings\Jakoub\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
MSConfigStartUp-Norton SystemWorks - c:\program files\Norton SystemWorks\cfgwiz.exe
MSConfigStartUp-NtVdmSrv - c:\windows\inf\ntvdm.vbe
MSConfigStartUp-Symantec NetDriver Monitor - c:\progra~1\SYMNET~1\SNDMon.exe
AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-25 14:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(848)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(3264)
c:\documents and settings\All Users\Data aplikací\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll
c:\windows\system32\msi.dll
c:\documents and settings\All Users\Data aplikací\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\netdde.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\Mam2Pan.Exe
.
**************************************************************************
.
Celkový čas: 2013-11-25 14:50:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-25 13:50
.
Před spuštěním: Volných bajtů: 40 798 212 096
Po spuštění: Volných bajtů: 40 979 111 936
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - E8ADBD58CE76B51BBE1B2CC66A568B52
413FC2A0C716421B3158746D63736515
Re: Malware rootkit infekce
Nooo, tohle nevypada dobre, je ta az prilis naborenych systemovych souboru 
Zkuste tam pustit HitmanaPro dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=132523"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Malware rootkit infekce
použil jsem hitman.kickstart dle návodu, výsledek nevalný, log se neuložil a pc se po restartu dost radikálně zpomalil a co hlavně najíždí teď snad 5 min!, na pozadí pořád něco probíhá (před použitím hitmanpro běžel normálně), ale ve správci úloh nic není, ani v nainstalovaných programech. jak toho hitmana odeberu nebo ukončím?
Re: Malware rootkit infekce
To nebude Hitmanem 
Podivejte se do Ovladaci Panely-Pridat\Odebrat programy Dejte mi log z RSIT"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Malware rootkit infekce
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jakoub at 2013-11-25 22:34:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 40 GB (53%) free of 76 GB
Total RAM: 1918 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:35:02, on 25.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21359)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Mam2Pan.Exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Documents and Settings\Jakoub\Plocha\RSIT.exe
C:\Program Files\trend micro\Jakoub.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tipcars.com/applications/a_s ... 9535159000
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mendelu.cz:5555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O4 - HKLM\..\Run: [Mam2Pan] Mam2Pan.Exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwa ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{75688A86-0FB7-4570-BC1B-D4388AD84A7D}: NameServer = 10.0.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\WinVNC4.exe
--
End of file - 6349 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Automatic troubleshooting.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Jakoub\Data aplikací\Mozilla\Firefox\Profiles\v0slojlx.default-1350242178437
prefs.js - "browser.startup.homepage" - "seznam.cz"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
mall-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Program Files\TRANSLATOR\WEBIE.DLL [2009-12-24 360448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Program Files\TRANSLATOR\WEBIE.DLL [2009-12-24 360448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Mam2Pan"=C:\WINDOWS\system32\Mam2Pan.Exe [2008-04-11 561152]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-04-03 165784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2012-10-06 1843512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-09-04 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator]
C:\Program Files\HDD Regenerator\Shell.exe [2012-11-18 89888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
C:\Program Files\Mobogenie\DaemonProcess.exe [2013-10-15 735936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter]
C:\Program Files\NetLimiter\NetLimiter.exe [2004-03-31 823296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-06-16 1500160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2009-08-14 18702336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2010-06-08 618496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-06-21 19875432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
C:\WINDOWS\Installer\{AC76BA86-1033-C740-BA7E-100000000002}\SC_Acrobat.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2012-02-24 636256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jakoub^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jakoub^Nabídka Start^Programy^Po spuštění^Jabbim.lnk]
C:\PROGRA~1\Jabbim\jabbim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UxTuneUp"=3
"TuneUp.Defrag"=3
"SwPrv"=3
"ose"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"EapHost"=3
"clr_optimization_v2.0.50727_32"=3
"Ati HotKey Poller"=3
"Adobe LM Service"=3
"hddrsrv"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2012-10-01 66360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.iv41"=Ir41_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.DIV3"=DivXc32.dll
"VIDC.DIV4"=DivXc32f.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=LameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.WMV3"=wmv9vcm.dll
"wave4"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer4"=wdmaud.drv
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.x264"=x264vfw.dll
"msacm.divxa32"=DivXa32.acm
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2013-11-25 22:26:42 ----ASH---- C:\pagefile.sys
2013-11-25 20:47:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2013-11-25 15:01:53 ----SHD---- C:\RECYCLER
2013-11-25 14:38:35 ----A---- C:\Boot.bak
2013-11-25 14:38:31 ----RASHD---- C:\cmdcons
2013-11-25 14:36:31 ----A---- C:\WINDOWS\zip.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\SWSC.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\SWREG.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\sed.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\PEV.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\NIRCMD.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\MBR.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\grep.exe
2013-11-25 14:36:23 ----D---- C:\Qoobox
2013-11-25 14:36:12 ----D---- C:\WINDOWS\erdnt
2013-11-25 14:31:41 ----HD---- C:\WINDOWS\PIF
2013-11-25 12:15:06 ----D---- C:\rsit
2013-11-25 12:15:06 ----D---- C:\Program Files\trend micro
2013-11-25 10:11:32 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2013-11-25 00:53:30 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2013-11-15 20:39:47 ----D---- C:\Program Files\Mozilla Firefox
2013-11-14 13:08:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 13:08:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 13:08:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 13:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2013-11-10 22:57:24 ----D---- C:\Program Files\Mobogenie
2013-11-10 22:57:23 ----D---- C:\Program Files\SimilarSites
2013-11-10 22:57:18 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\SimilarSites
2013-11-04 21:52:38 ----D---- C:\Program Files\Recover Files
2013-10-30 21:32:13 ----D---- C:\Program Files\Common Files\EZB Systems
2013-10-28 19:45:19 ----D---- C:\Program Files\UltraISO
2013-10-28 19:44:49 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\ImgBurn
2013-10-28 19:40:47 ----D---- C:\Program Files\ImgBurn
======List of files/folders modified in the last 1 month======
2013-11-25 22:33:34 ----D---- C:\Program Files\Winamp
2013-11-25 22:33:25 ----D---- C:\WINDOWS
2013-11-25 22:32:39 ----D---- C:\WINDOWS\system32
2013-11-25 22:32:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-25 22:30:28 ----D---- C:\Program Files\SpeedFan
2013-11-25 22:29:21 ----D---- C:\WINDOWS\Temp
2013-11-25 22:19:51 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-11-25 22:19:41 ----D---- C:\WINDOWS\system32\drivers
2013-11-25 20:44:53 ----HD---- C:\WINDOWS\inf
2013-11-25 20:44:52 ----D---- C:\WINDOWS\system32\CatRoot2
2013-11-25 18:37:53 ----A---- C:\WINDOWS\winamp.ini
2013-11-25 17:41:32 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\uTorrent
2013-11-25 16:00:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2013-11-25 15:24:42 ----SHD---- C:\WINDOWS\Installer
2013-11-25 15:24:19 ----D---- C:\Program Files\Microsoft ActiveSync
2013-11-25 15:24:19 ----D---- C:\Config.Msi
2013-11-25 15:24:18 ----D---- C:\WINDOWS\Help
2013-11-25 15:22:48 ----RD---- C:\Program Files
2013-11-25 15:01:55 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\Media Player Classic
2013-11-25 14:49:54 ----SD---- C:\WINDOWS\Tasks
2013-11-25 14:46:14 ----A---- C:\WINDOWS\system.ini
2013-11-25 14:45:47 ----D---- C:\WINDOWS\system32\drivers\etc
2013-11-25 14:45:33 ----SHD---- C:\System Volume Information
2013-11-25 14:45:33 ----D---- C:\WINDOWS\system32\Restore
2013-11-25 14:44:08 ----D---- C:\WINDOWS\system32\config
2013-11-25 14:41:59 ----D---- C:\WINDOWS\AppPatch
2013-11-25 14:41:58 ----D---- C:\Program Files\Common Files
2013-11-25 14:38:35 ----RASH---- C:\boot.ini
2013-11-25 14:36:16 ----D---- C:\WINDOWS\Prefetch
2013-11-25 13:02:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-11-25 12:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2013-11-25 11:03:42 ----D---- C:\WINDOWS\Debug
2013-11-25 10:09:50 ----A---- C:\WINDOWS\win.ini
2013-11-25 00:50:08 ----D---- C:\WINDOWS\system32\MpEngineStore
2013-11-24 18:12:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2756822$
2013-11-24 17:47:14 ----D---- C:\Program Files\Google
2013-11-24 17:47:03 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-11-24 17:46:37 ----A---- C:\WINDOWS\NeroDigital.ini
2013-11-22 12:18:00 ----D---- C:\Různé dokumenty
2013-11-16 07:14:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-15 15:23:50 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\YouTube Downloader
2013-11-14 13:08:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-11-14 13:08:31 ----D---- C:\Program Files\Internet Explorer
2013-11-14 13:08:28 ----D---- C:\WINDOWS\system32\cs-cz
2013-11-14 13:08:01 ----D---- C:\WINDOWS\system32\MRT
2013-11-14 13:03:27 ----A---- C:\WINDOWS\system32\MRT.exe
2013-11-14 10:22:13 ----A---- C:\WINDOWS\WDICT32.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-23 682232]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 NSHE;Guardant Emulator Driver; \??\C:\WINDOWS\system32\Drivers\NSHE.SYS []
R2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2005-03-28 6016]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2007-08-21 72704]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2012-07-08 37160]
R3 btkrnl;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2012-07-08 934312]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2012-09-18 43960]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2012-09-18 39608]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2012-09-18 30392]
R3 MAM2_01;Service for Maya44 MKII 1; C:\WINDOWS\system32\drivers\Mam2Wdm.sys [2008-04-11 22880]
R3 MAM2_AA;Service for Maya44 MKII Audio Driver (EWDM); C:\WINDOWS\system32\drivers\Mam2.sys [2008-04-11 28544]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2009-06-25 3734976]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2005-03-28 4736]
R3 vncmirror;vncmirror; C:\WINDOWS\system32\DRIVERS\vncmirror.sys [2009-07-25 4608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S1 pdhfqgxs;pdhfqgxs; \??\C:\WINDOWS\system32\drivers\pdhfqgxs.sys []
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2012-09-18 12216]
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 aa0ary9b;aa0ary9b; C:\WINDOWS\system32\drivers\aa0ary9b.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\AN983.sys [2008-04-13 36224]
S3 AR5523;TP-LINK TL-WN620G 11G Wireless Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2012-07-08 556200]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2012-07-08 118440]
S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2012-07-08 37032]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2012-07-08 52136]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-05-02 83864]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 flash;flash; \??\C:\WINDOWS\system32\drivers\flash.sys []
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [2012-09-18 43704]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [2012-09-18 12216]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2006-12-13 20992]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-05-02 181912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;Sony Ericsson USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-29 26240]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2012-02-24 365912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-15 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2012-10-01 295224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 119408]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\WinVNC4.exe [2009-07-25 1492344]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-24 72704]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-30 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-30 136176]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S4 hddrsrv;hddrsrv; C:\Program Files\HDD Regenerator\hrsrv.exe [2012-11-18 81696]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-08 182696]
S4 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-04-21 435016]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-02 1043784]
S4 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Run by Jakoub at 2013-11-25 22:34:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 40 GB (53%) free of 76 GB
Total RAM: 1918 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:35:02, on 25.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21359)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Mam2Pan.Exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Documents and Settings\Jakoub\Plocha\RSIT.exe
C:\Program Files\trend micro\Jakoub.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tipcars.com/applications/a_s ... 9535159000
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mendelu.cz:5555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O4 - HKLM\..\Run: [Mam2Pan] Mam2Pan.Exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\TRANSLATOR\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwa ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{75688A86-0FB7-4570-BC1B-D4388AD84A7D}: NameServer = 10.0.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\WinVNC4.exe
--
End of file - 6349 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Automatic troubleshooting.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Jakoub\Data aplikací\Mozilla\Firefox\Profiles\v0slojlx.default-1350242178437
prefs.js - "browser.startup.homepage" - "seznam.cz"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
mall-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Program Files\TRANSLATOR\WEBIE.DLL [2009-12-24 360448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Program Files\TRANSLATOR\WEBIE.DLL [2009-12-24 360448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Mam2Pan"=C:\WINDOWS\system32\Mam2Pan.Exe [2008-04-11 561152]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-04-03 165784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2012-10-06 1843512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Jakoub\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-09-04 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDD Regenerator]
C:\Program Files\HDD Regenerator\Shell.exe [2012-11-18 89888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon]
C:\Program Files\Mobogenie\DaemonProcess.exe [2013-10-15 735936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter]
C:\Program Files\NetLimiter\NetLimiter.exe [2004-03-31 823296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-06-16 1500160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2009-08-14 18702336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2010-06-08 618496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-06-21 19875432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
C:\WINDOWS\Installer\{AC76BA86-1033-C740-BA7E-100000000002}\SC_Acrobat.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2012-02-24 636256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jakoub^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jakoub^Nabídka Start^Programy^Po spuštění^Jabbim.lnk]
C:\PROGRA~1\Jabbim\jabbim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UxTuneUp"=3
"TuneUp.Defrag"=3
"SwPrv"=3
"ose"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"EapHost"=3
"clr_optimization_v2.0.50727_32"=3
"Ati HotKey Poller"=3
"Adobe LM Service"=3
"hddrsrv"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2012-10-01 66360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.iv41"=Ir41_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.DIV3"=DivXc32.dll
"VIDC.DIV4"=DivXc32f.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=LameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.WMV3"=wmv9vcm.dll
"wave4"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer4"=wdmaud.drv
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.x264"=x264vfw.dll
"msacm.divxa32"=DivXa32.acm
======File associations======
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2013-11-25 22:26:42 ----ASH---- C:\pagefile.sys
2013-11-25 20:47:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2013-11-25 15:01:53 ----SHD---- C:\RECYCLER
2013-11-25 14:38:35 ----A---- C:\Boot.bak
2013-11-25 14:38:31 ----RASHD---- C:\cmdcons
2013-11-25 14:36:31 ----A---- C:\WINDOWS\zip.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\SWSC.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\SWREG.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\sed.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\PEV.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\NIRCMD.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\MBR.exe
2013-11-25 14:36:31 ----A---- C:\WINDOWS\grep.exe
2013-11-25 14:36:23 ----D---- C:\Qoobox
2013-11-25 14:36:12 ----D---- C:\WINDOWS\erdnt
2013-11-25 14:31:41 ----HD---- C:\WINDOWS\PIF
2013-11-25 12:15:06 ----D---- C:\rsit
2013-11-25 12:15:06 ----D---- C:\Program Files\trend micro
2013-11-25 10:11:32 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2013-11-25 00:53:30 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2013-11-15 20:39:47 ----D---- C:\Program Files\Mozilla Firefox
2013-11-14 13:08:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 13:08:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 13:08:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 13:08:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2013-11-10 22:57:24 ----D---- C:\Program Files\Mobogenie
2013-11-10 22:57:23 ----D---- C:\Program Files\SimilarSites
2013-11-10 22:57:18 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\SimilarSites
2013-11-04 21:52:38 ----D---- C:\Program Files\Recover Files
2013-10-30 21:32:13 ----D---- C:\Program Files\Common Files\EZB Systems
2013-10-28 19:45:19 ----D---- C:\Program Files\UltraISO
2013-10-28 19:44:49 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\ImgBurn
2013-10-28 19:40:47 ----D---- C:\Program Files\ImgBurn
======List of files/folders modified in the last 1 month======
2013-11-25 22:33:34 ----D---- C:\Program Files\Winamp
2013-11-25 22:33:25 ----D---- C:\WINDOWS
2013-11-25 22:32:39 ----D---- C:\WINDOWS\system32
2013-11-25 22:32:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-25 22:30:28 ----D---- C:\Program Files\SpeedFan
2013-11-25 22:29:21 ----D---- C:\WINDOWS\Temp
2013-11-25 22:19:51 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-11-25 22:19:41 ----D---- C:\WINDOWS\system32\drivers
2013-11-25 20:44:53 ----HD---- C:\WINDOWS\inf
2013-11-25 20:44:52 ----D---- C:\WINDOWS\system32\CatRoot2
2013-11-25 18:37:53 ----A---- C:\WINDOWS\winamp.ini
2013-11-25 17:41:32 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\uTorrent
2013-11-25 16:00:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2013-11-25 15:24:42 ----SHD---- C:\WINDOWS\Installer
2013-11-25 15:24:19 ----D---- C:\Program Files\Microsoft ActiveSync
2013-11-25 15:24:19 ----D---- C:\Config.Msi
2013-11-25 15:24:18 ----D---- C:\WINDOWS\Help
2013-11-25 15:22:48 ----RD---- C:\Program Files
2013-11-25 15:01:55 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\Media Player Classic
2013-11-25 14:49:54 ----SD---- C:\WINDOWS\Tasks
2013-11-25 14:46:14 ----A---- C:\WINDOWS\system.ini
2013-11-25 14:45:47 ----D---- C:\WINDOWS\system32\drivers\etc
2013-11-25 14:45:33 ----SHD---- C:\System Volume Information
2013-11-25 14:45:33 ----D---- C:\WINDOWS\system32\Restore
2013-11-25 14:44:08 ----D---- C:\WINDOWS\system32\config
2013-11-25 14:41:59 ----D---- C:\WINDOWS\AppPatch
2013-11-25 14:41:58 ----D---- C:\Program Files\Common Files
2013-11-25 14:38:35 ----RASH---- C:\boot.ini
2013-11-25 14:36:16 ----D---- C:\WINDOWS\Prefetch
2013-11-25 13:02:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-11-25 12:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2013-11-25 11:03:42 ----D---- C:\WINDOWS\Debug
2013-11-25 10:09:50 ----A---- C:\WINDOWS\win.ini
2013-11-25 00:50:08 ----D---- C:\WINDOWS\system32\MpEngineStore
2013-11-24 18:12:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2756822$
2013-11-24 17:47:14 ----D---- C:\Program Files\Google
2013-11-24 17:47:03 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-11-24 17:46:37 ----A---- C:\WINDOWS\NeroDigital.ini
2013-11-22 12:18:00 ----D---- C:\Různé dokumenty
2013-11-16 07:14:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-15 15:23:50 ----D---- C:\Documents and Settings\Jakoub\Data aplikací\YouTube Downloader
2013-11-14 13:08:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-11-14 13:08:31 ----D---- C:\Program Files\Internet Explorer
2013-11-14 13:08:28 ----D---- C:\WINDOWS\system32\cs-cz
2013-11-14 13:08:01 ----D---- C:\WINDOWS\system32\MRT
2013-11-14 13:03:27 ----A---- C:\WINDOWS\system32\MRT.exe
2013-11-14 10:22:13 ----A---- C:\WINDOWS\WDICT32.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-23 682232]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 NSHE;Guardant Emulator Driver; \??\C:\WINDOWS\system32\Drivers\NSHE.SYS []
R2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2005-03-28 6016]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2007-08-21 72704]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2012-07-08 37160]
R3 btkrnl;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2012-07-08 934312]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2012-09-18 43960]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2012-09-18 39608]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2012-09-18 30392]
R3 MAM2_01;Service for Maya44 MKII 1; C:\WINDOWS\system32\drivers\Mam2Wdm.sys [2008-04-11 22880]
R3 MAM2_AA;Service for Maya44 MKII Audio Driver (EWDM); C:\WINDOWS\system32\drivers\Mam2.sys [2008-04-11 28544]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2009-06-25 3734976]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2005-03-28 4736]
R3 vncmirror;vncmirror; C:\WINDOWS\system32\DRIVERS\vncmirror.sys [2009-07-25 4608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S1 pdhfqgxs;pdhfqgxs; \??\C:\WINDOWS\system32\drivers\pdhfqgxs.sys []
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2012-09-18 12216]
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 aa0ary9b;aa0ary9b; C:\WINDOWS\system32\drivers\aa0ary9b.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\AN983.sys [2008-04-13 36224]
S3 AR5523;TP-LINK TL-WN620G 11G Wireless Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2012-07-08 556200]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2012-07-08 118440]
S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2012-07-08 37032]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2012-07-08 52136]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-05-02 83864]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 flash;flash; \??\C:\WINDOWS\system32\drivers\flash.sys []
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [2012-09-18 43704]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [2012-09-18 12216]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2006-12-13 20992]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-05-02 181912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;Sony Ericsson USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-29 26240]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2012-02-24 365912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-15 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2012-10-01 295224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 119408]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\WinVNC4.exe [2009-07-25 1492344]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-24 72704]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-30 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-30 136176]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S4 hddrsrv;hddrsrv; C:\Program Files\HDD Regenerator\hrsrv.exe [2012-11-18 81696]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-08 182696]
S4 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-04-21 435016]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-02 1043784]
S4 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Re: Malware rootkit infekce
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
A pak si vyclente asi par hodin na sken AVPToolem - potrebujem overit\polecit ty napadene systemove soubory - navod na sken zde http://forum.viry.cz/viewtopic.php?f=29&t=58179"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?