Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

User Tag List

Urgent help, No Internet- not start bar, not a lot of options....

This is a discussion on Urgent help, No Internet- not start bar, not a lot of options.... within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. Hi, I have an issue with my laptop. HP compaq nx6325 - it's on windows xp. I installed malwarebytes as


 
 
Thread Tools Search this Thread
Old 11-05-2012, 02:55 PM   #1
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



Hi,

I have an issue with my laptop. HP compaq nx6325 - it's on windows xp.

I installed malwarebytes as instructed by a friend as I suspected that my computer was infected. But I know little about these things, so since doing this it's gotten worst.

I can't access any Internet sites.

I have no start bar.

No thing external or internal is recognised on command prompt.

I can't start program's like malwarebytes, even when trying with chameleon.

All of the above apply in safe mode also.

I've also tried a system restore but it won't let me if I do it once logged on even as an administrator. If I try this from start up with F8 it won't work either.

I'm pretty sure I've tried everything I can think of. But again I'm no expert so any help of guidance to resolving this would be much appreciated.
axelloughrey is offline  
Sponsored Links
Advertisement
 
Old 11-06-2012, 05:19 AM   #2
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



Hello and welcome to TSF.

I am currently reviewing your post. I will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification then click Subscribe.

Please be patient with me during this time.
----------

Print out these instructions as we may need to close every window that is open later in the fix.


It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested in this guide on another computer and then transfer them to the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.

Do not reboot your computer after running rkill as the malware programs will start again.

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 5 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click and choose Run as Admin
You only need to get one of them to run, not all of them.
  1. rkill.exe
  2. rkill.com
  3. rkill.scr
  4. WiNlOgOn.exe
  5. uSeRiNiT.exe

Do not reboot your computer after running rkill as the malware programs will start again.
----------

Please download DDS from one of the following links and save it to your desktop.
  • Disable any script blocking protection ( How to Disable your Security Programs)
  • Double click DDS icon to run the tool (may take up to 3 minutes to run)
  • When done, DDS.txt will open.
  • After a few moments, attach.txt will open in a second window.
  • Save both reports to your desktop.
---------------------------------------------------
  • Post the contents of the DDS.txt report in your next reply
  • Attach the Attach.txt report to your post by scroling down to the Attachments area and then clicking Browse. Browse to where you saved the file, and click Open and then click UPLOAD.
----------

Please download aswMBR to your desktop.
  • Double click the aswMBR icon to run it.
    Vista and Windows 7 users right click the icon and choose "Run as administrator".
  • Click the Scan button to start scan.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.


Click the image to enlarge it
----------

In your next reply please post both of the logs created by DDS and the log created by aswMBR.exe. :)
jeffce is offline  
Old 11-06-2012, 08:36 AM   #3
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



Hi Thanks for getting back to me.

I'm currently running the programs which you told me to run. I will post the logs as soon as it has finished.

Axel
axelloughrey is offline  
Sponsored Links
Advertisement
 
Old 11-06-2012, 08:39 AM   #4
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



jeffce is offline  
Old 11-06-2012, 08:58 AM   #5
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



Ok problem,

I've run the programs you told me to run. I've followed ALL instructions as you said and I have the logs saved on my desktop. BUT for some reason I cannot save them onto a USB stick to put onto this computer, as I have no internet access on the infected laptop (I am on my friend's laptop right now) I can't upload them to you.

Any suggestions?
axelloughrey is offline  
Old 11-06-2012, 09:06 AM   #6
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



Can you burn them to CD to transfer?
jeffce is offline  
Old 11-06-2012, 09:09 AM   #7
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



I can't move the icons on my desktop at all.
axelloughrey is offline  
Old 11-06-2012, 09:10 AM   #8
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



Ok....are you able to access the internet in Safe Mode with Networking? You mentioned Safe Mode earlier.
jeffce is offline  
Old 11-06-2012, 09:11 AM   #9
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



no wait I have a solution, if I open each individual log, then save as on my usb stick it works. 2 minutes and they'll be with you.
axelloughrey is offline  
Old 11-06-2012, 09:11 AM   #10
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



jeffce is offline  
Old 11-06-2012, 09:12 AM   #11
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



To answer your last question, I have the same issues in safe mode
axelloughrey is offline  
Old 11-06-2012, 09:14 AM   #12
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



Quote:
To answer your last question, I have the same issues in safe mode
Ok thanks!
jeffce is offline  
Old 11-06-2012, 09:15 AM   #13
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



Rkill - Code:

Rkill 2.4.4 by Lawrence Abrams (Grinler)
Bleeping Computer - Technical Support and Computer Help
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
RKill - What it does and What it Doesn't - A brief introduction to the program

Program started at: 11/06/2012 04:34:26 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\System32\DLA\DLACTRLW.EXE (PID: 1348) [WD-HEUR]
* C:\WINDOWS\SMINST\Scheduler.exe (PID: 244) [WD-HEUR]

2 proccesses terminated!

Possibly Patched Files.

* C:\WINDOWS\system32\services.exe
* C:\WINDOWS\system32\lsass.exe
* C:\WINDOWS\system32\svchost.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\system32\svchost.exe
* C:\WINDOWS\system32\svchost.exe

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Cryptographic Services (CryptSvc) is not Running.
Startup Type set to: Automatic

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Manual

* Network Connections (Netman) is not Running.
Startup Type set to: Manual

* RasAuto [Missing Service]
* RasMan [Missing Service]
* RDSessMgr [Missing Service]
* RemoteAccess [Missing Service]
* RpcLocator [Missing Service]
* RpcSs [Missing Service]
* RSVP [Missing Service]
* SamSs [Missing Service]
* SCardSvr [Missing Service]
* Schedule [Missing Service]
* seclogon [Missing Service]
* SENS [Missing Service]
* SharedAccess [Missing Service]
* ShellHWDetection [Missing Service]
* Spooler [Missing Service]
* srservice [Missing Service]
* SSDPSRV [Missing Service]
* stisvc [Missing Service]
* SysmonLog [Missing Service]
* TapiSrv [Missing Service]
* Themes [Missing Service]
* TrkWks [Missing Service]
* upnphost [Missing Service]
* UPS [Missing Service]
* VSS [Missing Service]
* W32Time [Missing Service]
* WebClient [Missing Service]
* winmgmt [Missing Service]
* WmdmPmSN [Missing Service]
* WmiApSrv [Missing Service]
* wscsvc [Missing Service]
* wuauserv [Missing Service]
* WZCSVC [Missing Service]
* xmlprov [Missing Service]
* sr [Missing Service]
* Srv [Missing Service]
* Tcpip [Missing Service]
* Update [Missing Service]
* VgaSave [Missing Service]
* wdmaud [Missing Service]

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\appmgmts.dll [NoSig]

* C:\WINDOWS\System32\browser.dll [NoSig]

* C:\WINDOWS\System32\clipsrv.exe [NoSig]

* C:\WINDOWS\System32\comctl32.dll [NoSig]
+-> C:\WINDOWS\$NtUninstallKB923191$\comctl32.dll : 611,328 : 08/04/2004 00:00 AM : a77dfb85faee49d66c74da6024ebc69b [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\comctl32.dll : 617,472 : 08/25/2006 04:45 PM : b0124cb21d28b1c9f678b566b6b57d92 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll : 921,088 : 08/04/2004 04:00 AM : aef3d788dbf40c7c4d204ea45eb0c505 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll : 1,050,624 : 08/04/2004 04:00 AM : 5af68a5e44734a082442668e9c787743 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll : 1,054,208 : 08/25/2006 04:45 PM : c4e80875c1cf1222fc5efd0314ae5c01 [Pos Repl]

* C:\WINDOWS\System32\comres.dll [NoSig]

* C:\WINDOWS\System32\cryptsvc.dll [NoSig]

* C:\WINDOWS\System32\csrss.exe [NoSig]

* C:\WINDOWS\System32\ctfmon.exe [NoSig]

* C:\WINDOWS\System32\d3d8.dll [NoSig]

* C:\WINDOWS\System32\d3d8thk.dll [NoSig]

* C:\WINDOWS\System32\d3d9.dll [NoSig]

* C:\WINDOWS\System32\ddraw.dll [NoSig]

* C:\WINDOWS\System32\dllhost.exe [NoSig]

* C:\WINDOWS\System32\drivers\acpiec.sys [NoSig]

* C:\WINDOWS\System32\drivers\acpi.sys [NoSig]

* C:\WINDOWS\System32\drivers\aec.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys : 142,464 : 02/15/2006 00:30 AM : 1ee7b434ba961ef845de136224c30fec [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB900485$\aec.sys : 142,464 : 08/04/2004 00:39 AM : 841f385c6cfaf66b58fbd898722bb4f0 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\aec.sys : 142,464 : 02/15/2006 04:22 AM : 1ee7b434ba961ef845de136224c30fec [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\aec.sys : 142,464 : 02/15/2006 04:22 AM : 1ee7b434ba961ef845de136224c30fec [Pos Repl]

* C:\WINDOWS\System32\drivers\afd.sys [NoSig]

* C:\WINDOWS\System32\drivers\amdk6.sys [NoSig]

* C:\WINDOWS\System32\drivers\amdk7.sys [NoSig]

* C:\WINDOWS\System32\drivers\arp1394.sys [NoSig]

* C:\WINDOWS\System32\drivers\asyncmac.sys [NoSig]

* C:\WINDOWS\System32\drivers\atapi.sys [NoSig]

* C:\WINDOWS\System32\drivers\audstub.sys [NoSig]

* C:\WINDOWS\System32\drivers\battc.sys [NoSig]

* C:\WINDOWS\System32\drivers\beep.sys [NoSig]

* C:\WINDOWS\System32\drivers\bridge.sys [NoSig]

* C:\WINDOWS\System32\drivers\cbidf2k.sys [NoSig]

* C:\WINDOWS\System32\drivers\cdaudio.sys [NoSig]

* C:\WINDOWS\System32\drivers\cdfs.sys [NoSig]

* C:\WINDOWS\System32\drivers\cdrom.sys [NoSig]

* C:\WINDOWS\System32\drivers\classpnp.sys [NoSig]

* C:\WINDOWS\System32\drivers\CmBatt.sys [NoSig]

* C:\WINDOWS\System32\drivers\compbatt.sys [NoSig]

* C:\WINDOWS\System32\drivers\cpqdap01.sys [NoSig]

* C:\WINDOWS\System32\drivers\crusoe.sys [NoSig]

* C:\WINDOWS\System32\drivers\diskdump.sys [NoSig]

* C:\WINDOWS\System32\drivers\disk.sys [NoSig]

* C:\WINDOWS\System32\drivers\dmboot.sys [NoSig]

* C:\WINDOWS\System32\drivers\dmio.sys [NoSig]

* C:\WINDOWS\System32\drivers\dmload.sys [NoSig]

* C:\WINDOWS\System32\drivers\DMusic.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\dmusic.sys : 52,864 : 08/04/2004 04:07 AM : a6f881284ac1150e37d9ae47ff601267 [Pos Repl]

* C:\WINDOWS\System32\drivers\drmkaud.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\drmkaud.sys : 2,944 : 08/04/2004 04:07 AM : 1ed4dbbae9f5d558dbba4cc450e3eb2e [Pos Repl]

* C:\WINDOWS\System32\drivers\drmk.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\drmk.sys : 60,288 : 08/04/2004 04:08 AM : ff86422268de771d571e123eb7092c6a [Pos Repl]

* C:\WINDOWS\System32\drivers\dxapi.sys [NoSig]

* C:\WINDOWS\System32\drivers\dxg.sys [NoSig]

* C:\WINDOWS\System32\drivers\dxgthk.sys [NoSig]

* C:\WINDOWS\System32\drivers\fastfat.sys [NoSig]

* C:\WINDOWS\System32\drivers\fdc.sys [NoSig]

* C:\WINDOWS\System32\drivers\fips.sys [NoSig]

* C:\WINDOWS\System32\drivers\flpydisk.sys [NoSig]

* C:\WINDOWS\System32\drivers\fltMgr.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmgr.sys : 128,768 : 08/21/2006 00:43 AM : 5a85cd3d07273e3f6fe72ee9c6431632 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB922582$\fltmgr.sys : 124,800 : 08/04/2004 00:00 AM : 157754f0df355a9e0a6f54721914f9c6 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\fltmgr.sys : 128,896 : 08/21/2006 04:14 AM : 3d234fb6d6ee875eb009864a299bea29 [Pos Repl]

* C:\WINDOWS\System32\drivers\fs_rec.sys [NoSig]

* C:\WINDOWS\System32\drivers\fsvga.sys [NoSig]

* C:\WINDOWS\System32\drivers\ftdisk.sys [NoSig]

* C:\WINDOWS\System32\drivers\hidclass.sys [NoSig]

* C:\WINDOWS\System32\drivers\hidparse.sys [NoSig]

* C:\WINDOWS\System32\drivers\http.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\http.sys : 262,656 : 03/17/2006 00:08 AM : 909d110c9634b0f1487eaaea837317d9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB916595$\http.sys : 263,040 : 08/04/2004 00:00 AM : c19b522a9ae0bbc3293397f3055e80a1 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\http.sys : 262,784 : 03/17/2006 04:33 AM : cb77bb47e67e84deb17ba29632501730 [Pos Repl]

* C:\WINDOWS\System32\drivers\i8042prt.sys [NoSig]
+-> C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\i8042prt.sys : 52,736 : 08/04/2004 00:00 AM : 5502b58eef7486ee6f93f3f164dcb808 [Pos Repl]

* C:\WINDOWS\System32\drivers\imapi.sys [NoSig]

* C:\WINDOWS\System32\drivers\intelide.sys [NoSig]

* C:\WINDOWS\System32\drivers\intelppm.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB884575$\intelppm.sys : 36,096 : 08/04/2004 00:00 AM : 279fb78702454dff2bb445f238c048d2 [Pos Repl]

* C:\WINDOWS\System32\drivers\ip6fw.sys [NoSig]

* C:\WINDOWS\System32\drivers\ipfltdrv.sys [NoSig]

* C:\WINDOWS\System32\drivers\ipinip.sys [NoSig]

* C:\WINDOWS\System32\drivers\ipnat.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB886185\SP2QFE\ipnat.sys : 134,912 : 09/29/2004 11:31 PM : 5191673215c91ff13ceaa83ef8e9653f [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB886185$\ipnat.sys : 134,912 : 08/04/2004 00:00 AM : b5a8e215ac29d24d60b4d1250ef05ace [Pos Repl]

* C:\WINDOWS\System32\drivers\ipsec.sys [NoSig]

* C:\WINDOWS\System32\drivers\irenum.sys [NoSig]

* C:\WINDOWS\System32\drivers\isapnp.sys [NoSig]

* C:\WINDOWS\System32\drivers\kbdclass.sys [NoSig]

* C:\WINDOWS\System32\drivers\kmixer.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\kmixer.sys : 172,416 : 06/14/2006 11:50 AM : 8531438246ce9474e41ee1599904c0c7 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB920872$\kmixer.sys : 171,776 : 08/04/2004 00:07 AM : d93cad07c5683db066b0b2d2d3790ead [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\kmixer.sys : 172,416 : 06/14/2006 04:47 AM : ba5deda4d934e6288c2f66caf58d2562 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\kmixer.sys : 172,416 : 06/14/2006 04:47 AM : ba5deda4d934e6288c2f66caf58d2562 [Pos Repl]

* C:\WINDOWS\System32\drivers\ksecdd.sys [NoSig]

* C:\WINDOWS\System32\drivers\ks.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\ks.sys : 140,928 : 08/04/2004 04:15 AM : b9540e258f952650de8dec68719a5c97 [Pos Repl]

* C:\WINDOWS\System32\drivers\mcd.sys [NoSig]

* C:\WINDOWS\System32\drivers\mf.sys [NoSig]

* C:\WINDOWS\System32\drivers\mnmdd.sys [NoSig]

* C:\WINDOWS\System32\drivers\modem.sys [NoSig]

* C:\WINDOWS\System32\drivers\mouclass.sys [NoSig]
+-> C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\mouclass.sys : 23,040 : 08/04/2004 00:00 AM : 34e1f0031153e491910e12551400192c [Pos Repl]

* C:\WINDOWS\System32\drivers\mountmgr.sys [NoSig]

* C:\WINDOWS\System32\drivers\mqac.sys [NoSig]

* C:\WINDOWS\System32\drivers\mrxdav.sys [NoSig]

* C:\WINDOWS\System32\drivers\mrxsmb.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB885250\SP2QFE\mrxsmb.sys : 451,584 : 01/19/2005 11:51 AM : 7b195060ff456fa65954c72c5c1640ff [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys : 448,128 : 10/28/2004 11:15 AM : a1be3cb080dcc0a8270d21e3ca3b7005 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys : 454,400 : 05/05/2006 11:16 AM : 7412ce77c6fd823f8889b4df420c680b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB885250$\mrxsmb.sys : 451,456 : 08/04/2004 00:00 AM : 1fd607fc67f7f7c633c3da65bfc53d18 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB914389$\mrxsmb.sys : 451,584 : 01/19/2005 00:26 AM : 5ddc9a1b2eb5a4bf010ce8c019a18c1f [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\mrxsmb.sys : 453,120 : 05/05/2006 04:41 AM : 025af03ce51645c62f3b6907a7e2be5e [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mrxsmb.sys : 453,120 : 05/05/2006 04:41 AM : 025af03ce51645c62f3b6907a7e2be5e [Pos Repl]

* C:\WINDOWS\System32\drivers\msfs.sys [NoSig]

* C:\WINDOWS\System32\drivers\msgpc.sys [NoSig]

* C:\WINDOWS\System32\drivers\MSKSSRV.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\mskssrv.sys : 7,552 : 08/04/2004 04:58 AM : ae431a8dd3c1d0d0610cdbac16057ad0 [Pos Repl]

* C:\WINDOWS\System32\drivers\MSPCLOCK.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\mspclock.sys : 5,376 : 08/04/2004 04:58 AM : 13e75fef9dfeb08eeded9d0246e1f448 [Pos Repl]

* C:\WINDOWS\System32\drivers\MSPQM.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\mspqm.sys : 4,992 : 08/04/2004 04:58 AM : 1988a33ff19242576c3d0ef9ce785da7 [Pos Repl]

* C:\WINDOWS\System32\drivers\mssmbios.sys [NoSig]

* C:\WINDOWS\System32\drivers\mup.sys [NoSig]

* C:\WINDOWS\System32\drivers\ndis.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB912436$\ndis.sys : 182,912 : 08/04/2004 00:00 AM : 558635d3af1c7546d26067d5d9b6959e [Pos Repl]

* C:\WINDOWS\System32\drivers\ndistapi.sys [NoSig]

* C:\WINDOWS\System32\drivers\ndisuio.sys [NoSig]

* C:\WINDOWS\System32\drivers\ndiswan.sys [NoSig]

* C:\WINDOWS\System32\drivers\ndproxy.sys [NoSig]

* C:\WINDOWS\System32\drivers\netbios.sys [NoSig]

* C:\WINDOWS\System32\drivers\netbt.sys [NoSig]

* C:\WINDOWS\System32\drivers\nic1394.sys [NoSig]

* C:\WINDOWS\System32\drivers\nikedrv.sys [NoSig]

* C:\WINDOWS\System32\drivers\nmnt.sys [NoSig]

* C:\WINDOWS\System32\drivers\npfs.sys [NoSig]

* C:\WINDOWS\System32\drivers\ntfs.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys : 574,976 : 02/09/2007 11:23 AM : 05ab81909514bfd69cbb1f2c147cf6b9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB930916$\ntfs.sys : 574,592 : 08/04/2004 00:00 AM : b78be402c3f63dd55521f73876951cdd [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ntfs.sys : 574,464 : 02/09/2007 04:10 AM : 19a811ef5f1ed5c926a028ce107ff1af [Pos Repl]

* C:\WINDOWS\System32\drivers\null.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwlnkflt.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwlnkfwd.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwlnkipx.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwlnknb.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwlnkspx.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwrdr.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwrdr.sys : 163,456 : 10/13/2006 11:39 AM : bbbc2e555bb5e4adbaeb1447f11c68c9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB923980$\nwrdr.sys : 163,584 : 08/04/2004 00:00 AM : 03373a79440473062c6f3aedec6a49c8 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\nwrdr.sys : 163,584 : 10/13/2006 04:23 AM : 3f18d9365be71c7b2e43b7cf4a0c1a10 [Pos Repl]

* C:\WINDOWS\System32\drivers\oprghdlr.sys [NoSig]

* C:\WINDOWS\System32\drivers\p3.sys [NoSig]

* C:\WINDOWS\System32\drivers\parport.sys [NoSig]

* C:\WINDOWS\System32\drivers\partmgr.sys [NoSig]

* C:\WINDOWS\System32\drivers\parvdm.sys [NoSig]

* C:\WINDOWS\System32\drivers\pciidex.sys [NoSig]

* C:\WINDOWS\System32\drivers\pci.sys [NoSig]

* C:\WINDOWS\System32\drivers\pcmcia.sys [NoSig]

* C:\WINDOWS\System32\drivers\portcls.sys [NoSig]
+-> C:\WINDOWS\Driver Cache\i386\portcls.sys : 145,920 : 03/22/2005 04:43 AM : 580d49724dcd58d56f09cdd367dcb669 [Pos Repl]

* C:\WINDOWS\System32\drivers\processr.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB884575$\processr.sys : 35,328 : 08/04/2004 00:00 AM : 0d97d88720a4087ec93af7dbb303b30a [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\processr.sys : 35,456 : 08/27/2004 10:42 PM : 9e372a156f92425a1904b84589093a37 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\processr.sys : 35,456 : 08/27/2004 10:42 PM : 9e372a156f92425a1904b84589093a37 [Pos Repl]

* C:\WINDOWS\System32\drivers\psched.sys [NoSig]

* C:\WINDOWS\System32\drivers\ptilink.sys [NoSig]

* C:\WINDOWS\System32\drivers\rasacd.sys [NoSig]

* C:\WINDOWS\System32\drivers\rasl2tp.sys [NoSig]

* C:\WINDOWS\System32\drivers\raspppoe.sys [NoSig]

* C:\WINDOWS\System32\drivers\raspptp.sys [NoSig]

* C:\WINDOWS\System32\drivers\raspti.sys [NoSig]

* C:\WINDOWS\System32\drivers\rawwan.sys [NoSig]

* C:\WINDOWS\System32\drivers\rdbss.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\rdbss.sys : 174,592 : 10/28/2004 11:14 AM : d0fef8156d2d2fec557c100956d76887 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\rdbss.sys : 174,592 : 05/05/2006 11:22 AM : ed375ce745c42a14f10753f7022ecd6a [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB914389$\rdbss.sys : 176,512 : 08/04/2004 00:00 AM : 29d66245adba878fff574cd66abd2884 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\rdbss.sys : 174,592 : 05/05/2006 10:47 AM : 03b965b1ca47f6ef60eb5e51cb50e0af [Pos Repl]

* C:\WINDOWS\System32\drivers\rdpcdd.sys [NoSig]

* C:\WINDOWS\System32\drivers\rdpdr.sys [NoSig]

* C:\WINDOWS\System32\drivers\rdpwd.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys : 139,528 : 06/10/2005 11:06 AM : 047bea21274c8a4a233674a76c958c2c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys : 139,400 : 08/04/2004 00:00 AM : d4f5643d7714ef499ae9527fdcd50894 [Pos Repl]

* C:\WINDOWS\System32\drivers\redbook.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB915326$\redbook.sys : 57,472 : 08/04/2004 00:59 AM : b31b4588e4086d8d84adbf9845c2402b [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\redbook.sys : 57,344 : 02/28/2006 10:10 AM : 7babb669731fc537e50d707a6d16e848 [Pos Repl]

* C:\WINDOWS\System32\drivers\rmcast.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB919007\SP2QFE\rmcast.sys : 202,496 : 07/13/2006 11:43 AM : bcea2b2bf1b6dddd11e65b7478f2d19a [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB919007$\rmcast.sys : 200,064 : 08/04/2004 00:00 AM : 35e81b908ae4e97fc7bdf4607c516ff4 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\rmcast.sys : 202,240 : 07/13/2006 10:48 AM : 9d54c7c15847b933e03d6e7c9307bae5 [Pos Repl]

* C:\WINDOWS\System32\drivers\rndismp.sys [NoSig]

* C:\WINDOWS\System32\drivers\rootmdm.sys [NoSig]

* C:\WINDOWS\System32\drivers\scsiport.sys [NoSig]

* C:\WINDOWS\System32\drivers\sdbus.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB896243$\sdbus.sys : 67,584 : 08/04/2004 00:00 AM : 02fc71b020ec8700ee8a46c58bc6f276 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\sdbus.sys : 76,544 : 12/21/2005 10:04 AM : a60090792feeb63e3f3624d672f2a023 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\sdbus.sys : 67,584 : 08/04/2004 10:00 AM : 02fc71b020ec8700ee8a46c58bc6f276 [Pos Repl]

* C:\WINDOWS\System32\drivers\serenum.sys [NoSig]

* C:\WINDOWS\System32\drivers\serial.sys [NoSig]

* C:\WINDOWS\System32\drivers\sffdisk.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB896243$\sffdisk.sys : 11,136 : 08/04/2004 00:00 AM : 1d9f1bec651815741f088a8fb88e17ee [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\sffdisk.sys : 11,136 : 12/21/2005 10:11 AM : 6297d5ef891198ec495860310bb0ad9f [Pos Repl]

* C:\WINDOWS\System32\drivers\sffp_sd.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB896243$\sffp_sd.sys : 10,240 : 08/04/2004 00:00 AM : 586499fd312ffd7f78553f408e71682e [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\sffp_sd.sys : 10,368 : 12/21/2005 10:11 AM : 33946f2170c58c1517a43fa72e09ff88 [Pos Repl]

* C:\WINDOWS\System32\drivers\sfloppy.sys [NoSig]

* C:\WINDOWS\System32\drivers\smclib.sys [NoSig]

* C:\WINDOWS\System32\drivers\sonydcam.sys [NoSig]

* C:\WINDOWS\System32\drivers\splitter.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys : 6,272 : 06/14/2006 11:50 AM : 9bb1dd670cb7505a90fc4e61d4aa8227 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB920872$\splitter.sys : 6,400 : 08/04/2004 00:07 AM : 8e186b8f23295d1e42c573b82b80d548 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\splitter.sys : 6,400 : 06/14/2006 10:47 AM : 0ce218578fff5f4f7e4201539c45c78f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\splitter.sys : 6,400 : 06/14/2006 10:47 AM : 0ce218578fff5f4f7e4201539c45c78f [Pos Repl]

* C:\WINDOWS\System32\drivers\sr.sys [NoSig]

* C:\WINDOWS\System32\drivers\srv.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB896422\SP2QFE\srv.sys : 332,544 : 05/10/2005 11:22 AM : 54e79b08d0abc9c551d0fe69cc2f87ec [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB923414\SP2QFE\srv.sys : 332,928 : 08/14/2006 01:00 PM : 5230953c21c811b5fc1ff31ae2b48097 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896422$\srv.sys : 336,256 : 08/04/2004 00:00 AM : 20b7e396720353e4117d64d9dcb926ca [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB923414$\srv.sys : 332,544 : 05/10/2005 00:17 AM : 553007ecce7f6565bbe645beb66d3b69 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\srv.sys : 332,928 : 08/14/2006 10:34 AM : ea554a3ffc3f536fe8320eb38f5e4843 [Pos Repl]

* C:\WINDOWS\System32\drivers\stream.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\stream.sys : 48,640 : 08/04/2004 10:08 AM : c43356072eb3e88cd62958db10cead47 [Pos Repl]

* C:\WINDOWS\System32\drivers\swenum.sys [NoSig]

* C:\WINDOWS\System32\drivers\swmidi.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\swmidi.sys : 54,272 : 08/17/2001 10:00 PM : 94abc808fc4b6d7d2bbf42b85e25bb4d [Pos Repl]

* C:\WINDOWS\System32\drivers\sysaudio.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\sysaudio.sys : 60,800 : 08/04/2004 10:15 AM : 650ad082d46bac0e64c9c0e0928492fd [Pos Repl]

* C:\WINDOWS\System32\drivers\tape.sys [NoSig]

* C:\WINDOWS\System32\drivers\tcpip6.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB922819\SP2QFE\tcpip6.sys : 225,664 : 08/16/2006 01:13 AM : a026ea381b026d05a4a3d2388d80c3b8 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB922819$\tcpip6.sys : 223,616 : 08/04/2004 00:00 AM : 4d58bb1ae8841aafd8790ad7e1e3b8ea [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\tcpip6.sys : 225,664 : 08/16/2006 10:37 AM : dccacdd2747ada221aece5c9ada5d551 [Pos Repl]

* C:\WINDOWS\System32\Drivers\tcpip.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys : 359,936 : 05/25/2005 08:07 PM : 63fdfea54eb53de2d863ee454937ce1e [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys : 360,448 : 01/13/2006 05:07 PM : 5562cc0a47b2aef06d3417b733f3c195 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys : 360,576 : 04/20/2006 01:18 PM : b2220c618b42a2212a59d91ebd6fc4b4 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys : 359,040 : 08/04/2004 00:00 AM : 9f4b36614a0fc234525ba224957de55c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys : 359,808 : 05/25/2005 08:04 PM : 88763a98a4c26c409741b4aa162720c9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys : 359,808 : 01/13/2006 08:28 AM : 583e063fdc888ca30d05c2724b0d7ef4 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\tcpip.sys : 359,808 : 04/20/2006 10:51 AM : 1dbf125862891817f374f407626967f4 [Pos Repl]

* C:\WINDOWS\System32\drivers\tdi.sys [NoSig]

* C:\WINDOWS\System32\drivers\tdpipe.sys [NoSig]

* C:\WINDOWS\System32\drivers\tdtcp.sys [NoSig]

* C:\WINDOWS\System32\drivers\termdd.sys [NoSig]

* C:\WINDOWS\System32\drivers\tosdvd.sys [NoSig]

* C:\WINDOWS\System32\drivers\tunmp.sys [NoSig]

* C:\WINDOWS\System32\drivers\udfs.sys [NoSig]

* C:\WINDOWS\System32\drivers\update.sys [NoSig]

* C:\WINDOWS\System32\drivers\usb8023.sys [NoSig]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usb8023.sys : 11,136 : 08/29/2002 09:00 PM : 567d6c305295fea98e02fd3e5258ca89 [Pos Repl]

* C:\WINDOWS\System32\drivers\usbcamd2.sys [NoSig]

* C:\WINDOWS\System32\drivers\usbcamd.sys [NoSig]

* C:\WINDOWS\System32\drivers\usbd.sys [NoSig]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbd.sys : 4,736 : 08/29/2002 09:00 PM : 596eb39b50d6ebd9b734dc4ae0544693 [Pos Repl]

* C:\WINDOWS\System32\drivers\usbehci.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB918005$\usbehci.sys : 26,624 : 08/04/2004 08:00 AM : 15e993ba2f6946b2bfbbfcd30398621e [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\usbehci.sys : 30,080 : 04/19/2006 10:50 AM : b0d7020386c7187ef9c5a9643f289cd3 [Pos Repl]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbehci.sys : 19,328 : 08/29/2002 09:00 PM : 2d0c2f3836f72e85d41d9c50aeeb5423 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbehci.sys : 30,080 : 04/19/2006 10:50 AM : b0d7020386c7187ef9c5a9643f289cd3 [Pos Repl]

* C:\WINDOWS\System32\drivers\usbhub.sys [NoSig]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbhub.sys : 51,968 : 08/29/2002 09:00 PM : d7bf70ac85e48b6c4df953401eccb75a [Pos Repl]

* C:\WINDOWS\System32\drivers\usbintel.sys [NoSig]

* C:\WINDOWS\System32\drivers\usbport.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB918005$\usbport.sys : 142,976 : 08/04/2004 08:00 AM : 2034ca78f9c6e787b4b76d81ac888351 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\usbport.sys : 143,360 : 04/19/2006 10:50 AM : 6a6e905b6761edf5bc5245a335950b3d [Pos Repl]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbport.sys : 135,552 : 08/29/2002 09:00 PM : 2ecaba73e8a4e58499bcc1fdb534ef34 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbport.sys : 143,360 : 04/19/2006 10:50 AM : 6a6e905b6761edf5bc5245a335950b3d [Pos Repl]

* C:\WINDOWS\System32\drivers\USBSTOR.sys [NoSig]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbstor.sys : 21,760 : 08/29/2002 09:00 PM : 4923c60f9c381eae679db04021d26abb [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbstor.sys : 26,496 : 08/04/2004 10:08 AM : 6cd7b22193718f1d17a47a1cd6d37e75 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\USBSTOR.SYS : 26,496 : 08/04/2004 09:08 AM : 6cd7b22193718f1d17a47a1cd6d37e75 [Pos Repl]

* C:\WINDOWS\System32\drivers\usbuhci.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB918005$\usbuhci.sys : 20,480 : 08/04/2004 08:00 AM : f8fd1400092e23c8f2f31406ef06167b [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\usbuhci.sys : 20,608 : 04/19/2006 10:50 AM : ff6e4fdeb82dc228efa490336409c6bd [Pos Repl]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbuhci.sys : 19,328 : 08/29/2002 09:00 PM : 49ec068278d85bc1e20ac7f3d315e940 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbuhci.sys : 20,608 : 04/19/2006 10:50 AM : ff6e4fdeb82dc228efa490336409c6bd [Pos Repl]

* C:\WINDOWS\System32\drivers\vga.sys [NoSig]

* C:\WINDOWS\System32\drivers\videoprt.sys [NoSig]

* C:\WINDOWS\System32\drivers\volsnap.sys [NoSig]

* C:\WINDOWS\System32\drivers\wanarp.sys [NoSig]

* C:\WINDOWS\System32\drivers\wdmaud.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\wdmaud.sys : 82,944 : 06/14/2006 01:17 AM : 0bfa8203b8148fb4e54bc212c41ce497 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB920872$\wdmaud.sys : 82,944 : 08/04/2004 08:15 AM : 2797f33ebf50466020c430ee4f037933 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\wdmaud.sys : 82,944 : 06/14/2006 10:00 AM : efd235ca22b57c81118c1aeb4798f1c1 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wdmaud.sys : 82,944 : 06/14/2006 10:00 AM : efd235ca22b57c81118c1aeb4798f1c1 [Pos Repl]

* C:\WINDOWS\System32\drivers\wmilib.sys [NoSig]

* C:\WINDOWS\System32\drivers\ws2ifsl.sys [NoSig]

* C:\WINDOWS\System32\dsound.dll [NoSig]

* C:\WINDOWS\System32\dssenh.dll [NoSig]

* C:\WINDOWS\System32\es.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll : 243,200 : 07/26/2005 01:20 AM : 95f5fea4c6de2c3f28784d0dcc8f0dd3 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB902400$\es.dll : 243,200 : 08/04/2004 08:00 AM : acd36a2dd7d1e9d8a060aa651dc07e63 [Pos Repl]

* C:\WINDOWS\System32\eventlog.dll [NoSig]

* C:\WINDOWS\System32\hid.dll [NoSig]

* C:\WINDOWS\System32\hnetcfg.dll [NoSig]

* C:\WINDOWS\System32\imm32.dll [NoSig]

* C:\WINDOWS\System32\ipsecsvc.dll [NoSig]

* C:\WINDOWS\System32\kernel32.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB917422\SP2QFE\kernel32.dll : 985,088 : 07/05/2006 01:57 AM : 0fdd84928a5dde2510761b7ec76ccec9 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll : 986,112 : 04/16/2007 05:07 PM : 09f7cb3687f86edaa4ca081f7ab66c03 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB917422$\kernel32.dll : 983,552 : 08/04/2004 08:00 AM : 888190e31455fad793312f8d087146eb [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll : 984,064 : 07/05/2006 08:55 AM : d8db5397de07577c1cb50ba6d23b3ad4 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\kernel32.dll : 984,576 : 04/16/2007 04:52 PM : a01f9ca902a88f7ced06884174d6419d [Pos Repl]

* C:\WINDOWS\System32\ksuser.dll [NoSig]
+-> C:\WINDOWS\system32\dllcache\ksuser.dll : 4,096 : 08/04/2004 04:56 AM : cbcd254547689bff80c9f547b20911e9 [Pos Repl]

* C:\WINDOWS\System32\linkinfo.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\linkinfo.dll : 19,968 : 09/01/2005 05:44 AM : 648bf0b4dde4f7a1156dae7174d36efa [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB900725$\linkinfo.dll : 18,944 : 08/04/2004 08:00 AM : c2bbd044c741ea4292016c36f718d2e4 [Pos Repl]

* C:\WINDOWS\System32\lpk.dll [NoSig]

* C:\WINDOWS\System32\lsass.exe [NoSig]

* C:\WINDOWS\System32\mfc40u.dll [NoSig]
+-> C:\WINDOWS\$NtUninstallKB924667$\mfc40u.dll : 924,432 : 08/04/2004 08:00 AM : ddf8d47acf8fc3fe5f7f2b95c4d4d136 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mfc40u.dll : 927,504 : 11/01/2006 07:17 PM : 925f8b61ed301a317ba850ebeecbdaa0 [Pos Repl]

* C:\WINDOWS\System32\midimap.dll [NoSig]

* C:\WINDOWS\System32\msgsvc.dll [NoSig]

* C:\WINDOWS\System32\mshtml.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\mshtml.dll : 3,016,192 : 07/20/2005 05:03 AM : a14a7a206ae22de4fe563e44cfc7ddf5 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\mshtml.dll : 3,073,024 : 02/01/2006 05:59 AM : 51c91ac189321a320fc4bc90b56255a3 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB928090\SP2QFE\mshtml.dll : 3,062,272 : 01/04/2007 02:05 PM : 1c45525574ef206346fbafcaac7cc4a5 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB931768\SP2QFE\mshtml.dll : 3,063,296 : 02/20/2007 02:52 AM : 2991727809c7ac3a33e4178cc73244d8 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB933566\SP2QFE\mshtml.dll : 3,064,320 : 05/04/2007 01:59 PM : 00adcb32832a10ed9419493bcea97526 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\mshtml.dll : 3,064,320 : 06/15/2007 01:12 AM : 53f3fd772c010622346c39284c4a863b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896727$\mshtml.dll : 3,003,392 : 08/04/2004 08:00 AM : 376e0843b2356ca91cec8d9837a56ff7 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB928090$\mshtml.dll : 3,070,464 : 02/01/2006 08:59 AM : 568a97e2b959fdd99557ad953702fc8c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB931768$\mshtml.dll : 3,056,640 : 01/04/2007 01:36 PM : f31274d7667d83e73c6ee16d2206b76c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB933566$\mshtml.dll : 3,056,640 : 02/20/2007 01:48 AM : 6b9d083c0d4c4555fe011b01a98872da [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB937143$\mshtml.dll : 3,058,688 : 05/04/2007 01:29 PM : 4d92717b5bbce85f1254bad23b0d357c [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mshtml.dll : 3,058,688 : 06/14/2007 07:09 PM : f049c52772fc86fd5f6c16d77a2a6204 [Pos Repl]

* C:\WINDOWS\System32\msimg32.dll [NoSig]

* C:\WINDOWS\System32\mspmsnsv.dll [NoSig]
+-> C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll : 25,088 : 08/11/2004 07:45 AM : a477391b7a8b0a0daabadb17cf533a4b [Pos Repl]
+-> C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll : 52,224 : 08/04/2004 01:00 AM : c086483e3dba8c1c0a687ec8d5b3d4c1 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mspmsnsv.dll : 25,088 : 08/11/2004 07:45 AM : a477391b7a8b0a0daabadb17cf533a4b [Pos Repl]

* C:\WINDOWS\System32\msprivs.dll [NoSig]

* C:\WINDOWS\System32\msvcrt.dll [NoSig]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll : 322,560 : 08/04/2004 07:00 AM : 4200be3808f6406dbe45a7b88dae5035 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll : 343,040 : 08/04/2004 07:00 AM : 98ec447e00229afd88d5161a25d065da [Pos Repl]

* C:\WINDOWS\System32\mswsock.dll [NoSig]

* C:\WINDOWS\System32\netlogon.dll [NoSig]

* C:\WINDOWS\System32\netman.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll : 197,632 : 08/22/2005 07:24 PM : 3516d8a18b36784b1005b950b84232e1 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB905414$\netman.dll : 198,144 : 08/04/2004 01:00 AM : dab9e6c7105d2ef49876fe92c524f565 [Pos Repl]

* C:\WINDOWS\System32\ntkrnlpa.exe [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe : 2,056,832 : 03/02/2005 07:36 AM : d8aba3eab509627e707a3b14f00fbb6b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896256$\ntkrnlpa.exe : 2,015,232 : 08/04/2004 01:59 AM : fb142b7007ca2eea76966c6c5cc12150 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB909095$\ntkrnlpa.exe : 2,015,744 : 09/29/2005 01:35 AM : 48472d224e1703882b4de0e28e205e9b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe : 2,015,232 : 10/12/2005 01:54 AM : 0c691ecad81707d3a7797512ac932c62 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe : 2,017,280 : 12/19/2006 04:12 PM : fa64f313f5237c53a909906113acae7d [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe : 2,059,392 : 02/28/2007 07:15 AM : 4d3dbdccbf97f5ba1e74f322b155c3ba [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ntkrnlpa.exe : 2,059,392 : 02/28/2007 07:15 AM : 4d3dbdccbf97f5ba1e74f322b155c3ba [Pos Repl]

* C:\WINDOWS\System32\ntmssvc.dll [NoSig]

* C:\WINDOWS\System32\ntoskrnl.exe [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe : 2,179,456 : 03/02/2005 07:04 AM : 28187802b7c368c0d3aef7d4c382aabb [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896256$\ntoskrnl.exe : 2,148,352 : 08/04/2004 04:18 AM : 626309040459c3915997ef98ec1c8d40 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB909095$\ntoskrnl.exe : 2,136,064 : 09/29/2005 04:02 AM : 25c36dbc46e8eff2a811769a60715ac5 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe : 2,136,064 : 10/12/2005 04:18 AM : c5290e302241594b668a378d89fd903e [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe : 2,137,600 : 12/19/2006 04:49 PM : 57b9d140e1eb8b0ea06df927b63b0eee [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe : 2,182,144 : 02/28/2007 07:55 AM : 5a5c8db4aa962c714c8371fbdf189fc9 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ntoskrnl.exe : 2,182,144 : 02/28/2007 07:55 AM : 5a5c8db4aa962c714c8371fbdf189fc9 [Pos Repl]

* C:\WINDOWS\System32\oakley.dll [NoSig]

* C:\WINDOWS\System32\ole32.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\ole32.dll : 1,284,608 : 01/14/2005 07:07 AM : 2e752611c9a9ae1b6bfd0da03cf7f17e [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\ole32.dll : 1,286,144 : 04/28/2005 08:35 PM : 7440d29f257b7e44329343f944f2142c [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ole32.dll : 1,285,632 : 07/26/2005 08:20 AM : a2f755e237fa2cdd748a80bfbe6657f3 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB873333$\ole32.dll : 1,281,536 : 08/04/2004 04:00 AM : 4fe9d9fa62d020e35e0ac6d1aeeb96f0 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB894391$\ole32.dll : 1,285,120 : 01/14/2005 04:55 AM : abdef60ced7c04ab35a415efb6b96d81 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB902400$\ole32.dll : 1,285,120 : 04/28/2005 08:31 PM : 5950e4f28fda9d147576bf6798937397 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ole32.dll : 1,285,120 : 07/26/2005 07:39 AM : ab8231d13692ac5088eb9c226b0c0576 [Pos Repl]

* C:\WINDOWS\System32\olepro32.dll [NoSig]

* C:\WINDOWS\System32\perfctrs.dll [NoSig]

* C:\WINDOWS\System32\powrprof.dll [NoSig]

* C:\WINDOWS\System32\psbase.dll [NoSig]

* C:\WINDOWS\System32\pstorsvc.dll [NoSig]

* C:\WINDOWS\System32\qmgr.dll [NoSig]

* C:\WINDOWS\System32\rasadhlp.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll : 7,680 : 06/26/2006 06:45 PM : b5d08c96b2dadaf5171fb69e341b272b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB920683$\rasadhlp.dll : 8,192 : 08/04/2004 08:00 AM : 4caec028c1e21c75e17877d4522d3db4 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\rasadhlp.dll : 8,192 : 06/26/2006 06:37 PM : 5f098bd2ae6b03044b085decffdf91ec [Pos Repl]

* C:\WINDOWS\System32\regsvc.dll [NoSig]

* C:\WINDOWS\System32\rpcss.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\rpcss.dll : 395,776 : 01/14/2005 06:07 AM : 94456045beb4545b5ebe1dcc85951afa [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll : 396,288 : 04/28/2005 08:35 PM : da383fb39a6f1c445f3afc94b3eb1248 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll : 398,336 : 07/26/2005 08:20 AM : c369df215d352b6f3a0b8c3469aa34f8 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB873333$\rpcss.dll : 395,776 : 08/04/2004 08:00 AM : 5c83a4408604f737717ab96371201680 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB894391$\rpcss.dll : 395,776 : 01/14/2005 08:55 AM : 419899803ca479b73b02390318c787c0 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB902400$\rpcss.dll : 395,776 : 04/28/2005 08:31 PM : c8061f289e000703e7672916b7fe1571 [Pos Repl]

* C:\WINDOWS\System32\scecli.dll [NoSig]

* C:\WINDOWS\System32\schannel.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB935840\SP2QFE\schannel.dll : 144,896 : 04/25/2007 09:32 PM : d8b13f0b90de29903cbe044190417f98 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB935840$\schannel.dll : 144,896 : 08/04/2004 08:00 AM : 29632e787dcfc0085a555c681eb82693 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\schannel.dll : 144,896 : 04/25/2007 03:21 PM : 532ea80e9f5452928f8426653215be29 [Pos Repl]

* C:\WINDOWS\System32\schedsvc.dll [NoSig]

* C:\WINDOWS\System32\services.exe [NoSig]

* C:\WINDOWS\System32\setupapi.dll [NoSig]
+-> C:\WINDOWS\system32\dllcache\setupapi.dll : 983,552 : 08/04/2004 03:00 AM : 7808313cbc634ee08346d5ddfef1cc5f [Pos Repl]

* C:\WINDOWS\System32\sfc.dll [NoSig]

* C:\WINDOWS\System32\sfcfiles.dll [NoSig]

* C:\WINDOWS\System32\shsvcs.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shsvcs.dll : 135,168 : 12/19/2006 09:50 PM : 53d9184a21c5cbf600d918e51ef3a7e5 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB928255$\shsvcs.dll : 134,656 : 08/04/2004 08:00 AM : e7518dc542d3ebdcb80edd98462c7821 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\shsvcs.dll : 134,656 : 12/19/2006 09:52 PM : 6815def9b810aefac107eeaf72da6f82 [Pos Repl]

* C:\WINDOWS\System32\smss.exe [NoSig]

* C:\WINDOWS\System32\spoolsv.exe [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe : 57,856 : 06/11/2005 09:17 AM : ad3d9d191aea7b5445fe1d82ffbb4788 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe : 57,856 : 08/04/2004 08:00 AM : 7435b108b935e42ea92ca94f59c8e717 [Pos Repl]

* C:\WINDOWS\System32\srsvc.dll [NoSig]
+-> C:\WINDOWS\$NtUninstallKB888402$\srsvc.dll : 170,496 : 08/04/2004 08:00 AM : 92bdf74f12d6cbec43c94d4b7f804838 [Pos Repl]

* C:\WINDOWS\System32\ssdpsrv.dll [NoSig]

* C:\WINDOWS\System32\svchost.exe [NoSig]

* C:\WINDOWS\System32\tapisrv.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB893756\SP2QFE\tapisrv.dll : 249,344 : 07/08/2005 05:28 PM : 1418a3a6e76e5a2e3f5e43866e793a8b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB893756$\tapisrv.dll : 246,272 : 08/04/2004 08:00 AM : eb4a4187d74a8efdcbea3ea2cb1bdfbd [Pos Repl]

* C:\WINDOWS\System32\termsrv.dll [NoSig]

* C:\WINDOWS\System32\upnphost.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB931261\SP2QFE\upnphost.dll : 185,344 : 02/05/2007 08:19 PM : 36aca6cdc19c95ff468a1426eb7f32f0 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB931261$\upnphost.dll : 185,344 : 08/04/2004 08:00 AM : 0546477bde979e33294fe97f6b3de84a [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\upnphost.dll : 185,344 : 02/05/2007 08:17 PM : aca5d98663d879c6baafcea7e2f1b710 [Pos Repl]

* C:\WINDOWS\System32\user32.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll : 577,024 : 03/02/2005 06:19 PM : 1800f293bccc8ede8a70e12b88d80036 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll : 578,048 : 03/08/2007 03:48 PM : 7aa4f6c00405dfc4b70ed4214e7d687b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB890859$\user32.dll : 577,024 : 08/04/2004 08:00 AM : c72661f8552ace7c5c85e16a3cf505c4 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB925902$\user32.dll : 577,024 : 03/02/2005 06:09 PM : de2db164bbb35db061af0997e4499054 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\user32.dll : 577,536 : 03/08/2007 03:36 PM : b409909f6e2e8a7067076ed748abf1e7 [Pos Repl]

* C:\WINDOWS\System32\userinit.exe [NoSig]

* C:\WINDOWS\System32\usp10.dll [NoSig]

* C:\WINDOWS\System32\UxTheme.dll [NoSig]

* C:\WINDOWS\System32\version.dll [NoSig]

* C:\WINDOWS\System32\w32time.dll [NoSig]

* C:\WINDOWS\System32\wbem\wmiprvse.exe [NoSig]

* C:\WINDOWS\System32\wdigest.dll [NoSig]

* C:\WINDOWS\System32\wiaservc.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB927802\SP2QFE\wiaservc.dll : 333,824 : 12/19/2006 06:47 PM : d9f097aa3b97034d3358a01b43e635b2 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB927802$\wiaservc.dll : 333,312 : 08/04/2004 06:00 AM : d9f6c4f6b1e188adafc42b561d9bc2e6 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wiaservc.dll : 333,824 : 12/19/2006 06:16 PM : b6763f8534ac547cf1af98afdff2edc8 [Pos Repl]

* C:\WINDOWS\System32\wininet.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\wininet.dll : 659,456 : 07/03/2005 06:09 AM : 6e533d155b259eb2363d3e04b5be309f [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\wininet.dll : 662,016 : 01/09/2006 06:02 PM : dde9597a3311748c1519444e2bc147bd [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB928090\SP2QFE\wininet.dll : 665,088 : 01/04/2007 02:05 PM : 3ffa1573fc274e5aa7467d03941c45ee [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB931768\SP2QFE\wininet.dll : 665,600 : 02/20/2007 02:52 AM : b258c922d22deec880b60720531d7627 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB933566\SP2QFE\wininet.dll : 665,600 : 04/18/2007 01:46 PM : 4261ba03afd659de04f0a17dfbdd454d [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\wininet.dll : 665,600 : 06/26/2007 03:35 PM : e1a3dd68b5380b360a7310a64d9bb188 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896727$\wininet.dll : 656,384 : 08/04/2004 06:00 AM : c0823fc5469663ba63e7db88f9919d70 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB928090$\wininet.dll : 658,432 : 01/09/2006 06:08 PM : d9e3f8440d208698b3f0e5cfac26daa1 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB931768$\wininet.dll : 658,944 : 01/04/2007 01:37 PM : 8c393df5234cbcbff1ee31902d6b40ae [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB933566$\wininet.dll : 658,944 : 02/20/2007 01:48 AM : 30d1c47e40efbb792ff8d3c3b51ce507 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB937143$\wininet.dll : 658,944 : 04/18/2007 01:31 PM : b7156cd97e739f3014bc4d61758f868a [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wininet.dll : 658,944 : 06/26/2007 03:09 PM : 184e47c8f7b331025e6dc92740db188f [Pos Repl]

* C:\WINDOWS\System32\winlogon.exe [NoSig]

* C:\WINDOWS\System32\ws2_32.dll [NoSig]

* C:\WINDOWS\System32\ws2help.dll [NoSig]

* C:\WINDOWS\System32\wscntfy.exe [NoSig]

* C:\WINDOWS\System32\xmlprov.dll [NoSig]

* C:\WINDOWS\explorer.exe [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe : 1,033,216 : 06/13/2007 03:26 AM : 7712df0cdde3a5ac89843e61cd5b3658 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB938828$\explorer.exe : 1,032,192 : 08/04/2004 01:00 AM : a0732187050030ae399b241436565e64 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\explorer.exe : 1,033,216 : 06/13/2007 03:23 AM : 97bd6515465659ff8f3b7be375b2ea87 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/06/2012 04:41:16 PM
Execution time: 0 hours(s), 6 minute(s), and 49 seconds(s)
axelloughrey is offline  
Old 11-06-2012, 09:17 AM   #14
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



Rkill - Code:

Rkill 2.4.4 by Lawrence Abrams (Grinler)
Bleeping Computer - Technical Support and Computer Help
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
RKill - What it does and What it Doesn't - A brief introduction to the program

Program started at: 11/06/2012 04:34:26 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\System32\DLA\DLACTRLW.EXE (PID: 1348) [WD-HEUR]
* C:\WINDOWS\SMINST\Scheduler.exe (PID: 244) [WD-HEUR]

2 proccesses terminated!

Possibly Patched Files.

* C:\WINDOWS\system32\services.exe
* C:\WINDOWS\system32\lsass.exe
* C:\WINDOWS\system32\svchost.exe
* C:\WINDOWS\System32\svchost.exe
* C:\WINDOWS\system32\svchost.exe
* C:\WINDOWS\system32\svchost.exe

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Cryptographic Services (CryptSvc) is not Running.
Startup Type set to: Automatic

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Manual

* Network Connections (Netman) is not Running.
Startup Type set to: Manual

* RasAuto [Missing Service]
* RasMan [Missing Service]
* RDSessMgr [Missing Service]
* RemoteAccess [Missing Service]
* RpcLocator [Missing Service]
* RpcSs [Missing Service]
* RSVP [Missing Service]
* SamSs [Missing Service]
* SCardSvr [Missing Service]
* Schedule [Missing Service]
* seclogon [Missing Service]
* SENS [Missing Service]
* SharedAccess [Missing Service]
* ShellHWDetection [Missing Service]
* Spooler [Missing Service]
* srservice [Missing Service]
* SSDPSRV [Missing Service]
* stisvc [Missing Service]
* SysmonLog [Missing Service]
* TapiSrv [Missing Service]
* Themes [Missing Service]
* TrkWks [Missing Service]
* upnphost [Missing Service]
* UPS [Missing Service]
* VSS [Missing Service]
* W32Time [Missing Service]
* WebClient [Missing Service]
* winmgmt [Missing Service]
* WmdmPmSN [Missing Service]
* WmiApSrv [Missing Service]
* wscsvc [Missing Service]
* wuauserv [Missing Service]
* WZCSVC [Missing Service]
* xmlprov [Missing Service]
* sr [Missing Service]
* Srv [Missing Service]
* Tcpip [Missing Service]
* Update [Missing Service]
* VgaSave [Missing Service]
* wdmaud [Missing Service]

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\appmgmts.dll [NoSig]

* C:\WINDOWS\System32\browser.dll [NoSig]

* C:\WINDOWS\System32\clipsrv.exe [NoSig]

* C:\WINDOWS\System32\comctl32.dll [NoSig]
+-> C:\WINDOWS\$NtUninstallKB923191$\comctl32.dll : 611,328 : 08/04/2004 00:00 AM : a77dfb85faee49d66c74da6024ebc69b [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\comctl32.dll : 617,472 : 08/25/2006 04:45 PM : b0124cb21d28b1c9f678b566b6b57d92 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll : 921,088 : 08/04/2004 04:00 AM : aef3d788dbf40c7c4d204ea45eb0c505 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll : 1,050,624 : 08/04/2004 04:00 AM : 5af68a5e44734a082442668e9c787743 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll : 1,054,208 : 08/25/2006 04:45 PM : c4e80875c1cf1222fc5efd0314ae5c01 [Pos Repl]

* C:\WINDOWS\System32\comres.dll [NoSig]

* C:\WINDOWS\System32\cryptsvc.dll [NoSig]

* C:\WINDOWS\System32\csrss.exe [NoSig]

* C:\WINDOWS\System32\ctfmon.exe [NoSig]

* C:\WINDOWS\System32\d3d8.dll [NoSig]

* C:\WINDOWS\System32\d3d8thk.dll [NoSig]

* C:\WINDOWS\System32\d3d9.dll [NoSig]

* C:\WINDOWS\System32\ddraw.dll [NoSig]

* C:\WINDOWS\System32\dllhost.exe [NoSig]

* C:\WINDOWS\System32\drivers\acpiec.sys [NoSig]

* C:\WINDOWS\System32\drivers\acpi.sys [NoSig]

* C:\WINDOWS\System32\drivers\aec.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys : 142,464 : 02/15/2006 00:30 AM : 1ee7b434ba961ef845de136224c30fec [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB900485$\aec.sys : 142,464 : 08/04/2004 00:39 AM : 841f385c6cfaf66b58fbd898722bb4f0 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\aec.sys : 142,464 : 02/15/2006 04:22 AM : 1ee7b434ba961ef845de136224c30fec [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\aec.sys : 142,464 : 02/15/2006 04:22 AM : 1ee7b434ba961ef845de136224c30fec [Pos Repl]

* C:\WINDOWS\System32\drivers\afd.sys [NoSig]

* C:\WINDOWS\System32\drivers\amdk6.sys [NoSig]

* C:\WINDOWS\System32\drivers\amdk7.sys [NoSig]

* C:\WINDOWS\System32\drivers\arp1394.sys [NoSig]

* C:\WINDOWS\System32\drivers\asyncmac.sys [NoSig]

* C:\WINDOWS\System32\drivers\atapi.sys [NoSig]

* C:\WINDOWS\System32\drivers\audstub.sys [NoSig]

* C:\WINDOWS\System32\drivers\battc.sys [NoSig]

* C:\WINDOWS\System32\drivers\beep.sys [NoSig]

* C:\WINDOWS\System32\drivers\bridge.sys [NoSig]

* C:\WINDOWS\System32\drivers\cbidf2k.sys [NoSig]

* C:\WINDOWS\System32\drivers\cdaudio.sys [NoSig]

* C:\WINDOWS\System32\drivers\cdfs.sys [NoSig]

* C:\WINDOWS\System32\drivers\cdrom.sys [NoSig]

* C:\WINDOWS\System32\drivers\classpnp.sys [NoSig]

* C:\WINDOWS\System32\drivers\CmBatt.sys [NoSig]

* C:\WINDOWS\System32\drivers\compbatt.sys [NoSig]

* C:\WINDOWS\System32\drivers\cpqdap01.sys [NoSig]

* C:\WINDOWS\System32\drivers\crusoe.sys [NoSig]

* C:\WINDOWS\System32\drivers\diskdump.sys [NoSig]

* C:\WINDOWS\System32\drivers\disk.sys [NoSig]

* C:\WINDOWS\System32\drivers\dmboot.sys [NoSig]

* C:\WINDOWS\System32\drivers\dmio.sys [NoSig]

* C:\WINDOWS\System32\drivers\dmload.sys [NoSig]

* C:\WINDOWS\System32\drivers\DMusic.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\dmusic.sys : 52,864 : 08/04/2004 04:07 AM : a6f881284ac1150e37d9ae47ff601267 [Pos Repl]

* C:\WINDOWS\System32\drivers\drmkaud.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\drmkaud.sys : 2,944 : 08/04/2004 04:07 AM : 1ed4dbbae9f5d558dbba4cc450e3eb2e [Pos Repl]

* C:\WINDOWS\System32\drivers\drmk.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\drmk.sys : 60,288 : 08/04/2004 04:08 AM : ff86422268de771d571e123eb7092c6a [Pos Repl]

* C:\WINDOWS\System32\drivers\dxapi.sys [NoSig]

* C:\WINDOWS\System32\drivers\dxg.sys [NoSig]

* C:\WINDOWS\System32\drivers\dxgthk.sys [NoSig]

* C:\WINDOWS\System32\drivers\fastfat.sys [NoSig]

* C:\WINDOWS\System32\drivers\fdc.sys [NoSig]

* C:\WINDOWS\System32\drivers\fips.sys [NoSig]

* C:\WINDOWS\System32\drivers\flpydisk.sys [NoSig]

* C:\WINDOWS\System32\drivers\fltMgr.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmgr.sys : 128,768 : 08/21/2006 00:43 AM : 5a85cd3d07273e3f6fe72ee9c6431632 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB922582$\fltmgr.sys : 124,800 : 08/04/2004 00:00 AM : 157754f0df355a9e0a6f54721914f9c6 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\fltmgr.sys : 128,896 : 08/21/2006 04:14 AM : 3d234fb6d6ee875eb009864a299bea29 [Pos Repl]

* C:\WINDOWS\System32\drivers\fs_rec.sys [NoSig]

* C:\WINDOWS\System32\drivers\fsvga.sys [NoSig]

* C:\WINDOWS\System32\drivers\ftdisk.sys [NoSig]

* C:\WINDOWS\System32\drivers\hidclass.sys [NoSig]

* C:\WINDOWS\System32\drivers\hidparse.sys [NoSig]

* C:\WINDOWS\System32\drivers\http.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\http.sys : 262,656 : 03/17/2006 00:08 AM : 909d110c9634b0f1487eaaea837317d9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB916595$\http.sys : 263,040 : 08/04/2004 00:00 AM : c19b522a9ae0bbc3293397f3055e80a1 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\http.sys : 262,784 : 03/17/2006 04:33 AM : cb77bb47e67e84deb17ba29632501730 [Pos Repl]

* C:\WINDOWS\System32\drivers\i8042prt.sys [NoSig]
+-> C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\i8042prt.sys : 52,736 : 08/04/2004 00:00 AM : 5502b58eef7486ee6f93f3f164dcb808 [Pos Repl]

* C:\WINDOWS\System32\drivers\imapi.sys [NoSig]

* C:\WINDOWS\System32\drivers\intelide.sys [NoSig]

* C:\WINDOWS\System32\drivers\intelppm.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB884575$\intelppm.sys : 36,096 : 08/04/2004 00:00 AM : 279fb78702454dff2bb445f238c048d2 [Pos Repl]

* C:\WINDOWS\System32\drivers\ip6fw.sys [NoSig]

* C:\WINDOWS\System32\drivers\ipfltdrv.sys [NoSig]

* C:\WINDOWS\System32\drivers\ipinip.sys [NoSig]

* C:\WINDOWS\System32\drivers\ipnat.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB886185\SP2QFE\ipnat.sys : 134,912 : 09/29/2004 11:31 PM : 5191673215c91ff13ceaa83ef8e9653f [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB886185$\ipnat.sys : 134,912 : 08/04/2004 00:00 AM : b5a8e215ac29d24d60b4d1250ef05ace [Pos Repl]

* C:\WINDOWS\System32\drivers\ipsec.sys [NoSig]

* C:\WINDOWS\System32\drivers\irenum.sys [NoSig]

* C:\WINDOWS\System32\drivers\isapnp.sys [NoSig]

* C:\WINDOWS\System32\drivers\kbdclass.sys [NoSig]

* C:\WINDOWS\System32\drivers\kmixer.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\kmixer.sys : 172,416 : 06/14/2006 11:50 AM : 8531438246ce9474e41ee1599904c0c7 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB920872$\kmixer.sys : 171,776 : 08/04/2004 00:07 AM : d93cad07c5683db066b0b2d2d3790ead [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\kmixer.sys : 172,416 : 06/14/2006 04:47 AM : ba5deda4d934e6288c2f66caf58d2562 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\kmixer.sys : 172,416 : 06/14/2006 04:47 AM : ba5deda4d934e6288c2f66caf58d2562 [Pos Repl]

* C:\WINDOWS\System32\drivers\ksecdd.sys [NoSig]

* C:\WINDOWS\System32\drivers\ks.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\ks.sys : 140,928 : 08/04/2004 04:15 AM : b9540e258f952650de8dec68719a5c97 [Pos Repl]

* C:\WINDOWS\System32\drivers\mcd.sys [NoSig]

* C:\WINDOWS\System32\drivers\mf.sys [NoSig]

* C:\WINDOWS\System32\drivers\mnmdd.sys [NoSig]

* C:\WINDOWS\System32\drivers\modem.sys [NoSig]

* C:\WINDOWS\System32\drivers\mouclass.sys [NoSig]
+-> C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\mouclass.sys : 23,040 : 08/04/2004 00:00 AM : 34e1f0031153e491910e12551400192c [Pos Repl]

* C:\WINDOWS\System32\drivers\mountmgr.sys [NoSig]

* C:\WINDOWS\System32\drivers\mqac.sys [NoSig]

* C:\WINDOWS\System32\drivers\mrxdav.sys [NoSig]

* C:\WINDOWS\System32\drivers\mrxsmb.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB885250\SP2QFE\mrxsmb.sys : 451,584 : 01/19/2005 11:51 AM : 7b195060ff456fa65954c72c5c1640ff [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys : 448,128 : 10/28/2004 11:15 AM : a1be3cb080dcc0a8270d21e3ca3b7005 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys : 454,400 : 05/05/2006 11:16 AM : 7412ce77c6fd823f8889b4df420c680b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB885250$\mrxsmb.sys : 451,456 : 08/04/2004 00:00 AM : 1fd607fc67f7f7c633c3da65bfc53d18 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB914389$\mrxsmb.sys : 451,584 : 01/19/2005 00:26 AM : 5ddc9a1b2eb5a4bf010ce8c019a18c1f [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\mrxsmb.sys : 453,120 : 05/05/2006 04:41 AM : 025af03ce51645c62f3b6907a7e2be5e [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mrxsmb.sys : 453,120 : 05/05/2006 04:41 AM : 025af03ce51645c62f3b6907a7e2be5e [Pos Repl]

* C:\WINDOWS\System32\drivers\msfs.sys [NoSig]

* C:\WINDOWS\System32\drivers\msgpc.sys [NoSig]

* C:\WINDOWS\System32\drivers\MSKSSRV.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\mskssrv.sys : 7,552 : 08/04/2004 04:58 AM : ae431a8dd3c1d0d0610cdbac16057ad0 [Pos Repl]

* C:\WINDOWS\System32\drivers\MSPCLOCK.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\mspclock.sys : 5,376 : 08/04/2004 04:58 AM : 13e75fef9dfeb08eeded9d0246e1f448 [Pos Repl]

* C:\WINDOWS\System32\drivers\MSPQM.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\mspqm.sys : 4,992 : 08/04/2004 04:58 AM : 1988a33ff19242576c3d0ef9ce785da7 [Pos Repl]

* C:\WINDOWS\System32\drivers\mssmbios.sys [NoSig]

* C:\WINDOWS\System32\drivers\mup.sys [NoSig]

* C:\WINDOWS\System32\drivers\ndis.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB912436$\ndis.sys : 182,912 : 08/04/2004 00:00 AM : 558635d3af1c7546d26067d5d9b6959e [Pos Repl]

* C:\WINDOWS\System32\drivers\ndistapi.sys [NoSig]

* C:\WINDOWS\System32\drivers\ndisuio.sys [NoSig]

* C:\WINDOWS\System32\drivers\ndiswan.sys [NoSig]

* C:\WINDOWS\System32\drivers\ndproxy.sys [NoSig]

* C:\WINDOWS\System32\drivers\netbios.sys [NoSig]

* C:\WINDOWS\System32\drivers\netbt.sys [NoSig]

* C:\WINDOWS\System32\drivers\nic1394.sys [NoSig]

* C:\WINDOWS\System32\drivers\nikedrv.sys [NoSig]

* C:\WINDOWS\System32\drivers\nmnt.sys [NoSig]

* C:\WINDOWS\System32\drivers\npfs.sys [NoSig]

* C:\WINDOWS\System32\drivers\ntfs.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys : 574,976 : 02/09/2007 11:23 AM : 05ab81909514bfd69cbb1f2c147cf6b9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB930916$\ntfs.sys : 574,592 : 08/04/2004 00:00 AM : b78be402c3f63dd55521f73876951cdd [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ntfs.sys : 574,464 : 02/09/2007 04:10 AM : 19a811ef5f1ed5c926a028ce107ff1af [Pos Repl]

* C:\WINDOWS\System32\drivers\null.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwlnkflt.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwlnkfwd.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwlnkipx.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwlnknb.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwlnkspx.sys [NoSig]

* C:\WINDOWS\System32\drivers\nwrdr.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwrdr.sys : 163,456 : 10/13/2006 11:39 AM : bbbc2e555bb5e4adbaeb1447f11c68c9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB923980$\nwrdr.sys : 163,584 : 08/04/2004 00:00 AM : 03373a79440473062c6f3aedec6a49c8 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\nwrdr.sys : 163,584 : 10/13/2006 04:23 AM : 3f18d9365be71c7b2e43b7cf4a0c1a10 [Pos Repl]

* C:\WINDOWS\System32\drivers\oprghdlr.sys [NoSig]

* C:\WINDOWS\System32\drivers\p3.sys [NoSig]

* C:\WINDOWS\System32\drivers\parport.sys [NoSig]

* C:\WINDOWS\System32\drivers\partmgr.sys [NoSig]

* C:\WINDOWS\System32\drivers\parvdm.sys [NoSig]

* C:\WINDOWS\System32\drivers\pciidex.sys [NoSig]

* C:\WINDOWS\System32\drivers\pci.sys [NoSig]

* C:\WINDOWS\System32\drivers\pcmcia.sys [NoSig]

* C:\WINDOWS\System32\drivers\portcls.sys [NoSig]
+-> C:\WINDOWS\Driver Cache\i386\portcls.sys : 145,920 : 03/22/2005 04:43 AM : 580d49724dcd58d56f09cdd367dcb669 [Pos Repl]

* C:\WINDOWS\System32\drivers\processr.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB884575$\processr.sys : 35,328 : 08/04/2004 00:00 AM : 0d97d88720a4087ec93af7dbb303b30a [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\processr.sys : 35,456 : 08/27/2004 10:42 PM : 9e372a156f92425a1904b84589093a37 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\processr.sys : 35,456 : 08/27/2004 10:42 PM : 9e372a156f92425a1904b84589093a37 [Pos Repl]

* C:\WINDOWS\System32\drivers\psched.sys [NoSig]

* C:\WINDOWS\System32\drivers\ptilink.sys [NoSig]

* C:\WINDOWS\System32\drivers\rasacd.sys [NoSig]

* C:\WINDOWS\System32\drivers\rasl2tp.sys [NoSig]

* C:\WINDOWS\System32\drivers\raspppoe.sys [NoSig]

* C:\WINDOWS\System32\drivers\raspptp.sys [NoSig]

* C:\WINDOWS\System32\drivers\raspti.sys [NoSig]

* C:\WINDOWS\System32\drivers\rawwan.sys [NoSig]

* C:\WINDOWS\System32\drivers\rdbss.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\rdbss.sys : 174,592 : 10/28/2004 11:14 AM : d0fef8156d2d2fec557c100956d76887 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\rdbss.sys : 174,592 : 05/05/2006 11:22 AM : ed375ce745c42a14f10753f7022ecd6a [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB914389$\rdbss.sys : 176,512 : 08/04/2004 00:00 AM : 29d66245adba878fff574cd66abd2884 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\rdbss.sys : 174,592 : 05/05/2006 10:47 AM : 03b965b1ca47f6ef60eb5e51cb50e0af [Pos Repl]

* C:\WINDOWS\System32\drivers\rdpcdd.sys [NoSig]

* C:\WINDOWS\System32\drivers\rdpdr.sys [NoSig]

* C:\WINDOWS\System32\drivers\rdpwd.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys : 139,528 : 06/10/2005 11:06 AM : 047bea21274c8a4a233674a76c958c2c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys : 139,400 : 08/04/2004 00:00 AM : d4f5643d7714ef499ae9527fdcd50894 [Pos Repl]

* C:\WINDOWS\System32\drivers\redbook.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB915326$\redbook.sys : 57,472 : 08/04/2004 00:59 AM : b31b4588e4086d8d84adbf9845c2402b [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\redbook.sys : 57,344 : 02/28/2006 10:10 AM : 7babb669731fc537e50d707a6d16e848 [Pos Repl]

* C:\WINDOWS\System32\drivers\rmcast.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB919007\SP2QFE\rmcast.sys : 202,496 : 07/13/2006 11:43 AM : bcea2b2bf1b6dddd11e65b7478f2d19a [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB919007$\rmcast.sys : 200,064 : 08/04/2004 00:00 AM : 35e81b908ae4e97fc7bdf4607c516ff4 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\rmcast.sys : 202,240 : 07/13/2006 10:48 AM : 9d54c7c15847b933e03d6e7c9307bae5 [Pos Repl]

* C:\WINDOWS\System32\drivers\rndismp.sys [NoSig]

* C:\WINDOWS\System32\drivers\rootmdm.sys [NoSig]

* C:\WINDOWS\System32\drivers\scsiport.sys [NoSig]

* C:\WINDOWS\System32\drivers\sdbus.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB896243$\sdbus.sys : 67,584 : 08/04/2004 00:00 AM : 02fc71b020ec8700ee8a46c58bc6f276 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\sdbus.sys : 76,544 : 12/21/2005 10:04 AM : a60090792feeb63e3f3624d672f2a023 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\sdbus.sys : 67,584 : 08/04/2004 10:00 AM : 02fc71b020ec8700ee8a46c58bc6f276 [Pos Repl]

* C:\WINDOWS\System32\drivers\serenum.sys [NoSig]

* C:\WINDOWS\System32\drivers\serial.sys [NoSig]

* C:\WINDOWS\System32\drivers\sffdisk.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB896243$\sffdisk.sys : 11,136 : 08/04/2004 00:00 AM : 1d9f1bec651815741f088a8fb88e17ee [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\sffdisk.sys : 11,136 : 12/21/2005 10:11 AM : 6297d5ef891198ec495860310bb0ad9f [Pos Repl]

* C:\WINDOWS\System32\drivers\sffp_sd.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB896243$\sffp_sd.sys : 10,240 : 08/04/2004 00:00 AM : 586499fd312ffd7f78553f408e71682e [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\sffp_sd.sys : 10,368 : 12/21/2005 10:11 AM : 33946f2170c58c1517a43fa72e09ff88 [Pos Repl]

* C:\WINDOWS\System32\drivers\sfloppy.sys [NoSig]

* C:\WINDOWS\System32\drivers\smclib.sys [NoSig]

* C:\WINDOWS\System32\drivers\sonydcam.sys [NoSig]

* C:\WINDOWS\System32\drivers\splitter.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys : 6,272 : 06/14/2006 11:50 AM : 9bb1dd670cb7505a90fc4e61d4aa8227 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB920872$\splitter.sys : 6,400 : 08/04/2004 00:07 AM : 8e186b8f23295d1e42c573b82b80d548 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\splitter.sys : 6,400 : 06/14/2006 10:47 AM : 0ce218578fff5f4f7e4201539c45c78f [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\splitter.sys : 6,400 : 06/14/2006 10:47 AM : 0ce218578fff5f4f7e4201539c45c78f [Pos Repl]

* C:\WINDOWS\System32\drivers\sr.sys [NoSig]

* C:\WINDOWS\System32\drivers\srv.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB896422\SP2QFE\srv.sys : 332,544 : 05/10/2005 11:22 AM : 54e79b08d0abc9c551d0fe69cc2f87ec [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB923414\SP2QFE\srv.sys : 332,928 : 08/14/2006 01:00 PM : 5230953c21c811b5fc1ff31ae2b48097 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896422$\srv.sys : 336,256 : 08/04/2004 00:00 AM : 20b7e396720353e4117d64d9dcb926ca [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB923414$\srv.sys : 332,544 : 05/10/2005 00:17 AM : 553007ecce7f6565bbe645beb66d3b69 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\srv.sys : 332,928 : 08/14/2006 10:34 AM : ea554a3ffc3f536fe8320eb38f5e4843 [Pos Repl]

* C:\WINDOWS\System32\drivers\stream.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\stream.sys : 48,640 : 08/04/2004 10:08 AM : c43356072eb3e88cd62958db10cead47 [Pos Repl]

* C:\WINDOWS\System32\drivers\swenum.sys [NoSig]

* C:\WINDOWS\System32\drivers\swmidi.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\swmidi.sys : 54,272 : 08/17/2001 10:00 PM : 94abc808fc4b6d7d2bbf42b85e25bb4d [Pos Repl]

* C:\WINDOWS\System32\drivers\sysaudio.sys [NoSig]
+-> C:\WINDOWS\system32\dllcache\sysaudio.sys : 60,800 : 08/04/2004 10:15 AM : 650ad082d46bac0e64c9c0e0928492fd [Pos Repl]

* C:\WINDOWS\System32\drivers\tape.sys [NoSig]

* C:\WINDOWS\System32\drivers\tcpip6.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB922819\SP2QFE\tcpip6.sys : 225,664 : 08/16/2006 01:13 AM : a026ea381b026d05a4a3d2388d80c3b8 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB922819$\tcpip6.sys : 223,616 : 08/04/2004 00:00 AM : 4d58bb1ae8841aafd8790ad7e1e3b8ea [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\tcpip6.sys : 225,664 : 08/16/2006 10:37 AM : dccacdd2747ada221aece5c9ada5d551 [Pos Repl]

* C:\WINDOWS\System32\Drivers\tcpip.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys : 359,936 : 05/25/2005 08:07 PM : 63fdfea54eb53de2d863ee454937ce1e [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys : 360,448 : 01/13/2006 05:07 PM : 5562cc0a47b2aef06d3417b733f3c195 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys : 360,576 : 04/20/2006 01:18 PM : b2220c618b42a2212a59d91ebd6fc4b4 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys : 359,040 : 08/04/2004 00:00 AM : 9f4b36614a0fc234525ba224957de55c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys : 359,808 : 05/25/2005 08:04 PM : 88763a98a4c26c409741b4aa162720c9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys : 359,808 : 01/13/2006 08:28 AM : 583e063fdc888ca30d05c2724b0d7ef4 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\tcpip.sys : 359,808 : 04/20/2006 10:51 AM : 1dbf125862891817f374f407626967f4 [Pos Repl]

* C:\WINDOWS\System32\drivers\tdi.sys [NoSig]

* C:\WINDOWS\System32\drivers\tdpipe.sys [NoSig]

* C:\WINDOWS\System32\drivers\tdtcp.sys [NoSig]

* C:\WINDOWS\System32\drivers\termdd.sys [NoSig]

* C:\WINDOWS\System32\drivers\tosdvd.sys [NoSig]

* C:\WINDOWS\System32\drivers\tunmp.sys [NoSig]

* C:\WINDOWS\System32\drivers\udfs.sys [NoSig]

* C:\WINDOWS\System32\drivers\update.sys [NoSig]

* C:\WINDOWS\System32\drivers\usb8023.sys [NoSig]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usb8023.sys : 11,136 : 08/29/2002 09:00 PM : 567d6c305295fea98e02fd3e5258ca89 [Pos Repl]

* C:\WINDOWS\System32\drivers\usbcamd2.sys [NoSig]

* C:\WINDOWS\System32\drivers\usbcamd.sys [NoSig]

* C:\WINDOWS\System32\drivers\usbd.sys [NoSig]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbd.sys : 4,736 : 08/29/2002 09:00 PM : 596eb39b50d6ebd9b734dc4ae0544693 [Pos Repl]

* C:\WINDOWS\System32\drivers\usbehci.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB918005$\usbehci.sys : 26,624 : 08/04/2004 08:00 AM : 15e993ba2f6946b2bfbbfcd30398621e [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\usbehci.sys : 30,080 : 04/19/2006 10:50 AM : b0d7020386c7187ef9c5a9643f289cd3 [Pos Repl]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbehci.sys : 19,328 : 08/29/2002 09:00 PM : 2d0c2f3836f72e85d41d9c50aeeb5423 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbehci.sys : 30,080 : 04/19/2006 10:50 AM : b0d7020386c7187ef9c5a9643f289cd3 [Pos Repl]

* C:\WINDOWS\System32\drivers\usbhub.sys [NoSig]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbhub.sys : 51,968 : 08/29/2002 09:00 PM : d7bf70ac85e48b6c4df953401eccb75a [Pos Repl]

* C:\WINDOWS\System32\drivers\usbintel.sys [NoSig]

* C:\WINDOWS\System32\drivers\usbport.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB918005$\usbport.sys : 142,976 : 08/04/2004 08:00 AM : 2034ca78f9c6e787b4b76d81ac888351 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\usbport.sys : 143,360 : 04/19/2006 10:50 AM : 6a6e905b6761edf5bc5245a335950b3d [Pos Repl]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbport.sys : 135,552 : 08/29/2002 09:00 PM : 2ecaba73e8a4e58499bcc1fdb534ef34 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbport.sys : 143,360 : 04/19/2006 10:50 AM : 6a6e905b6761edf5bc5245a335950b3d [Pos Repl]

* C:\WINDOWS\System32\drivers\USBSTOR.sys [NoSig]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbstor.sys : 21,760 : 08/29/2002 09:00 PM : 4923c60f9c381eae679db04021d26abb [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbstor.sys : 26,496 : 08/04/2004 10:08 AM : 6cd7b22193718f1d17a47a1cd6d37e75 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\USBSTOR.SYS : 26,496 : 08/04/2004 09:08 AM : 6cd7b22193718f1d17a47a1cd6d37e75 [Pos Repl]

* C:\WINDOWS\System32\drivers\usbuhci.sys [NoSig]
+-> C:\WINDOWS\$NtUninstallKB918005$\usbuhci.sys : 20,480 : 08/04/2004 08:00 AM : f8fd1400092e23c8f2f31406ef06167b [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\usbuhci.sys : 20,608 : 04/19/2006 10:50 AM : ff6e4fdeb82dc228efa490336409c6bd [Pos Repl]
+-> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\usbuhci.sys : 19,328 : 08/29/2002 09:00 PM : 49ec068278d85bc1e20ac7f3d315e940 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\usbuhci.sys : 20,608 : 04/19/2006 10:50 AM : ff6e4fdeb82dc228efa490336409c6bd [Pos Repl]

* C:\WINDOWS\System32\drivers\vga.sys [NoSig]

* C:\WINDOWS\System32\drivers\videoprt.sys [NoSig]

* C:\WINDOWS\System32\drivers\volsnap.sys [NoSig]

* C:\WINDOWS\System32\drivers\wanarp.sys [NoSig]

* C:\WINDOWS\System32\drivers\wdmaud.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\wdmaud.sys : 82,944 : 06/14/2006 01:17 AM : 0bfa8203b8148fb4e54bc212c41ce497 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB920872$\wdmaud.sys : 82,944 : 08/04/2004 08:15 AM : 2797f33ebf50466020c430ee4f037933 [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\wdmaud.sys : 82,944 : 06/14/2006 10:00 AM : efd235ca22b57c81118c1aeb4798f1c1 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wdmaud.sys : 82,944 : 06/14/2006 10:00 AM : efd235ca22b57c81118c1aeb4798f1c1 [Pos Repl]

* C:\WINDOWS\System32\drivers\wmilib.sys [NoSig]

* C:\WINDOWS\System32\drivers\ws2ifsl.sys [NoSig]

* C:\WINDOWS\System32\dsound.dll [NoSig]

* C:\WINDOWS\System32\dssenh.dll [NoSig]

* C:\WINDOWS\System32\es.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll : 243,200 : 07/26/2005 01:20 AM : 95f5fea4c6de2c3f28784d0dcc8f0dd3 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB902400$\es.dll : 243,200 : 08/04/2004 08:00 AM : acd36a2dd7d1e9d8a060aa651dc07e63 [Pos Repl]

* C:\WINDOWS\System32\eventlog.dll [NoSig]

* C:\WINDOWS\System32\hid.dll [NoSig]

* C:\WINDOWS\System32\hnetcfg.dll [NoSig]

* C:\WINDOWS\System32\imm32.dll [NoSig]

* C:\WINDOWS\System32\ipsecsvc.dll [NoSig]

* C:\WINDOWS\System32\kernel32.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB917422\SP2QFE\kernel32.dll : 985,088 : 07/05/2006 01:57 AM : 0fdd84928a5dde2510761b7ec76ccec9 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll : 986,112 : 04/16/2007 05:07 PM : 09f7cb3687f86edaa4ca081f7ab66c03 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB917422$\kernel32.dll : 983,552 : 08/04/2004 08:00 AM : 888190e31455fad793312f8d087146eb [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll : 984,064 : 07/05/2006 08:55 AM : d8db5397de07577c1cb50ba6d23b3ad4 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\kernel32.dll : 984,576 : 04/16/2007 04:52 PM : a01f9ca902a88f7ced06884174d6419d [Pos Repl]

* C:\WINDOWS\System32\ksuser.dll [NoSig]
+-> C:\WINDOWS\system32\dllcache\ksuser.dll : 4,096 : 08/04/2004 04:56 AM : cbcd254547689bff80c9f547b20911e9 [Pos Repl]

* C:\WINDOWS\System32\linkinfo.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\linkinfo.dll : 19,968 : 09/01/2005 05:44 AM : 648bf0b4dde4f7a1156dae7174d36efa [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB900725$\linkinfo.dll : 18,944 : 08/04/2004 08:00 AM : c2bbd044c741ea4292016c36f718d2e4 [Pos Repl]

* C:\WINDOWS\System32\lpk.dll [NoSig]

* C:\WINDOWS\System32\lsass.exe [NoSig]

* C:\WINDOWS\System32\mfc40u.dll [NoSig]
+-> C:\WINDOWS\$NtUninstallKB924667$\mfc40u.dll : 924,432 : 08/04/2004 08:00 AM : ddf8d47acf8fc3fe5f7f2b95c4d4d136 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mfc40u.dll : 927,504 : 11/01/2006 07:17 PM : 925f8b61ed301a317ba850ebeecbdaa0 [Pos Repl]

* C:\WINDOWS\System32\midimap.dll [NoSig]

* C:\WINDOWS\System32\msgsvc.dll [NoSig]

* C:\WINDOWS\System32\mshtml.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\mshtml.dll : 3,016,192 : 07/20/2005 05:03 AM : a14a7a206ae22de4fe563e44cfc7ddf5 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\mshtml.dll : 3,073,024 : 02/01/2006 05:59 AM : 51c91ac189321a320fc4bc90b56255a3 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB928090\SP2QFE\mshtml.dll : 3,062,272 : 01/04/2007 02:05 PM : 1c45525574ef206346fbafcaac7cc4a5 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB931768\SP2QFE\mshtml.dll : 3,063,296 : 02/20/2007 02:52 AM : 2991727809c7ac3a33e4178cc73244d8 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB933566\SP2QFE\mshtml.dll : 3,064,320 : 05/04/2007 01:59 PM : 00adcb32832a10ed9419493bcea97526 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\mshtml.dll : 3,064,320 : 06/15/2007 01:12 AM : 53f3fd772c010622346c39284c4a863b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896727$\mshtml.dll : 3,003,392 : 08/04/2004 08:00 AM : 376e0843b2356ca91cec8d9837a56ff7 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB928090$\mshtml.dll : 3,070,464 : 02/01/2006 08:59 AM : 568a97e2b959fdd99557ad953702fc8c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB931768$\mshtml.dll : 3,056,640 : 01/04/2007 01:36 PM : f31274d7667d83e73c6ee16d2206b76c [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB933566$\mshtml.dll : 3,056,640 : 02/20/2007 01:48 AM : 6b9d083c0d4c4555fe011b01a98872da [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB937143$\mshtml.dll : 3,058,688 : 05/04/2007 01:29 PM : 4d92717b5bbce85f1254bad23b0d357c [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mshtml.dll : 3,058,688 : 06/14/2007 07:09 PM : f049c52772fc86fd5f6c16d77a2a6204 [Pos Repl]

* C:\WINDOWS\System32\msimg32.dll [NoSig]

* C:\WINDOWS\System32\mspmsnsv.dll [NoSig]
+-> C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll : 25,088 : 08/11/2004 07:45 AM : a477391b7a8b0a0daabadb17cf533a4b [Pos Repl]
+-> C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll : 52,224 : 08/04/2004 01:00 AM : c086483e3dba8c1c0a687ec8d5b3d4c1 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mspmsnsv.dll : 25,088 : 08/11/2004 07:45 AM : a477391b7a8b0a0daabadb17cf533a4b [Pos Repl]

* C:\WINDOWS\System32\msprivs.dll [NoSig]

* C:\WINDOWS\System32\msvcrt.dll [NoSig]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll : 322,560 : 08/04/2004 07:00 AM : 4200be3808f6406dbe45a7b88dae5035 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll : 343,040 : 08/04/2004 07:00 AM : 98ec447e00229afd88d5161a25d065da [Pos Repl]

* C:\WINDOWS\System32\mswsock.dll [NoSig]

* C:\WINDOWS\System32\netlogon.dll [NoSig]

* C:\WINDOWS\System32\netman.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll : 197,632 : 08/22/2005 07:24 PM : 3516d8a18b36784b1005b950b84232e1 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB905414$\netman.dll : 198,144 : 08/04/2004 01:00 AM : dab9e6c7105d2ef49876fe92c524f565 [Pos Repl]

* C:\WINDOWS\System32\ntkrnlpa.exe [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe : 2,056,832 : 03/02/2005 07:36 AM : d8aba3eab509627e707a3b14f00fbb6b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896256$\ntkrnlpa.exe : 2,015,232 : 08/04/2004 01:59 AM : fb142b7007ca2eea76966c6c5cc12150 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB909095$\ntkrnlpa.exe : 2,015,744 : 09/29/2005 01:35 AM : 48472d224e1703882b4de0e28e205e9b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe : 2,015,232 : 10/12/2005 01:54 AM : 0c691ecad81707d3a7797512ac932c62 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe : 2,017,280 : 12/19/2006 04:12 PM : fa64f313f5237c53a909906113acae7d [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe : 2,059,392 : 02/28/2007 07:15 AM : 4d3dbdccbf97f5ba1e74f322b155c3ba [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ntkrnlpa.exe : 2,059,392 : 02/28/2007 07:15 AM : 4d3dbdccbf97f5ba1e74f322b155c3ba [Pos Repl]

* C:\WINDOWS\System32\ntmssvc.dll [NoSig]

* C:\WINDOWS\System32\ntoskrnl.exe [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe : 2,179,456 : 03/02/2005 07:04 AM : 28187802b7c368c0d3aef7d4c382aabb [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896256$\ntoskrnl.exe : 2,148,352 : 08/04/2004 04:18 AM : 626309040459c3915997ef98ec1c8d40 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB909095$\ntoskrnl.exe : 2,136,064 : 09/29/2005 04:02 AM : 25c36dbc46e8eff2a811769a60715ac5 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe : 2,136,064 : 10/12/2005 04:18 AM : c5290e302241594b668a378d89fd903e [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe : 2,137,600 : 12/19/2006 04:49 PM : 57b9d140e1eb8b0ea06df927b63b0eee [Pos Repl]
+-> C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe : 2,182,144 : 02/28/2007 07:55 AM : 5a5c8db4aa962c714c8371fbdf189fc9 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ntoskrnl.exe : 2,182,144 : 02/28/2007 07:55 AM : 5a5c8db4aa962c714c8371fbdf189fc9 [Pos Repl]

* C:\WINDOWS\System32\oakley.dll [NoSig]

* C:\WINDOWS\System32\ole32.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\ole32.dll : 1,284,608 : 01/14/2005 07:07 AM : 2e752611c9a9ae1b6bfd0da03cf7f17e [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\ole32.dll : 1,286,144 : 04/28/2005 08:35 PM : 7440d29f257b7e44329343f944f2142c [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ole32.dll : 1,285,632 : 07/26/2005 08:20 AM : a2f755e237fa2cdd748a80bfbe6657f3 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB873333$\ole32.dll : 1,281,536 : 08/04/2004 04:00 AM : 4fe9d9fa62d020e35e0ac6d1aeeb96f0 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB894391$\ole32.dll : 1,285,120 : 01/14/2005 04:55 AM : abdef60ced7c04ab35a415efb6b96d81 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB902400$\ole32.dll : 1,285,120 : 04/28/2005 08:31 PM : 5950e4f28fda9d147576bf6798937397 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\ole32.dll : 1,285,120 : 07/26/2005 07:39 AM : ab8231d13692ac5088eb9c226b0c0576 [Pos Repl]

* C:\WINDOWS\System32\olepro32.dll [NoSig]

* C:\WINDOWS\System32\perfctrs.dll [NoSig]

* C:\WINDOWS\System32\powrprof.dll [NoSig]

* C:\WINDOWS\System32\psbase.dll [NoSig]

* C:\WINDOWS\System32\pstorsvc.dll [NoSig]

* C:\WINDOWS\System32\qmgr.dll [NoSig]

* C:\WINDOWS\System32\rasadhlp.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll : 7,680 : 06/26/2006 06:45 PM : b5d08c96b2dadaf5171fb69e341b272b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB920683$\rasadhlp.dll : 8,192 : 08/04/2004 08:00 AM : 4caec028c1e21c75e17877d4522d3db4 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\rasadhlp.dll : 8,192 : 06/26/2006 06:37 PM : 5f098bd2ae6b03044b085decffdf91ec [Pos Repl]

* C:\WINDOWS\System32\regsvc.dll [NoSig]

* C:\WINDOWS\System32\rpcss.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\rpcss.dll : 395,776 : 01/14/2005 06:07 AM : 94456045beb4545b5ebe1dcc85951afa [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll : 396,288 : 04/28/2005 08:35 PM : da383fb39a6f1c445f3afc94b3eb1248 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll : 398,336 : 07/26/2005 08:20 AM : c369df215d352b6f3a0b8c3469aa34f8 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB873333$\rpcss.dll : 395,776 : 08/04/2004 08:00 AM : 5c83a4408604f737717ab96371201680 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB894391$\rpcss.dll : 395,776 : 01/14/2005 08:55 AM : 419899803ca479b73b02390318c787c0 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB902400$\rpcss.dll : 395,776 : 04/28/2005 08:31 PM : c8061f289e000703e7672916b7fe1571 [Pos Repl]

* C:\WINDOWS\System32\scecli.dll [NoSig]

* C:\WINDOWS\System32\schannel.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB935840\SP2QFE\schannel.dll : 144,896 : 04/25/2007 09:32 PM : d8b13f0b90de29903cbe044190417f98 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB935840$\schannel.dll : 144,896 : 08/04/2004 08:00 AM : 29632e787dcfc0085a555c681eb82693 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\schannel.dll : 144,896 : 04/25/2007 03:21 PM : 532ea80e9f5452928f8426653215be29 [Pos Repl]

* C:\WINDOWS\System32\schedsvc.dll [NoSig]

* C:\WINDOWS\System32\services.exe [NoSig]

* C:\WINDOWS\System32\setupapi.dll [NoSig]
+-> C:\WINDOWS\system32\dllcache\setupapi.dll : 983,552 : 08/04/2004 03:00 AM : 7808313cbc634ee08346d5ddfef1cc5f [Pos Repl]

* C:\WINDOWS\System32\sfc.dll [NoSig]

* C:\WINDOWS\System32\sfcfiles.dll [NoSig]

* C:\WINDOWS\System32\shsvcs.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shsvcs.dll : 135,168 : 12/19/2006 09:50 PM : 53d9184a21c5cbf600d918e51ef3a7e5 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB928255$\shsvcs.dll : 134,656 : 08/04/2004 08:00 AM : e7518dc542d3ebdcb80edd98462c7821 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\shsvcs.dll : 134,656 : 12/19/2006 09:52 PM : 6815def9b810aefac107eeaf72da6f82 [Pos Repl]

* C:\WINDOWS\System32\smss.exe [NoSig]

* C:\WINDOWS\System32\spoolsv.exe [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe : 57,856 : 06/11/2005 09:17 AM : ad3d9d191aea7b5445fe1d82ffbb4788 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe : 57,856 : 08/04/2004 08:00 AM : 7435b108b935e42ea92ca94f59c8e717 [Pos Repl]

* C:\WINDOWS\System32\srsvc.dll [NoSig]
+-> C:\WINDOWS\$NtUninstallKB888402$\srsvc.dll : 170,496 : 08/04/2004 08:00 AM : 92bdf74f12d6cbec43c94d4b7f804838 [Pos Repl]

* C:\WINDOWS\System32\ssdpsrv.dll [NoSig]

* C:\WINDOWS\System32\svchost.exe [NoSig]

* C:\WINDOWS\System32\tapisrv.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB893756\SP2QFE\tapisrv.dll : 249,344 : 07/08/2005 05:28 PM : 1418a3a6e76e5a2e3f5e43866e793a8b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB893756$\tapisrv.dll : 246,272 : 08/04/2004 08:00 AM : eb4a4187d74a8efdcbea3ea2cb1bdfbd [Pos Repl]

* C:\WINDOWS\System32\termsrv.dll [NoSig]

* C:\WINDOWS\System32\upnphost.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB931261\SP2QFE\upnphost.dll : 185,344 : 02/05/2007 08:19 PM : 36aca6cdc19c95ff468a1426eb7f32f0 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB931261$\upnphost.dll : 185,344 : 08/04/2004 08:00 AM : 0546477bde979e33294fe97f6b3de84a [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\upnphost.dll : 185,344 : 02/05/2007 08:17 PM : aca5d98663d879c6baafcea7e2f1b710 [Pos Repl]

* C:\WINDOWS\System32\user32.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll : 577,024 : 03/02/2005 06:19 PM : 1800f293bccc8ede8a70e12b88d80036 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll : 578,048 : 03/08/2007 03:48 PM : 7aa4f6c00405dfc4b70ed4214e7d687b [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB890859$\user32.dll : 577,024 : 08/04/2004 08:00 AM : c72661f8552ace7c5c85e16a3cf505c4 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB925902$\user32.dll : 577,024 : 03/02/2005 06:09 PM : de2db164bbb35db061af0997e4499054 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\user32.dll : 577,536 : 03/08/2007 03:36 PM : b409909f6e2e8a7067076ed748abf1e7 [Pos Repl]

* C:\WINDOWS\System32\userinit.exe [NoSig]

* C:\WINDOWS\System32\usp10.dll [NoSig]

* C:\WINDOWS\System32\UxTheme.dll [NoSig]

* C:\WINDOWS\System32\version.dll [NoSig]

* C:\WINDOWS\System32\w32time.dll [NoSig]

* C:\WINDOWS\System32\wbem\wmiprvse.exe [NoSig]

* C:\WINDOWS\System32\wdigest.dll [NoSig]

* C:\WINDOWS\System32\wiaservc.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB927802\SP2QFE\wiaservc.dll : 333,824 : 12/19/2006 06:47 PM : d9f097aa3b97034d3358a01b43e635b2 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB927802$\wiaservc.dll : 333,312 : 08/04/2004 06:00 AM : d9f6c4f6b1e188adafc42b561d9bc2e6 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wiaservc.dll : 333,824 : 12/19/2006 06:16 PM : b6763f8534ac547cf1af98afdff2edc8 [Pos Repl]

* C:\WINDOWS\System32\wininet.dll [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\wininet.dll : 659,456 : 07/03/2005 06:09 AM : 6e533d155b259eb2363d3e04b5be309f [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB912945\SP2QFE\wininet.dll : 662,016 : 01/09/2006 06:02 PM : dde9597a3311748c1519444e2bc147bd [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB928090\SP2QFE\wininet.dll : 665,088 : 01/04/2007 02:05 PM : 3ffa1573fc274e5aa7467d03941c45ee [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB931768\SP2QFE\wininet.dll : 665,600 : 02/20/2007 02:52 AM : b258c922d22deec880b60720531d7627 [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB933566\SP2QFE\wininet.dll : 665,600 : 04/18/2007 01:46 PM : 4261ba03afd659de04f0a17dfbdd454d [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\wininet.dll : 665,600 : 06/26/2007 03:35 PM : e1a3dd68b5380b360a7310a64d9bb188 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB896727$\wininet.dll : 656,384 : 08/04/2004 06:00 AM : c0823fc5469663ba63e7db88f9919d70 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB928090$\wininet.dll : 658,432 : 01/09/2006 06:08 PM : d9e3f8440d208698b3f0e5cfac26daa1 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB931768$\wininet.dll : 658,944 : 01/04/2007 01:37 PM : 8c393df5234cbcbff1ee31902d6b40ae [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB933566$\wininet.dll : 658,944 : 02/20/2007 01:48 AM : 30d1c47e40efbb792ff8d3c3b51ce507 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB937143$\wininet.dll : 658,944 : 04/18/2007 01:31 PM : b7156cd97e739f3014bc4d61758f868a [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\wininet.dll : 658,944 : 06/26/2007 03:09 PM : 184e47c8f7b331025e6dc92740db188f [Pos Repl]

* C:\WINDOWS\System32\winlogon.exe [NoSig]

* C:\WINDOWS\System32\ws2_32.dll [NoSig]

* C:\WINDOWS\System32\ws2help.dll [NoSig]

* C:\WINDOWS\System32\wscntfy.exe [NoSig]

* C:\WINDOWS\System32\xmlprov.dll [NoSig]

* C:\WINDOWS\explorer.exe [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe : 1,033,216 : 06/13/2007 03:26 AM : 7712df0cdde3a5ac89843e61cd5b3658 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB938828$\explorer.exe : 1,032,192 : 08/04/2004 01:00 AM : a0732187050030ae399b241436565e64 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\explorer.exe : 1,033,216 : 06/13/2007 03:23 AM : 97bd6515465659ff8f3b7be375b2ea87 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/06/2012 04:41:16 PM
Execution time: 0 hours(s), 6 minute(s), and 49 seconds(s)
axelloughrey is offline  
Old 11-06-2012, 09:18 AM   #15
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



dds code:

DDS (Ver_2012-11-05.02) - NTFS_x86
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 10.9.2
Run by Admin at 16:45:58 on 2012-11-06
.
============== Running Processes ================
.
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\WINDOWS\Explorer.EXE
C:\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.pitchfork.com/
mDefault_Page_URL = hxxp://www.hp.com
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
mSearchAssistant = hxxp://www.google.com/ie
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Credential Manager for ProtectTools: {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\program files\hpq\iam\bin\ItIeAddIN.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Spotify] "c:\documents and settings\admin\application data\spotify\Spotify.exe" /uri spotify:autostart
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [PTHOSTTR] c:\program files\hpq\hp protecttools security manager\PTHOSTTR.EXE /Start
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [CognizanceTS] rundll32.exe c:\progra~1\hpq\iam\bin\AsTsVcc.dll,RegisterModule
mRun: [QlbCtrl] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe
mRun: [Recguard] c:\windows\sminst\Recguard.exe
mRun: [Reminder] c:\windows\creator\Remind_XP.exe
mRun: [Scheduler] c:\windows\sminst\Scheduler.exe
mRun: [WatchDog] c:\program files\intervideo\dvd check\DVDCheck.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [DeviceDiscovery] c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
mRun: [StarSkin] c:\program files\rocket division software\starskin\STARSKIN.EXE -H
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Openwares LiveUpdate] c:\program files\liveupdate\LiveUpdate.exe
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe
mRun: [iTunesHelper] "C:\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{CA557544-A64C-42BB-8FFC-2637FAFDB1AB} : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: IfxWlxEN - IfxWlxEN.dll
Notify: OneCard - c:\program files\hpq\iam\bin\AsWlnPkg.dll
LSA: Notification Packages = scecli AsWlnPkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\admin\application data\mozilla\firefox\profiles\qxhc8ol4.default\
FF - plugin: c:\mozilla plugins\npitunes.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R? 65138918;65138918
R? ASChannel;Local Communication Channel
R? mbamchameleon;mbamchameleon
R? MBAMSwissArmy;MBAMSwissArmy
R? pxucn;Config Installer
R? Symantec Core LC;Symantec Core LC
S? IFXTPM;IFXTPM
S? MBAMProtector;MBAMProtector
S? MBAMScheduler;MBAMScheduler
S? MBAMService;MBAMService
S? PersonalSecureDrive;PersonalSecureDrive
S? rxp;rxp
.
=============== Created Last 30 ================
.
2012-11-06 10:19:38 -------- d-----w- C:\Malwarebytes' Anti-Malware
2012-11-05 21:23:14 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2012-11-05 15:19:20 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-05 13:46:15 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-11-05 11:03:30 -------- d-----w- c:\documents and settings\admin\local settings\application data\Sun
2012-11-05 10:14:45 -------- d-----w- c:\documents and settings\admin\application data\Malwarebytes
2012-11-05 10:14:09 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-11-05 10:14:06 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-05 10:14:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-05 09:29:20 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-05 09:29:19 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-05 09:29:17 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-05 09:28:07 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-04 22:12:21 -------- d-----w- c:\documents and settings\admin\application data\Auslogics
2012-11-04 22:11:50 -------- d-----w- c:\program files\Auslogics
2012-11-04 17:50:15 -------- d-----w- c:\documents and settings\admin\application data\DriverCure
2012-11-04 17:50:11 -------- d-----w- c:\documents and settings\admin\application data\SpeedMaxPc
2012-11-04 17:48:14 -------- d-----w- c:\program files\SpeedMaxPc
2012-11-04 17:48:14 -------- d-----w- c:\documents and settings\all users\application data\SpeedMaxPc
2012-11-02 20:25:01 157272 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe
2012-11-02 20:25:00 96224 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
.
==================== Find3M ====================
.
2012-09-09 22:30:38 293776 ----a-w- C:\iTunesOutlookAddIn.dll
2012-09-09 22:30:36 124816 ----a-w- C:\iTunesMiniPlayer.dll
2012-09-09 22:30:34 421776 ----a-w- C:\iTunesHelper.exe
2012-09-09 22:30:34 403344 ----a-w- C:\iTunesAdmin.dll
2012-09-09 22:30:34 156560 ----a-w- C:\iTunesHelper.dll
2012-09-09 22:30:28 9777040 ----a-w- C:\iTunes.exe
2012-09-09 22:30:24 21131152 ----a-w- C:\iTunes.dll
2012-09-09 22:30:22 776216 ----a-w- C:\gnsdk_sdkmanager.dll
2012-09-09 22:30:22 3008536 ----a-w- C:\gnsdk_dsp.dll
2012-09-09 22:30:22 262680 ----a-w- C:\gnsdk_submit.dll
2012-09-09 22:30:22 219672 ----a-w- C:\gnsdk_musicid.dll
2012-09-09 22:30:22 2011024 ----a-w- C:\iPodUpdaterExt.dll
2012-08-21 12:01:22 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 12:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-08 18:15:32 112528 ----a-w- C:\ITDetector.ocx
.
============= FINISH: 16:46:47.25 ===============
axelloughrey is offline  
Old 11-06-2012, 09:18 AM   #16
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



aswMBR:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-06 16:52:03
-----------------------------
16:52:03.234 OS Version: Windows 5.1.2600 Service Pack 2
16:52:03.234 Number of processors: 1 586 0x4C02
16:52:03.250 ComputerName: YOUR-A9279112E3 UserName: Admin
16:52:07.203 Initialize success
16:53:02.093 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
16:53:02.093 Disk 0 Vendor: FUJITSU_MHV2060BH_PL 892C Size: 57241MB BusType: 3
16:53:02.500 Disk 0 MBR read successfully
16:53:02.500 Disk 0 MBR scan
16:53:02.500 Disk 0 unknown MBR code
16:53:02.500 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 50395 MB offset 63
16:53:02.531 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 6843 MB offset 103209120
16:53:02.562 Disk 0 scanning sectors +117225360
16:53:02.718 Disk 0 scanning C:\WINDOWS\system32\drivers
16:53:29.390 Service scanning
16:54:08.390 Service ql1080 C:\WINDOWS\System32\Drivers\ql1080.sys **LOCKED**
16:54:08.390 Service Ql10wnt C:\WINDOWS\System32\Drivers\Ql10wnt.sys **LOCKED**
16:54:08.406 Service ql12160 C:\WINDOWS\System32\Drivers\ql12160.sys **LOCKED**
16:54:08.906 Service ql1240 C:\WINDOWS\System32\Drivers\ql1240.sys **LOCKED**
16:54:08.906 Service ql1280 C:\WINDOWS\System32\Drivers\ql1280.sys **LOCKED**
16:54:08.968 Service RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys **LOCKED**
16:54:09.203 Service Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys **LOCKED**
16:54:09.312 Service Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys **LOCKED**
16:54:09.656 Service RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys **LOCKED**
16:54:09.734 Service Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys **LOCKED**
16:54:10.000 Service RDPCDD C:\WINDOWS\System32\DRIVERS\RDPCDD.sys **LOCKED**
16:54:10.203 Service rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys **LOCKED**
16:54:10.375 Service RDPWD C:\WINDOWS\System32\Drivers\RDPWD.sys **LOCKED**
16:54:10.656 Service redbook C:\WINDOWS\system32\DRIVERS\redbook.sys **LOCKED**
16:54:11.171 Service RMCAST C:\WINDOWS\system32\drivers\RMCast.sys **LOCKED**
16:54:11.921 Service rxp C:\WINDOWS\system32\drivers\rxp.sys **LOCKED**
16:54:12.437 Service sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys **LOCKED**
16:54:12.515 Service Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys **LOCKED**
16:54:12.703 Service serenum C:\WINDOWS\system32\DRIVERS\serenum.sys **LOCKED**
16:54:12.828 Service Serial C:\WINDOWS\system32\DRIVERS\serial.sys **LOCKED**
16:54:12.890 Service sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys **LOCKED**
16:54:12.953 Service sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys **LOCKED**
16:54:13.015 Service Sfloppy C:\WINDOWS\System32\Drivers\Sfloppy.sys **LOCKED**
16:54:13.515 Service Simbad C:\WINDOWS\System32\Drivers\Simbad.sys **LOCKED**
16:54:13.640 Service SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys **LOCKED**
16:54:13.640 Service Sparrow C:\WINDOWS\System32\Drivers\Sparrow.sys **LOCKED**
16:54:13.765 Service splitter C:\WINDOWS\system32\drivers\splitter.sys **LOCKED**
16:54:15.031 Service swenum C:\WINDOWS\system32\DRIVERS\swenum.sys **LOCKED**
16:54:15.140 Service swmidi C:\WINDOWS\system32\drivers\swmidi.sys **LOCKED**
16:54:16.406 Service symc810 C:\WINDOWS\System32\Drivers\symc810.sys **LOCKED**
16:54:16.406 Service symc8xx C:\WINDOWS\System32\Drivers\symc8xx.sys **LOCKED**
16:54:16.484 Service symlcbrd C:\WINDOWS\system32\drivers\symlcbrd.sys **LOCKED**
16:54:16.484 Service sym_hi C:\WINDOWS\System32\Drivers\sym_hi.sys **LOCKED**
16:54:16.500 Service sym_u3 C:\WINDOWS\System32\Drivers\sym_u3.sys **LOCKED**
16:54:16.750 Service SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys **LOCKED**
16:54:16.859 Service sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys **LOCKED**
16:54:17.656 Service Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys **LOCKED**
16:54:17.734 Service TDPIPE C:\WINDOWS\System32\Drivers\TDPIPE.sys **LOCKED**
16:54:17.812 Service TDTCP C:\WINDOWS\System32\Drivers\TDTCP.sys **LOCKED**
16:54:17.890 Service TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys **LOCKED**
16:54:18.593 Service tifm21 C:\WINDOWS\system32\drivers\tifm21.sys **LOCKED**
16:54:18.718 Service TosIde C:\WINDOWS\System32\Drivers\TosIde.sys **LOCKED**
16:54:18.968 Service ultra C:\WINDOWS\System32\Drivers\ultra.sys **LOCKED**
16:54:19.296 Service Update C:\WINDOWS\system32\DRIVERS\update.sys **LOCKED**
16:54:19.671 Service USBAAPL C:\WINDOWS\System32\Drivers\usbaapl.sys **LOCKED**
16:54:19.765 Service usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys **LOCKED**
16:54:19.875 Service usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys **LOCKED**
16:54:19.921 Service usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys **LOCKED**
16:54:20.031 Service usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys **LOCKED**
16:54:20.140 Service usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys **LOCKED**
16:54:20.234 Service USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS **LOCKED**
16:54:20.312 Service usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys **LOCKED**
16:54:20.390 Service VgaSave C:\WINDOWS\System32\drivers\vga.sys **LOCKED**
16:54:20.468 Service ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys **LOCKED**
16:54:20.562 Service VolSnap C:\WINDOWS\System32\Drivers\VolSnap.sys **LOCKED**
16:54:21.140 Service Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys **LOCKED**
16:54:21.156 Service WDICA C:\WINDOWS\System32\Drivers\WDICA.sys **LOCKED**
16:54:21.312 Service wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys **LOCKED**
16:54:22.062 Service winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys **LOCKED**
16:54:22.250 Service Winsock C:\WINDOWS\System32\Drivers\Winsock.sys **LOCKED**
16:54:22.984 Service WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys **LOCKED**
16:54:23.265 Service WpdUsb C:\WINDOWS\System32\Drivers\wpdusb.sys **LOCKED**
16:54:23.906 Service {79nnsxpf C:\WINDOWS\C:\WINDOWS\system32\drivers\atmepvc.sys **LOCKED**
16:54:24.468 Modules scanning
16:54:40.437 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS**
16:54:48.093 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
16:54:52.156 Module: C:\WINDOWS\system32\ntdll.dll **SUSPICIOUS**
16:54:52.156 Disk 0 trace - called modules:
16:54:52.187 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
16:54:52.218 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85313540]
16:54:52.218 3 CLASSPNP.SYS[f768a05b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x85340a38]
16:54:52.218 Scan finished successfully
16:56:15.578 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
16:56:15.578 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"
axelloughrey is offline  
Old 11-06-2012, 09:20 AM   #17
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



Also had this thing appear on my desktop, (I'm attaching the other file as requesting now)

3Ž׼ z*ŽŽþ ‹ * ‹€=€tƒù ‹ˆ,ƒ€`C`BfRS2Qj ‹€ƒa‚ `
t  fXSS?  fƒf=!XSSu €>„cý H€ f rd€?ff‰ ff‰f3Ҳ—f‹fƒ‹€&4)u%4f3һ*9f‹U4>Uu | ‹65‹67=‹696 =LZk
OS Missing

MBR Error

Press a key.

Press F11 for Emergency Recovery Press F10 to start system recovery 3•• € ?
axelloughrey is offline  
Old 11-06-2012, 09:21 AM   #18
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



Should be the attachment here :)
Attached Files
File Type: txt attach.txt (6.5 KB, 50 views)
axelloughrey is offline  
Old 11-06-2012, 09:21 AM   #19
Security Team
Analyst
 
Join Date: Feb 2011
Location: USA
Posts: 2,322
OS: Vista and Ubuntu



Ok let me look all of this over and I will return as quickly as I can.
jeffce is offline  
Old 11-06-2012, 09:24 AM   #20
Registered Member
 
Join Date: Nov 2012
Posts: 44
OS: xp



Thanks Jeff :)
axelloughrey is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Probable rootkit virus
Hi there,I have followed the instructions for initial posting and my biggest issue is 'website cannot be displayed' messages when going to various websites (i.e., Outlook mail webpages always work, Google search result pages rarely do, youtube links never works). I have attached the DDS.txt and...
Rivenspur Virus/Trojan/Spyware Help 55 06-19-2012 02:26 PM
Have a badly infected laptop need help!
Hi I have been having dramas with my laptop and now I really need help to remove the issues causing me major problems. I have AVG anti virus protection installed and when running a scan was being told that I have an infection called Trojan horse hider:MPR The browser I use is firefox and for...
LindsayH Virus/Trojan/Spyware Help 139 06-03-2012 08:01 PM
REMOTE Hacker - Bank Accounts, Email, Facebook and Administration Control
Hello Tech Support Members. This is long, though it is a culmination of past (solved threads, that aren't) information all in one as well as an all around plea to the selfless experts. I am creating this final last ditch thread to help shed some light on a real enigma that has been cloaking my...
fiLmNut Virus/Trojan/Spyware Help 4 01-21-2011 05:33 AM
Need some help. Virus/malware Thanks!
:upset: Tons of popup windows saying this file is infected and that file is infected, do I want to open up my security software (and this isn't my CA security suite doing this). Even if I'm using Firefox random windows in IE will open with (******.com/porno.com/adult.com). Hardly any...
R_Willis Inactive Malware Help Topics 7 01-20-2011 09:50 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 02:01 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts