handlocker

Ik krijg een melding dat ik Firefox moet afsluiten maar hij is dan al afgesloten voordat ik bezig ben met scannen!

Beste leden/bezoekers, Ik heb sinds eergisteren/gisteren een probleem met me CCleaner en Mozilla Firefox. Ik was bezig met het opschonen via CCleaner. Ik kreeg een melding dat ik me Firefox moest afsluiten maar die was al afgesloten. Ik heb toen me pc opnieuw gestart maar kreeg deze melding opnieuw terwijl ik me Firefox niet had geopend. Ik heb daarna Firefox verwijderd en opnieuw geïnstalleerd. Alles ging toen even goed maar al snel kwam het probleem weer terug. Kan iemand me hiermee helpen a.u.b.? Groetjes,

VEEEEEEEL beter. Computer start weer normaal op met de juiste snelheid.

ComboFix 12-01-29.01 - I. Chamlal 29-01-2012 14:34:43.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1022.283 [GMT 1:00] Gestart vanuit: c:\documents and settings\I. Chamlal\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\I. Chamlal\Bureaublad\CFScript.txt AV: McAfeeAntivirus en antispyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfeeFirewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} * Aanwezig AV is actief . . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\windows\TEMP\logishrd\LVPrcInj01.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy__BS4.SYS -------\Service__bs4.sys -------\Service_xcpip . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-28 to 2012-01-29 )))))))))))))))))))))))))))))) . . 2012-01-28 16:24 . 2012-01-29 13:25 -------- d-----w- c:\documents and settings\I. Chamlal\Application Data\Vidalia 2012-01-28 13:53 . 2012-01-28 13:53 -------- d-----w- c:\documents and settings\I. Chamlal\Application Data\Malwarebytes 2012-01-28 13:53 . 2012-01-28 13:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-01-28 13:53 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-28 13:53 . 2012-01-28 13:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-28 12:23 . 2012-01-28 12:23 388096 ----a-r- c:\documents and settings\I. Chamlal\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-28 12:22 . 2012-01-28 12:22 -------- d-----w- c:\program files\Trend Micro 2012-01-28 12:06 . 2012-01-28 16:34 -------- d-----w- c:\program files\Speccy 2012-01-07 17:05 . 2012-01-29 13:27 -------- d--h--r- c:\documents and settings\I. Chamlal\Onlangs geopend . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-23 20:45 . 2011-07-17 15:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-16 21:16 . 2011-12-16 21:16 32768 ----a-w- c:\windows\system32\drivers\taphss.sys 2011-11-25 21:57 . 2004-09-02 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:40 . 2005-10-06 03:11 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2004-09-02 12:00 60928 ----a-w- c:\windows\system32\packager.exe 2011-11-10 04:54 . 2011-07-16 21:53 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-10 02:27 . 2011-07-16 21:53 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-11-04 19:13 . 2004-09-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2004-09-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2004-09-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2004-09-02 12:00 385024 ------w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2005-08-30 03:56 1296384 ----a-w- c:\windows\system32\quartz.dll 2011-11-03 15:29 . 2004-09-02 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll 2011-11-01 16:07 . 2005-07-26 04:42 1288192 ----a-w- c:\windows\system32\ole32.dll 2010-01-26 09:11 . 2011-07-16 18:33 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe 2011-12-21 08:02 . 2011-12-23 16:45 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . Cryptography Services Fout !! . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-10-20 641400] "Upgrade_Client"="c:\program files\Adobe\update_check.exe" [2011-05-01 59392] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] "Vidalia"="c:\program files\Vidalia Bundle\Vidalia\vidalia.exe" [2011-12-14 5407850] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512] "IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2005-12-12 8744960] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-05 7323648] "nwiz"="nwiz.exe" [2006-01-05 1519616] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-16 1318552] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2011-7-16 66864] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoSMBalloonTip"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . 2;2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x] 2;2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-10-15 57600] R3 cpuz135;cpuz135;c:\docume~1\I5DA3~1.CHA\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys [x] R3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\DRIVERS\mfendisk.sys [2011-10-15 83856] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-10-15 87656] R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904] S1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-10-15 89792] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 160608] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-10-18 150856] S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-02-11 35088] S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-01-28 632792] S3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2006-01-24 835200] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-10-15 338176] S3 mfendiskmp;mfendiskmp;c:\windows\system32\DRIVERS\mfendisk.sys [2011-10-15 83856] S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys [2005-06-20 215040] S3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - mfeavfk01 *Deregistered* - xcpip . Inhoud van de 'Gedeelde Taken' map . 2012-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1004336348-839522115-1003Core.job - c:\documents and settings\I. Chamlal\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 15:40] . 2012-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1004336348-839522115-1003UA.job - c:\documents and settings\I. Chamlal\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 15:40] . 2012-01-28 c:\windows\Tasks\RMSchedule.job - c:\program files\Registry Mechanic\RegMech.exe [2011-09-06 08:02] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyServer = 109.236.80.145:8080 TCP: DhcpNameServer = 192.168.1.254 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll FF - ProfilePath - c:\documents and settings\I. Chamlal\Application Data\Mozilla\Firefox\Profiles\p1lxf3bd.default\ FF - prefs.js: browser.startup.homepage - Google . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-29 14:56 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1085031214-1004336348-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(4816) c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\progra~1\mcafee\SITEAD~1\saHook.dll c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\Vidalia Bundle\Tor\tor.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Canon\IJPLM\IJPLMSVC.EXE c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\nvsvc32.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\program files\Common Files\McAfee\SystemCore\mfefire.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\rundll32.exe c:\windows\system32\imapi.exe c:\windows\system32\dllhost.exe c:\windows\eHome\ehmsas.exe . ************************************************************************** . Voltooingstijd: 2012-01-29 14:59:14 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-29 13:58 ComboFix2.txt 2012-01-28 17:55 . Pre-Run: 222.534.713.344 bytes beschikbaar Post-Run: 222.512.660.480 bytes beschikbaar . - - End Of File - - FB09C294070FE065C8013FCC82329224

Het scannen duurde best lang namelijk ongeveer 40 minuten.. ComboFix 12-01-28.01 - I. Chamlal 28-01-2012 18:12:33.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1022.384 [GMT 1:00] Gestart vanuit: c:\documents and settings\I. Chamlal\Bureaublad\ComboFix.exe AV: McAfeeAntivirus en antispyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfeeFirewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} * Aanwezig AV is actief . . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\I. Chamlal\Application Data\.# c:\documents and settings\I. Chamlal\Application Data\.#\MBX@FC0@A23F80.### c:\documents and settings\I. Chamlal\Application Data\.#\MBX@FC0@A23FB0.### c:\documents and settings\I. Chamlal\Application Data\mIRC\logs\status.log c:\program files\driverspackv32563.exe C:\start.bat c:\windows\bwUnin-8.1.1.50-8876480SL.exe c:\windows\system32\xpsp2res.dll.tmp c:\windows\TEMP\logishrd\LVPrcInj01.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_xcpip . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-28 to 2012-01-28 )))))))))))))))))))))))))))))) . . 2012-01-28 16:24 . 2012-01-28 17:41 -------- d-----w- c:\documents and settings\I. Chamlal\Application Data\Vidalia 2012-01-28 13:53 . 2012-01-28 13:53 -------- d-----w- c:\documents and settings\I. Chamlal\Application Data\Malwarebytes 2012-01-28 13:53 . 2012-01-28 13:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-01-28 13:53 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-28 13:53 . 2012-01-28 13:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-28 12:23 . 2012-01-28 12:23 388096 ----a-r- c:\documents and settings\I. Chamlal\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-28 12:22 . 2012-01-28 12:22 -------- d-----w- c:\program files\Trend Micro 2012-01-28 12:06 . 2012-01-28 16:34 -------- d-----w- c:\program files\Speccy 2012-01-07 17:05 . 2012-01-28 16:08 -------- d--h--r- c:\documents and settings\I. Chamlal\Onlangs geopend . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-23 20:45 . 2011-07-17 15:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-16 21:16 . 2011-12-16 21:16 32768 ----a-w- c:\windows\system32\drivers\taphss.sys 2011-11-25 21:57 . 2004-09-02 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:40 . 2005-10-06 03:11 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2004-09-02 12:00 60928 ----a-w- c:\windows\system32\packager.exe 2011-11-10 04:54 . 2011-07-16 21:53 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-10 02:27 . 2011-07-16 21:53 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-11-04 19:13 . 2004-09-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2004-09-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2004-09-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2004-09-02 12:00 385024 ------w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2005-08-30 03:56 1296384 ----a-w- c:\windows\system32\quartz.dll 2011-11-03 15:29 . 2004-09-02 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll 2011-11-01 16:07 . 2005-07-26 04:42 1288192 ----a-w- c:\windows\system32\ole32.dll 2010-01-26 09:11 . 2011-07-16 18:33 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe 2011-12-21 08:02 . 2011-12-23 16:45 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\atapi.sys [7] 2004-09-02 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\atapi.sys [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys . [7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asyncmac.sys [-] 2004-09-02 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys . [7] 2004-09-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [7] 2004-09-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [7] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [7] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [7] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\kbdclass.sys [7] 2004-09-02 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys . [7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys [7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ndis.sys [-] 2004-09-02 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys . [7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys [7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntfs.sys [-] 2004-09-02 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys . [7] 2004-09-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [7] 2004-09-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\aa392b8bfed9b3a47213f2ce85439604\sp3qfe\tcpip.sys [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\aa392b8bfed9b3a47213f2ce85439604\sp3gdr\tcpip.sys [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\aa392b8bfed9b3a47213f2ce85439604\sp2qfe\tcpip.sys [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\tcpip.sys [-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$NtServicePackUninstall$\tcpip.sys [-] 2005-03-14 . 6129E70F3D2F1E60860C930EBEAF92C2 . 359936 . . [5.1.2600.2631] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys . [7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll [7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\browser.dll [-] 2004-09-02 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll . [7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe [7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\lsass.exe [-] 2004-09-02 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe . [7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll [7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\netman.dll [-] 2004-09-02 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll . [7] 2008-04-14 20:32 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll [7] 2008-04-14 20:32 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll [7] 2008-04-14 20:32 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll [7] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\comres.dll [-] 2004-09-02 12:00 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll . [7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll [7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\qmgr.dll [-] 2004-09-02 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll . [7] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [7] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [7] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [7] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [7] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\rpcss.dll [-] 2005-07-26 . B52BD9DB0BD6D01BDB01B0DBFBB804CD . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2005-07-26 . 23B465FD2354D83218AC091D0EE6D91B . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll [-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll . [7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [7] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [7] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [7] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\services.exe [-] 2004-09-02 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe . [7] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe [7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe [7] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe [7] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\spoolsv.exe [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe . [7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe [7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\winlogon.exe [-] 2004-09-02 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe . [7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe [7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe [7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe [7] 2008-04-14 . FCACAD9819D9A698AC93A7188D97F355 . 112128 . . [5.4.3790.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wuauclt.exe . [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ipsec.sys [-] 2004-09-02 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys . [7] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [7] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [7] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [7] 2010-08-23 . 01D982636AFC3A79537B81D9C3DA897A . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [7] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [7] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\comctl32.dll [7] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asms\60\msft\windows\common\controls\comctl32.dll [-] 2005-04-07 . 5335FC6A8792319417408BB94FCAC64A . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2005-04-07 . 38079D67D2D9759A9FB96EF299D8119A . 1053696 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\comctl32.dll [7] 2004-09-02 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 2004-09-02 . FBCF5EF8A261632D1CB45B20ACEDE4B1 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll . [7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll [7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\cryptsvc.dll [-] 2004-09-02 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll . [7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [7] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [7] 2008-04-14 20:32 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [7] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\es.dll [-] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll . [7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll [7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\imm32.dll [-] 2004-09-02 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll . [7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [7] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [7] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [7] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\kernel32.dll [-] 2004-09-02 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kernel32.dll . [7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll [7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\linkinfo.dll [-] 2005-09-01 . BDF49EB509B446650A752F751634AA1C . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll [-] 2005-09-01 . 74B59D2B62583D3932FCE6CBB6EB5F77 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll . [7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll [7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\lpk.dll [-] 2004-09-02 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll . [7] 2011-11-04 . 958ECE072DA2D840BD3658A3AB708F58 . 5978112 . . [8.00.6001.19170] . . c:\windows\system32\mshtml.dll [7] 2011-11-04 . 958ECE072DA2D840BD3658A3AB708F58 . 5978112 . . [8.00.6001.19170] . . c:\windows\system32\dllcache\mshtml.dll [7] 2011-11-04 . E43D37858B634BDE1E099E92F0202458 . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll [7] 2011-10-03 . 2ECD546FB8594A4C5D807E489045627F . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll [7] 2011-10-03 . 5AF7AC6924E7CB72D76A796262B1C25E . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll [7] 2011-09-05 . 538D8FB09C46E62ED0C59A9C7B12C9BF . 3107328 . . [6.00.2900.6148] . . c:\windows\ie8\mshtml.dll [7] 2011-09-05 . DFEC0338F440C7B1A6E16ED92CE0F8F1 . 3107840 . . [6.00.2900.6148] . . c:\windows\$hf_mig$\KB2586448\SP3QFE\mshtml.dll [7] 2011-07-25 . 39ADF0F29F47896DD726833735AB825C . 5969920 . . [8.00.6001.19120] . . c:\windows\ServicePackFiles\i386\mshtml.dll [7] 2011-07-25 . 03B085EEE1DB5F2E32721CF5C72F7A26 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll [7] 2011-06-27 . 796C3ABC2779096E1B1255ED920AE11A . 3106304 . . [6.00.2900.6129] . . c:\windows\$hf_mig$\KB2559049\SP3QFE\mshtml.dll [7] 2011-05-30 . 7EA2A988004ED9A3D9DC5192DC547C57 . 5964800 . . [8.00.6001.19088] . . c:\windows\SoftwareDistribution\Download\1114b0aa341e67dcdafae550c2f2d03e\SP3GDR\mshtml.dll [7] 2011-05-30 . 6DE2D62A51F4C110AA995583B7463487 . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll [7] 2011-05-30 . 6DE2D62A51F4C110AA995583B7463487 . 5967360 . . [8.00.6001.23181] . . c:\windows\SoftwareDistribution\Download\1114b0aa341e67dcdafae550c2f2d03e\SP3QFE\mshtml.dll [7] 2011-04-25 . FBD07DAD1EF667D2FBDC421F4A05C747 . 3101184 . . [6.00.2900.6104] . . c:\windows\$hf_mig$\KB2530548\SP3QFE\mshtml.dll [7] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll [7] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-04-16 . 57AD74289A9E14105293D5909FDD46D8 . 3094016 . . [6.00.2900.5969] . . c:\windows\SoftwareDistribution\Download\af953a3944a7f8e43b5fd2d22b89d4c0\sp3gdr\mshtml.dll [-] 2010-04-16 . 707C24310482D227C10C895F0173EAF6 . 3094528 . . [6.00.2900.5969] . . c:\windows\SoftwareDistribution\Download\af953a3944a7f8e43b5fd2d22b89d4c0\sp3qfe\mshtml.dll [-] 2010-04-16 . BBC382745684593459A31F56B8F24AEE . 3086336 . . [6.00.2900.3698] . . c:\windows\SoftwareDistribution\Download\af953a3944a7f8e43b5fd2d22b89d4c0\sp2gdr\mshtml.dll [-] 2010-04-16 . 82B44E0D2CDC29E35004538307523308 . 3094016 . . [6.00.2900.3698] . . c:\windows\SoftwareDistribution\Download\af953a3944a7f8e43b5fd2d22b89d4c0\sp2qfe\mshtml.dll [7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll [7] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\mshtml.dll [-] 2005-10-05 . 3660E3C5182D286BEE71E2AF42889D5A . 3015680 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll [-] 2005-10-04 . F765EA3A7ADAB0E9C4A8698F2620CCB4 . 3013120 . . [6.00.2900.2769] . . c:\windows\$NtServicePackUninstall$\mshtml.dll . [7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll [7] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll [7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\msvcrt.dll [7] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asms\70\msft\windows\mswincrt\msvcrt.dll [-] 2004-09-02 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [7] 2004-09-02 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2004-09-02 . 40AC9CE966A05B05C9A4DB5B306A26C3 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll . [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\aa392b8bfed9b3a47213f2ce85439604\sp3gdr\mswsock.dll [7] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll [7] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\aa392b8bfed9b3a47213f2ce85439604\sp3qfe\mswsock.dll [-] 2008-06-20 . 71AB52C70B9436C0A0B704FDE9D1A7CD . 247296 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\aa392b8bfed9b3a47213f2ce85439604\sp2qfe\mswsock.dll [7] 2008-06-20 . 4522CBE00A9E9EEE36AA82ED4B319148 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [7] 2008-06-20 . 4522CBE00A9E9EEE36AA82ED4B319148 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [7] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll [7] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\mswsock.dll [-] 2004-09-02 . 0C53DB0671AB5A93D169DAFFC8DA11CF . 247296 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll . [7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll [7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\netlogon.dll [-] 2004-09-02 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll . [7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll [7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\powrprof.dll [-] 2004-09-02 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll . [7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll [7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\scecli.dll [-] 2004-09-02 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll . [7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll [7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\sfc.dll [-] 2004-09-02 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll . [7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe [7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\svchost.exe [-] 2004-09-02 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe . [7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll [7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\tapisrv.dll [-] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [-] 2005-07-08 . C2A4E29888F45E7FC1FD64C83D5EA669 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll . [7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll [7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\user32.dll [-] 2005-03-02 . 0B62745CE93E8C6F56547F70269DBABC . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . A9F2EBFC6EF9C1FB38CEDCF747162B6C . 578560 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\user32.dll . [7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe [7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\userinit.exe [-] 2004-09-02 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe . [7] 2011-11-04 . D47FE623B45DF066647469DB73AE3215 . 916992 . . [8.00.6001.19165] . . c:\windows\system32\wininet.dll [7] 2011-11-04 . D47FE623B45DF066647469DB73AE3215 . 916992 . . [8.00.6001.19165] . . c:\windows\system32\dllcache\wininet.dll [7] 2011-11-04 . A484703720C95391777DF05F2458FEF8 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll [7] 2011-09-05 . 638A3E908C1E401ADD81878082EFDEBC . 670208 . . [6.00.2900.6148] . . c:\windows\ie8\wininet.dll [7] 2011-09-05 . 031A23A350F9A3A353F4D7144847CAD7 . 671744 . . [6.00.2900.6148] . . c:\windows\$hf_mig$\KB2586448\SP3QFE\wininet.dll [7] 2011-08-22 . 381FDBF8A25C7629696E5EE2B213F8CC . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll [7] 2011-08-22 . EDD945F6C0630DB8453673DF9E7B009E . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll [7] 2011-06-23 . 14FB4665EFBDCE6931A55752A44F7DE2 . 916480 . . [8.00.6001.19098] . . c:\windows\ServicePackFiles\i386\wininet.dll [7] 2011-06-23 . 3BC2081CD791584B4ED373F3B4959CC8 . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll [7] 2011-06-21 . 18A02E70D82B57D68137528251197C78 . 671744 . . [6.00.2900.6126] . . c:\windows\$hf_mig$\KB2559049\SP3QFE\wininet.dll [7] 2011-04-25 . 1C95CF3DBAEBB3CCA34845CD884FB8CA . 916480 . . [8.00.6001.19072] . . c:\windows\SoftwareDistribution\Download\1114b0aa341e67dcdafae550c2f2d03e\SP3GDR\wininet.dll [7] 2011-04-25 . 00F17371D9145B114061564BDABD8C24 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll [7] 2011-04-25 . 00F17371D9145B114061564BDABD8C24 . 919552 . . [8.00.6001.23165] . . c:\windows\SoftwareDistribution\Download\1114b0aa341e67dcdafae550c2f2d03e\SP3QFE\wininet.dll [7] 2011-04-25 . 254DCB7543032B551294AA806D53B420 . 671744 . . [6.00.2900.6104] . . c:\windows\$hf_mig$\KB2530548\SP3QFE\wininet.dll [7] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll [7] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-04-16 . B02C1753A7EEF7B51241DCB8924D2A2B . 670208 . . [6.00.2900.5969] . . c:\windows\SoftwareDistribution\Download\af953a3944a7f8e43b5fd2d22b89d4c0\sp3gdr\wininet.dll [-] 2010-04-16 . 975E4CB58BF8F6C625C0E143BAECB5D8 . 671744 . . [6.00.2900.5969] . . c:\windows\SoftwareDistribution\Download\af953a3944a7f8e43b5fd2d22b89d4c0\sp3qfe\wininet.dll [-] 2010-04-16 . D9A075142E71B267249F98BCAE603FAC . 665088 . . [6.00.2900.3698] . . c:\windows\SoftwareDistribution\Download\af953a3944a7f8e43b5fd2d22b89d4c0\sp2gdr\wininet.dll [-] 2010-04-16 . F513CBA281F35379064D710B516688C3 . 671744 . . [6.00.2900.3698] . . c:\windows\SoftwareDistribution\Download\af953a3944a7f8e43b5fd2d22b89d4c0\sp2qfe\wininet.dll [7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [7] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wininet.dll [-] 2005-09-02 . 632629B24EB816FE354F66B48513E104 . 663552 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll [-] 2005-09-02 . FBC6550971ED432F77E35DD376D573B0 . 661504 . . [6.00.2900.2753] . . c:\windows\$NtServicePackUninstall$\wininet.dll . [7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll [7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ws2_32.dll [-] 2004-09-02 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll . [7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll [7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ws2help.dll [-] 2004-09-02 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll . [7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe [7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe [7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\explorer.exe [-] 2005-04-07 . 9ADEF99545650835A162E28A3850A78F . 1035776 . . [6.00.2900.2649] . . c:\windows\$NtServicePackUninstall$\explorer.exe . [7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\regedit.exe [7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe [7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe [7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\regedit.exe [-] 2004-09-02 . 39C7FA0F39376599CFA59888816F477B . 153088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe . [7] 2011-11-01 . DB355CEF2B35481C21DD213C28560E86 . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll [7] 2011-11-01 . DB355CEF2B35481C21DD213C28560E86 . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll [7] 2011-11-01 . 02AF8E4C7B851A213AC70BF6DD6E3537 . 1288704 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll [7] 2010-07-16 . 57F12B548695C680421CD1EB8169A1C8 . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll [7] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll [7] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ole32.dll [-] 2005-07-26 . 588443247F2EE6A61B5864B64A7E270E . 1284608 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll [-] 2005-07-25 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll [-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll . [7] 2010-04-16 . 36BA0AAABD0AA4798403CB3FF08D5DDD . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll [7] 2010-04-16 . 36BA0AAABD0AA4798403CB3FF08D5DDD . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll [7] 2010-04-16 . 7BB3922CB9973877D2BF4C7222EA8E70 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll [7] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll [7] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\usp10.dll [-] 2004-09-02 . 24B72C7A002170ECC72B6AA5F642A705 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll . [7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll [7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll [7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll [7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ReinstallBackups\0018\DriverFiles\i386\ksuser.dll [7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ReinstallBackups\0026\DriverFiles\i386\ksuser.dll [7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ksuser.dll [7] 2004-08-03 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll . [7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe [7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ctfmon.exe [-] 2004-09-02 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe . [7] 2009-07-27 . 2D5D4156292150FE571872C1B88E9299 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll [7] 2009-07-27 . 2D5D4156292150FE571872C1B88E9299 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll [7] 2009-07-27 . C28A9E9D28ACDAF8097BE4578C49559B . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll [7] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [7] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\shsvcs.dll [-] 2004-09-02 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll . [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\srsvc.dll [-] 2004-11-17 . BD2B4AC5CA73A9245291D0D652F593A3 . 171008 . . [5.1.2600.2567] . . c:\windows\$NtServicePackUninstall$\srsvc.dll . [7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe [7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wscntfy.exe [-] 2004-09-02 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe . [7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll [7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\xmlprov.dll [-] 2004-09-02 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll . [7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll [7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\eventlog.dll [-] 2004-09-02 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll . [7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll [7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\sfcfiles.dll [-] 2004-09-02 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll . [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ipsec.sys [-] 2004-09-02 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys . [7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll [7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\regsvc.dll [-] 2004-09-02 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll . [7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll [7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\schedsvc.dll [-] 2004-09-02 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll . [7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll [7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ssdpsrv.dll [-] 2004-09-02 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll . [7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll [7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\termsrv.dll [-] 2005-03-10 . C066674CB15B3B6F8A1D210D603091B6 . 297472 . . [5.1.2600.2627] . . c:\windows\$NtServicePackUninstall$\termsrv.dll . [7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll [7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll [7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll [7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\hnetcfg.dll [-] 2004-09-02 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll . [7] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll [7] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll [7] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll [7] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\appmgmts.dll [-] 2004-09-02 . CC888653E0DEC81B525B956C77960F88 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll . [7] 2004-09-02 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys [7] 2004-09-02 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [7] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [7] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys [7] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\aec.sys [7] 2004-08-03 22:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys . [7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys [7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\agp440.sys . [7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ip6fw.sys [-] 2004-09-02 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys . [7] 2010-09-18 07:18 . C7F383764824117AEE9C3ED0FCA78044 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll [7] 2010-09-18 06:53 . 7892005CE5CDC809783F452B21FAF58F . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll [7] 2010-09-18 06:53 . 7892005CE5CDC809783F452B21FAF58F . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll [7] 2008-04-14 20:32 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll [7] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\mfc40u.dll [-] 2004-09-02 12:00 . 8EED1D71C14C356684E586B0A7DB6BCE . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll . [7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll [7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\msgsvc.dll [-] 2004-09-02 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll . [7] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [7] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll [7] 2005-08-04 01:14 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\SoftwareDistribution\Download\ef15e5b6b0afb70cbe544cfe4a302acf\mspmsnsv.dll [7] 2005-08-03 16:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [7] 2005-08-03 16:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [-] 2004-09-02 12:00 . 61A79E8D4A440095EA2EB9FD694CD1AE . 25600 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll . [7] 2011-10-26 . 2820129F67352B99B032DE2CF328C767 . 2073728 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [7] 2011-10-26 . 2820129F67352B99B032DE2CF328C767 . 2073728 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntkrnlpa.exe [7] 2011-10-26 . 8CAD5FC3D068F6164028EDAB20B8666F . 2031616 . . [5.1.2600.6165] . . c:\windows\system32\ntkrnlpa.exe [7] 2011-10-26 . 769A1C9E9641DCED4D0AC50968ADDA4E . 2073728 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe [7] 2010-12-09 . BAD22963CD6046C0B2834D2BFFAB56B5 . 2073728 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe [7] 2010-12-09 . 2DB8EA01CD063A7723299FDBDCCAC82B . 2031616 . . [5.1.2600.6055] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [-] 2010-02-17 . 1BA87670B4305072123A0CC0F478A340 . 2068096 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\f7508e5e1ca4973a4a40720633483451\SP2QFE\ntkrnlpa.exe [-] 2010-02-16 . 9F4BED5BFCA2291BA1AD16BB7F0A6E60 . 2062720 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\f7508e5e1ca4973a4a40720633483451\SP2GDR\ntkrnlpa.exe [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\f7508e5e1ca4973a4a40720633483451\SP3GDR\ntkrnlpa.exe [-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\f7508e5e1ca4973a4a40720633483451\SP3QFE\ntkrnlpa.exe [7] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [7] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntkrnlpa.exe [-] 2005-09-29 . 6578F6F65035BB34F8C1E4DC506F7772 . 2020352 . . [5.1.2600.2765] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [-] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe . [7] 2008-04-14 20:32 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [7] 2008-04-14 20:32 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [7] 2008-04-14 20:32 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll [7] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntmssvc.dll [-] 2004-09-02 12:00 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll . [7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll [7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\upnphost.dll [-] 2004-09-02 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll . [7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll [7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\dsound.dll [-] 2004-09-02 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll . [7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll [7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\d3d9.dll [-] 2004-09-02 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll . [7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll [7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ddraw.dll [-] 2004-09-02 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll . [7] 2008-04-14 20:32 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [7] 2008-04-14 20:32 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [7] 2008-04-14 20:32 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll [7] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\olepro32.dll [-] 2004-09-02 12:00 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll . [7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll [7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\perfctrs.dll [-] 2004-09-02 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll . [7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll [7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll [7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll [7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\version.dll [-] 2004-09-02 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll . [7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe [7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\ServicePackFiles\i386\iexplore.exe [7] 2008-04-14 . 164B6F619C579FAD4E548ACC654FF710 . 93184 . . [6.00.2900.5512] . . c:\windows\ie8\iexplore.exe [7] 2008-04-14 . 164B6F619C579FAD4E548ACC654FF710 . 93184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\iexplore.exe [-] 2004-09-02 . 78D969F35CD64BF0761F731FCA5FC99D . 93184 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\iexplore.exe . . . [7] 2011-10-26 . 8E305C5AC846388E99C1204D619AE77A . 2197120 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [7] 2011-10-26 . 8E305C5AC846388E99C1204D619AE77A . 2197120 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntoskrnl.exe [7] 2011-10-26 . C8BAA79324ABD85E5B317CD00D3EFC2D . 2153472 . . [5.1.2600.6165] . . c:\windows\system32\ntoskrnl.exe [7] 2011-10-26 . CA76947F97276D52D4731EA2364ECBD8 . 2197120 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe [7] 2010-12-09 . 431D614A7395BADB939FE552DBDD8723 . 2197120 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe [7] 2010-12-09 . 5D23EB1B99728FBC24AE6B989128D261 . 2153472 . . [5.1.2600.6055] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\f7508e5e1ca4973a4a40720633483451\SP3GDR\ntoskrnl.exe [-] 2010-02-16 . E6CA0044BAC297BE280BCD5AB04B44F6 . 2185728 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\f7508e5e1ca4973a4a40720633483451\SP2GDR\ntoskrnl.exe [-] 2010-02-16 . 481961F97B0526A66EF676E0D00C4180 . 2191232 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\f7508e5e1ca4973a4a40720633483451\SP2QFE\ntoskrnl.exe [-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\f7508e5e1ca4973a4a40720633483451\SP3QFE\ntoskrnl.exe [7] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [7] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntoskrnl.exe [-] 2005-09-29 . 45025C751C36D5F881C585B652A58D82 . 2140672 . . [5.1.2600.2765] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [-] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe . [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\srsvc.dll [-] 2004-11-17 . BD2B4AC5CA73A9245291D0D652F593A3 . 171008 . . [5.1.2600.2567] . . c:\windows\$NtServicePackUninstall$\srsvc.dll . [7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll [7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll [7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll [7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\w32time.dll [-] 2004-09-02 . EF361E7A6319C445C21C81A131CF1F99 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll . [7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll [7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll [7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll [7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wiaservc.dll [-] 2004-09-02 . A52AA02DDB663FEF22C18C693B0EE891 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll . [7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll [7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll [7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll [7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\midimap.dll [-] 2004-09-02 . E291F42AE2793304990C6EA77C482979 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll . [7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll [7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll [7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll [7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\rasadhlp.dll [-] 2004-09-02 . 9C38671C922A2C86802A7FA3F5834634 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-10-20 641400] "Upgrade_Client"="c:\program files\Adobe\update_check.exe" [2011-05-01 59392] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] "Vidalia"="c:\program files\Vidalia Bundle\Vidalia\vidalia.exe" [2011-12-14 5407850] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512] "IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2005-12-12 8744960] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-05 7323648] "nwiz"="nwiz.exe" [2006-01-05 1519616] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-16 1318552] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2011-7-16 66864] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoSMBalloonTip"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [16-7-2011 16:04 89792] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [16-7-2011 16:04 214904] R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [16-7-2011 16:04 214904] R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [16-7-2011 16:04 214904] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [16-7-2011 16:05 160608] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [16-7-2011 16:04 150856] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11-2-2011 22:23 35088] R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [6-9-2011 16:29 632792] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [16-7-2011 15:46 835200] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [16-7-2011 16:04 57600] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [16-7-2011 16:04 338176] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [16-7-2011 16:04 83856] R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [16-7-2011 15:45 215040] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S3 _bs4.sys;_bs4.sys;\??\c:\windows\system32\drivers\_bs4.sys --> c:\windows\system32\drivers\_bs4.sys [?] S3 cpuz135;cpuz135;\??\c:\docume~1\I5DA3~1.CHA\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys --> c:\docume~1\I5DA3~1.CHA\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys [?] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [16-7-2011 16:04 83856] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [16-7-2011 16:04 87656] S4 McOobeSv;McAfee OOBE Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [16-7-2011 16:04 214904] . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - mfeavfk01 *Deregistered* - xcpip . Inhoud van de 'Gedeelde Taken' map . 2012-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1004336348-839522115-1003Core.job - c:\documents and settings\I. Chamlal\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 15:40] . 2012-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1004336348-839522115-1003UA.job - c:\documents and settings\I. Chamlal\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-16 15:40] . 2012-01-26 c:\windows\Tasks\RMSchedule.job - c:\program files\Registry Mechanic\RegMech.exe [2011-09-06 08:02] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyServer = 109.236.80.145:8080 TCP: DhcpNameServer = 192.168.1.254 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll FF - ProfilePath - c:\documents and settings\I. Chamlal\Application Data\Mozilla\Firefox\Profiles\p1lxf3bd.default\ FF - prefs.js: browser.startup.homepage - Google . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-SigmatelSysTrayApp - sttray.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-28 18:44 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1085031214-1004336348-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(596) c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\progra~1\mcafee\SITEAD~1\saHook.dll c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\rundll32.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\Vidalia Bundle\Tor\tor.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Canon\IJPLM\IJPLMSVC.EXE c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\nvsvc32.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\rundll32.exe c:\windows\system32\dllhost.exe c:\windows\eHome\ehmsas.exe . ************************************************************************** . Voltooingstijd: 2012-01-28 18:55:10 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-28 17:54 . Pre-Run: 222.382.010.368 bytes beschikbaar Post-Run: 222.527.975.424 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect . - - End Of File - - 8B4FF37026F772445480B5792C4EA5FF

Ik merk een kleine verschil. Internet werkt iets beter maar loopt nog soms wel vast. Maar het opnieuw starten van me pc duurt nog te lang. Is het misschien een idee om me computer helemaal op nieuw te starten met de CD van de fabrikant?

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:23:26, on 28-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Adobe\update_check.exe C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Vidalia Bundle\Tor\tor.exe C:\Program Files\Vidalia Bundle\Polipo\polipo.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\WINDOWS\system32\mfevtps.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\I. Chamlal\Application Data\U3\4201311B4C11C488\LaunchPad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\notepad.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 109.236.80.145:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111223183432.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [intelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\I. Chamlal\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [upgrade_Client] C:\Program Files\Adobe\update_check.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- End of file - 11621 bytes Malwarebytes Anti-Malware 1.60.0.1800 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.01.28.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 I. Chamlal :: CHAMLAL-1DAF9AA [administrator] 28-1-2012 17:09:44 mbam-log-2012-01-28 (17-09-44).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 165191 Verstreken tijd: 12 minuut/minuten, 8 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|svchost.exe (Backdoor.Bot) -> Data: "C:\Program Files\Common Files\Microsoft Shared\Web Components\svchost.lnk" -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 2 HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 3 C:\Documents and Settings\I. Chamlal\Local Settings\Temporary Internet Files\Content.IE5\03CRWFVA\oi_IVideoWare_DVD_Ripper_Ultimate_8[1].exe (PUP.Adware.K.OpenInstall) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\I. Chamlal\Local Settings\Temporary Internet Files\Content.IE5\PPCJ3CZN\oi_IVideoWare_Video_Converter_Ultimate_8[1].exe (PUP.Adware.K.OpenInstall) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Common Files\Microsoft Shared\Web Components\svchost.lnk (Backdoor.Bot) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)

Bedankt voor je snelle reactie (zie hieronder logje van HijackThis) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:23:59, on 28-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Adobe\update_check.exe C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Vidalia Bundle\Tor\tor.exe C:\Program Files\Vidalia Bundle\Polipo\polipo.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\WINDOWS\system32\mfevtps.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 109.236.80.145:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111223183432.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [intelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [svchost.exe] "C:\Program Files\Common Files\Microsoft Shared\Web Components\svchost.lnk" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\I. Chamlal\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [svchost.exe] "C:\Program Files\Common Files\Microsoft Shared\Web Components\svchost.lnk" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [upgrade_Client] C:\Program Files\Adobe\update_check.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll O20 - AppInit_DLLs: O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- End of file - 11644 bytes

Beste gasten & leden, Dit computer is van me zusje.. Me zusje heeft sinds een tijdje terug last van een trage computer en internet. Het word elke dag een stukje erger. Het laden van de computer zodra ik hem aan doe, duurt heel lang. Ook het openen van programma's duren te lang. Internetten is bijna onmogelijk want het duurt heel lang voordat hij een site opent en soms gaat die automatisch naar een andere website. Ik heb paar x geprobeerd om een logje te maken via Speccy, maar zodra ik Speccy open sluit die binnen 3 seconden van zelf af. Dus ik heb nog een probleem erbij. Wie kan me helpen alsjeblieft? Wat is er aan de hand? Ik kan jullie hulp goed gebruiken.. Ik heb zelf namelijk weinig/nauwelijks verstand van computers Groetjes,

Nogmaals hartstikke bedankt voor je hulp. Groetjes

Veel beter.. Echt hartstikke bedankt voor al je hulp! Zonder jou hulp zat ik nog steeds in de problemen.. Ik heb net ook AVG en Spywareblaster geïnstalleerd..

ComboFix 12-01-23.02 - Administrator 24-01-2012 21:05:58.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1919.1365 [GMT 1:00] Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt . FILE :: "c:\windows\system32\drivers\oieapuvn.sys" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_oieapuvn . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-24 to 2012-01-24 )))))))))))))))))))))))))))))) . . 2012-01-24 20:10 . 2012-01-24 20:10 -------- d-----w- c:\windows\system32\xircom 2012-01-24 20:10 . 2012-01-24 20:10 -------- d-----w- c:\windows\system32\wbem\snmp 2012-01-24 20:10 . 2012-01-24 20:10 -------- d-----w- c:\program files\microsoft frontpage 2012-01-24 13:05 . 2012-01-24 13:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2012-01-24 13:05 . 2012-01-24 13:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-24 13:05 . 2012-01-24 13:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-01-24 13:05 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-24 11:50 . 2012-01-24 20:02 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend 2012-01-24 11:05 . 2012-01-24 11:05 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-24 11:05 . 2012-01-24 11:05 -------- d-----w- c:\program files\Trend Micro 2012-01-20 21:51 . 2012-01-20 21:51 -------- d-----w- c:\documents and settings\Administrator\Application Data\OpenOffice.org 2012-01-20 21:50 . 2012-01-20 21:50 -------- d-----w- c:\program files\OpenOffice.org 3 2012-01-18 16:03 . 2012-01-18 16:03 -------- d-----w- c:\program files\MWSnap 2012-01-17 18:19 . 2012-01-17 18:19 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2012-01-17 18:19 . 2012-01-17 18:19 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple 2012-01-16 23:21 . 2011-11-03 15:29 386560 ------w- c:\windows\system32\dllcache\qdvd.dll 2012-01-16 23:21 . 2011-10-14 14:47 23040 ------w- c:\windows\system32\dllcache\mciseq.dll 2012-01-16 23:21 . 2011-10-14 14:47 179200 ------w- c:\windows\system32\dllcache\winmm.dll 2012-01-16 23:21 . 2011-11-20 06:12 60928 ------w- c:\windows\system32\dllcache\packager.exe 2012-01-16 23:04 . 2012-01-16 23:04 -------- d-----w- c:\windows\system32\Lang 2012-01-16 12:37 . 2012-01-19 16:49 -------- d-----w- c:\documents and settings\Administrator\Application Data\Apple Computer 2012-01-15 22:09 . 2012-01-15 22:09 -------- d-----w- c:\program files\Codec Pack - All In 1 2012-01-14 00:28 . 2012-01-14 00:28 -------- d-----w- c:\program files\uTorrent 2012-01-14 00:27 . 2012-01-14 01:25 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent 2012-01-13 22:02 . 2012-01-13 22:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ExtractNow 2012-01-13 22:02 . 2012-01-13 22:02 -------- d-----w- c:\program files\ExtractNow 2012-01-09 16:04 . 2012-01-09 16:04 -------- d-----w- c:\program files\Speccy 2012-01-06 16:17 . 2010-08-27 05:55 99840 ------w- c:\windows\system32\dllcache\srvsvc.dll 2012-01-06 16:17 . 2009-10-21 05:40 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll 2012-01-06 16:17 . 2009-10-21 05:40 25088 ------w- c:\windows\system32\dllcache\httpapi.dll 2012-01-06 16:17 . 2009-10-20 16:20 265728 ------w- c:\windows\system32\dllcache\http.sys 2012-01-06 02:36 . 2012-01-06 02:36 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2012-01-06 02:24 . 2012-01-06 02:24 -------- d-----w- c:\program files\MSXML 4.0 2012-01-06 01:14 . 2012-01-06 01:14 -------- d-----w- c:\program files\directx 2012-01-06 01:08 . 2012-01-06 01:08 -------- d-----w- c:\program files\Smart-ActiveX 2012-01-05 21:53 . 2012-01-05 21:53 -------- d-----w- c:\documents and settings\Administrator\Application Data\ElevatedDiagnostics 2012-01-05 21:53 . 2009-03-21 14:09 1030656 ------w- c:\windows\system32\dllcache\kernel32.dll 2012-01-05 21:53 . 2009-06-15 11:10 82432 ------w- c:\windows\system32\dllcache\tlntsess.exe 2012-01-05 21:53 . 2009-06-15 10:45 79872 ------w- c:\windows\system32\dllcache\telnet.exe 2012-01-05 21:53 . 2009-10-12 13:40 79872 ------w- c:\windows\system32\dllcache\raschap.dll 2012-01-05 21:53 . 2009-10-12 13:40 150016 ------w- c:\windows\system32\dllcache\rastls.dll 2012-01-05 21:53 . 2009-07-17 16:22 1440768 ------w- c:\windows\system32\dllcache\query.dll 2012-01-05 21:53 . 2010-11-18 18:15 86016 ------w- c:\windows\system32\dllcache\isign32.dll 2012-01-05 21:53 . 2011-11-23 14:39 1868672 ------w- c:\windows\system32\dllcache\win32k.sys 2012-01-05 21:53 . 2011-01-27 11:57 677888 ------w- c:\windows\system32\dllcache\lhmstsc.exe 2012-01-05 21:53 . 2011-02-02 07:58 2067456 ------w- c:\windows\system32\dllcache\lhmstscx.dll 2012-01-05 21:53 . 2009-06-10 06:20 134144 ------w- c:\windows\system32\dllcache\wkssvc.dll 2012-01-05 21:51 . 2009-12-17 07:42 345600 ------w- c:\windows\system32\dllcache\mspaint.exe 2012-01-05 21:50 . 2011-10-26 10:50 2153472 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe 2012-01-05 21:50 . 2011-10-26 10:50 2197120 ------w- c:\windows\system32\dllcache\ntoskrnl.exe 2012-01-05 21:50 . 2011-10-26 10:50 2073728 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe 2012-01-05 21:50 . 2011-10-26 10:50 2031616 ------w- c:\windows\system32\dllcache\ntkrpamp.exe 2012-01-05 21:50 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe 2012-01-05 21:50 . 2011-04-29 17:23 151552 ------w- c:\windows\system32\dllcache\schannel.dll 2012-01-05 21:50 . 2010-12-22 12:32 301568 ------w- c:\windows\system32\dllcache\kerberos.dll 2012-01-05 21:50 . 2009-09-11 14:16 136704 ------w- c:\windows\system32\dllcache\msv1_0.dll 2012-01-05 21:50 . 2009-06-25 08:42 54272 ------w- c:\windows\system32\dllcache\wdigest.dll 2012-01-05 21:50 . 2009-06-25 08:42 56832 ------w- c:\windows\system32\dllcache\secur32.dll 2012-01-05 21:50 . 2009-06-24 10:28 92928 ------w- c:\windows\system32\dllcache\ksecdd.sys 2012-01-05 21:49 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys 2012-01-05 21:49 . 2010-08-27 08:03 119808 ------w- c:\windows\system32\dllcache\t2embed.dll 2012-01-05 21:49 . 2009-10-15 16:38 81920 ------w- c:\windows\system32\dllcache\fontsub.dll 2012-01-05 21:49 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe 2012-01-05 21:49 . 2009-03-06 14:23 285696 ------w- c:\windows\system32\dllcache\pdh.dll 2012-01-05 21:49 . 2009-02-09 11:27 111104 ------w- c:\windows\system32\dllcache\services.exe 2012-01-05 21:49 . 2009-02-09 10:56 401408 ------w- c:\windows\system32\dllcache\rpcss.dll 2012-01-05 21:49 . 2009-02-09 10:56 473600 ------w- c:\windows\system32\dllcache\fastprox.dll 2012-01-05 21:49 . 2009-02-06 10:39 35328 ------w- c:\windows\system32\dllcache\sc.exe 2012-01-05 21:49 . 2009-02-09 10:56 684544 ------w- c:\windows\system32\dllcache\advapi32.dll 2012-01-05 21:49 . 2009-02-09 10:56 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll 2012-01-05 21:49 . 2009-06-21 21:49 153088 ------w- c:\windows\system32\dllcache\triedit.dll 2012-01-05 21:48 . 2011-06-24 14:09 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys 2012-01-05 21:48 . 2011-04-21 13:52 105472 ------w- c:\windows\system32\dllcache\mup.sys 2012-01-05 21:48 . 2009-07-31 04:30 1447424 ------w- c:\windows\system32\dllcache\msxml6.dll 2012-01-05 21:48 . 2010-06-14 07:40 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll 2012-01-05 21:47 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2012-01-05 21:47 . 2010-06-18 13:36 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe 2012-01-05 21:47 . 2012-01-05 21:47 -------- d-----w- c:\program files\Lavalys 2012-01-05 21:45 . 2010-12-09 15:15 739328 ------w- c:\windows\system32\dllcache\ntdll.dll 2012-01-05 21:44 . 2010-07-16 11:57 221184 ------w- c:\windows\system32\dllcache\wordpad.exe 2012-01-05 21:44 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys 2012-01-05 21:43 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe 2012-01-05 21:43 . 2010-08-16 08:45 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll 2012-01-05 21:43 . 2009-12-24 07:05 177664 ------w- c:\windows\system32\dllcache\wintrust.dll 2012-01-05 21:43 . 2010-01-13 14:06 87040 ------w- c:\windows\system32\dllcache\cabview.dll 2012-01-05 21:30 . 2010-11-03 17:15 84584 ----a-w- c:\windows\SOUNDMAN.EXE 2012-01-05 21:30 . 2008-09-24 09:40 4122368 ----a-r- c:\windows\system32\drivers\alcxwdm.sys 2012-01-05 21:30 . 2006-08-01 14:02 49152 ----a-w- c:\windows\system32\ChCfg.exe 2012-01-05 21:30 . 2010-11-03 17:13 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL 2012-01-05 21:30 . 2006-12-08 14:20 10528768 ----a-w- c:\windows\system32\RTLCPL.exe 2012-01-05 21:29 . 2012-01-05 21:29 -------- d-----w- c:\program files\Realtek AC97 2012-01-05 21:29 . 2012-01-16 23:01 -------- d--h--w- c:\program files\InstallShield Installation Information 2012-01-05 21:29 . 2006-07-31 10:19 315392 ----a-w- c:\windows\alcupd.exe 2012-01-05 21:29 . 2012-01-05 21:29 -------- d-----w- c:\program files\Common Files\InstallShield 2012-01-04 23:13 . 2012-01-22 14:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3 2012-01-04 18:37 . 2011-12-29 18:00 79360 ----a-w- c:\windows\system32\ff_vfw.dll 2012-01-04 18:37 . 2011-12-21 18:14 151552 ----a-w- c:\windows\system32\ac3acm.acm 2012-01-04 18:37 . 2011-06-24 15:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll 2012-01-04 18:37 . 2011-06-24 15:28 650752 ----a-w- c:\windows\system32\xvidcore.dll 2012-01-04 18:37 . 2008-09-24 19:41 839680 ----a-w- c:\windows\system32\lameACM.acm 2012-01-04 18:37 . 2012-01-04 18:37 -------- d-----w- c:\program files\K-Lite Codec Pack 2012-01-04 18:31 . 2012-01-24 17:52 -------- d-----w- c:\documents and settings\Administrator\Tracing 2012-01-04 18:30 . 2012-01-04 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus! 2012-01-04 18:30 . 2012-01-04 18:30 -------- d-----w- c:\program files\Yuna Software 2012-01-04 18:27 . 2012-01-04 18:27 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE 2012-01-04 18:23 . 2012-01-04 18:23 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2012-01-04 18:22 . 2011-12-21 08:02 121816 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2012-01-04 18:22 . 2011-12-21 08:02 97240 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2012-01-04 18:22 . 2011-12-21 08:02 814040 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2012-01-04 18:22 . 2011-12-21 08:02 486360 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2012-01-04 18:22 . 2011-12-21 08:02 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll 2012-01-04 18:22 . 2011-12-21 08:02 2124760 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2012-01-04 18:22 . 2011-12-21 08:02 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2012-01-04 18:22 . 2011-12-21 04:29 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2012-01-04 18:22 . 2011-12-21 04:29 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2012-01-04 18:22 . 2011-12-21 04:29 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll 2012-01-04 18:22 . 2011-12-21 04:29 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll 2012-01-04 18:22 . 2011-12-21 04:29 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll 2012-01-04 18:20 . 2012-01-04 18:20 -------- d-----w- c:\program files\Microsoft 2012-01-04 18:19 . 2012-01-04 18:19 -------- d-----w- c:\program files\Windows Live SkyDrive 2012-01-04 18:19 . 2012-01-16 23:56 -------- d--h--w- c:\windows\$hf_mig$ 2012-01-04 18:19 . 2012-01-04 18:19 -------- d-----w- c:\program files\Windows Live 2012-01-04 18:17 . 2012-01-04 18:18 -------- dc-h--w- c:\windows\ie8 2012-01-04 18:16 . 2012-01-04 18:16 -------- d-----w- c:\program files\Common Files\Windows Live 2012-01-04 18:12 . 2011-08-16 10:45 6144 ------w- c:\windows\system32\dllcache\iecompat.dll . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-11 11:59 . 2011-06-27 16:37 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-19 19:53 . 2011-12-19 19:53 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-12-19 19:53 . 2011-12-19 19:53 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-25 21:57 . 2008-09-23 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:39 . 2008-09-23 12:00 1868672 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2008-09-23 12:00 60928 ----a-w- c:\windows\system32\packager.exe 2011-11-04 19:13 . 2008-09-23 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2008-09-23 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2008-09-23 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2008-09-23 12:00 385024 ------w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2008-09-23 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll 2011-11-03 15:29 . 2008-09-23 12:00 1296384 ----a-w- c:\windows\system32\quartz.dll 2011-11-01 16:05 . 2008-09-23 12:00 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2008-09-23 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-21 08:02 . 2012-01-04 18:22 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-09-23 12:00 . 753C7C72C1F462A009C877B41730F3EC . 1475072 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll . [-] 2008-09-23 . F7A21A4461BEF6414D9AF587C7D69E7D . 591872 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe . [-] 2008-09-23 . 15414691C4C039FF03377DC2A27AF592 . 518144 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll . [-] 2008-09-23 . C55B10AB1C2C8ED9F913BAFB3E296B4A . 1701888 . . [6.00.2900.5634] . . c:\windows\explorer.exe . [-] 2008-09-23 . A09F1B50133C856DA9AED1782FD9A64D . 218112 . . [5.1.2600.5512] . . c:\windows\regedit.exe . [-] 2008-09-23 . 6C4E087200E46977DFE54147A5B1FDD8 . 37376 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144] "nwiz"="nwiz.exe" [2008-09-17 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016] "VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "RTHDCPL"="RTHDCPL.EXE" [2011-12-05 20065384] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-09-23 37376] . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0pgdfgsvc C 1 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18-3-2011 22:43 691696] R3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [17-1-2012 0:01 1691480] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-01-24 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.nl uSearchURL,(Default) = hxxp://www.google.com/search?q=%s Trusted Zone: abnamro.nl\www TCP: DhcpNameServer = 10.0.0.138 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\whw7hqgz.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-24 21:13 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-606747145-2052111302-1177238915-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,37,b2,5d,7b,ea,54,c6,48,8f,dc,a1,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,37,b2,5d,7b,ea,54,c6,48,8f,dc,a1,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(744) c:\windows\system32\SETUPAPI.dll c:\windows\system32\COMRes.dll c:\windows\system32\cscui.dll . - - - - - - - > 'lsass.exe'(800) c:\windows\system32\setupapi.dll . - - - - - - - > 'explorer.exe'(4412) c:\windows\system32\SHDOCVW.dll c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\windows\system32\nview.dll c:\windows\system32\NVWRSNL.DLL c:\windows\system32\COMRes.dll c:\windows\System32\cscui.dll c:\windows\system32\LINKINFO.dll c:\windows\system32\ntshrui.dll c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\webcheck.dll c:\windows\system32\SETUPAPI.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\NETSHELL.dll c:\windows\system32\credui.dll c:\windows\system32\MSVCP60.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\RUNDLL32.EXE c:\windows\system32\rundll32.exe c:\windows\RTHDCPL.EXE c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\nvsvc32.exe c:\windows\eHome\ehmsas.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\wscntfy.exe c:\windows\system32\dllhost.exe . ************************************************************************** . Voltooingstijd: 2012-01-24 21:14:19 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-24 20:14 ComboFix2.txt 2012-01-24 17:37 . Pre-Run: 88.558.145.536 bytes beschikbaar Post-Run: 88.554.733.568 bytes beschikbaar . - - End Of File - - 31230B15CE2926CF593310DAD1DBA8CC Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:15:13, on 24-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\VistaDrive\VistaDrive.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 4753 bytes

ComboFix 12-01-23.02 - Administrator 24-01-2012 18:32:16.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1919.826 [GMT 1:00] Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Downloads\ComboFix.exe . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\Application Data\.# c:\documents and settings\Administrator\Application Data\Adobe\plugs c:\documents and settings\Administrator\Application Data\Adobe\shed c:\documents and settings\Administrator\Application Data\Desktopicon c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk c:\documents and settings\All Users\Menu Start\Programma's\Internet Explorer.lnk c:\documents and settings\Default User\Application Data\Desktopicon c:\windows\alcrmv.exe c:\windows\iun6002.exe c:\windows\system32\config\systemprofile\Application Data\Desktopicon c:\windows\system32\SET11A.tmp c:\windows\system32\SET11C.tmp c:\windows\system32\SET12A.tmp c:\windows\TEMP\logishrd\LVPrcInj01.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-24 to 2012-01-24 )))))))))))))))))))))))))))))) . . 2012-01-24 13:05 . 2012-01-24 13:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2012-01-24 13:05 . 2012-01-24 13:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-24 13:05 . 2012-01-24 13:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-01-24 13:05 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-24 11:50 . 2012-01-24 11:50 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend 2012-01-24 11:05 . 2012-01-24 11:05 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-24 11:05 . 2012-01-24 11:05 -------- d-----w- c:\program files\Trend Micro 2012-01-20 21:51 . 2012-01-20 21:51 -------- d-----w- c:\documents and settings\Administrator\Application Data\OpenOffice.org 2012-01-20 21:50 . 2012-01-20 21:50 -------- d-----w- c:\program files\OpenOffice.org 3 2012-01-18 16:03 . 2012-01-18 16:03 -------- d-----w- c:\program files\MWSnap 2012-01-17 18:19 . 2012-01-17 18:19 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2012-01-17 18:19 . 2012-01-17 18:19 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple 2012-01-16 23:21 . 2011-11-03 15:29 386560 ------w- c:\windows\system32\dllcache\qdvd.dll 2012-01-16 23:21 . 2011-10-14 14:47 23040 ------w- c:\windows\system32\dllcache\mciseq.dll 2012-01-16 23:21 . 2011-10-14 14:47 179200 ------w- c:\windows\system32\dllcache\winmm.dll 2012-01-16 23:21 . 2011-11-20 06:12 60928 ------w- c:\windows\system32\dllcache\packager.exe 2012-01-16 23:04 . 2012-01-16 23:04 -------- d-----w- c:\windows\system32\Lang 2012-01-16 12:37 . 2012-01-19 16:49 -------- d-----w- c:\documents and settings\Administrator\Application Data\Apple Computer 2012-01-15 22:09 . 2012-01-15 22:09 -------- d-----w- c:\program files\Codec Pack - All In 1 2012-01-14 00:28 . 2012-01-14 00:28 -------- d-----w- c:\program files\uTorrent 2012-01-14 00:27 . 2012-01-14 01:25 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent 2012-01-13 22:02 . 2012-01-13 22:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ExtractNow 2012-01-13 22:02 . 2012-01-13 22:02 -------- d-----w- c:\program files\ExtractNow 2012-01-09 16:04 . 2012-01-09 16:04 -------- d-----w- c:\program files\Speccy 2012-01-06 16:17 . 2010-08-27 05:55 99840 ------w- c:\windows\system32\dllcache\srvsvc.dll 2012-01-06 16:17 . 2009-10-21 05:40 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll 2012-01-06 16:17 . 2009-10-21 05:40 25088 ------w- c:\windows\system32\dllcache\httpapi.dll 2012-01-06 16:17 . 2009-10-20 16:20 265728 ------w- c:\windows\system32\dllcache\http.sys 2012-01-06 02:36 . 2012-01-06 02:36 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2012-01-06 02:24 . 2012-01-06 02:24 -------- d-----w- c:\program files\MSXML 4.0 2012-01-06 01:14 . 2012-01-06 01:14 -------- d-----w- c:\program files\directx 2012-01-06 01:08 . 2012-01-06 01:08 -------- d-----w- c:\program files\Smart-ActiveX 2012-01-05 21:53 . 2012-01-05 21:53 -------- d-----w- c:\documents and settings\Administrator\Application Data\ElevatedDiagnostics 2012-01-05 21:53 . 2009-03-21 14:09 1030656 ------w- c:\windows\system32\dllcache\kernel32.dll 2012-01-05 21:53 . 2009-06-15 11:10 82432 ------w- c:\windows\system32\dllcache\tlntsess.exe 2012-01-05 21:53 . 2009-06-15 10:45 79872 ------w- c:\windows\system32\dllcache\telnet.exe 2012-01-05 21:53 . 2009-10-12 13:40 79872 ------w- c:\windows\system32\dllcache\raschap.dll 2012-01-05 21:53 . 2009-10-12 13:40 150016 ------w- c:\windows\system32\dllcache\rastls.dll 2012-01-05 21:53 . 2009-07-17 16:22 1440768 ------w- c:\windows\system32\dllcache\query.dll 2012-01-05 21:53 . 2010-11-18 18:15 86016 ------w- c:\windows\system32\dllcache\isign32.dll 2012-01-05 21:53 . 2011-11-23 14:39 1868672 ------w- c:\windows\system32\dllcache\win32k.sys 2012-01-05 21:53 . 2011-01-27 11:57 677888 ------w- c:\windows\system32\dllcache\lhmstsc.exe 2012-01-05 21:53 . 2011-02-02 07:58 2067456 ------w- c:\windows\system32\dllcache\lhmstscx.dll 2012-01-05 21:53 . 2009-06-10 06:20 134144 ------w- c:\windows\system32\dllcache\wkssvc.dll 2012-01-05 21:51 . 2009-12-17 07:42 345600 ------w- c:\windows\system32\dllcache\mspaint.exe 2012-01-05 21:50 . 2011-10-26 10:50 2153472 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe 2012-01-05 21:50 . 2011-10-26 10:50 2197120 ------w- c:\windows\system32\dllcache\ntoskrnl.exe 2012-01-05 21:50 . 2011-10-26 10:50 2073728 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe 2012-01-05 21:50 . 2011-10-26 10:50 2031616 ------w- c:\windows\system32\dllcache\ntkrpamp.exe 2012-01-05 21:50 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe 2012-01-05 21:50 . 2011-04-29 17:23 151552 ------w- c:\windows\system32\dllcache\schannel.dll 2012-01-05 21:50 . 2010-12-22 12:32 301568 ------w- c:\windows\system32\dllcache\kerberos.dll 2012-01-05 21:50 . 2009-09-11 14:16 136704 ------w- c:\windows\system32\dllcache\msv1_0.dll 2012-01-05 21:50 . 2009-06-25 08:42 54272 ------w- c:\windows\system32\dllcache\wdigest.dll 2012-01-05 21:50 . 2009-06-25 08:42 56832 ------w- c:\windows\system32\dllcache\secur32.dll 2012-01-05 21:50 . 2009-06-24 10:28 92928 ------w- c:\windows\system32\dllcache\ksecdd.sys 2012-01-05 21:49 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys 2012-01-05 21:49 . 2010-08-27 08:03 119808 ------w- c:\windows\system32\dllcache\t2embed.dll 2012-01-05 21:49 . 2009-10-15 16:38 81920 ------w- c:\windows\system32\dllcache\fontsub.dll 2012-01-05 21:49 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe 2012-01-05 21:49 . 2009-03-06 14:23 285696 ------w- c:\windows\system32\dllcache\pdh.dll 2012-01-05 21:49 . 2009-02-09 11:27 111104 ------w- c:\windows\system32\dllcache\services.exe 2012-01-05 21:49 . 2009-02-09 10:56 401408 ------w- c:\windows\system32\dllcache\rpcss.dll 2012-01-05 21:49 . 2009-02-09 10:56 473600 ------w- c:\windows\system32\dllcache\fastprox.dll 2012-01-05 21:49 . 2009-02-06 10:39 35328 ------w- c:\windows\system32\dllcache\sc.exe 2012-01-05 21:49 . 2009-02-09 10:56 684544 ------w- c:\windows\system32\dllcache\advapi32.dll 2012-01-05 21:49 . 2009-02-09 10:56 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll 2012-01-05 21:49 . 2009-06-21 21:49 153088 ------w- c:\windows\system32\dllcache\triedit.dll 2012-01-05 21:48 . 2011-06-24 14:09 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys 2012-01-05 21:48 . 2011-04-21 13:52 105472 ------w- c:\windows\system32\dllcache\mup.sys 2012-01-05 21:48 . 2009-07-31 04:30 1447424 ------w- c:\windows\system32\dllcache\msxml6.dll 2012-01-05 21:48 . 2010-06-14 07:40 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll 2012-01-05 21:47 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2012-01-05 21:47 . 2010-06-18 13:36 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe 2012-01-05 21:47 . 2012-01-05 21:47 -------- d-----w- c:\program files\Lavalys 2012-01-05 21:45 . 2010-12-09 15:15 739328 ------w- c:\windows\system32\dllcache\ntdll.dll 2012-01-05 21:44 . 2010-07-16 11:57 221184 ------w- c:\windows\system32\dllcache\wordpad.exe 2012-01-05 21:44 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys 2012-01-05 21:43 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe 2012-01-05 21:43 . 2010-08-16 08:45 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll 2012-01-05 21:43 . 2009-12-24 07:05 177664 ------w- c:\windows\system32\dllcache\wintrust.dll 2012-01-05 21:43 . 2010-01-13 14:06 87040 ------w- c:\windows\system32\dllcache\cabview.dll 2012-01-05 21:30 . 2010-11-03 17:15 84584 ----a-w- c:\windows\SOUNDMAN.EXE 2012-01-05 21:30 . 2008-09-24 09:40 4122368 ----a-r- c:\windows\system32\drivers\alcxwdm.sys 2012-01-05 21:30 . 2006-08-01 14:02 49152 ----a-w- c:\windows\system32\ChCfg.exe 2012-01-05 21:30 . 2010-11-03 17:13 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL 2012-01-05 21:30 . 2006-12-08 14:20 10528768 ----a-w- c:\windows\system32\RTLCPL.exe 2012-01-05 21:29 . 2012-01-05 21:29 -------- d-----w- c:\program files\Realtek AC97 2012-01-05 21:29 . 2012-01-16 23:01 -------- d--h--w- c:\program files\InstallShield Installation Information 2012-01-05 21:29 . 2006-07-31 10:19 315392 ----a-w- c:\windows\alcupd.exe 2012-01-05 21:29 . 2012-01-05 21:29 -------- d-----w- c:\program files\Common Files\InstallShield 2012-01-04 23:13 . 2012-01-22 14:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3 2012-01-04 18:37 . 2011-12-29 18:00 79360 ----a-w- c:\windows\system32\ff_vfw.dll 2012-01-04 18:37 . 2011-12-21 18:14 151552 ----a-w- c:\windows\system32\ac3acm.acm 2012-01-04 18:37 . 2011-06-24 15:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll 2012-01-04 18:37 . 2011-06-24 15:28 650752 ----a-w- c:\windows\system32\xvidcore.dll 2012-01-04 18:37 . 2008-09-24 19:41 839680 ----a-w- c:\windows\system32\lameACM.acm 2012-01-04 18:37 . 2012-01-04 18:37 -------- d-----w- c:\program files\K-Lite Codec Pack 2012-01-04 18:31 . 2012-01-24 15:37 -------- d-----w- c:\documents and settings\Administrator\Tracing 2012-01-04 18:30 . 2012-01-04 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus! 2012-01-04 18:30 . 2012-01-04 18:30 -------- d-----w- c:\program files\Yuna Software 2012-01-04 18:27 . 2012-01-04 18:27 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE 2012-01-04 18:23 . 2012-01-04 18:23 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2012-01-04 18:22 . 2011-12-21 08:02 121816 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2012-01-04 18:22 . 2011-12-21 08:02 97240 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2012-01-04 18:22 . 2011-12-21 08:02 814040 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2012-01-04 18:22 . 2011-12-21 08:02 486360 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2012-01-04 18:22 . 2011-12-21 08:02 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll 2012-01-04 18:22 . 2011-12-21 08:02 2124760 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2012-01-04 18:22 . 2011-12-21 08:02 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2012-01-04 18:22 . 2011-12-21 04:29 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2012-01-04 18:22 . 2011-12-21 04:29 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2012-01-04 18:22 . 2011-12-21 04:29 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll 2012-01-04 18:22 . 2011-12-21 04:29 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll 2012-01-04 18:22 . 2011-12-21 04:29 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll 2012-01-04 18:20 . 2012-01-04 18:20 -------- d-----w- c:\program files\Microsoft 2012-01-04 18:19 . 2012-01-04 18:19 -------- d-----w- c:\program files\Windows Live SkyDrive 2012-01-04 18:19 . 2012-01-16 23:56 -------- d--h--w- c:\windows\$hf_mig$ 2012-01-04 18:19 . 2012-01-04 18:19 -------- d-----w- c:\program files\Windows Live 2012-01-04 18:17 . 2012-01-04 18:18 -------- dc-h--w- c:\windows\ie8 2012-01-04 18:16 . 2012-01-04 18:16 -------- d-----w- c:\program files\Common Files\Windows Live 2012-01-04 18:12 . 2011-08-16 10:45 6144 ------w- c:\windows\system32\dllcache\iecompat.dll 2012-01-04 18:12 . 2011-11-04 19:13 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll 2012-01-04 18:12 . 2011-11-04 19:13 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll 2012-01-04 18:12 . 2011-11-04 19:13 12800 ------w- c:\windows\system32\dllcache\xpshims.dll . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-11 11:59 . 2011-06-27 16:37 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-19 19:53 . 2011-12-19 19:53 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-12-19 19:53 . 2011-12-19 19:53 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-25 21:57 . 2008-09-23 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:39 . 2008-09-23 12:00 1868672 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2008-09-23 12:00 60928 ----a-w- c:\windows\system32\packager.exe 2011-11-04 19:13 . 2008-09-23 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2008-09-23 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2008-09-23 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2008-09-23 12:00 385024 ------w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2008-09-23 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll 2011-11-03 15:29 . 2008-09-23 12:00 1296384 ----a-w- c:\windows\system32\quartz.dll 2011-11-01 16:05 . 2008-09-23 12:00 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2008-09-23 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-21 08:02 . 2012-01-04 18:22 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . . [-] 2008-09-23 12:00 . 753C7C72C1F462A009C877B41730F3EC . 1475072 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll . [-] 2008-09-23 . F7A21A4461BEF6414D9AF587C7D69E7D . 591872 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe . [-] 2008-09-23 . 15414691C4C039FF03377DC2A27AF592 . 518144 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll . [-] 2008-09-23 . C55B10AB1C2C8ED9F913BAFB3E296B4A . 1701888 . . [6.00.2900.5634] . . c:\windows\explorer.exe . [-] 2008-09-23 . A09F1B50133C856DA9AED1782FD9A64D . 218112 . . [5.1.2600.5512] . . c:\windows\regedit.exe . [-] 2008-09-23 . 6C4E087200E46977DFE54147A5B1FDD8 . 37376 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe . c:\windows\System32\drivers\beep.sys ... is niet aanwezig !! . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144] "nwiz"="nwiz.exe" [2008-09-17 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016] "VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "RTHDCPL"="RTHDCPL.EXE" [2011-12-05 20065384] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-09-23 37376] . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0pgdfgsvc C 1 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18-3-2011 22:43 691696] R3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S1 oieapuvn;oieapuvn;\??\c:\windows\system32\drivers\oieapuvn.sys --> c:\windows\system32\drivers\oieapuvn.sys [?] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [17-1-2012 0:01 1691480] . Inhoud van de 'Gedeelde Taken' map . 2012-01-17 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.nl uSearchURL,(Default) = hxxp://www.google.com/search?q=%s Trusted Zone: abnamro.nl\www TCP: DhcpNameServer = 10.0.0.138 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\whw7hqgz.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS VERWIJDERD - - - - . HKU-Default-Run-SkinClock - c:\program files\Desktop Tray Clock\DTClock.exe AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-24 18:36 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-606747145-2052111302-1177238915-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,37,b2,5d,7b,ea,54,c6,48,8f,dc,a1,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,37,b2,5d,7b,ea,54,c6,48,8f,dc,a1,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(740) c:\windows\system32\SETUPAPI.dll c:\windows\system32\COMRes.dll c:\windows\system32\cscui.dll . - - - - - - - > 'lsass.exe'(796) c:\windows\system32\setupapi.dll . Voltooingstijd: 2012-01-24 18:37:49 ComboFix-quarantined-files.txt 2012-01-24 17:37 . Pre-Run: 88.261.632.000 bytes beschikbaar Post-Run: 88.605.728.768 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - E3F7741FAEE5BF8852C4819A04198779 ---------- Post toegevoegd om 18:51 ---------- Vorige post was om 18:39 ---------- De scan via ComboFix is hierboven te zien.Trouwens..Kan je me ook goeie programma(s) aanbieden om me pc te beschermen. Ik maak geen gebruik van pc bescherming op dit moment. Ik wacht op je volgende reactie..

Malwarebytes Anti-Malware 1.60.0.1800 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.01.24.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Administrator :: UNATTEND-62A32D [administrator] 24-1-2012 14:06:37 mbam-log-2012-01-24 (14-06-37).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 161501 Verstreken tijd: 3 minuut/minuten, 31 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKCU\SOFTWARE\Casino Tropez (Adware.Casino) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Data: 1 -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{ABA2DD7D-24E5-C007-CCCE-EDBB987D9743} (Trojan.ZbotR.Gen) -> Data: "C:\Documents and Settings\Administrator\Application Data\Otone\game.exe" -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 10 C:\Documents and Settings\Administrator\Application Data\Adobe\plugs\mmc236.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Application Data\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Default User\Application Data\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\system32\config\systemprofile\Application Data\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Local Settings\Temp\D8.tmp (Spyware.Passwords.XGen) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Application Data\Adobe\shed\thr1.chm (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Application Data\Adobe\plugs\mmc227.exe (Trojan.Agent.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Mozilla Firefox\0.6076956277439542.exe (Exploit.Dropper) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Unlocker\eBay_shortcuts_1016.exe (Adware.Clicker) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Application Data\Otone\game.exe (Trojan.ZbotR.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:15:15, on 24-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\VistaDrive\VistaDrive.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM') O4 - .DEFAULT Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user') O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5808 bytes

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:06:27, on 24-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\VistaDrive\VistaDrive.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\spoolsv.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [{ABA2DD7D-24E5-C007-CCCE-EDBB987D9743}] "C:\Documents and Settings\Administrator\Application Data\Otone\game.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\Run: [skinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe (User 'Lokale service') O4 - HKUS\S-1-5-19\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user') O4 - S-1-5-18 Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM') O4 - .DEFAULT Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user') O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O9 - Extra button: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing) O9 - Extra 'Tools' menuitem: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Platinum Play Online Casino - - C:\Microgaming\Casino\PlatinumPlay\casinogame.exe (file missing) (HKCU) O9 - Extra button: InterCasino EUR - {9536DF30-CF04-4A89-B26B-4781E242230C} - Online Casino - Secure Internet Casino Gambling | InterCasino.com (file missing) (HKCU) O9 - Extra 'Tools' menuitem: InterCasino EUR - {9536DF30-CF04-4A89-B26B-4781E242230C} - Online Casino - Secure Internet Casino Gambling | InterCasino.com (file missing) (HKCU) O9 - Extra button: (no name) - °0@±X¤ - (no file) (HKCU) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7377 bytes

Beste gasten/leden, Ik was vanavond achter het internet en plotseling werkte het internet ontzettend traag. Internet loopt steeds vast, en het laden duurt een ''eeuwigheid''. Het heeft me uren geduurd om uiteindelijk hier een topic te openen. Ik heb echt jullie hulp nodig, dit is heel irritant. Ik heb via Speccy alvast een scan gedaan.. Hier de link.. http://speccy.piriform.com/results/4LaU60843d3oJ8UPBSq6pqB Alvast bedankt voor al jullie hulp, Groetjes

Het is GELUKT, ik heb nu GELUID! Hartstikke bedankt voor al je hulp. Door jou hulp heb ik eindelijk geluid. Nogmaals bedankt..

Dit krijg ik te zien; HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_14627504&REV_1001 HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_14627504

De Serialnummer is YSIL006520

Hey Dasle, Ook dat heeft niet geholpen helaas.

Bij Besturing voor geluid, video en spelletjes staan geen meldingen of uitroepteken(s). Alleen onderaan bij overige apparaten staat een uitroepteken bij Audioapparaat op de bus voor High Definition Audio.

Hey Dasle, Hartstikke bedankt en ik heb gedaan wat je van me gevraagd hebt, Dit is de link; http://speccy.piriform.com/results/PK4Jh1xbGWXPZLDgvaz1Aet ---------- Post toegevoegd om 17:08 ---------- Vorige post was om 17:06 ---------- ---------- Post toegevoegd om 17:09 ---------- Vorige post was om 17:08 ---------- Hey, Bedankt voor je reactie, Maar het heeft helaas niet geholpen want rechtsonder word dat volumesimbootje niet getoond. Ook via het configuratiescherm krijg ik geen succes. Groetjes,

Beste mensen, Ik heb van iemand een pc gekregen maar het heeft geen geluid. Via het apparaatbeheer staat er bij 'Besturing voor geluid, video en spelletjes' geen uitroep tekens maar bij 'Overige apparaten' staat er een uitroep teken bij 'Audioapparaat op de bus voor High Definition Audio'. Ik heb het opnieuw geinstalleerd maar het heeft geen succes gehad. Kan iemand me aub helpen? Ik heb een Windows XP Media Center Edition. Een Fujitsu Siemens computer (Product: MS-7504VP). Voor geval als jullie ook me video kaart willen weten is dit me video kaart: NVIDIA GeForce 7050/NVIDIA nForce 630i (512mb). Alvast hartstikke bedankt voor jullie hulp..