oskar01

Heb het ingetypt, werkt niet, toen in veilige modus opgestart. opnieuw ingetypt. Nu start de Laptop niet meer opnieuw op: blijft hangen met mededeling: MyCom Clarity v.1.1 Clarity.sys is juist geladen... Boot Clarity.Cfg is juist geparsed... Normal Boot NTLDR ontbreekt Druk CTRL+ALT+DEL om opnieuw te starten En als ik opnieuw opstart krijg ik weer dezelfde mededeling... Het lijkt me dat de laptop nu echt kapot is... Via F2 heeft het geen zin om via andere onderdelen, B, D enz op te starten, krijg zelfde melding, kan verder ook geen commando's intypen. CDrom met xp start ook niet op...

Ik heb nu Firefox geinstallerd. nu werkt flash wel in html-pagina's. Dus dit probleem is opgelost, mijn dank!!!

De map Qoobox is nu leeg, er staat echter nog 1 lege map in, als ik die wil verwijderen krijg ik de volgende melding:

De map C:\Qoobox kan ik niet verwijderen: zie afbeelding

Flash Player 10.3 heb ik met succes kunnen installeren, geeft het schermpje althans aan, maar ik krijg nog steeds geen flash-animaties in mijn html pagina's. heeft dit misschien met ActiveX te maken?

het is gelukt! geen virusmeldingen meer, allemaal heel erg bedankt, het probleem is opgelost. Nu heb ik ergens anders op het forum ook een probleem: http://www.pc-helpforum.be/f169/flash-player-werkt-niet-meer-36167/

Het probleem lijkt opgelost: scherm wordt niet iedere keer donker en er komen geen rare popups meer, Kan ik nu dit My security Engine verwijderen in de programma instellingen? De map waarin deze Security engine is opgeslagen kan ik niet vinden, heeft iemand enig idee waar deze zou kunnen staan, en hoe hij heet?

combofix log: ComboFix 11-09-01.03 - Eigenaar 05-09-2011 9:42.1.1 - x86 Gestart vanuit: d:\documenten en settings\Eigenaar\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: d:\documenten en settings\Eigenaar\Bureaublad\CFScript.txt . WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . d:\documenten en settings\All Users\Application Data\3e61e5c d:\documenten en settings\All Users\Application Data\3e61e5c\71.mof d:\documenten en settings\All Users\Application Data\3e61e5c\866.mof d:\documenten en settings\All Users\Application Data\3e61e5c\MS3e61.exe d:\documenten en settings\All Users\Application Data\3e61e5c\MSE.ico d:\documenten en settings\All Users\Application Data\3e61e5c\MSESys\vd952342.bd d:\documenten en settings\All Users\Application Data\3e61e5c\MySecurityEngine.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-08-05 to 2011-09-05 )))))))))))))))))))))))))))))) . . 2011-09-03 08:55 . 2011-09-03 08:55 -------- d-----w- d:\documenten en settings\Administrator 2011-08-27 11:42 . 2011-07-08 05:55 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-08-27 11:42 . 2011-07-08 05:55 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-27 11:42 . 2011-08-27 11:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-08-27 11:14 . 2011-08-27 11:14 -------- d-----w- d:\documenten en settings\All Users\Application Data\Malwarebytes . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720] "POINTER"="point32.exe" [bU] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Free FTP Manager\\FreeFTPManager.exe"= . S3 cem56;Xircom CreditCard 10/100 + 56k-modem;c:\windows\system32\DRIVERS\CEM56n5.sys [2001-09-06 49182] S3 Maestro;ESS Maestro 2E-audiostuurprogramma (WDM);c:\windows\system32\drivers\essm2e.sys [2002-08-28 137088] S3 OBOE;Toshiba FIR Port Type-DO;c:\windows\system32\DRIVERS\tos4mo.sys [2001-08-17 28232] . . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{86227D9C-0EFE-4F8A-AA55-30386A3F5686} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-09-05 10:25 Windows 5.1.2600 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{580924E7-4534-80EF-AD4675C17646FF10}\{0EFB2AA0-1A3E-507D-F9B34D5CF29081CD}\{BBABFA65-B0A6-C96D-B621BCAFF6A8D6D6}*] "1D1OWFM6WKF6TLM3S2BGKKUUDG1"=hex:01,00,01,00,00,00,00,00,71,4a,e0,45,b7,4f,44, fb,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BCA821CD-4A5D-ABF7-7317F5EBFF711061}\{A8AD8BCF-CB94-6A01-1BDB64CAD4C7BA22}\{6360A729-06A7-39D5-91DA34CCB8512CF9}*] "1D1OWFM6WKF6TLM3S2BGKKUUDG1"=hex:01,00,01,00,00,00,00,00,71,4a,e0,45,b7,4f,44, fb,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . Voltooingstijd: 2011-09-05 10:46:37 ComboFix-quarantined-files.txt 2011-09-05 08:45 ComboFix2.txt 2011-09-04 15:24 ComboFix3.txt 2011-09-03 11:35 . Pre-Run: 23.206.273.024 bytes beschikbaar Post-Run: 23.116.509.184 bytes beschikbaar . - - End Of File - - 97DBD5D20F92337621C2550467ADB00E ---------- Post toegevoegd om 11:25 ---------- Vorige post was om 11:24 ---------- ---------- Post toegevoegd om 11:24 ---------- Vorige post was om 11:24 ---------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:56:46, on 5-9-2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\Program Files\HijackThis\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [POINTER] point32.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe -- End of file - 1540 bytes

bij het opstarten krijg ik weer die verdomde pop up van My security (zie afbeelding) en even later weer een pop-up met het bekende paardengehinnik... dat meldt dat er een trojan horse is. dat Documenten en Settings\All Users\Application Data\3e61e5c\MS3e61.exe is ook weer terug... Geeft opnieuw een pop up waarin staat dat er besmette mail is geconstateerd. dat kan helemaal niet, want deze laptop heeft al meer dan een jaar geen internetverbinding! Kan ik dat My Security niet gewoon als programma uitschakelen, hoe kan ik vinden waar, in welke map My Secirity is opgeslagen? nieuwe hyack this log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:47:14, on 4-9-2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe D:\Documenten en Settings\All Users\Application Data\3e61e5c\MS3e61.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [My Security Engine] "D:\Documenten en Settings\All Users\Application Data\3e61e5c\MS3e61.exe" /s /d O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE (file missing) -- End of file - 1998 bytes

dit is de combofix scan: ComboFix 11-09-01.03 - Administrator 03-09-2011 11:36:14.1.1 - x86 MINIMAL Gestart vanuit: d:\documenten en settings\Administrator\Bureaublad\ComboFix.exe . WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Altnet c:\program files\Altnet\DBBackup\Sigfiles.db c:\program files\Altnet\Download Manager\adm25.dll c:\program files\Altnet\Download Manager\adm4.dll c:\program files\Altnet\Download Manager\adm4005.exe c:\program files\Altnet\Download Manager\admdata.dll c:\program files\Altnet\Download Manager\admdloader.dll c:\program files\Altnet\Download Manager\admfdi.dll c:\program files\Altnet\Download Manager\admprog.dll c:\program files\Altnet\Download Manager\altnetuninstall.exe c:\program files\Altnet\Download Manager\asm.exe c:\program files\Altnet\Download Manager\asmend.exe c:\program files\Altnet\Download Manager\asmps.dll c:\program files\Altnet\Download Manager\dminfo3.cab c:\program files\Altnet\Download Manager\dminstall7.cab c:\program files\Altnet\Download Manager\dmsetup.bmp c:\program files\Altnet\Download Manager\dmsetupbig.bmp c:\program files\Altnet\Download Manager\jsinstall.cab c:\program files\Altnet\Download Manager\jslegals.txt c:\program files\Altnet\Download Manager\selectdir.txt c:\program files\Altnet\Download Manager\selectdir1st.txt c:\program files\icroso~1 c:\program files\Internet Explorer\SETB.tmp c:\program files\Internet Explorer\SETC.tmp c:\program files\messenger\msmsgsin.exe c:\windows\17PHolmes1002397.exe c:\windows\dobe~1 c:\windows\Fonts\acrsec.fon c:\windows\Fonts\acrsecB.fon c:\windows\Fonts\acrsecI.fon c:\windows\IsUn0413.exe c:\windows\smdat32a.sys c:\windows\smdat32m.sys c:\windows\system32\rnaph.dll c:\windows\system32\Thumbs.db . . (((((((((((((((((((( Bestanden Gemaakt van 2011-08-03 to 2011-09-03 )))))))))))))))))))))))))))))) . . 2011-09-03 08:55 . 2011-09-03 08:55 -------- d-----w- d:\documenten en settings\Administrator 2011-08-27 11:42 . 2011-07-08 05:55 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-08-27 11:42 . 2011-07-08 05:55 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-27 11:42 . 2011-08-27 11:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-08-27 11:14 . 2011-08-27 11:14 -------- d-----w- d:\documenten en settings\All Users\Application Data\Malwarebytes . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . . . . . [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\ndis.sys . [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\ntfs.sys . . . [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\browser.dll [7] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\browser.dll [7] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll [-] 2002-09-11 . 502BB10403C033D259CB451C8D7FB925 . 49152 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\browser.dll . [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\lsass.exe . [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\netman.dll [7] 2005-08-22 . F32049792BCBF64954FF964508E47AFB . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll [7] 2005-08-22 . 269182FF03F1FDD0EF803AEB63C01080 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll [7] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll [7] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2002-09-11 . 58FC56C40F0B9AAB972713242955E590 . 154112 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\netman.dll . [-] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\comres.dll [7] 2004-08-04 08:03 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\ServicePackFiles\i386\comres.dll [7] 2004-08-04 08:03 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll [-] 2002-09-11 13:00 . 8F13292CC6BBA46A7D3ECBB5623BD5AB . 822784 . . [2001.12.4414.42] . . c:\windows\$NtServicePackUninstall$\comres.dll . [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\qmgr.dll [7] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\ServicePackFiles\i386\qmgr.dll [7] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll [-] 2002-09-11 . 9F93E038B7D35F4EA7F46D0CD392D018 . 223232 . . [6.2.2600.1106] . . c:\windows\$NtServicePackUninstall$\qmgr.dll . . [7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe [7] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [7] 2009-02-09 . 1A00FCECA4E29A6B4B33A9D0B3E7CBA0 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\services.exe [7] 2009-02-09 . 1A00FCECA4E29A6B4B33A9D0B3E7CBA0 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe [7] 2009-02-09 . CE06E39F34BBF6B0ADA70F37F70CF0D8 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\services.exe [7] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe [7] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2002-09-11 . BD4B45F82F699D9977681403796716B8 . 101888 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\services.exe . [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\spoolsv.exe . [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\winlogon.exe [7] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\winlogon.exe [7] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe [-] 2002-09-11 . D375231CCA973A06C43E4B6087BFA706 . 519168 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\winlogon.exe . . [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\comctl32.dll [-] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\asms\60\msft\windows\common\controls\comctl32.dll [7] 2006-08-25 . F67AE54BCA3873D48A1AC722A9CA70BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [7] 2006-08-25 . F67AE54BCA3873D48A1AC722A9CA70BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [7] 2006-08-25 . F567148940C1F5D93070822C0F3C0C34 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [7] 2004-08-04 . 8A473F553E9E45DB4EF6FF11AB54E4E1 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [7] 2004-08-04 . 8A473F553E9E45DB4EF6FF11AB54E4E1 . 611328 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [7] 2004-08-04 . FBCF5EF8A261632D1CB45B20ACEDE4B1 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll [-] 2002-09-11 . 5F12538B78C66C67D49B9653DEED0DB9 . 557056 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [7] 2002-09-11 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\i386\asms\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL [7] 2002-09-11 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 2002-09-11 . 1B5D729AFC4B6FE3EC397B74DB7A1BAF . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll . [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\cryptsvc.dll [7] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [7] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll [-] 2002-09-11 . 4563396E23EA861523C08AEDA0666014 . 53248 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll . [7] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll [7] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll [7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [7] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [7] 2008-07-07 20:23 . B3A4422CBD8DAA6710431F67C679DA24 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\es.dll [7] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll [7] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll [7] 2004-08-04 08:03 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll [7] 2004-08-04 08:03 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2002-09-11 13:00 . 4A652DAF0BFD8FF8AA5DB61C7B798DCB . 225280 . . [2001.12.4414.46] . . c:\windows\$NtServicePackUninstall$\es.dll . . [7] 2009-03-21 . B30975B6B1B08A5A18AAC7E3577C7C53 . 1027072 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll [7] 2009-03-21 . B30975B6B1B08A5A18AAC7E3577C7C53 . 1027072 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll [7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll [7] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [7] 2009-03-21 . 67A29642EC9A1ADA0768605B21AA4552 . 1030144 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\kernel32.dll [7] 2007-04-16 . 68757F5935D6D76DD10975B7B7A9751D . 1027072 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [7] 2007-04-16 . 6557EA471552BB9AF16B66902D572BD5 . 1025536 . . [5.1.2600.3119] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [7] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [7] 2006-07-05 . F2352FB7D9E5C70374568724A32B5CB7 . 1025024 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll [7] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll [7] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2002-09-11 . CDE58E6276B4B9104ECC70B90AE386A2 . 971264 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\kernel32.dll . . [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\lpk.dll [7] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\lpk.dll [7] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll [7] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lpk.dll [-] 2002-09-11 . 69BFF2682E81C712C3ED8852BD320244 . 18944 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\lpk.dll . [7] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll . [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\msvcrt.dll [-] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\asms\70\msft\windows\mswincrt\msvcrt.dll [7] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [7] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll [7] 2004-08-04 . 40AC9CE966A05B05C9A4DB5B306A26C3 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll [-] 2002-09-11 . 33D03EC823482177D5171907AF19FFF9 . 323072 . . [7.0.2600.1106] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [7] 2002-09-11 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\i386\asms\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL [7] 2002-09-11 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2002-09-11 . 1B2C477D8847E4123DD8761D2E9008F7 . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll . . [7] 2009-02-06 . 45AE58ACDD9B4A8767064544533F94E2 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll [7] 2009-02-06 . 45AE58ACDD9B4A8767064544533F94E2 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\netlogon.dll . [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\powrprof.dll [7] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\powrprof.dll [7] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll [-] 2002-09-11 . 506AEC11B86CCFF9894FEA9BB1C1BDCD . 14848 . . [6.00.2600.0000] . . c:\windows\$NtServicePackUninstall$\powrprof.dll . [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\scecli.dll . [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\sfc.dll [7] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\sfc.dll [7] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll [-] 2002-09-11 . 750A97F61172F0917AE97E8931E164CE . 4096 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\sfc.dll . [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\svchost.exe . [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\tapisrv.dll [7] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [7] 2005-07-08 . C2A4E29888F45E7FC1FD64C83D5EA669 . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll [7] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll [7] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2002-09-11 . D482CBF778D95C532F3A4C2648EB4B8B . 233984 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll . . [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\userinit.exe [7] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\userinit.exe [7] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe [-] 2002-09-11 . 54EB9CE26234AE9116555C587FAED658 . 22016 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\userinit.exe . [7] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll [7] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll [7] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [7] 2010-02-26 . C3177DEF96C00B09DBEDCC84D4C46C87 . 665088 . . [6.00.2900.3676] . . c:\windows\ie8\wininet.dll [7] 2010-02-26 . E85C22092E206FB7D8C75E297571E584 . 671744 . . [6.00.2900.3676] . . c:\windows\$hf_mig$\KB980182\SP2QFE\wininet.dll [7] 2010-02-26 . 48C55933922D72B990E94CF8656BD05C . 670208 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3GDR\wininet.dll [7] 2010-02-26 . D3E73E61284082EF6249E3A62D1C79D0 . 671744 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\wininet.dll [7] 2010-02-25 . 2A850B8F7B435ACFB9DCD0A566FD720C . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [7] 2010-02-25 . BB424C9406140FEAFB4732025BEBB69B . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [7] 2009-12-22 . 38A33F9FCFD2A1DB80798D4DB485D496 . 665088 . . [6.00.2900.3660] . . c:\windows\$NtUninstallKB980182$\wininet.dll [7] 2009-12-22 . 45497B53C56228E1065CA628FFFA7038 . 671744 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\wininet.dll [7] 2009-12-22 . A21DF8A5A088A16563B30B7F3E70FEF2 . 670208 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\wininet.dll [7] 2009-12-22 . 2ABF21F7978482AF7CFA4DABF8C5B4E6 . 671744 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll [7] 2009-10-29 . B8AB8FF4D10FD7C9D99F743AD5186932 . 665088 . . [6.00.2900.3640] . . c:\windows\$NtUninstallKB978207$\wininet.dll [7] 2009-10-29 . 772A3480B543FB5280DE1679FA73E799 . 670208 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\wininet.dll [7] 2009-10-29 . 77DA6400FF88337FE260CF87A530D64C . 671744 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll [7] 2009-10-29 . C038E702E474EBE32EAAFB4A5952D1B1 . 671744 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\wininet.dll [7] 2009-09-25 . 0833020BDA48BFCE318D8A11421E0218 . 665088 . . [6.00.2900.3627] . . c:\windows\$NtUninstallKB976325$\wininet.dll . [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\ws2_32.dll [7] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [7] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll [-] 2002-09-11 . 3EA6EDC08BB3F373839060EA8B40CE72 . 75264 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll . [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\ws2help.dll . [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\explorer.exe [7] 2007-06-13 . 147E95A42A58CE99E403F7F57656BBEB . 1036800 . . [6.00.2900.3156] . . c:\windows\explorer.exe [7] 2007-06-13 . 147E95A42A58CE99E403F7F57656BBEB . 1036800 . . [6.00.2900.3156] . . c:\windows\system32\dllcache\explorer.exe [7] 2007-06-13 . 1D6245AFBD3FAABC16A885116BE1874D . 1036800 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [7] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe [7] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2002-09-11 . 040CC36796BBA354B678BCE9DCB25A3A . 1007616 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\explorer.exe . [-] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\regedit.exe . [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\ole32.dll [7] 2005-07-26 . 588443247F2EE6A61B5864B64A7E270E . 1284608 . . [5.1.2600.2726] . . c:\windows\system32\ole32.dll [7] 2005-07-26 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll [7] 2005-04-28 . 5C3B15C45ADF30B024927F1A0823BD16 . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll [7] 2005-04-28 . 48629EDCD92AA071554304F9F9E96E38 . 1284608 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll [7] 2004-08-04 . 602969286376832E3F49F54E4F0F051A . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\ole32.dll [7] 2004-08-04 . 602969286376832E3F49F54E4F0F051A . 1281024 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ole32.dll [-] 2002-09-11 . 8C57515321D7FFD77ADD70517D7BE737 . 1169920 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ole32.dll . [-] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\usp10.dll . [-] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\ksuser.dll [7] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\ServicePackFiles\i386\ksuser.dll [7] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ksuser.dll [7] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\ksuser.dll [7] 2002-12-12 07:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\$NtServicePackUninstall$\ksuser.dll [7] 2002-12-12 07:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll . [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\srsvc.dll . [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\wscntfy.exe [7] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [7] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe . [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\xmlprov.dll [7] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [7] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll . [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\eventlog.dll [7] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\eventlog.dll [7] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll [-] 2002-09-11 . 7593FA76DAFDBD9511A9A2B1465FF8C2 . 49152 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\eventlog.dll . [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\sfcfiles.dll [7] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [7] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll [-] 2002-09-11 . 3B8FA96FF436D4CD4E0D13223F965FAB . 1145856 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll . . [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\shsvcs.dll [7] 2006-12-19 . D6F2B8963663F2014FAFCD8E15E4E778 . 135168 . . [6.00.2900.3051] . . c:\windows\system32\shsvcs.dll [7] 2006-12-19 . D6F2B8963663F2014FAFCD8E15E4E778 . 135168 . . [6.00.2900.3051] . . c:\windows\system32\dllcache\shsvcs.dll [7] 2006-12-19 . 20A1DFA416579DACEE28E15E331C3930 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [7] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll [7] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2002-09-11 . 99792E295E5A4E7BCD08F4D708E16AAB . 116736 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll . [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\regsvc.dll [7] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\regsvc.dll [7] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll [-] 2002-09-11 . 548ACD377576BDABAC2E190F6D156906 . 51712 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\regsvc.dll . [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\schedsvc.dll [7] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [7] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll [-] 2002-09-11 . 5239C9913F5166838D772BF4A61C7844 . 160256 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll . . [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\termsrv.dll [7] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\termsrv.dll [7] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll [-] 2002-09-11 . 6AF0C847079356FE152BFD53A60D7487 . 202240 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\termsrv.dll . [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\hnetcfg.dll [7] 2004-08-04 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll [7] 2004-08-04 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll [-] 2002-09-11 . B176F863C9B6A5773E58D98770F9BAC5 . 244224 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll . [7] 2002-09-11 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys [7] 2002-09-11 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\aec.sys . [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\agp440.sys [7] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\agp440.sys [7] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\agp440.sys [7] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\drivers\agp440.sys [-] 2001-08-17 . 65880045C51AA36184841CEE915A61DF . 25472 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\agp440.sys [-] 2001-08-17 . 65880045C51AA36184841CEE915A61DF . 25472 . . [5.1.2600.0] . . c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\AGP440.SYS . [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\ip6fw.sys . [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\mfc40u.dll [7] 2006-11-01 19:19 . 13E52326F0F19A1A8D34681E3444E8D1 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll [7] 2006-11-01 19:19 . 13E52326F0F19A1A8D34681E3444E8D1 . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll [7] 2002-09-11 13:00 . 8EED1D71C14C356684E586B0A7DB6BCE . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll . [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\msgsvc.dll . [-] 2008-04-14 17:02 . 2628076412EC86C92827AE5202501E5D . 52736 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\mspmsnsv.dll [7] 2004-08-04 08:03 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll [7] 2004-08-04 08:03 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\system32\mspmsnsv.dll [-] 2002-12-21 00:11 . 4771A45ECD623CDA43316658C8102F4E . 52736 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll . [7] 2010-02-17 . 1BA87670B4305072123A0CC0F478A340 . 2068096 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe [7] 2010-02-16 . 9F4BED5BFCA2291BA1AD16BB7F0A6E60 . 2062720 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe . [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\ntmssvc.dll [7] 2004-08-04 08:03 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [7] 2004-08-04 08:03 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll [-] 2002-09-11 13:00 . 5117C60E5FC52F0E2BD02E6B0451AE9F . 394752 . . [5.1.2400.1106] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll . . [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\dsound.dll [7] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\ServicePackFiles\i386\dsound.dll [7] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll [7] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\dsound.dll [7] 2002-12-12 07:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\$NtServicePackUninstall$\dsound.dll [7] 2002-12-12 07:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll . [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\d3d9.dll . [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\ddraw.dll . [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\olepro32.dll [7] 2004-08-04 08:03 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\olepro32.dll [7] 2004-08-04 08:03 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll [-] 2002-09-11 13:00 . 11171D442A392E556EBDCE15EA7E62CD . 106496 . . [5.0.5014] . . c:\windows\$NtServicePackUninstall$\olepro32.dll . [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\perfctrs.dll . [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\version.dll [7] 2004-08-04 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\version.dll [7] 2004-08-04 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll [-] 2002-09-11 . 049F5724E94B45B8F01EFEDAF5218C21 . 16384 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\version.dll . [-] 2008-04-14 . 164B6F619C579FAD4E548ACC654FF710 . 93184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\iexplore.exe [7] 2004-08-04 . 78D969F35CD64BF0761F731FCA5FC99D . 93184 . . [6.00.2900.2180] . . c:\windows\ie8\iexplore.exe [7] 2004-08-04 . 78D969F35CD64BF0761F731FCA5FC99D . 93184 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\iexplore.exe [-] 2002-09-11 . 3CAE6FAAB310782FAF84E1B6E1F0E28C . 91136 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\iexplore.exe . [7] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe [7] 2010-02-16 . E6CA0044BAC297BE280BCD5AB04B44F6 . 2185728 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [7] 2010-02-16 . E6CA0044BAC297BE280BCD5AB04B44F6 . 2185728 . . [5.1.2600.3670] . . c:\windows\system32\ntoskrnl.exe [7] 2010-02-16 . E6CA0044BAC297BE280BCD5AB04B44F6 . 2185728 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntoskrnl.exe [7] 2010-02-16 . 481961F97B0526A66EF676E0D00C4180 . 2191232 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe [7] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [7] 2009-12-09 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [7] 2009-12-09 . 9FCCE3EF6E062C55FDA6E67C7EE7BAF4 . 2184704 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [7] 2009-12-09 . F96B89E41B78F5B3050A1003FD143732 . 2190336 . . [5.1.2600.3654] . . c:\windows\$hf_mig$\KB977165\SP2QFE\ntoskrnl.exe [7] 2009-12-09 . 13C15BFF7E82D3F9FD215ADD54A3929D . 2193536 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntoskrnl.exe [7] 2009-08-05 . 270DE336026B0815F064BB8BD4CFD336 . 2193536 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe . [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\srsvc.dll [7] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\srsvc.dll [7] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll [-] 2002-09-11 . 323020B1DF45D8B80886C1806AF35595 . 158720 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\srsvc.dll . . [-] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\wiaservc.dll [7] 2006-12-19 . 1689AC8BD2FC31B377D5D23CC7D872A8 . 334336 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll [7] 2006-12-19 . 0BF8DE5896D9A02C99C4A4EF896E917E . 334336 . . [5.1.2600.3051] . . c:\windows\system32\wiaservc.dll [7] 2006-12-19 . 0BF8DE5896D9A02C99C4A4EF896E917E . 334336 . . [5.1.2600.3051] . . c:\windows\system32\dllcache\wiaservc.dll [7] 2004-08-04 . A52AA02DDB663FEF22C18C693B0EE891 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll [7] 2004-08-04 . A52AA02DDB663FEF22C18C693B0EE891 . 333824 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\wiaservc.dll [-] 2002-09-11 . 415531BDA25C2F8D1D342CD47A3BBC8C . 316928 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll . [-] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\midimap.dll . [-] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\822ceb2331d0360bde8948c432c9beec\rasadhlp.dll [7] 2006-06-26 . 5F1240D4B842F0122042FDA8540432FC . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll [7] 2006-06-26 . 91282911237187F11BD3AD8F834CB5E6 . 8192 . . [5.1.2600.2938] . . c:\windows\system32\rasadhlp.dll [7] 2006-06-26 . 91282911237187F11BD3AD8F834CB5E6 . 8192 . . [5.1.2600.2938] . . c:\windows\system32\dllcache\rasadhlp.dll [7] 2004-08-04 . 9C38671C922A2C86802A7FA3F5834634 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll [7] 2004-08-04 . 9C38671C922A2C86802A7FA3F5834634 . 8192 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll [-] 2002-09-11 . 8B36031EB26860D00D12C87941D27471 . 6144 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Free FTP Manager\\FreeFTPManager.exe"= "d:\\Documenten en Settings\\All Users\\Application Data\\3e61e5c\\MS3e61.exe"= . R3 cem56;Xircom CreditCard 10/100 + 56k-modem;c:\windows\system32\DRIVERS\CEM56n5.sys [2001-09-06 49182] R3 Maestro;ESS Maestro 2E-audiostuurprogramma (WDM);c:\windows\system32\drivers\essm2e.sys [2002-08-28 137088] R3 OBOE;Toshiba FIR Port Type-DO;c:\windows\system32\DRIVERS\tos4mo.sys [2001-08-17 28232] . . . ------- Bijkomende Scan ------- . DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . - - - - ORPHANS VERWIJDERD - - - - . HKLM-Run-POINTER - point32.exe AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0413.EXE AddRemove-AltnetDM - c:\program files\Altnet\Download Manager\AltnetUninstall.exe AddRemove-HijackThis - c:\program files\Trend Micro\HijackThis\HijackThis.exe AddRemove-KB923789 - c:\windows\system32\MacroMed\Flash\genuinst.exe AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-09-03 12:19 Windows 5.1.2600 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{580924E7-4534-80EF-AD4675C17646FF10}\{0EFB2AA0-1A3E-507D-F9B34D5CF29081CD}\{BBABFA65-B0A6-C96D-B621BCAFF6A8D6D6}*] "1D1OWFM6WKF6TLM3S2BGKKUUDG1"=hex:01,00,01,00,00,00,00,00,71,4a,e0,45,b7,4f,44, fb,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BCA821CD-4A5D-ABF7-7317F5EBFF711061}\{A8AD8BCF-CB94-6A01-1BDB64CAD4C7BA22}\{6360A729-06A7-39D5-91DA34CCB8512CF9}*] "1D1OWFM6WKF6TLM3S2BGKKUUDG1"=hex:01,00,01,00,00,00,00,00,71,4a,e0,45,b7,4f,44, fb,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61 . Voltooingstijd: 2011-09-03 13:35:25 ComboFix-quarantined-files.txt 2011-09-03 11:35 . Pre-Run: 23.303.401.472 bytes beschikbaar Post-Run: 23.244.378.112 bytes beschikbaar . - - End Of File - - 0B5524641B9E3FB9625A0EC757005E72

heb inderdaad via andere computer en via usb programma op bureaublad geplaatst, uitgepakt/geinstalleerd. krijg een blauw venster te zien: er wordt geprobeerd een nieuw Systeem herstelpunt aan te maken. staat nu al meer dan een uur zo, er gebeurd niets meer.

in het blauwe scherm staat dat er geprobeerd wordt een nieuw herstelpunt te maken, Met deze laptop heb ik geen internet verbinding, is ook niet te installeren: kabel/plug/kaart is kapot. kan ik niet via hyackthis die virussen uitschakelen? C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe

Het probleem is nog steeds niet opgelost:zie afbeeldingen

dit is de nieuwe log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:43:22, on 1-9-2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe D:\Documenten en Settings\All Users\Application Data\3e61e5c\MS3e61.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\mspaint.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [My Security Engine] "D:\Documenten en Settings\All Users\Application Data\3e61e5c\MS3e61.exe" /s /d O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe -- End of file - 2139 bytes

kan ik die mofcomp en collecteddata bestanden ook verwijderen? kan de hele lijst in de afbeelding verwijderd worden?