Jump to content

Aprch

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks, that one seem to have worked. What were the tips you were going to tell me about?
  2. No, you don't get it, I know my way around Windows pretty well, it's not a mental impairment that doesn't allow me to copy stuff, it's the computer itself, or the virus, whatever it is that's causing it. Whether I ctrl-c it, right click it, go to the Edit menu, I still get the Paste option grayed out in every folder, I also cannot drag items around, so this also prevents me from copying them, or even moving them from one place to another.
  3. Thing is, explorer,exe pretty much never stopped working, I seem to be able to copy stuff but I cannot paste it elsewhere. Is there a way to fix this so I can copy my files into the backup HDD or, as I said, should I just burn everything into a DVD and then extract it directly on the HDD?
  4. By Windows Explorer you mean the regular explorer.exe program? I'm still not able to copy stuff, I managed to move a few files via adding them to a zip file inside the USB, but now that I've found and old HDD I'm gonna use it for backup, so it'd be nice if I could somehow manage to copy the files to that disk. Do you think there's a way or should I just go ape-mode and zip/unzip them all?
  5. MBAR report: Malwarebytes Anti-Rootkit BETA 1.05.0.1001 www.malwarebytes.org Database version: v2013.03.22.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Usuario :: PC_JULIAN [administrator] 14/04/2013 10:10:52 p.m. mbar-log-2013-04-14 (22-10-52).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 45471 Time elapsed: 24 minute(s), 7 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 2 HKCU\SOFTWARE\ASH24SXZ9S (Trojan.FakeAlert) -> Delete on reboot. HKCU\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Delete on reboot. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 2 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Delete on reboot. HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> Delete on reboot. Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) I made a second scan without rebooting, in which the program found nothing, and then made another one after the reboot, and it didn't find anything either. Malwarebytes Anti-Rootkit BETA 1.05.0.1001 www.malwarebytes.org Database version: v2013.03.22.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Usuario :: PC_JULIAN [administrator] 14/04/2013 11:14:03 p.m. mbar-log-2013-04-14 (23-14-03).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 45419 Time elapsed: 22 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Everything seems to be the same, however.
  6. Rkill report: Rkill 2.4.7 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 04/14/2013 09:27:13 PM in x86 mode. Windows Version: Microsoft Windows XP Service Pack 3 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\WINDOWS\system32\nvsvc32.exe (PID: 932) [WD-HEUR] * C:\WINDOWS\system32\notepad.exe (PID: 924) [WD-HEUR] 2 proccesses terminated! Possibly Patched Files. * C:\WINDOWS\system32\services.exe * C:\WINDOWS\system32\lsass.exe * C:\WINDOWS\system32\svchost.exe * C:\WINDOWS\System32\svchost.exe * C:\WINDOWS\system32\svchost.exe * C:\WINDOWS\system32\svchost.exe * C:\WINDOWS\system32\svchost.exe * C:\WINDOWS\system32\svchost.exe Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * CryptSvc (CryptSvc) is not Running. Startup Type set to: Automatic * Sistema de sucesos COM+ (EventSystem) is not Running. Startup Type set to: Manual * Conexiones de red (Netman) is not Running. Startup Type set to: Manual * Servicio de restauración de sistema (srservice) is not Running. Startup Type set to: Automatic * Instrumental de administración de Windows (winmgmt) is not Running. Startup Type set to: Automatic * Centro de seguridad (wscsvc) is not Running. Startup Type set to: Automatic * Automatic Updates (wuauserv) is not Running. Startup Type set to: Automatic * SamSs [Missing Service] * Update [Missing ImagePath] * RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [incorrect ImagePath] Searching for Missing Digital Signatures: * C:\WINDOWS\System32\appmgmts.dll [NoSig] * C:\WINDOWS\System32\browser.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2705219\SP3QFE\browser.dll : 78.336 : 07/06/2012 00:58 AM : 88f61096edaf97f86128ed9007802709 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2705219$\browser.dll : 77.824 : 04/14/2008 00:00 AM : e28818bd591f8af8fbe9897472b9665e [Pos Repl] * C:\WINDOWS\System32\clipsrv.exe [NoSig] * C:\WINDOWS\System32\comctl32.dll [NoSig] +-> C:\WINDOWS\$NtUninstallKB2296011$\comctl32.dll : 617.472 : 04/14/2008 00:00 AM : 618a4c7a7c0ca86da884c8c0facad8c2 [Pos Repl] +-> C:\WINDOWS\WinSxS\InstallTemp\67161\comctl32.dll : 921.088 : 09/10/2002 00:00 AM : aef3d788dbf40c7c4d204ea45eb0c505 [Pos Repl] +-> C:\WINDOWS\WinSxS\InstallTemp\9406468\comctl32.dll : 1.054.208 : 08/23/2010 01:12 PM : 24b09ed0c5b019a5198a74504179eeb0 [Pos Repl] +-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll : 921.088 : 04/14/2008 00:00 AM : aef3d788dbf40c7c4d204ea45eb0c505 [Pos Repl] +-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll : 1.054.208 : 04/14/2008 00:00 AM : 08d17a982cd6191b34d1b8c8a2e694b6 [Pos Repl] +-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll : 1.054.208 : 08/23/2010 01:12 PM : 24b09ed0c5b019a5198a74504179eeb0 [Pos Repl] * C:\WINDOWS\System32\comres.dll [NoSig] * C:\WINDOWS\System32\cryptsvc.dll [NoSig] * C:\WINDOWS\System32\csrss.exe [NoSig] * C:\WINDOWS\System32\ctfmon.exe [NoSig] * C:\WINDOWS\System32\d3d8.dll [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8.dll : 1.201.152 : 07/09/2004 01:27 AM : cae54168c54b8349f10113de083c4eb7 [Pos Repl] * C:\WINDOWS\System32\d3d8thk.dll [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8thk.dll : 8.192 : 12/12/2002 01:14 AM : d6e38d3cde17a05ba6304917c80d6d3c [Pos Repl] * C:\WINDOWS\System32\d3d9.dll [NoSig] * C:\WINDOWS\System32\ddraw.dll [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll : 292.864 : 07/09/2004 01:27 AM : 90114704c17a581da1bae029f20932be [Pos Repl] * C:\WINDOWS\System32\dllhost.exe [NoSig] * C:\WINDOWS\System32\drivers\acpiec.sys [NoSig] * C:\WINDOWS\System32\drivers\acpi.sys [NoSig] * C:\WINDOWS\System32\drivers\aec.sys [NoSig] * C:\WINDOWS\System32\drivers\afd.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys : 138.496 : 02/16/2011 01:25 AM : 8d499b1276012eb907e7a9e0f4d8fda4 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys : 138.496 : 10/16/2008 01:07 AM : 38d7b715504da4741df35e3594fe2099 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys : 138.496 : 08/17/2011 01:41 AM : f6b7b1ecd7b41736bdb6ff4b092bcb79 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys : 138.496 : 06/20/2008 01:48 AM : d6ee6014241d034e63c49a50cb2b442a [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys : 138.496 : 08/14/2008 01:34 AM : 4d43e74f2a1239d53929b82600f1971c [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2509553$\afd.sys : 138.112 : 04/14/2008 00:00 AM : 322d0e36693d6e24a2398bee62a268cd [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2592799$\afd.sys : 138.496 : 10/16/2008 00:43 AM : 7618d5218f2a614672ec61a80d854a37 [Pos Repl] * C:\WINDOWS\System32\drivers\agp440.sys [NoSig] * C:\WINDOWS\System32\drivers\amdk6.sys [NoSig] * C:\WINDOWS\System32\drivers\amdk7.sys [NoSig] * C:\WINDOWS\System32\drivers\arp1394.sys [NoSig] * C:\WINDOWS\System32\drivers\asyncmac.sys [NoSig] * C:\WINDOWS\System32\drivers\atapi.sys [NoSig] * C:\WINDOWS\System32\drivers\audstub.sys [NoSig] * C:\WINDOWS\System32\drivers\beep.sys [NoSig] * C:\WINDOWS\System32\drivers\bridge.sys [NoSig] * C:\WINDOWS\System32\drivers\bthport.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys : 272.512 : 06/14/2008 02:40 PM : 5206c872ffc17a0fd95a6255422605cd [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys : 273.408 : 04/14/2008 00:00 AM : 6d28e3e375656dc2880e40c93c7998be [Pos Repl] +-> C:\WINDOWS\Driver Cache\i386\bthport.sys : 272.512 : 06/14/2008 02:33 PM : 53d951bb865ab36b200b1c9429db644c [Pos Repl] * C:\WINDOWS\System32\drivers\cbidf2k.sys [NoSig] * C:\WINDOWS\System32\drivers\cdaudio.sys [NoSig] * C:\WINDOWS\System32\drivers\cdfs.sys [NoSig] * C:\WINDOWS\System32\drivers\cdrom.sys [NoSig] * C:\WINDOWS\System32\drivers\classpnp.sys [NoSig] * C:\WINDOWS\System32\drivers\cpqdap01.sys [NoSig] * C:\WINDOWS\System32\drivers\crusoe.sys [NoSig] * C:\WINDOWS\System32\drivers\diskdump.sys [NoSig] * C:\WINDOWS\System32\drivers\disk.sys [NoSig] * C:\WINDOWS\System32\drivers\dmboot.sys [NoSig] * C:\WINDOWS\System32\drivers\dmio.sys [NoSig] * C:\WINDOWS\System32\drivers\dmload.sys [NoSig] * C:\WINDOWS\System32\drivers\DMusic.sys [NoSig] * C:\WINDOWS\System32\drivers\drmkaud.sys [NoSig] * C:\WINDOWS\System32\drivers\drmk.sys [NoSig] * C:\WINDOWS\System32\drivers\dxapi.sys [NoSig] * C:\WINDOWS\System32\drivers\dxg.sys [NoSig] * C:\WINDOWS\System32\drivers\dxgthk.sys [NoSig] * C:\WINDOWS\System32\drivers\fastfat.sys [NoSig] * C:\WINDOWS\System32\drivers\fdc.sys [NoSig] * C:\WINDOWS\System32\drivers\fips.sys [NoSig] * C:\WINDOWS\System32\drivers\flpydisk.sys [NoSig] * C:\WINDOWS\System32\drivers\fltMgr.sys [NoSig] * C:\WINDOWS\System32\drivers\fs_rec.sys [NoSig] * C:\WINDOWS\System32\drivers\fsvga.sys [NoSig] * C:\WINDOWS\System32\drivers\ftdisk.sys [NoSig] * C:\WINDOWS\System32\drivers\hidclass.sys [NoSig] * C:\WINDOWS\System32\drivers\hidparse.sys [NoSig] * C:\WINDOWS\System32\drivers\hidusb.sys [NoSig] * C:\WINDOWS\System32\drivers\http.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB970430\SP3QFE\http.sys : 265.728 : 10/20/2009 02:21 AM : 937031c085718c1c04a9c0864625ec6b [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB970430$\http.sys : 264.832 : 04/14/2008 00:00 AM : f6aacf5bce2893e0c1754afeb672e5c9 [Pos Repl] +-> C:\WINDOWS\Driver Cache\i386\http.sys : 265.728 : 10/20/2009 01:20 PM : f80a415ef82cd06ffaf0d971528ead38 [Pos Repl] * C:\WINDOWS\System32\drivers\i8042prt.sys [NoSig] * C:\WINDOWS\System32\drivers\imapi.sys [NoSig] * C:\WINDOWS\System32\drivers\intelppm.sys [NoSig] * C:\WINDOWS\System32\drivers\ip6fw.sys [NoSig] * C:\WINDOWS\System32\drivers\ipfltdrv.sys [NoSig] * C:\WINDOWS\System32\drivers\ipinip.sys [NoSig] * C:\WINDOWS\System32\drivers\ipnat.sys [NoSig] * C:\WINDOWS\System32\drivers\ipsec.sys [NoSig] * C:\WINDOWS\System32\drivers\irenum.sys [NoSig] * C:\WINDOWS\System32\drivers\isapnp.sys [NoSig] * C:\WINDOWS\System32\drivers\kbdclass.sys [NoSig] * C:\WINDOWS\System32\drivers\kmixer.sys [NoSig] * C:\WINDOWS\System32\drivers\ksecdd.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\ksecdd.sys : 92.928 : 06/24/2009 02:28 AM : c6ebf1d6ad71df30db49b8d3287e1368 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB968389$\ksecdd.sys : 92.288 : 04/14/2008 00:00 AM : 1705745d900dabf2d89f90ebaddc7517 [Pos Repl] * C:\WINDOWS\System32\drivers\ks.sys [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ks.sys : 130.304 : 12/12/2002 01:14 AM : dc197a88746a55ae60d1c81d45cd1b4a [Pos Repl] +-> C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\ks.sys : 141.056 : 04/14/2008 00:00 AM : 0753515f78df7f271a5e61c20bcd36a1 [Pos Repl] * C:\WINDOWS\System32\drivers\mcd.sys [NoSig] * C:\WINDOWS\System32\drivers\mf.sys [NoSig] * C:\WINDOWS\System32\drivers\mnmdd.sys [NoSig] * C:\WINDOWS\System32\drivers\modem.sys [NoSig] * C:\WINDOWS\System32\drivers\mouclass.sys [NoSig] * C:\WINDOWS\System32\drivers\mouhid.sys [NoSig] * C:\WINDOWS\System32\drivers\mountmgr.sys [NoSig] * C:\WINDOWS\System32\drivers\mqac.sys [NoSig] * C:\WINDOWS\System32\drivers\mrxdav.sys [NoSig] * C:\WINDOWS\System32\drivers\mrxsmb.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys : 457.472 : 02/17/2011 02:19 AM : fb7dfd15d760ad339837a470f0e780d3 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys : 457.856 : 04/29/2011 01:47 PM : 8dd801e28eb76fda2a38907882a0036f [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys : 457.856 : 07/15/2011 01:29 AM : fb2fccc70f7174c7bf64f48e96d3adf4 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys : 457.216 : 02/24/2010 01:57 AM : d09b9f0b9960dd41e73127b7814c115f [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2536276-v2$\mrxsmb.sys : 456.576 : 04/14/2008 00:00 AM : 68755f0ff16070178b54674fe5b847b0 [Pos Repl] +-> C:\WINDOWS\Driver Cache\i386\mrxsmb.sys : 456.320 : 07/15/2011 01:29 AM : 7d304a5eb4344ebeeab53a2fe3ffb9f0 [Pos Repl] * C:\WINDOWS\System32\drivers\msfs.sys [NoSig] * C:\WINDOWS\System32\drivers\msgpc.sys [NoSig] * C:\WINDOWS\System32\drivers\MSKSSRV.sys [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mskssrv.sys : 7.424 : 12/12/2002 01:14 AM : 85736f804191cb420a31aca2a7f0674f [Pos Repl] * C:\WINDOWS\System32\drivers\MSPCLOCK.sys [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspclock.sys : 5.248 : 12/12/2002 01:14 AM : e943adb93d83c5cbc0ca3f53f53b48cc [Pos Repl] * C:\WINDOWS\System32\drivers\MSPQM.sys [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspqm.sys : 4.608 : 08/23/2001 01:00 AM : f6a726b8832db1f88326b8be98b11981 [Pos Repl] * C:\WINDOWS\System32\drivers\mssmbios.sys [NoSig] * C:\WINDOWS\System32\drivers\mup.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2535512\SP3QFE\mup.sys : 105.472 : 04/21/2011 01:52 AM : f7b1ad991491f02af6da70b00b8bf114 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2535512$\mup.sys : 105.344 : 04/14/2008 00:00 AM : 2f625d11385b1a94360bfc70aaefdee1 [Pos Repl] * C:\WINDOWS\System32\drivers\ndis.sys [NoSig] * C:\WINDOWS\System32\drivers\ndistapi.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2566454\SP3QFE\ndistapi.sys : 10.496 : 07/08/2011 01:51 AM : 091735a5f20acb1dc147383a905ae002 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2566454$\ndistapi.sys : 10.112 : 04/14/2008 00:00 AM : 1ab3d00c991ab086e69db84b6c0ed78f [Pos Repl] * C:\WINDOWS\System32\drivers\ndisuio.sys [NoSig] * C:\WINDOWS\System32\drivers\ndiswan.sys [NoSig] * C:\WINDOWS\System32\drivers\ndproxy.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys : 40.960 : 11/03/2010 01:55 AM : 816460bd4b4acd27937d1d0813e2e9e9 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2440591$\ndproxy.sys : 40.576 : 04/14/2008 00:00 AM : 6215023940cfd3702b46abc304e1d45a [Pos Repl] * C:\WINDOWS\System32\drivers\netbios.sys [NoSig] * C:\WINDOWS\System32\drivers\netbt.sys [NoSig] * C:\WINDOWS\System32\drivers\nic1394.sys [NoSig] * C:\WINDOWS\System32\drivers\nikedrv.sys [NoSig] * C:\WINDOWS\System32\drivers\nmnt.sys [NoSig] * C:\WINDOWS\System32\drivers\npfs.sys [NoSig] * C:\WINDOWS\System32\drivers\ntfs.sys [NoSig] * C:\WINDOWS\System32\drivers\null.sys [NoSig] * C:\WINDOWS\System32\drivers\nwlnkflt.sys [NoSig] * C:\WINDOWS\System32\drivers\nwlnkfwd.sys [NoSig] * C:\WINDOWS\System32\drivers\nwlnkipx.sys [NoSig] * C:\WINDOWS\System32\drivers\nwlnknb.sys [NoSig] * C:\WINDOWS\System32\drivers\nwlnkspx.sys [NoSig] * C:\WINDOWS\System32\drivers\nwrdr.sys [NoSig] * C:\WINDOWS\System32\drivers\oprghdlr.sys [NoSig] * C:\WINDOWS\System32\drivers\p3.sys [NoSig] * C:\WINDOWS\System32\drivers\parport.sys [NoSig] * C:\WINDOWS\System32\drivers\partmgr.sys [NoSig] * C:\WINDOWS\System32\drivers\parvdm.sys [NoSig] * C:\WINDOWS\System32\drivers\pciidex.sys [NoSig] * C:\WINDOWS\System32\drivers\pci.sys [NoSig] * C:\WINDOWS\System32\drivers\pcmcia.sys [NoSig] * C:\WINDOWS\System32\drivers\portcls.sys [NoSig] * C:\WINDOWS\System32\drivers\processr.sys [NoSig] * C:\WINDOWS\System32\drivers\psched.sys [NoSig] * C:\WINDOWS\System32\drivers\ptilink.sys [NoSig] * C:\WINDOWS\System32\drivers\rasacd.sys [NoSig] * C:\WINDOWS\System32\drivers\rasl2tp.sys [NoSig] * C:\WINDOWS\System32\drivers\raspppoe.sys [NoSig] * C:\WINDOWS\System32\drivers\raspptp.sys [NoSig] * C:\WINDOWS\System32\drivers\raspti.sys [NoSig] * C:\WINDOWS\System32\drivers\rawwan.sys [NoSig] * C:\WINDOWS\System32\drivers\rdbss.sys [NoSig] * C:\WINDOWS\System32\drivers\rdpcdd.sys [NoSig] * C:\WINDOWS\System32\drivers\rdpdr.sys [NoSig] * C:\WINDOWS\System32\drivers\rdpwd.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2570222\SP3QFE\rdpwd.sys : 139.656 : 06/24/2011 01:09 AM : 3348e61a78ba4f79c795aad6565d3b6f [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2723135\SP3QFE\rdpwd.sys : 139.784 : 07/04/2012 01:59 AM : c7d9bc54354b8c706abf172d48313f1b [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2723135$\rdpwd.sys : 139.656 : 04/14/2008 00:00 AM : 6728e45b66f93c08f11de2e316fc70dd [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\2af9909b37fcd3acf51a7c824cbf7611\SP3GDR\rdpwd.sys : 139.784 : 01/09/2012 01:20 PM : 5b3055daa788bd688594d2f5981f2a83 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\2af9909b37fcd3acf51a7c824cbf7611\SP3QFE\rdpwd.sys : 139.784 : 01/09/2012 01:19 PM : 2d293b720c206473a05950ce007db12a [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\2cfd20cacb5fa9f1896e03e26e18a222\SP3GDR\rdpwd.sys : 139.656 : 05/02/2012 01:46 AM : 6589db6e5969f8eee594cf71171c5028 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\2cfd20cacb5fa9f1896e03e26e18a222\SP3QFE\rdpwd.sys : 139.656 : 05/02/2012 01:45 AM : 997c59b9955f911ec460241dd9e01b04 [Pos Repl] * C:\WINDOWS\System32\drivers\redbook.sys [NoSig] * C:\WINDOWS\System32\drivers\rmcast.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys : 203.136 : 05/08/2008 01:58 AM : c711645c76b8ed87c021bf6165e52795 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys : 202.624 : 04/14/2008 00:00 AM : ecff394d65671efde5a872eb9ef4f2d5 [Pos Repl] * C:\WINDOWS\System32\drivers\rndismp.sys [NoSig] * C:\WINDOWS\System32\drivers\rootmdm.sys [NoSig] * C:\WINDOWS\System32\drivers\scsiport.sys [NoSig] * C:\WINDOWS\System32\drivers\sdbus.sys [NoSig] * C:\WINDOWS\System32\drivers\serenum.sys [NoSig] * C:\WINDOWS\System32\drivers\serial.sys [NoSig] * C:\WINDOWS\System32\drivers\sffdisk.sys [NoSig] * C:\WINDOWS\System32\drivers\sffp_sd.sys [NoSig] * C:\WINDOWS\System32\drivers\sfloppy.sys [NoSig] * C:\WINDOWS\System32\drivers\smclib.sys [NoSig] * C:\WINDOWS\System32\drivers\sonydcam.sys [NoSig] * C:\WINDOWS\System32\drivers\splitter.sys [NoSig] * C:\WINDOWS\System32\drivers\sr.sys [NoSig] * C:\WINDOWS\System32\drivers\srv.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2345886\SP3QFE\srv.sys : 357.248 : 08/26/2010 01:37 AM : 70cd8b8dd2a680b128617c19eb0ab94f [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2508429\SP3QFE\srv.sys : 357.888 : 02/17/2011 01:19 AM : 9b390283569ea58d43d2586032b892f5 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB982214\SP3QFE\srv.sys : 354.304 : 06/21/2010 01:18 AM : 422e4508508015c7d12f40bf9763f158 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2508429$\srv.sys : 334.848 : 04/14/2008 00:00 AM : 5252605079810904e31c332e241cd59b [Pos Repl] * C:\WINDOWS\System32\drivers\stream.sys [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\stream.sys : 48.512 : 07/09/2004 01:27 AM : 08116e1cfc74302f97ce523a8f5d6064 [Pos Repl] * C:\WINDOWS\System32\drivers\swenum.sys [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\swenum.sys : 4.096 : 12/12/2002 01:14 AM : 616a013d3ea068b6dee83d905e92ee9f [Pos Repl] * C:\WINDOWS\System32\drivers\swmidi.sys [NoSig] * C:\WINDOWS\System32\drivers\sysaudio.sys [NoSig] * C:\WINDOWS\System32\drivers\tape.sys [NoSig] * C:\WINDOWS\System32\drivers\tcpip6.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys : 225.856 : 06/20/2008 01:16 AM : 026a94e4eb2960fdc96a447b5391d56a [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys : 225.856 : 06/20/2008 01:16 AM : 026a94e4eb2960fdc96a447b5391d56a [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB978338\SP3QFE\tcpip6.sys : 226.880 : 02/11/2010 01:36 AM : f4a3c6abe7818b1b53f58fa1adb605cd [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2509553$\tcpip6.sys : 225.664 : 04/14/2008 00:00 AM : aa7a55536096d646dc7ab0ac5641e9e8 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB978338$\tcpip6.sys : 225.856 : 06/20/2008 00:08 AM : fb9f32acc1d3ad523f7ec900b66fc1bb [Pos Repl] * C:\WINDOWS\System32\Drivers\tcpip.sys [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys : 361.600 : 06/20/2008 01:59 AM : ad978a1b783b5719720cff204b666c8e [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys : 361.600 : 06/20/2008 01:59 AM : ad978a1b783b5719720cff204b666c8e [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys : 361.344 : 04/14/2008 00:00 AM : 93ea8d04ec73a85db02eb8805988f733 [Pos Repl] * C:\WINDOWS\System32\drivers\tdi.sys [NoSig] * C:\WINDOWS\System32\drivers\tdpipe.sys [NoSig] * C:\WINDOWS\System32\drivers\tdtcp.sys [NoSig] * C:\WINDOWS\System32\drivers\termdd.sys [NoSig] * C:\WINDOWS\System32\drivers\tosdvd.sys [NoSig] * C:\WINDOWS\System32\drivers\tunmp.sys [NoSig] * C:\WINDOWS\System32\drivers\udfs.sys [NoSig] * C:\WINDOWS\System32\drivers\update.sys [NoSig] * C:\WINDOWS\System32\drivers\usb8023.sys [NoSig] +-> C:\WINDOWS\SoftwareDistribution\Download\19160731e9ce03aaa87e35163a3a5346\SP3GDR\usb8023.sys : 12.928 : 02/11/2013 09:32 PM : 2a7a8ad9d39a2faf9d9293b5daff3a4b [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\19160731e9ce03aaa87e35163a3a5346\SP3QFE\usb8023.sys : 12.928 : 02/11/2013 09:43 PM : c74f25c77d6c3edf58221e4060d8cd16 [Pos Repl] * C:\WINDOWS\System32\drivers\usbcamd2.sys [NoSig] * C:\WINDOWS\System32\drivers\usbcamd.sys [NoSig] * C:\WINDOWS\System32\drivers\usbccgp.sys [NoSig] * C:\WINDOWS\System32\drivers\usbd.sys [NoSig] * C:\WINDOWS\System32\drivers\usbehci.sys [NoSig] * C:\WINDOWS\System32\drivers\usbhub.sys [NoSig] * C:\WINDOWS\System32\drivers\usbintel.sys [NoSig] * C:\WINDOWS\System32\drivers\usbport.sys [NoSig] * C:\WINDOWS\System32\drivers\USBSTOR.sys [NoSig] * C:\WINDOWS\System32\drivers\usbuhci.sys [NoSig] * C:\WINDOWS\System32\drivers\vga.sys [NoSig] * C:\WINDOWS\System32\drivers\videoprt.sys [NoSig] * C:\WINDOWS\System32\drivers\volsnap.sys [NoSig] * C:\WINDOWS\System32\drivers\wanarp.sys [NoSig] * C:\WINDOWS\System32\drivers\wdmaud.sys [NoSig] * C:\WINDOWS\System32\drivers\wmilib.sys [NoSig] * C:\WINDOWS\System32\drivers\ws2ifsl.sys [NoSig] * C:\WINDOWS\System32\dsound.dll [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll : 381.952 : 07/09/2004 01:27 AM : 033a45ab696eef481707c2808c806e1a [Pos Repl] * C:\WINDOWS\System32\dssenh.dll [NoSig] * C:\WINDOWS\System32\es.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll : 253.952 : 07/07/2008 05:25 PM : 6ec3c2a5cea41b78bb55b30444292cb8 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB950974$\es.dll : 246.272 : 04/14/2008 00:00 AM : 76abf3bb5a6d684641ec92b28240811d [Pos Repl] * C:\WINDOWS\System32\eventlog.dll [NoSig] * C:\WINDOWS\System32\hid.dll [NoSig] * C:\WINDOWS\System32\hnetcfg.dll [NoSig] * C:\WINDOWS\System32\imm32.dll [NoSig] * C:\WINDOWS\System32\ipsecsvc.dll [NoSig] * C:\WINDOWS\System32\kernel32.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2758857\SP3QFE\kernel32.dll : 1.044.992 : 10/03/2012 05:57 AM : 34a51de07eb51d7f0a8eea573f58fc31 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll : 1.044.992 : 03/21/2009 07:30 PM : 97d5372816ec546bd035edaedb5e6918 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2758857$\kernel32.dll : 1.042.944 : 03/21/2009 00:08 AM : 7dc06bf4cbc3fcd7557d8d69dfbd49f5 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll : 1.042.944 : 04/14/2008 00:00 AM : f43fe49cf77ec1cef9db9e67bddb970f [Pos Repl] * C:\WINDOWS\System32\ksuser.dll [NoSig] +-> C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll : 4.096 : 12/12/2002 01:14 AM : 15914e0bf4dda56cf797993dccb637d1 [Pos Repl] +-> C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\ksuser.dll : 4.096 : 04/14/2008 00:48 AM : d9a84134776399f6bd244bc456076575 [Pos Repl] * C:\WINDOWS\System32\linkinfo.dll [NoSig] * C:\WINDOWS\System32\lpk.dll [NoSig] * C:\WINDOWS\System32\lsass.exe [NoSig] * C:\WINDOWS\System32\mfc40u.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll : 953.856 : 09/18/2010 07:18 AM : c7d2de04eea71d72eb0a8793fa6e9fc1 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2387149$\mfc40u.dll : 927.504 : 04/14/2008 00:00 AM : 27415ceeb58c8c2f92aff8cfe2517a3c [Pos Repl] * C:\WINDOWS\System32\midimap.dll [NoSig] * C:\WINDOWS\System32\msgsvc.dll [NoSig] * C:\WINDOWS\System32\mshtml.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2183461\SP3QFE\mshtml.dll : 3.094.528 : 06/24/2010 07:12 AM : 0ee027067fbfae684ab48bd13f9487b0 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll : 5.954.560 : 06/24/2010 07:28 AM : 919b94179e1d0fd9f7f4cfe033d88c3c [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll : 5.958.656 : 09/10/2010 07:50 AM : 04157ffa309d1775cea8b1831d7df759 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll : 5.960.704 : 11/05/2010 09:24 PM : 54517a9198da54c59c11e496733582d6 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll : 5.962.240 : 12/20/2010 08:51 PM : 3ea623e8296205c0c1a9a44368f8dc03 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll : 5.964.800 : 02/22/2011 08:26 PM : 5b2dca4310fd295bfccce5daec0442f5 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll : 5.967.360 : 05/30/2011 07:11 PM : 5fda6e84f190fd008fb0dc6e6bf20c3c [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll : 5.971.456 : 07/25/2011 07:07 AM : f3dfc7460d07f83865e5e8ef9715883e [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll : 5.978.624 : 11/04/2011 04:12 PM : 4bb3b66ccbd71bcf84fdfef9a4955d63 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2744842\SP3QFE\mshtml.dll : 3.110.400 : 08/30/2012 05:29 PM : 3b5e798ac3c5c83ab9f15702720dbd53 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2744842-IE8\SP3QFE\mshtml.dll : 6.010.368 : 08/28/2012 05:17 AM : eb44f76332080fd115b8589d6dd8072f [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2761465-IE8\SP3QFE\mshtml.dll : 6.010.880 : 11/12/2012 04:51 PM : c906c650ad1e1361683448199fe07eb9 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll : 5.953.024 : 05/06/2010 04:27 AM : 5d7062aa7bbc8a5ff8ed8109325984e1 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2744842$\mshtml.dll : 3.066.880 : 04/14/2008 00:00 AM : 85b88c504d1527978f1c2fbe6a41e799 [Pos Repl] +-> C:\WINDOWS\ie8\mshtml.dll : 3.109.888 : 08/30/2012 05:33 PM : 1cfc8042b24577da8f001302f8062f68 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2183461-IE8\mshtml.dll : 5.950.976 : 05/06/2010 01:33 AM : 4b1bb5db92df08aca55ea93b29f4bcf5 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2360131-IE8\mshtml.dll : 5.951.488 : 06/24/2010 01:24 AM : 84acad2e4408261306bf83f1d436589d [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2416400-IE8\mshtml.dll : 5.957.120 : 09/10/2010 01:50 AM : 7ef19725fc6129d914ad7fda1dea9e46 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2482017-IE8\mshtml.dll : 5.959.168 : 11/05/2010 09:21 PM : 2e4553bca1258f792ff4a7d3b526da31 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2497640-IE8\mshtml.dll : 5.961.216 : 12/20/2010 08:51 PM : 5c3fff5a6629ae49821cd3548220a06c [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2530548-IE8\mshtml.dll : 5.962.240 : 02/22/2011 08:08 PM : 177f3a6b3e2babd0c911087202d2da5b [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2559049-IE8\mshtml.dll : 5.964.800 : 05/30/2011 07:12 PM : ea8c79d69a5022b6e5e22e9a91eb9cb5 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2618444-IE8\mshtml.dll : 5.950.976 : 05/06/2010 07:33 AM : 4b1bb5db92df08aca55ea93b29f4bcf5 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2744842-IE8\mshtml.dll : 5.978.112 : 11/04/2011 04:13 PM : 289a867941db68c289315a680d8ce395 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2761465-IE8\mshtml.dll : 6.008.832 : 08/28/2012 04:18 AM : 1206a54ad9b011118ea975d17baf1541 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB982381-IE8\mshtml.dll : 5.937.152 : 03/08/2009 04:41 AM : d469a0eba2ef5c6bee8065b7e3196e5e [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\1df57e976e4a45bad11f3ce7364adbc0\SP3GDR\mshtml.dll : 6.010.368 : 01/08/2013 05:38 PM : 3ad487acf6b1b9ae3b101dff8422700f [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\1df57e976e4a45bad11f3ce7364adbc0\SP3QFE\mshtml.dll : 6.011.904 : 01/08/2013 05:36 PM : 033a62f251f9d64fdab494fb461e9bb8 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\31cc2687a18f8c510a8b7f6cd21ec1ab\SP3GDR\mshtml.dll : 5.978.624 : 03/01/2012 05:59 AM : 4ce0b98e4b8c4e7097861d40d16bf050 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\31cc2687a18f8c510a8b7f6cd21ec1ab\SP3QFE\mshtml.dll : 5.980.672 : 03/01/2012 05:56 AM : 8b7a535d32c9bc0ef43da81a23de2203 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\37fd3caa702f17acaaf342930e54f80d\SP3GDR\mshtml.dll : 6.009.856 : 01/06/2013 05:33 AM : 510635a726af7636edcaa7bf11cc8b26 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\37fd3caa702f17acaaf342930e54f80d\SP3QFE\mshtml.dll : 6.011.392 : 01/06/2013 05:32 AM : 0ee37f47a2b1f02cc6a4545e484a1704 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\4c63122518a43a5948b889f6ab73e322\SP3GDR\mshtml.dll : 5.950.976 : 05/06/2010 05:33 AM : 4b1bb5db92df08aca55ea93b29f4bcf5 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\4c63122518a43a5948b889f6ab73e322\SP3QFE\mshtml.dll : 5.953.024 : 05/06/2010 05:27 AM : 5d7062aa7bbc8a5ff8ed8109325984e1 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\65fd1ba7bd525d66353e57ff2bc83c6d\SP3GDR\mshtml.dll : 5.951.488 : 06/24/2010 05:24 AM : 84acad2e4408261306bf83f1d436589d [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\65fd1ba7bd525d66353e57ff2bc83c6d\SP3QFE\mshtml.dll : 5.954.560 : 06/24/2010 05:28 AM : 919b94179e1d0fd9f7f4cfe033d88c3c [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\75f327e792d72e3c8ecae4bb4860787b\SP3GDR\mshtml.dll : 5.978.112 : 11/04/2011 04:13 PM : 289a867941db68c289315a680d8ce395 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\75f327e792d72e3c8ecae4bb4860787b\SP3QFE\mshtml.dll : 5.978.624 : 11/04/2011 04:12 PM : 4bb3b66ccbd71bcf84fdfef9a4955d63 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\91c2a3ee9a2b1c930cf8300c63a34699\backup\sp3gdr\mshtml.dll : 3.066.880 : 04/14/2008 00:00 AM : 85b88c504d1527978f1c2fbe6a41e799 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\91c2a3ee9a2b1c930cf8300c63a34699\sp3gdr\mshtml.dll : 3.109.888 : 07/11/2012 07:00 PM : 13bbefac61cbd4b9672deaa374ee9f06 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\91c2a3ee9a2b1c930cf8300c63a34699\sp3qfe\mshtml.dll : 3.110.400 : 07/11/2012 06:59 PM : 33340103bff479bb26a1dc09a6ffa548 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\e1117c9219e2e71da55685060940b606\SP3GDR\mshtml.dll : 6.008.832 : 08/28/2012 06:18 AM : 1206a54ad9b011118ea975d17baf1541 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\e1117c9219e2e71da55685060940b606\SP3QFE\mshtml.dll : 6.010.368 : 08/28/2012 06:17 AM : eb44f76332080fd115b8589d6dd8072f [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f07c2578b8c11544f995c1f637db0658\SP3GDR\mshtml.dll : 6.011.392 : 02/28/2013 11:27 PM : d2e49b4eb0edcc97aee4f2c472e9a068 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f07c2578b8c11544f995c1f637db0658\SP3QFE\mshtml.dll : 6.012.928 : 02/28/2013 11:26 PM : 5996f1eebe1e2fa3b6719fc11b9e9e5e [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f0fd3c8dc625f175f421ec42ab71d90d\SP3GDR\mshtml.dll : 5.971.456 : 10/03/2011 11:31 AM : 11ba965379941caf3ccc423182665082 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f0fd3c8dc625f175f421ec42ab71d90d\SP3QFE\mshtml.dll : 5.972.992 : 10/03/2011 11:30 AM : 6c295dcdd113523edfeb618507548a01 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f43cf0ebe199eb9004286cfa5a00705d\SP3GDR\mshtml.dll : 6.007.808 : 05/11/2012 11:43 AM : a7cc2f4a536fb972f51a2fdd90ff0afa [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f43cf0ebe199eb9004286cfa5a00705d\SP3QFE\mshtml.dll : 6.009.344 : 05/11/2012 11:42 AM : af0e44ebff592132cb8926608f4f2ae7 [Pos Repl] * C:\WINDOWS\System32\msimg32.dll [NoSig] * C:\WINDOWS\System32\mspmsnsv.dll [NoSig] +-> C:\WINDOWS\$NtUninstallWMFDist11$\mspmsnsv.dll : 52.736 : 04/14/2008 05:48 AM : 57cf215b0250de0c4ae36abc8ae31be4 [Pos Repl] +-> C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll : 25.088 : 08/11/2004 04:45 AM : a477391b7a8b0a0daabadb17cf533a4b [Pos Repl] +-> C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll : 52.736 : 04/14/2008 04:00 AM : 57cf215b0250de0c4ae36abc8ae31be4 [Pos Repl] * C:\WINDOWS\System32\msprivs.dll [NoSig] * C:\WINDOWS\System32\msvcrt.dll [NoSig] +-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll : 322.560 : 04/14/2008 04:00 AM : 4200be3808f6406dbe45a7b88dae5035 [Pos Repl] +-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll : 343.040 : 04/14/2008 04:00 AM : b1cb86d70023988360da136b317d8546 [Pos Repl] * C:\WINDOWS\System32\mswsock.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll : 248.320 : 06/20/2008 02:44 PM : dc10b07f256c8edf6642015e380c741e [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll : 248.320 : 06/20/2008 02:44 PM : dc10b07f256c8edf6642015e380c741e [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll : 248.320 : 04/14/2008 05:00 AM : ad893c9d3a09081d55a4bdfbc66ad592 [Pos Repl] * C:\WINDOWS\System32\netlogon.dll [NoSig] * C:\WINDOWS\System32\netman.dll [NoSig] * C:\WINDOWS\System32\ntkrnlpa.exe [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe : 2.071.808 : 12/09/2010 08:44 PM : 9f35605bc629f27aa34423b9de652284 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe : 2.071.808 : 10/26/2011 08:49 AM : e1d6ec017678a5b118fcc4d6e9d54012 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe : 2.071.552 : 04/11/2012 08:51 AM : f3364f7432d706f7550fba400dec258e [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe : 2.071.552 : 05/05/2012 08:14 AM : 539c2c08db474d3e35d0591b453705c5 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe : 2.068.608 : 02/09/2009 08:17 AM : 9b5e5d325cedbb10a9a86679634a38cc [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe : 2.069.376 : 04/28/2010 11:17 PM : e04ee6357753b8041744e1c815cc8ae4 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2393802$\ntkrnlpa.exe : 2.068.224 : 04/14/2008 05:00 AM : 2e2931a58b112cdf2a99b00b5dacdbe4 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2676562$\ntkrnlpa.exe : 2.071.808 : 12/09/2010 05:13 AM : a09f7aae3b9d189f5f9fc16590df4a2d [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2707511$\ntkrnlpa.exe : 2.071.552 : 04/11/2012 05:53 AM : 8a943e5db9bc152aff0d26f9e9a68eff [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2724197$\ntkrnlpa.exe : 2.071.552 : 05/05/2012 05:14 AM : 022fd032105d0a6c02794b9c84bab0e6 [Pos Repl] +-> C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe : 2.072.064 : 08/23/2012 04:27 AM : ad98fa3260891513aa5399437389f29f [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\11b2eedee6bff8594de0532f8f125103\sp3gdr\ntkrnlpa.exe : 2.072.192 : 01/07/2013 11:25 AM : c3d8034849831b11906a5c796a9d6ddf [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\11b2eedee6bff8594de0532f8f125103\sp3qfe\ntkrnlpa.exe : 2.072.192 : 01/07/2013 11:24 AM : a88240ba6f7ef5c72293c06a773c3376 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\3ea89e8db489522d4dbceff5e6b2e850\sp3gdr\ntkrnlpa.exe : 2.071.552 : 05/05/2012 11:14 AM : 022fd032105d0a6c02794b9c84bab0e6 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\3ea89e8db489522d4dbceff5e6b2e850\sp3qfe\ntkrnlpa.exe : 2.071.552 : 05/05/2012 11:14 AM : 539c2c08db474d3e35d0591b453705c5 [Pos Repl] * C:\WINDOWS\System32\ntmssvc.dll [NoSig] * C:\WINDOWS\System32\ntoskrnl.exe [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe : 2.195.200 : 12/09/2010 11:14 AM : 4f2053b8b0d20f4b398a95bdd1905893 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe : 2.195.200 : 10/26/2011 11:49 AM : 33d4e8feb318e8296b13f20ddd6d3ac9 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe : 2.195.072 : 04/11/2012 11:50 AM : 90eb3afd0833502e05d1d7a4b6f238a5 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe : 2.195.072 : 05/05/2012 11:14 AM : d9c76ce9f26d6a0725fe9c241819149a [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe : 2.191.616 : 02/10/2009 08:15 PM : 6bc8e4aafc98b556b8fb616ad30cd5a3 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe : 2.192.512 : 04/28/2010 08:17 AM : 236509eed5f0256fb9a803104f1de148 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2393802$\ntoskrnl.exe : 2.191.360 : 04/14/2008 05:00 AM : 6468827016fa22cae81d7059f1a974c0 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2676562$\ntoskrnl.exe : 2.195.200 : 12/09/2010 05:13 AM : 5e8f8bbeac46044a99c1edce00e96b01 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2707511$\ntoskrnl.exe : 2.195.072 : 04/11/2012 05:52 AM : ec6e69bcbf5cf5eac92626b82648a96e [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2724197$\ntoskrnl.exe : 2.195.072 : 05/05/2012 05:14 AM : ce21a80b5956fe8c3c0ea78654bb913f [Pos Repl] +-> C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe : 2.195.328 : 08/23/2012 04:27 AM : 75b7e41846682a8be30e1002ee6320eb [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\11b2eedee6bff8594de0532f8f125103\sp3gdr\ntoskrnl.exe : 2.195.456 : 01/07/2013 11:25 AM : ef24649d2907048825f30b92277e3f03 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\11b2eedee6bff8594de0532f8f125103\sp3qfe\ntoskrnl.exe : 2.195.584 : 01/07/2013 11:24 AM : faacfdac432f3851fb5ba94abb2ec9cd [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\3ea89e8db489522d4dbceff5e6b2e850\sp3gdr\ntoskrnl.exe : 2.195.072 : 05/05/2012 11:14 AM : ce21a80b5956fe8c3c0ea78654bb913f [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\3ea89e8db489522d4dbceff5e6b2e850\sp3qfe\ntoskrnl.exe : 2.195.072 : 05/05/2012 11:14 AM : d9c76ce9f26d6a0725fe9c241819149a [Pos Repl] * C:\WINDOWS\System32\oakley.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB974392\SP3QFE\oakley.dll : 271.360 : 10/13/2009 08:39 AM : 264586e0b00abf80b862c216be075c4d [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB974392$\oakley.dll : 271.360 : 04/14/2008 05:00 AM : 4526fd371e434d45e14102328a025637 [Pos Repl] * C:\WINDOWS\System32\ole32.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2624667\SP3QFE\ole32.dll : 1.288.704 : 11/01/2011 01:05 PM : e8c2fa9ac16c25c0ab0677ba12d74bc1 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB979687\SP3QFE\ole32.dll : 1.288.704 : 07/16/2010 01:59 AM : bcfea258277fb42dd7f447eb61c34d06 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2624667$\ole32.dll : 1.287.680 : 07/16/2010 05:00 AM : 448fe53c1b2671db712c8e8838e4263f [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB979687$\ole32.dll : 1.287.168 : 04/14/2008 05:00 AM : 463d57bf9fe5871208ff99399360a57d [Pos Repl] * C:\WINDOWS\System32\olepro32.dll [NoSig] * C:\WINDOWS\System32\perfctrs.dll [NoSig] * C:\WINDOWS\System32\powrprof.dll [NoSig] * C:\WINDOWS\System32\psbase.dll [NoSig] * C:\WINDOWS\System32\pstorsvc.dll [NoSig] * C:\WINDOWS\System32\qmgr.dll [NoSig] * C:\WINDOWS\System32\rasadhlp.dll [NoSig] * C:\WINDOWS\System32\regsvc.dll [NoSig] * C:\WINDOWS\System32\rpcss.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll : 401.408 : 02/09/2009 01:56 AM : aef41fc6f108cc4f94f9b4e96afa9c70 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll : 399.360 : 04/14/2008 05:00 AM : 53d02effa72ca5c57687bee20610aba6 [Pos Repl] * C:\WINDOWS\System32\scecli.dll [NoSig] * C:\WINDOWS\System32\schannel.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2541763\SP3QFE\schannel.dll : 151.552 : 04/29/2011 02:23 PM : 2af7f12d9c9b5c95568a10470a294b3e [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2585542\SP3QFE\schannel.dll : 152.064 : 11/16/2011 02:20 AM : 81ac64a666ceafa03c63bbd9d1e3b583 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2655992\SP3QFE\schannel.dll : 153.088 : 06/04/2012 02:31 AM : d16b219bf4e3229d7aa64c0bcbf5ef83 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\schannel.dll : 147.456 : 06/25/2009 02:42 AM : 3786e1c77df16c1c177a294164386161 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB980436\SP3QFE\schannel.dll : 149.504 : 06/30/2010 02:24 AM : c4074346a0433c92db998f42d419ce70 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2655992$\schannel.dll : 147.456 : 06/25/2009 05:26 AM : 8ebc52bf79c1e893f9634caaa83fb334 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB968389$\schannel.dll : 144.384 : 04/14/2008 05:00 AM : c0bcc6807b66368f37d0e7d0b717fe27 [Pos Repl] * C:\WINDOWS\System32\schedsvc.dll [NoSig] * C:\WINDOWS\System32\services.exe [NoSig] +-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe : 111.104 : 02/09/2009 02:16 AM : aa6e1769469f9d15603a619fc1fb9e18 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB956572$\services.exe : 109.056 : 04/14/2008 05:00 AM : d658a8c2fc7b2ad53d1259741a09ee04 [Pos Repl] * C:\WINDOWS\System32\setupapi.dll [NoSig] * C:\WINDOWS\System32\sfc.dll [NoSig] * C:\WINDOWS\System32\sfcfiles.dll [NoSig] * C:\WINDOWS\System32\shsvcs.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB971029\SP3QFE\shsvcs.dll : 135.168 : 07/27/2009 07:14 PM : 8a34f9730a2206726b1be4dc4209cab9 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB971029$\shsvcs.dll : 135.168 : 04/14/2008 05:00 AM : ca70edbf32032ea53f114cb930741cb5 [Pos Repl] * C:\WINDOWS\System32\smss.exe [NoSig] * C:\WINDOWS\System32\spoolsv.exe [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe : 58.880 : 08/17/2010 07:19 AM : 258dd5d4283fd9f9a7166be9ae45ce73 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe : 57.856 : 04/14/2008 05:00 AM : cdd2dc6ae65084481e723e746c20539a [Pos Repl] * C:\WINDOWS\System32\srsvc.dll [NoSig] * C:\WINDOWS\System32\ssdpsrv.dll [NoSig] * C:\WINDOWS\System32\svchost.exe [NoSig] * C:\WINDOWS\System32\tapisrv.dll [NoSig] * C:\WINDOWS\System32\termsrv.dll [NoSig] * C:\WINDOWS\System32\upnphost.dll [NoSig] * C:\WINDOWS\System32\user32.dll [NoSig] * C:\WINDOWS\System32\userinit.exe [NoSig] * C:\WINDOWS\System32\usp10.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB981322\SP3QFE\usp10.dll : 406.016 : 04/16/2010 07:30 AM : 964d29711065a944e1bec7fd676e61d9 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB981322$\usp10.dll : 406.016 : 04/14/2008 05:00 AM : d2abeb6af76da414d1fff8b409f00635 [Pos Repl] * C:\WINDOWS\System32\UxTheme.dll [NoSig] * C:\WINDOWS\System32\version.dll [NoSig] * C:\WINDOWS\System32\w32time.dll [NoSig] * C:\WINDOWS\System32\wbem\wmiprvse.exe [NoSig] +-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\wmiprvse.exe : 227.840 : 02/06/2009 07:15 AM : f520ab392d58c0a1070268032d809382 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB956572$\wmiprvse.exe : 218.112 : 04/14/2008 05:00 AM : 3d47902bd4be157f89b469f5cc7b5fa2 [Pos Repl] * C:\WINDOWS\System32\wdigest.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\wdigest.dll : 54.272 : 06/25/2009 07:42 AM : f5a46222d555489958d85aa6f16499aa [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB968389$\wdigest.dll : 49.152 : 04/14/2008 05:00 AM : 31ea4ef7f106c7b2d28fc50d9e75d60e [Pos Repl] * C:\WINDOWS\System32\wiaservc.dll [NoSig] * C:\WINDOWS\System32\wininet.dll [NoSig] +-> C:\WINDOWS\$hf_mig$\KB2183461\SP3QFE\wininet.dll : 671.232 : 06/24/2010 07:12 AM : 6d7040b3e3ff3053e6210f585216cc58 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll : 919.040 : 06/24/2010 07:28 AM : 53e8f49c2c08decabef9161064a86b7f [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll : 919.552 : 09/10/2010 07:50 AM : dc9098440b4f317afc22611506b1e51d [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll : 919.552 : 11/05/2010 09:24 PM : 164f5176393730ca6da08cbbbb6e1fa4 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll : 919.552 : 12/20/2010 08:51 PM : 9d76c14c32943fc5a4e18c5929ce010d [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll : 919.552 : 02/22/2011 08:26 PM : 0d9f8b29f6f44cc730df02a4bb5db938 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll : 919.552 : 04/25/2011 01:03 PM : 49dd731bb59a207cb13e55de6ce20c16 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll : 919.552 : 06/23/2011 03:29 PM : 04d4065ec4f36bb9f0b251af2bba9673 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll : 919.552 : 11/04/2011 04:12 PM : b6716dc84cae442957e40875d012f183 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2744842\SP3QFE\wininet.dll : 671.232 : 08/30/2012 05:29 PM : a674ff27945f8fc9d0c8e992b4c3a2ae [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll : 920.064 : 08/28/2012 05:17 AM : f503cfa1863ee2745677b6d5302454ef [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll : 920.064 : 11/01/2012 05:11 AM : 2accfb3a52634380461a8f042d45ced2 [Pos Repl] +-> C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll : 919.040 : 05/06/2010 05:28 AM : 9acfbee8e9573ee39cb93c636df36f78 [Pos Repl] +-> C:\WINDOWS\$NtUninstallKB2744842$\wininet.dll : 668.672 : 04/14/2008 05:00 AM : a9a84cfc20d5f4c609e9cbf9491b8df6 [Pos Repl] +-> C:\WINDOWS\ie8\wininet.dll : 669.696 : 08/30/2012 05:33 PM : 3440d035c998056cc8e5373ff07ea7d8 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2183461-IE8\wininet.dll : 916.480 : 05/06/2010 04:33 AM : 26412d06783e47eac7667569bf6962d3 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2360131-IE8\wininet.dll : 916.480 : 06/24/2010 04:24 AM : 2129e30c14179d3b68f31758d8a0e79c [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2416400-IE8\wininet.dll : 916.480 : 09/10/2010 04:50 AM : ab73edc1c6d05869764d938436b1afb5 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2482017-IE8\wininet.dll : 916.480 : 11/05/2010 09:21 PM : 48999895a4d990c8cae41be339cfb2fa [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2497640-IE8\wininet.dll : 916.480 : 12/20/2010 08:51 PM : 339484fe932630e2bed2b62b1eb95318 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2530548-IE8\wininet.dll : 916.480 : 02/22/2011 08:08 PM : 5b51165136d5dd27db36035cdb03db69 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2559049-IE8\wininet.dll : 916.480 : 04/25/2011 01:05 PM : f711f6f4d64613b1d742c0cbc221ace4 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2618444-IE8\wininet.dll : 916.480 : 05/06/2010 01:33 AM : 26412d06783e47eac7667569bf6962d3 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2744842-IE8\wininet.dll : 916.992 : 11/04/2011 04:13 PM : e23dca6f31b9a97714f334b67b412fbd [Pos Repl] +-> C:\WINDOWS\ie8updates\KB2761465-IE8\wininet.dll : 916.992 : 08/28/2012 04:18 AM : 93e89539bc12e61b31a20edc41da8ff4 [Pos Repl] +-> C:\WINDOWS\ie8updates\KB982381-IE8\wininet.dll : 914.944 : 03/08/2009 04:34 AM : 6ce32f7778061ccc5814d5e0f282d369 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\1df57e976e4a45bad11f3ce7364adbc0\SP3GDR\wininet.dll : 916.480 : 12/26/2012 05:21 PM : bd43a5fe6330b3c26271375b72422e4c [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\1df57e976e4a45bad11f3ce7364adbc0\SP3QFE\wininet.dll : 920.064 : 12/26/2012 05:19 PM : e3646857e43ecb099e435338f299b9aa [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\31cc2687a18f8c510a8b7f6cd21ec1ab\SP3GDR\wininet.dll : 916.992 : 03/01/2012 05:59 AM : 5bd18846a35df7b75aa56ca279306a56 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\31cc2687a18f8c510a8b7f6cd21ec1ab\SP3QFE\wininet.dll : 919.552 : 03/01/2012 05:56 AM : e8326d1085e09c13cbd3333c065de198 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\4c63122518a43a5948b889f6ab73e322\SP3GDR\wininet.dll : 916.480 : 05/06/2010 05:33 AM : 26412d06783e47eac7667569bf6962d3 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\4c63122518a43a5948b889f6ab73e322\SP3QFE\wininet.dll : 919.040 : 05/06/2010 05:28 AM : 9acfbee8e9573ee39cb93c636df36f78 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\65fd1ba7bd525d66353e57ff2bc83c6d\SP3GDR\wininet.dll : 916.480 : 06/24/2010 05:24 AM : 2129e30c14179d3b68f31758d8a0e79c [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\65fd1ba7bd525d66353e57ff2bc83c6d\SP3QFE\wininet.dll : 919.040 : 06/24/2010 05:28 AM : 53e8f49c2c08decabef9161064a86b7f [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\75f327e792d72e3c8ecae4bb4860787b\SP3GDR\wininet.dll : 916.992 : 11/04/2011 04:13 PM : e23dca6f31b9a97714f334b67b412fbd [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\75f327e792d72e3c8ecae4bb4860787b\SP3QFE\wininet.dll : 919.552 : 11/04/2011 04:12 PM : b6716dc84cae442957e40875d012f183 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\91c2a3ee9a2b1c930cf8300c63a34699\sp3gdr\wininet.dll : 669.696 : 06/28/2012 06:32 PM : 65824cfa8c6d8b8a92b651f255ebde38 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\91c2a3ee9a2b1c930cf8300c63a34699\sp3qfe\wininet.dll : 671.232 : 06/28/2012 06:31 PM : 9ffb1ef7be81028f34d281cb247fa512 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\e1117c9219e2e71da55685060940b606\SP3GDR\wininet.dll : 916.992 : 08/28/2012 06:18 AM : 93e89539bc12e61b31a20edc41da8ff4 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\e1117c9219e2e71da55685060940b606\SP3QFE\wininet.dll : 920.064 : 08/28/2012 06:17 AM : f503cfa1863ee2745677b6d5302454ef [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f07c2578b8c11544f995c1f637db0658\SP3GDR\wininet.dll : 916.480 : 02/05/2013 05:13 PM : a52a0ad6ff79f08b634b03a10d8e30c6 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f07c2578b8c11544f995c1f637db0658\SP3QFE\wininet.dll : 920.064 : 02/05/2013 05:10 PM : 60872897190a0c18f1f535ec2fcbfde8 [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f0fd3c8dc625f175f421ec42ab71d90d\SP3GDR\wininet.dll : 916.480 : 08/22/2011 08:41 PM : 455d0d895db28e2a980f255ceb71eafb [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f0fd3c8dc625f175f421ec42ab71d90d\SP3QFE\wininet.dll : 919.552 : 08/22/2011 08:40 PM : dc31d7398dace4d2accea41055f7e0dd [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f43cf0ebe199eb9004286cfa5a00705d\SP3GDR\wininet.dll : 916.992 : 05/16/2012 08:08 AM : f1efd9ee93e10865d809d5b0a4729d4d [Pos Repl] +-> C:\WINDOWS\SoftwareDistribution\Download\f43cf0ebe199eb9004286cfa5a00705d\SP3QFE\wininet.dll : 920.064 : 05/16/2012 08:07 AM : 5ae0fdbf89228ecb976c6388ddc64583 [Pos Repl] * C:\WINDOWS\System32\winlogon.exe [NoSig] * C:\WINDOWS\System32\ws2_32.dll [NoSig] * C:\WINDOWS\System32\ws2help.dll [NoSig] * C:\WINDOWS\System32\wscntfy.exe [NoSig] * C:\WINDOWS\System32\xmlprov.dll [NoSig] * C:\WINDOWS\explorer.exe [NoSig] Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 localhost Program finished at: 04/14/2013 09:45:11 PM Execution time: 0 hours(s), 17 minute(s), and 57 seconds(s)
  7. I'd like to try and disable it, at least so I can copy my stuff for backup, and then make a clean start. RougeKiller report: RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Usuario [Admin rights] Mode : Remove -- Date : 04/14/2013 21:13:12 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 8 ¤¤¤ [services][HJNAME] HKLM\[...]\ControlSet001\Services\SamSs (C:\WINDOWS\cystem32\lsass.exe) [x] -> DELETED [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NOT SELECTED [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> NOT SELECTED [HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> NOT SELECTED [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) [RUN][HJNAME] [ON_D:Julián]HKCU[...]\Run : CTFMON.EXE (C:\WINDOWS\system32\ctfmon.exe) [-] -> DELETED [RUN][HJNAME] [ON_D:LocalService]HKCU[...]\Run : CTFMON.EXE (C:\WINDOWS\system32\CTFMON.EXE) [-] -> DELETED [RUN][HJNAME] [ON_D:NetworkService]HKCU[...]\Run : CTFMON.EXE (C:\WINDOWS\system32\CTFMON.EXE) [-] -> DELETED ¤¤¤ Particular Files / Folders: ¤¤¤ [Faked.Drv][FILE] snp2uvc.sys : C:\WINDOWS\system32\drivers\snp2uvc.sys [-] --> CANNOT FIX ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ Extern Hives: ¤¤¤ -> D:\Documents and Settings\Julián\NTUSER.DAT -> D:\Documents and Settings\LocalService\NTUSER.DAT -> D:\Documents and Settings\NetworkService\NTUSER.DAT ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] cb39aeb29bc56a25c8a47d79496dd8d0 [bSP] edf0166eb602f792329496bd9e66b382 : Windows XP MBR Code Partition table: 0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 79995 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 163846935 | Size: 158469 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[3]_D_04142013_02d2113.txt >> RKreport[1]_S_04132013_02d2229.txt ; RKreport[2]_S_04142013_02d2109.txt ; RKreport[3]_D_04142013_02d2113.txt I deleted the ones you named.
  8. So aswMBR led me to a bluescreen with the following error message: (I saw 2 locked yellow files and 1 red suspicious before the bluescreen, this has happened with other programs before, as if just before finding the error, the computer crashes) STOP 0x0000008E (0xC0000005, 0x80544732, 0xBA7BC944, 0x00000000) I'll try again now, meanwhile here's the RougeKiller report: RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Usuario [Admin rights] Mode : Scan -- Date : 04/13/2013 22:29:21 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 8 ¤¤¤ [services][HJNAME] HKLM\[...]\ControlSet001\Services\SamSs (C:\WINDOWS\cystem32\lsass.exe) [x] -> FOUND [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [RUN][HJNAME] [ON_D:Julián]HKCU[...]\Run : CTFMON.EXE (C:\WINDOWS\system32\ctfmon.exe) [-] -> FOUND [RUN][HJNAME] [ON_D:LocalService]HKCU[...]\Run : CTFMON.EXE (C:\WINDOWS\system32\CTFMON.EXE) [-] -> FOUND [RUN][HJNAME] [ON_D:NetworkService]HKCU[...]\Run : CTFMON.EXE (C:\WINDOWS\system32\CTFMON.EXE) [-] -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ Extern Hives: ¤¤¤ -> D:\Documents and Settings\Julián\NTUSER.DAT -> D:\Documents and Settings\LocalService\NTUSER.DAT -> D:\Documents and Settings\NetworkService\NTUSER.DAT ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] cb39aeb29bc56a25c8a47d79496dd8d0 [bSP] edf0166eb602f792329496bd9e66b382 : Windows XP MBR Code Partition table: 0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 79995 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 163846935 | Size: 158469 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1]_S_04132013_02d2229.txt >> RKreport[1]_S_04132013_02d2229.txt
  9. Hello everyone, I'm new here. I've been instructed to follow the steps on asking for help here, here's the original post, which explains the problem. To put it simply, my computer got infected with a nasty virus that would shut down a lot of critical services on startup, preventing me from installing practically any antivirus, not being able to copy/cut folders or even drag them around. It also disabled Avast and the Windows Installer Services, and apparently my soundcard no longer exists and I can only hear the computer bleep. Oh well, when all of this happened, what I first thought (I will just stop here and I won't go into much detail of what happened afterwards, for reading's sake) is to scan the computer with Malwarebytes. Installation went fairly normal but as I tried to run it, this little fellow showed up: Quote Run Time Error '372': Failed to load control 'vbalGrid' from vbalsgrid6.ocx Your version of vbalsgrid6.ocx may be outdated. Make sure you are using the version of the control that was provided with your application. I tried several things, but I'd like to know what's your take on this, maybe I got something wrong in the process of fixing it. As I said, I'm pretty sure I can get rid of this guy using Malwarebytes, but it seems as if the virus had made sure to disable all the possible ways of fixing it, so it pretty much feels like a check mate. So... is any of you guys a good chess player? Thanks a lot in advance. Cheers! I've also been told this could be a Remote Procedure Call problem. I tried several things but none of them seemed to work. Now that I remember, there were also issues with my taskbar and my quick-start icons/tray icons, they magically dissappeared. I've followed all the steps I could in the guide, I obviously couldn't get the program to work, therefore not being able to scan anything with it, but I did get DDS.com to work, so here's the log: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2 Run by Usuario at 23:36:02 on 2013-04-12 . ============== Running Processes ================ . C:\WINDOWS\Explorer.EXE C:\Archivos de programa\SUPERAntiSpyware\SASCORE.EXE C:\Archivos de programa\Java\jre7\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe C:\Archivos de programa\AVAST Software\Avast\avastUI.exe C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Archivos de programa\Archivos comunes\Java\Java Update\jucheck.exe C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Usuario\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.plusnetwork.com/?sp=hp uInternet Connection Wizard,ShellNext = hxxp://ad.harrenmedianetwork.com/clk?2,13%3B64368ba5c7ad7b99%3B12b26df4deb,0%3B%3B%3B4288633824,wNtKAM5zCAC5E1AAAAAAAND9FQAAAAAAAABAAAIAAAAAAAUAAQAHFEjJCAAAAAAAlQsGAAAAAACliR0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACFcgMAAAAAAAIAAwAAAAAASE3fJisBAAAAAAAAADg2M2MxZTMyLWMzNzAtMTFkZi1iMDg5LTAwMWIyNDkzNjUwYQCUAAAAAAA=,,http%3A%2F%2Fad.harrenmedianetwork.com%2F, BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\archivos de programa\archivos comunes\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\archivos de programa\archivos comunes\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\archivos de programa\java\jre7\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\archivos de programa\avast software\avast\aswWebRepIE.dll BHO: Windows Live Aplicación auxiliar de inicio de sesión: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\archivos de programa\archivos comunes\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\archivos de programa\java\jre7\bin\jp2ssv.dll BHO: Download Accelerator Plus Integration: {FF6C3CF0-4B15-11D1-ABED-709549C10000} - c:\archivos de programa\dap\dapieloader.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\archivos de programa\avast software\avast\aswWebRepIE.dll uRun: [sUPERAntiSpyware] c:\archivos de programa\superantispyware\SUPERAntiSpyware.exe mRun: [sunJavaUpdateSched] "c:\archivos de programa\archivos comunes\java\java update\jusched.exe" mRun: [Adobe ARM] "c:\archivos de programa\archivos comunes\adobe\arm\1.0\AdobeARM.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [GB_UPDATE] c:\archivos de programa\razer\razer game booster\AutoUpdate.exe/AUTORUN mRun: [avast] "c:\archivos de programa\avast software\avast\avastUI.exe" /nogui mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N uPolicies-Explorer: NoDriveTypeAutoRun = dword:323 uPolicies-Explorer: NoSMHelp = dword:1 uPolicies-Explorer: NoSMConfigurePrograms = dword:1 uPolicies-Explorer: NoSMMyPictures = dword:1 uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: ForceClassicControlPanel = dword:1 mPolicies-Explorer: NoSMHelp = dword:1 mPolicies-Explorer: NoSMConfigurePrograms = dword:1 mPolicies-Explorer: NoSMMyPictures = dword:1 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 IE: &Clean Traces - c:\archivos de programa\dap\privacy package\dapcleanerie.htm IE: &Download with &DAP - c:\archivos de programa\dap\dapextie.htm IE: Anexar a PDF existente - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir a Adobe PDF - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir destino de vínculo a PDF existente - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir destino de vínculo en archivo Adobe PDF - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir selección a Adobe PDF - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir selección a archivo PDF existente - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir vínculos seleccionados a Adobe PDF - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir vínculos seleccionados a PDF existente - c:\archivos de programa\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Download &all with DAP - c:\archivos de programa\dap\dapextie2.htm IE: E&xportar a Microsoft Excel - c:\archiv~1\micros~2\office11\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\archivos de programa\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\archivos de programa\messenger\msmsgs.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{97E75B61-B11C-4DB4-9EAD-89D9CC306E25} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\archivos de programa\archivos comunes\skype\Skype4COM.dll Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\archivos de programa\dap\dapie.dll Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\archivos de programa\dap\dapie.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\archivos de programa\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\usuario\datos de programa\mozilla\firefox\profiles\9mgzvy12.default\ FF - plugin: c:\archivos de programa\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\archivos de programa\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\archivos de programa\google\update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\archivos de programa\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\archivos de programa\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\archivos de programa\microsoft\office live\npOLW.dll FF - plugin: c:\archivos de programa\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\archivos de programa\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\documents and settings\all users\datos de programa\id software\quakelive\npquakezero.dll FF - plugin: c:\documents and settings\usuario\configuraciã³n local\datos de programa\facebook\video\skype\npFacebookVideoCalling.dll FF - plugin: c:\documents and settings\usuario\configuraciã³n local\datos de programa\google\update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1165635.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll FF - plugin: c:\windows\system32\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R? avast! Antivirus;avast! Antivirus R? Avgfwfd;AVG network filter service R? BIOS;BIOS R? CFG_NT4;CFG_NT4 R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86 R? fsssvc;Servicio de Windows Live Protección infantil R? Hamachi2Svc;LogMeIn Hamachi Tunneling Engine R? LLRING0;LLRING0 R? mbamchameleon;mbamchameleon R? MBAMSwissArmy;MBAMSwissArmy R? SetupNTGLM7X;SetupNTGLM7X R? SkypeUpdate;Skype Updater R? SynasUSB;SynasUSB R? Vsp;Vsp R? WinRing0_1_2_0;WinRing0_1_2_0 R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0 S? !SASCORE;SAS Core Service S? aswFsBlk;aswFsBlk S? aswMonFlt;aswMonFlt S? aswRvrt;aswRvrt S? aswSnx;aswSnx S? aswSP;aswSP S? aswVmm;aswVmm S? Avgfwdx;Avgfwdx S? fssfltr;fssfltr S? SASDIFSV;SASDIFSV S? SASKUTIL;SASKUTIL S? SmartDefragDriver;SmartDefragDriver S? VBoxDrv;VirtualBox Service S? VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter S? VBoxNetFlt;VirtualBox Bridged Networking Service S? VBoxUSBMon;VirtualBox USB Monitor Driver . =============== File Associations =============== . FileExt: .vbe: VBEFile=c:\windows\system32\CScript.exe "%1" %* [default=Open2] FileExt: .vbs: VBSFile=c:\windows\system32\CScript.exe "%1" %* [default=Open2] FileExt: .js: JSFile=c:\windows\system32\CScript.exe "%1" %* [default=Open2] FileExt: .jse: JSEFile=c:\windows\system32\CScript.exe "%1" %* [default=Open2] FileExt: .wsf: WSFFile=c:\windows\system32\CScript.exe "%1" %* [default=Open2] . =============== Created Last 30 ================ . 2013-04-10 06:50:30 -------- d-----w- c:\archivos de programa\Glary Utilities 2013-04-07 03:02:55 98816 ----a-w- c:\windows\sed.exe 2013-04-07 03:02:55 256000 ----a-w- c:\windows\PEV.exe 2013-04-07 03:02:55 208896 ----a-w- c:\windows\MBR.exe 2013-03-25 06:58:15 -------- d-----w- c:\documents and settings\usuario\datos de programa\SUPERAntiSpyware.com 2013-03-25 06:57:51 -------- d-----w- c:\documents and settings\all users\datos de programa\SUPERAntiSpyware.com 2013-03-25 06:57:51 -------- d-----w- c:\archivos de programa\SUPERAntiSpyware 2013-03-25 05:56:46 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-03-25 05:56:45 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-03-25 05:56:45 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-03-25 05:56:44 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-03-25 05:55:32 41664 ----a-w- c:\windows\avastSS.scr 2013-03-24 00:33:39 -------- d-----w- c:\archivos de programa\ESET 2013-03-23 23:54:14 -------- d-----w- c:\documents and settings\all users\datos de programa\NortonInstaller 2013-03-23 23:23:00 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-03-23 23:16:16 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2013-03-23 23:16:15 -------- d-----w- c:\documents and settings\usuario\datos de programa\Malwarebytes 2013-03-23 23:16:07 -------- d-----w- c:\documents and settings\all users\datos de programa\Malwarebytes 2013-03-23 23:16:06 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-23 23:16:06 -------- d-----w- c:\archivos de programa\Malwarebytes' Anti-Malware 2013-03-23 21:21:02 -------- d-----w- c:\archivos de programa\HitmanPro 2013-03-23 21:20:19 -------- d-----w- c:\documents and settings\all users\datos de programa\HitmanPro 2013-03-18 20:02:03 -------- d-----w- c:\documents and settings\usuario\datos de programa\Processing . ==================== Find3M ==================== . 2013-02-19 02:59:57 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-02-19 02:59:56 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . ============= FINISH: 23:36:44,06 =============== As I said in the first post, I'd like to know what you guys think of this, and if you need any other info, please don't hesitate to ask Thanks in advance Aprch
  10. I tried a few things regarding that topic and couldn't get results. Eh, don't worry, I'm heading towards the malware removal section. Cheers!
  11. Right, will do. Sorry for posting in the wrong place. Thanks!
  12. Hello everyone, I'm new here, and after days and days of lurking the internet for solutions, I decided I'd try and ask for help in the forums, given that all the posts dated back to nearly 3 years ago. Anyways, here it goes: To put it simply, my computer got infected with a nasty virus that would shut down a lot of critical services on startup, preventing me from installing practically any antivirus, not being able to copy/cut folders or even drag them around. It also disabled Avast and the Windows Installer Services, and apparently my soundcard no longer exists and I can only hear the computer bleep. Oh well, when all of this happened, what I first thought (I will just stop here and I won't go into much detail of what happened afterwards, for reading's sake) is to scan the computer with Malwarebytes. Installation went fairly normal but as I tried to run it, this little fellow showed up: I tried several things, but I'd like to know what's your take on this, maybe I got something wrong in the process of fixing it. As I said, I'm pretty sure I can get rid of this guy using Malwarebytes, but it seems as if the virus had made sure to disable all the possible ways of fixing it, so it pretty much feels like a check mate. So... is any of you guys a good chess player? Thanks a lot in advance. Cheers!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.