Yvonne Goudzwaard

ComboFix 12-09-20.03 - Administrator 21-09-2012 15:28:43.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.895.411 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Downloads\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\ADMINI~1\LOCALS~1\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll c:\documents and settings\Administrator\Local Settings\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-21 to 2012-09-21 )))))))))))))))))))))))))))))) . . 2012-09-21 15:20 . 2012-09-21 15:20 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\MpKslb18ab3d8.sys 2012-09-21 13:23 . 2012-09-21 13:23 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\MpKsl7d23df20.sys 2012-09-20 21:12 . 2012-08-30 08:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\mpengine.dll 2012-09-19 19:41 . 2012-08-30 08:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-09-16 20:50 . 2012-09-16 21:07 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-08-29 19:15 . 2012-08-29 19:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities 2012-08-25 21:24 . 2012-08-25 21:24 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun 2012-08-24 15:27 . 2008-04-14 16:03 20992 ----a-w- c:\windows\system32\dshowext.ax 2012-08-23 15:08 . 2012-08-23 15:08 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-08-23 15:08 . 2012-08-23 15:08 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-20 20:05 . 2012-06-08 20:39 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-20 20:05 . 2011-05-15 19:49 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-23 15:08 . 2012-04-07 17:56 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-08-23 15:08 . 2010-12-10 21:44 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-13 15:41 . 2011-08-06 07:00 380152 ----a-w- c:\windows\system32\GfKLSPService64.dll 2012-08-13 15:41 . 2011-03-16 19:31 312056 ----a-w- c:\windows\system32\GfKLSPService.dll 2012-07-06 13:58 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05 . 2004-08-04 08:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 18:23 . 2004-08-04 08:00 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-07-02 17:38 . 2004-08-04 08:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:38 . 2004-08-04 08:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-07-02 17:38 . 2004-08-04 08:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-07-02 12:05 . 2004-08-04 08:00 385024 ------w- c:\windows\system32\html.iec 2012-06-26 07:02 . 2011-10-31 10:22 45320 ----a-w- c:\windows\system32\MAMACExtract.dll 2012-09-08 10:24 . 2012-09-08 10:21 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-03 21432] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-07-03 975288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsmqIntCert"="mqrt.dll" [2009-06-25 177152] "PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552] "PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456] "CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920] "Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976] "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344] "WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392] "tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-10 270336] "ConsumerClickSysTrayIcon"="c:\program files\ConsumerClick\ConsumerClickSysTrayIcon.exe" [2010-12-17 69632] "GfK-WatchDog"="c:\program files\GfKLSPService\GfK-WatchDog.exe" [2012-08-13 57592] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] "ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-03-19 73360] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-07-03 3524536] "ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-03-16 738944] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213] DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2010-12-10 192512] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2007-02-07 01:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\APSHook.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . R1 MpKslb18ab3d8;MpKslb18ab3d8;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\MpKslb18ab3d8.sys [21-9-2012 17:20 29904] R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336] R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336] R2 GfK-Reporting-Service;GfK-Reporting-Service;c:\program files\GfK Internet Monitor\GfK-Reporting.exe [20-1-2011 16:00 102400] R2 GfK-Update-Service;GfK-Update-Service;c:\program files\GfK Internet Monitor\GfK-Updater.exe [20-1-2011 16:00 180224] R2 GfkLSPService;GfkLSPService;c:\program files\GfKLSPService\GfKLspService.exe [17-11-2010 13:15 3222776] R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [3-11-2011 16:44 27016] R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [3-11-2011 16:44 497280] R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2-8-2007 5:01 540448] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13-7-2012 13:28 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8-6-2012 22:39 250288] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [6-6-2012 14:16 30312] S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [21-1-2012 15:10 20032] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16-9-2012 22:50 40776] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26-4-2012 4:50 114144] S3 optousb;OPTO ELECTRONICS optousb;c:\windows\system32\drivers\optousb.sys [16-3-2011 21:14 18432] S3 optovcm;OPTO ELECTRONICS optovcm;c:\windows\system32\drivers\optovcm.sys [16-3-2011 21:14 26368] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [22-1-2011 16:14 591488] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [6-6-2012 14:16 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [6-6-2012 14:16 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [6-6-2012 14:16 136808] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSLB18AB3D8 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 Cognizance REG_MULTI_SZ ASBroker ASChannel hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HPService REG_MULTI_SZ HPSLPSVC . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-09-21 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 20:05] . 2012-09-21 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . . ------- Bijkomende Scan ------- . IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\agtjif03.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-09-21 17:20 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????T??????????????|?M?|?????M?|&?@ . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-226067063-4292578343-2355287337-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,0d,ab,a3,f2,9d,39,42,be,b7,be,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1128) c:\windows\system32\Ati2evxx.dll c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll c:\program files\Hewlett-Packard\IAM\Bin\ItReports.DLL c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll c:\program files\Hewlett-Packard\IAM\Bin\ittal.dll c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll . - - - - - - - > 'lsass.exe'(1184) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll . - - - - - - - > 'explorer.exe'(5648) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll c:\windows\system32\APSHook.dll c:\windows\system32\btmmhook.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Microsoft Security Client\MsMpEng.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\msdtc.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files\Java\jre7\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\mqsvc.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\windows\system32\mqtgsvc.exe c:\program files\Hewlett-Packard\IAM\bin\asghost.exe c:\program files\Hewlett-Packard\Shared\HpqToaster.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe c:\windows\system32\msiexec.exe c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe . ************************************************************************** . Voltooingstijd: 2012-09-21 17:27:14 - machine werd herstart ComboFix-quarantined-files.txt 2012-09-21 15:27 ComboFix2.txt 2012-09-20 21:17 ComboFix3.txt 2012-09-19 19:41 . Pre-Run: 112.980.197.376 bytes beschikbaar Post-Run: 113.058.713.600 bytes beschikbaar . - - End Of File - - A42192DC2E5E5430A077827E54B0168D Het lijk beter te gaan heb al de programma's eraf gegooid om te kijken of ik nog popup meldingen kreeg, maar dat lijkt goed te gaan. Krijg alleen bij opstarten nog een melding van skype maar dat heeft te maken met samsung kies programma. Hierboven is mijn laatste scan weet niet of jullie hier nog iets bijzonders aan zien? Heel erg bedankt tot nu toe!

ComboFix 12-09-20.02 - Administrator 20-09-2012 22:33:27.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.895.239 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\ADMINI~1\LOCALS~1\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll c:\documents and settings\Administrator\Application Data\Iliwl c:\documents and settings\Administrator\Application Data\Okbe c:\documents and settings\Administrator\Application Data\Okbe\azilx.ipa c:\documents and settings\Administrator\Application Data\Okbe\azilx.tmp c:\documents and settings\Administrator\Local Settings\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287 c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287 c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.ico . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-20 to 2012-09-20 )))))))))))))))))))))))))))))) . . 2012-09-20 20:57 . 2012-09-20 20:57 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\MpKsl9a27b3a9.sys 2012-09-20 20:22 . 2012-09-20 20:22 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\MpKsl77587ddf.sys 2012-09-19 19:41 . 2012-08-30 08:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\mpengine.dll 2012-09-18 16:41 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-09-16 20:50 . 2012-09-16 21:07 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-16 17:24 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-29 19:15 . 2012-08-29 19:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities 2012-08-25 21:24 . 2012-08-25 21:24 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun 2012-08-24 15:27 . 2008-04-14 16:03 20992 ----a-w- c:\windows\system32\dshowext.ax 2012-08-23 15:08 . 2012-08-23 15:08 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-08-23 15:08 . 2012-08-23 15:08 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-20 20:05 . 2012-06-08 20:39 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-20 20:05 . 2011-05-15 19:49 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-23 15:08 . 2012-04-07 17:56 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-08-23 15:08 . 2010-12-10 21:44 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-13 15:41 . 2011-08-06 07:00 380152 ----a-w- c:\windows\system32\GfKLSPService64.dll 2012-08-13 15:41 . 2011-03-16 19:31 312056 ----a-w- c:\windows\system32\GfKLSPService.dll 2012-07-06 13:58 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05 . 2004-08-04 08:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 18:23 . 2004-08-04 08:00 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-07-02 17:38 . 2004-08-04 08:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:38 . 2004-08-04 08:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-07-02 17:38 . 2004-08-04 08:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-07-02 12:05 . 2004-08-04 08:00 385024 ------w- c:\windows\system32\html.iec 2012-06-26 07:02 . 2011-10-31 10:22 45320 ----a-w- c:\windows\system32\MAMACExtract.dll 2012-09-08 10:24 . 2012-09-08 10:21 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-09-19_19.10.39 ))))))))))))))))))))))))))))))))))))))))) . + 2012-09-20 20:54 . 2012-09-20 20:54 16384 c:\windows\Temp\Perflib_Perfdata_300.dat - 2004-08-04 08:00 . 2012-05-11 14:44 67072 c:\windows\system32\mshtmled.dll + 2004-08-04 08:00 . 2012-07-02 17:38 67072 c:\windows\system32\mshtmled.dll + 2009-03-08 03:31 . 2012-07-02 17:38 55296 c:\windows\system32\msfeedsbs.dll - 2009-03-08 03:31 . 2012-05-11 14:44 55296 c:\windows\system32\msfeedsbs.dll - 2004-08-04 08:00 . 2012-05-11 14:44 25600 c:\windows\system32\jsproxy.dll + 2004-08-04 08:00 . 2012-07-02 17:38 25600 c:\windows\system32\jsproxy.dll + 2010-12-25 13:53 . 2012-07-02 17:38 12800 c:\windows\system32\dllcache\xpshims.dll - 2010-12-25 13:53 . 2012-05-11 14:44 12800 c:\windows\system32\dllcache\xpshims.dll + 2010-09-09 14:24 . 2012-07-02 17:38 67072 c:\windows\system32\dllcache\mshtmled.dll - 2010-09-09 14:24 . 2012-05-11 14:44 67072 c:\windows\system32\dllcache\mshtmled.dll - 2010-12-25 13:53 . 2012-05-11 14:44 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2010-12-25 13:53 . 2012-07-02 17:38 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2009-03-08 03:34 . 2012-05-11 14:44 43520 c:\windows\system32\dllcache\licmgr10.dll + 2009-03-08 03:34 . 2012-07-02 17:38 43520 c:\windows\system32\dllcache\licmgr10.dll + 2009-03-08 03:33 . 2012-07-02 17:38 25600 c:\windows\system32\dllcache\jsproxy.dll - 2009-03-08 03:33 . 2012-05-11 14:44 25600 c:\windows\system32\dllcache\jsproxy.dll + 2012-07-06 13:58 . 2012-07-06 13:58 78336 c:\windows\system32\dllcache\browser.dll - 2007-08-02 03:00 . 2012-07-11 08:38 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe + 2007-08-02 03:00 . 2012-09-19 21:02 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe + 2007-08-02 03:00 . 2012-09-19 21:02 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe - 2007-08-02 03:00 . 2012-07-11 08:38 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe - 2007-08-02 03:00 . 2012-07-11 08:38 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe + 2007-08-02 03:00 . 2012-09-19 21:02 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe + 2011-01-10 19:35 . 2012-09-19 21:02 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2011-01-10 19:35 . 2012-07-11 08:36 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2011-01-10 19:35 . 2012-09-19 21:02 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2011-01-10 19:35 . 2012-07-11 08:36 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2011-01-10 19:35 . 2012-07-11 08:36 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2011-01-10 19:35 . 2012-09-19 21:02 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2012-09-19 20:52 . 2012-05-11 14:44 12800 c:\windows\ie8updates\KB2722913-IE8\xpshims.dll + 2012-09-19 20:52 . 2012-05-11 14:44 67072 c:\windows\ie8updates\KB2722913-IE8\mshtmled.dll + 2012-09-19 20:52 . 2012-05-11 14:44 55296 c:\windows\ie8updates\KB2722913-IE8\msfeedsbs.dll + 2012-09-19 20:52 . 2012-05-11 14:44 43520 c:\windows\ie8updates\KB2722913-IE8\licmgr10.dll + 2012-09-19 20:52 . 2012-05-11 14:44 25600 c:\windows\ie8updates\KB2722913-IE8\jsproxy.dll - 2004-08-04 08:00 . 2012-05-11 14:44 105984 c:\windows\system32\url.dll + 2004-08-04 08:00 . 2012-07-02 17:38 105984 c:\windows\system32\url.dll + 2004-08-04 08:00 . 2012-07-02 17:38 206848 c:\windows\system32\occache.dll - 2004-08-04 08:00 . 2012-05-11 14:44 206848 c:\windows\system32\occache.dll + 2004-08-04 08:00 . 2012-07-06 13:58 337920 c:\windows\system32\netapi32.dll - 2004-08-04 08:00 . 2012-05-11 14:44 611840 c:\windows\system32\mstime.dll + 2004-08-04 08:00 . 2012-07-02 17:38 611840 c:\windows\system32\mstime.dll - 2009-03-08 03:32 . 2012-05-11 14:44 629760 c:\windows\system32\msfeeds.dll + 2009-03-08 03:32 . 2012-07-02 17:38 629760 c:\windows\system32\msfeeds.dll + 2012-09-20 20:05 . 2012-09-20 20:05 690096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_4_402_278_Plugin.exe + 2012-09-20 19:07 . 2012-09-20 19:07 690096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe + 2012-09-20 19:07 . 2012-09-20 19:07 474544 c:\windows\system32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.dll + 2012-06-08 20:39 . 2012-09-20 20:05 250288 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe - 2004-08-04 08:00 . 2009-05-07 15:34 347136 c:\windows\system32\localspl.dll + 2004-08-04 08:00 . 2012-05-14 09:23 347136 c:\windows\system32\localspl.dll + 2004-08-04 08:00 . 2012-07-02 17:38 184320 c:\windows\system32\iepeers.dll - 2004-08-04 08:00 . 2012-05-11 14:44 184320 c:\windows\system32\iepeers.dll + 2004-08-04 08:00 . 2012-07-02 17:38 387584 c:\windows\system32\iedkcs32.dll - 2004-08-04 08:00 . 2012-05-11 14:44 387584 c:\windows\system32\iedkcs32.dll - 2004-08-04 08:00 . 2012-05-11 11:38 174080 c:\windows\system32\ie4uinit.exe + 2004-08-04 08:00 . 2012-07-02 12:05 174080 c:\windows\system32\ie4uinit.exe - 2004-09-08 07:48 . 2012-07-12 06:14 321928 c:\windows\system32\FNTCACHE.DAT + 2004-09-08 07:48 . 2012-09-20 10:08 321928 c:\windows\system32\FNTCACHE.DAT - 2010-09-09 14:24 . 2012-05-16 15:09 916992 c:\windows\system32\dllcache\wininet.dll + 2010-09-09 14:24 . 2012-07-02 17:38 916992 c:\windows\system32\dllcache\wininet.dll + 2009-03-08 03:34 . 2012-07-02 17:38 105984 c:\windows\system32\dllcache\url.dll - 2009-03-08 03:34 . 2012-05-11 14:44 105984 c:\windows\system32\dllcache\url.dll + 2011-08-11 07:46 . 2012-07-04 14:05 139784 c:\windows\system32\dllcache\rdpwd.sys + 2009-03-08 03:34 . 2012-07-02 17:38 206848 c:\windows\system32\dllcache\occache.dll - 2009-03-08 03:34 . 2012-05-11 14:44 206848 c:\windows\system32\dllcache\occache.dll + 2010-12-11 22:07 . 2012-07-06 13:58 337920 c:\windows\system32\dllcache\netapi32.dll + 2010-11-05 05:02 . 2012-07-02 17:38 611840 c:\windows\system32\dllcache\mstime.dll - 2010-11-05 05:02 . 2012-05-11 14:44 611840 c:\windows\system32\dllcache\mstime.dll - 2010-12-25 13:53 . 2012-05-11 14:44 629760 c:\windows\system32\dllcache\msfeeds.dll + 2010-12-25 13:53 . 2012-07-02 17:38 629760 c:\windows\system32\dllcache\msfeeds.dll - 2009-05-07 15:34 . 2009-05-07 15:34 347136 c:\windows\system32\dllcache\localspl.dll + 2009-05-07 15:34 . 2012-05-14 09:23 347136 c:\windows\system32\dllcache\localspl.dll - 2012-06-13 08:18 . 2012-05-11 14:44 521728 c:\windows\system32\dllcache\jsdbgui.dll + 2012-06-13 08:18 . 2012-07-02 17:38 521728 c:\windows\system32\dllcache\jsdbgui.dll + 2010-12-25 13:53 . 2012-07-02 17:38 247808 c:\windows\system32\dllcache\ieproxy.dll - 2010-12-25 13:53 . 2012-05-11 14:44 247808 c:\windows\system32\dllcache\ieproxy.dll - 2010-09-09 14:24 . 2012-05-11 14:44 184320 c:\windows\system32\dllcache\iepeers.dll + 2010-09-09 14:24 . 2012-07-02 17:38 184320 c:\windows\system32\dllcache\iepeers.dll - 2010-12-25 13:53 . 2012-05-11 14:44 743424 c:\windows\system32\dllcache\iedvtool.dll + 2010-12-25 13:53 . 2012-07-02 17:38 743424 c:\windows\system32\dllcache\iedvtool.dll - 2009-03-08 13:09 . 2012-05-11 14:44 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2009-03-08 13:09 . 2012-07-02 17:38 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2009-03-08 03:32 . 2012-07-02 12:05 174080 c:\windows\system32\dllcache\ie4uinit.exe - 2009-03-08 03:32 . 2012-05-11 11:38 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2012-07-18 13:46 . 2012-07-18 13:46 593408 c:\windows\Installer\5f4b90.msp - 2007-08-02 03:00 . 2012-07-11 08:38 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe + 2007-08-02 03:00 . 2012-09-19 21:02 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe - 2007-08-02 03:00 . 2012-07-11 08:38 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe + 2007-08-02 03:00 . 2012-09-19 21:02 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe + 2007-08-02 03:00 . 2012-09-19 21:02 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe - 2007-08-02 03:00 . 2012-07-11 08:38 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe + 2007-08-02 03:00 . 2012-09-19 21:02 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe - 2007-08-02 03:00 . 2012-07-11 08:38 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe + 2007-08-02 03:00 . 2012-09-19 21:02 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe - 2007-08-02 03:00 . 2012-07-11 08:38 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe + 2011-01-10 19:35 . 2012-09-19 21:02 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2011-01-10 19:35 . 2012-07-11 08:36 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2011-01-10 19:35 . 2012-09-19 21:02 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2011-01-10 19:35 . 2012-07-11 08:36 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2011-01-10 19:35 . 2012-07-11 08:36 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2011-01-10 19:35 . 2012-09-19 21:02 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2011-01-10 19:35 . 2012-07-11 08:36 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2011-01-10 19:35 . 2012-09-19 21:02 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2011-01-10 19:35 . 2012-07-11 08:36 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2011-01-10 19:35 . 2012-09-19 21:02 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2011-01-10 19:35 . 2012-09-19 21:02 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2011-01-10 19:35 . 2012-07-11 08:36 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2011-01-10 19:35 . 2012-07-11 08:36 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2011-01-10 19:35 . 2012-09-19 21:02 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2011-06-23 08:54 . 2011-06-23 08:54 119160 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\MSCONV97.DLL + 2012-09-19 20:52 . 2012-05-16 15:09 916992 c:\windows\ie8updates\KB2722913-IE8\wininet.dll + 2012-09-19 20:52 . 2012-05-11 14:44 105984 c:\windows\ie8updates\KB2722913-IE8\url.dll + 2012-09-19 20:52 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2722913-IE8\spuninst\updspapi.dll + 2012-09-19 20:52 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2722913-IE8\spuninst\spuninst.exe + 2012-09-19 20:52 . 2012-05-11 14:44 206848 c:\windows\ie8updates\KB2722913-IE8\occache.dll + 2012-09-19 20:52 . 2012-05-11 14:44 611840 c:\windows\ie8updates\KB2722913-IE8\mstime.dll + 2012-09-19 20:52 . 2012-05-11 14:44 629760 c:\windows\ie8updates\KB2722913-IE8\msfeeds.dll + 2012-09-19 20:52 . 2012-05-11 14:44 521728 c:\windows\ie8updates\KB2722913-IE8\jsdbgui.dll + 2012-09-19 20:52 . 2012-05-11 14:44 247808 c:\windows\ie8updates\KB2722913-IE8\ieproxy.dll + 2012-09-19 20:52 . 2012-05-11 14:44 184320 c:\windows\ie8updates\KB2722913-IE8\iepeers.dll + 2012-09-19 20:52 . 2012-05-11 14:44 743424 c:\windows\ie8updates\KB2722913-IE8\iedvtool.dll + 2012-09-19 20:52 . 2012-05-11 14:44 387584 c:\windows\ie8updates\KB2722913-IE8\iedkcs32.dll + 2012-09-19 20:52 . 2012-05-11 11:38 174080 c:\windows\ie8updates\KB2722913-IE8\ie4uinit.exe - 2004-08-04 08:00 . 2012-05-11 14:44 1212416 c:\windows\system32\urlmon.dll + 2004-08-04 08:00 . 2012-07-02 17:38 1212416 c:\windows\system32\urlmon.dll + 2004-08-04 08:00 . 2012-07-02 17:38 6008320 c:\windows\system32\mshtml.dll + 2012-09-20 20:05 . 2012-09-20 20:05 9813424 c:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll - 2009-03-08 03:32 . 2012-05-11 14:44 2000384 c:\windows\system32\iertutil.dll + 2009-03-08 03:32 . 2012-07-02 17:38 2000384 c:\windows\system32\iertutil.dll - 2010-09-01 07:57 . 2012-06-13 13:55 1866240 c:\windows\system32\dllcache\win32k.sys + 2010-09-01 07:57 . 2012-07-03 18:23 1866240 c:\windows\system32\dllcache\win32k.sys + 2010-09-09 14:24 . 2012-07-02 17:38 1212416 c:\windows\system32\dllcache\urlmon.dll - 2010-09-09 14:24 . 2012-05-11 14:44 1212416 c:\windows\system32\dllcache\urlmon.dll + 2010-09-09 14:24 . 2012-07-02 17:38 6008320 c:\windows\system32\dllcache\mshtml.dll + 2010-12-25 13:53 . 2012-07-02 17:38 2000384 c:\windows\system32\dllcache\iertutil.dll - 2010-12-25 13:53 . 2012-05-11 14:44 2000384 c:\windows\system32\dllcache\iertutil.dll + 2012-08-30 01:06 . 2012-08-30 01:06 5007872 c:\windows\Installer\5f4c08.msp + 2012-06-26 16:03 . 2012-06-26 16:03 3875840 c:\windows\Installer\5f4be0.msp - 2007-08-02 03:00 . 2012-07-11 08:38 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe + 2007-08-02 03:00 . 2012-09-19 21:02 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe + 2007-08-02 03:00 . 2012-09-19 21:02 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe - 2007-08-02 03:00 . 2012-07-11 08:38 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe - 2011-01-10 19:35 . 2012-07-11 08:36 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2011-01-10 19:35 . 2012-09-19 21:02 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2011-01-10 19:34 . 2012-09-19 21:02 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2011-01-10 19:34 . 2012-07-11 08:36 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2012-09-19 20:52 . 2012-05-11 14:44 1212416 c:\windows\ie8updates\KB2722913-IE8\urlmon.dll + 2012-09-19 20:52 . 2012-05-11 14:44 6007808 c:\windows\ie8updates\KB2722913-IE8\mshtml.dll + 2012-09-19 20:52 . 2012-05-11 14:44 2000384 c:\windows\ie8updates\KB2722913-IE8\iertutil.dll + 2010-12-12 09:35 . 2012-08-30 22:12 62164608 c:\windows\system32\MRT.exe - 2009-03-08 03:39 . 2012-05-11 18:14 11111424 c:\windows\system32\ieframe.dll + 2009-03-08 03:39 . 2012-07-02 21:08 11111424 c:\windows\system32\ieframe.dll - 2010-12-25 13:52 . 2012-05-11 18:14 11111424 c:\windows\system32\dllcache\ieframe.dll + 2010-12-25 13:52 . 2012-07-02 21:08 11111424 c:\windows\system32\dllcache\ieframe.dll + 2012-07-25 14:59 . 2012-07-25 14:59 11032064 c:\windows\Installer\5f4bb8.msp + 2012-07-18 13:53 . 2012-07-18 13:53 10937344 c:\windows\Installer\5f4b68.msp + 2011-08-03 18:53 . 2011-08-03 18:53 17324928 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\MSO.DLL + 2012-09-19 20:52 . 2012-05-11 18:14 11111424 c:\windows\ie8updates\KB2722913-IE8\ieframe.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-03 21432] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-07-03 975288] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsmqIntCert"="mqrt.dll" [2009-06-25 177152] "PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552] "PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456] "CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920] "Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976] "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344] "WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392] "tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-10 270336] "ConsumerClickSysTrayIcon"="c:\program files\ConsumerClick\ConsumerClickSysTrayIcon.exe" [2010-12-17 69632] "GfK-WatchDog"="c:\program files\GfKLSPService\GfK-WatchDog.exe" [2012-08-13 57592] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] "ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-03-19 73360] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-07-03 3524536] "ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-03-16 738944] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213] DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2010-12-10 192512] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2007-02-07 01:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\APSHook.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . R1 MpKsl9a27b3a9;MpKsl9a27b3a9;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\MpKsl9a27b3a9.sys [20-9-2012 22:57 29904] R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336] R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336] R2 GfK-Reporting-Service;GfK-Reporting-Service;c:\program files\GfK Internet Monitor\GfK-Reporting.exe [20-1-2011 16:00 102400] R2 GfK-Update-Service;GfK-Update-Service;c:\program files\GfK Internet Monitor\GfK-Updater.exe [20-1-2011 16:00 180224] R2 GfkLSPService;GfkLSPService;c:\program files\GfKLSPService\GfKLspService.exe [17-11-2010 13:15 3222776] R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [3-11-2011 16:44 27016] R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [3-11-2011 16:44 497280] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [16-9-2012 19:24 399432] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16-9-2012 19:24 676936] R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2-8-2007 5:01 540448] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16-9-2012 19:24 22856] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13-7-2012 13:28 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8-6-2012 22:39 250288] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [6-6-2012 14:16 30312] S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [21-1-2012 15:10 20032] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16-9-2012 22:50 40776] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26-4-2012 4:50 114144] S3 optousb;OPTO ELECTRONICS optousb;c:\windows\system32\drivers\optousb.sys [16-3-2011 21:14 18432] S3 optovcm;OPTO ELECTRONICS optovcm;c:\windows\system32\drivers\optovcm.sys [16-3-2011 21:14 26368] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [22-1-2011 16:14 591488] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [6-6-2012 14:16 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [6-6-2012 14:16 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [6-6-2012 14:16 136808] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSL9A27B3A9 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 Cognizance REG_MULTI_SZ ASBroker ASChannel hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HPService REG_MULTI_SZ HPSLPSVC . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 20:05] . 2012-09-20 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . . ------- Bijkomende Scan ------- . IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\agtjif03.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-09-20 22:57 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????T??????????????|?M?|?????M?|&?@ . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Windows 5.1.2600 . CreateFile("\\.\PHYSICALDRIVE0"): Het proces heeft geen toegang tot het bestand omdat het bestand door een ander proces wordt gebruikt. device: opened successfully user: error reading MBR kernel: MBR read successfully user != kernel MBR !!! . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-226067063-4292578343-2355287337-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,0d,ab,a3,f2,9d,39,42,be,b7,be,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1184) c:\windows\system32\Ati2evxx.dll c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll c:\program files\Hewlett-Packard\IAM\Bin\ItReports.DLL c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll c:\program files\Hewlett-Packard\IAM\Bin\ittal.dll c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll c:\program files\Hewlett-Packard\IAM\Bin\STEngine.dll c:\program files\Hewlett-Packard\IAM\Bin\ItVCClient.dll c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll . - - - - - - - > 'lsass.exe'(1240) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll . - - - - - - - > 'explorer.exe'(4808) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll c:\windows\system32\APSHook.dll c:\windows\system32\btmmhook.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Microsoft Security Client\MsMpEng.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\msdtc.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files\Java\jre7\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\mqsvc.exe c:\windows\system32\mqtgsvc.exe c:\program files\Hewlett-Packard\IAM\bin\asghost.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files\Hewlett-Packard\Shared\HpqToaster.exe c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe . ************************************************************************** . Voltooingstijd: 2012-09-20 23:17:27 - machine werd herstart ComboFix-quarantined-files.txt 2012-09-20 21:17 ComboFix2.txt 2012-09-19 19:41 . Pre-Run: 113.097.093.120 bytes beschikbaar Post-Run: 113.084.592.128 bytes beschikbaar . - - End Of File - - F4C69C7F3D581C34A117E83338199BFC

ComboFix 12-09-18.07 - Administrator 19-09-2012 20:43:25.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.895.145 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Downloads\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: ZoneAlarm Free Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\ADMINI~1\LOCALS~1\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll c:\documents and settings\Administrator\Application Data\.# c:\documents and settings\Administrator\Application Data\.#\MBX@11D4@3F3F80.### c:\documents and settings\Administrator\Application Data\.#\MBX@11D4@3F3FB0.### c:\documents and settings\Administrator\Application Data\.#\MBX@3FC@3F3F80.### c:\documents and settings\Administrator\Application Data\.#\MBX@3FC@3F3FB0.### c:\documents and settings\Administrator\Application Data\Acet c:\documents and settings\Administrator\Application Data\Acet\wyix.efw c:\documents and settings\Administrator\Local Settings\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll c:\windows\system32\System32\MASetupCleaner.exe c:\windows\system32\System32\muzapp.exe c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\regtlib.exe D:\AUTORUN.INF . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-19 to 2012-09-19 )))))))))))))))))))))))))))))) . . 2012-09-19 18:47 . 2012-09-19 18:47 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0D17AD52-5415-489E-A3D1-3BE5A73D6912}\offreg.dll 2012-09-19 18:34 . 2012-09-19 18:34 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0D17AD52-5415-489E-A3D1-3BE5A73D6912}\MpKsl0f97156c.sys 2012-09-18 16:41 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0D17AD52-5415-489E-A3D1-3BE5A73D6912}\mpengine.dll 2012-09-16 20:50 . 2012-09-16 21:07 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-16 17:24 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-15 20:14 . 2012-09-16 18:24 -------- d-----w- c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287 2012-09-13 04:44 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-29 19:15 . 2012-08-29 19:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities 2012-08-29 19:13 . 2012-09-02 07:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\Iliwl 2012-08-29 19:13 . 2012-08-29 19:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\Okbe 2012-08-25 21:24 . 2012-08-25 21:24 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun 2012-08-24 15:27 . 2008-04-14 16:03 20992 ----a-w- c:\windows\system32\dshowext.ax 2012-08-23 15:08 . 2012-08-23 15:08 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-08-23 15:08 . 2012-08-23 15:08 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-23 15:08 . 2012-04-07 17:56 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-08-23 15:08 . 2010-12-10 21:44 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-15 07:05 . 2012-06-08 20:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-15 07:05 . 2011-05-15 19:49 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-15 07:04 . 2012-08-15 06:05 9826504 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2012-08-13 15:41 . 2011-08-06 07:00 380152 ----a-w- c:\windows\system32\GfKLSPService64.dll 2012-08-13 15:41 . 2011-03-16 19:31 312056 ----a-w- c:\windows\system32\GfKLSPService.dll 2012-06-26 07:02 . 2011-10-31 10:22 45320 ----a-w- c:\windows\system32\MAMACExtract.dll 2012-09-08 10:24 . 2012-09-08 10:21 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\atapi.sys [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys . [7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asyncmac.sys [7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [7] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys . [7] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [7] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [7] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\kbdclass.sys [7] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [7] 2004-08-03 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys [7] 2004-08-03 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\kbdclass.sys . [7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ndis.sys [7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2006-01-10 . AA898F84D2B59129FB92E143A2C73434 . 182528 . . [5.1.2600.2824] . . c:\windows\$NtServicePackUninstall$\ndis.sys [7] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB912436$\ndis.sys . [7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntfs.sys [7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [7] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys . [7] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys [7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\tcpip.sys [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys [-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys [-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys [-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys [-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys [7] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys . [7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\browser.dll [7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [7] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll . [7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\lsass.exe [7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [7] 2004-08-04 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe . [7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\netman.dll [7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [7] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll . [7] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll [7] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\comres.dll [7] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll [7] 2004-08-04 08:00 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll . [7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\qmgr.dll [7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [7] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll . [7] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [7] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll [7] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [7] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [7] 2009-02-09 . 72C2074FFA3B38078173A11008198019 . 401408 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [7] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [7] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [7] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\rpcss.dll [-] 2005-04-28 . 6D61211D515EA7E31FDB7B0FA9CEF878 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll [-] 2005-04-28 . 0468AA524F6912F449BC14CF7DACAF68 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll [-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll [7] 2004-08-04 . DDE0457B7706C3AD4E5AFDD502698A06 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll . [7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe [7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [7] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [7] 2009-02-09 . CE06E39F34BBF6B0ADA70F37F70CF0D8 . 111104 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe [7] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [7] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [7] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\services.exe [7] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe . [7] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe [7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe [7] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe [7] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe [7] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\spoolsv.exe [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe [7] 2004-08-04 . CCCB8B94B17466EFB9DC27F42625B0E5 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe . [7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\winlogon.exe [7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [7] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe . [7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\system32\wuauclt.exe [7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\system32\dllcache\wuauclt.exe [7] 2008-04-14 . FCACAD9819D9A698AC93A7188D97F355 . 112128 . . [5.4.3790.5512] . . c:\windows\ServicePackFiles\i386\wuauclt.exe [7] 2008-04-14 . FCACAD9819D9A698AC93A7188D97F355 . 112128 . . [5.4.3790.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wuauclt.exe . [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ipsec.sys [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys [7] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys . [7] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [7] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [7] 2010-08-23 . 01D982636AFC3A79537B81D9C3DA897A . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [7] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll [7] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [7] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\comctl32.dll [7] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asms\60\msft\windows\common\controls\comctl32.dll [7] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [-] 2006-08-25 . F67AE54BCA3873D48A1AC722A9CA70BF . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2006-08-25 . F567148940C1F5D93070822C0F3C0C34 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [7] 2004-08-04 . 8A473F553E9E45DB4EF6FF11AB54E4E1 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [7] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll . [7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\cryptsvc.dll [7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [7] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll . [7] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll [7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [7] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [7] 2008-07-07 20:23 . B3A4422CBD8DAA6710431F67C679DA24 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [7] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [7] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [7] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\es.dll [7] 2004-08-04 08:00 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll . [7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\imm32.dll [7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [7] 2004-08-04 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll . [7] 2009-03-21 . B30975B6B1B08A5A18AAC7E3577C7C53 . 1027072 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll [7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [7] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [7] 2009-03-21 . 67A29642EC9A1ADA0768605B21AA4552 . 1030144 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll [7] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [7] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [7] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\kernel32.dll [-] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [-] 2006-07-05 . F2352FB7D9E5C70374568724A32B5CB7 . 1025024 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll [7] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll . [7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\linkinfo.dll [7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [7] 2004-08-04 . 5B42639BE48C8E84FD52C66958A44427 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll . [7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\lpk.dll [7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [7] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll . [7] 2012-05-11 . 13D1764BA6AEDF0E8846428CAF915738 . 6007808 . . [8.00.6001.19258] . . c:\windows\system32\mshtml.dll [7] 2012-05-11 . 13D1764BA6AEDF0E8846428CAF915738 . 6007808 . . [8.00.6001.19258] . . c:\windows\system32\dllcache\mshtml.dll [7] 2012-05-11 . F45E5701FF03719D2AC7FE1B426FCABA . 6009344 . . [8.00.6001.23345] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll [7] 2012-03-01 . 6E0E7C508B5060F81992D5ED0B1A5556 . 5978624 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\mshtml.dll [7] 2012-03-01 . 467D9D5FB15DD88E82768C6F31A7A5D4 . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll [7] 2011-12-17 . 5C55673322584D9F5A32D0971D83858B . 5979136 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\mshtml.dll [7] 2011-12-17 . 46FE106946083872716147AD223F20C1 . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll [7] 2011-11-04 . 958ECE072DA2D840BD3658A3AB708F58 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll [7] 2011-11-04 . E43D37858B634BDE1E099E92F0202458 . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll [7] 2011-10-03 . 2ECD546FB8594A4C5D807E489045627F . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll [7] 2011-10-03 . 5AF7AC6924E7CB72D76A796262B1C25E . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll [7] 2011-07-25 . 39ADF0F29F47896DD726833735AB825C . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll [7] 2011-07-25 . 03B085EEE1DB5F2E32721CF5C72F7A26 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll [7] 2011-05-30 . 7EA2A988004ED9A3D9DC5192DC547C57 . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll [7] 2011-05-30 . 6DE2D62A51F4C110AA995583B7463487 . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll [7] 2011-02-22 . 80A564DD39C82A79F34F5A093CE1A6BD . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll [7] 2011-02-22 . E7618AEF7203F57D94266153C7E514C4 . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll [7] 2010-12-20 . 91F5FB2C81CBE00B36B7F90E8DFDEC9E . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll . [7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\msvcrt.dll [7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [7] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asms\70\msft\windows\mswincrt\msvcrt.dll [7] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll [7] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [7] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [7] 2004-08-04 . 40AC9CE966A05B05C9A4DB5B306A26C3 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll . [7] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [7] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll [7] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll [7] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [7] 2008-06-20 . FF59588E31F864FED9D0258969559A4B . 247296 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll [7] 2008-06-20 . 71AB52C70B9436C0A0B704FDE9D1A7CD . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [7] 2008-06-20 . 4522CBE00A9E9EEE36AA82ED4B319148 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [7] 2008-06-20 . 4522CBE00A9E9EEE36AA82ED4B319148 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [7] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll [7] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll [7] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\mswsock.dll [7] 2004-08-04 . 0C53DB0671AB5A93D169DAFFC8DA11CF . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll . [7] 2009-02-06 . 45AE58ACDD9B4A8767064544533F94E2 . 408064 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\netlogon.dll [7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\netlogon.dll [7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [7] 2004-08-04 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB968389_0$\netlogon.dll . [7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\powrprof.dll [7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [7] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll . [7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\scecli.dll [7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [7] 2004-08-04 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll . [7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\sfc.dll [7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [7] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll . [7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\svchost.exe [7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [7] 2004-08-04 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe . [7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\tapisrv.dll [7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [7] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll . [7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\user32.dll [7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [7] 2004-08-04 . 8E5D344FD717D35EE7ED1C8E0AD0CBE6 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll . [7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\userinit.exe [7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [7] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe . [7] 2012-05-16 . C1466A8E803261BB11FC25EF096E4E3D . 916992 . . [8.00.6001.19272] . . c:\windows\system32\wininet.dll [7] 2012-05-16 . C1466A8E803261BB11FC25EF096E4E3D . 916992 . . [8.00.6001.19272] . . c:\windows\system32\dllcache\wininet.dll [7] 2012-05-16 . 7FC207568D4D9AAFC266FC84F716FEC1 . 920064 . . [8.00.6001.23359] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll [7] 2012-03-01 . CFF17B16BFF8179FBBA29075245E8BE1 . 916992 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\wininet.dll [7] 2012-03-01 . B2E54BC4C5B399547EE3C8188DBBA509 . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll [7] 2011-12-17 . 03CB14FB6B75EC8AC2FDEC54E904C30B . 916992 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll [7] 2011-12-17 . 38C3CDBC40464D40C7B716C8E154B86C . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll [7] 2011-11-04 . D47FE623B45DF066647469DB73AE3215 . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll [7] 2011-11-04 . A484703720C95391777DF05F2458FEF8 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll [7] 2011-08-22 . 381FDBF8A25C7629696E5EE2B213F8CC . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll [7] 2011-08-22 . EDD945F6C0630DB8453673DF9E7B009E . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll [7] 2011-06-23 . 14FB4665EFBDCE6931A55752A44F7DE2 . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll [7] 2011-06-23 . 3BC2081CD791584B4ED373F3B4959CC8 . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll [7] 2011-04-25 . 1C95CF3DBAEBB3CCA34845CD884FB8CA . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll [7] 2011-04-25 . 00F17371D9145B114061564BDABD8C24 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll [7] 2011-02-22 . CC5AE9A79DA18AFD29FB7CF95F23A143 . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll [7] 2011-02-22 . 51B29ABC95E882F7AD80FDBFD5E729CC . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll [7] 2010-12-20 . 81BB5AF5584545323F20AA75610EBD01 . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll [7] 2010-12-20 . 21A739156ED963C45419D3EB02E44F0C . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll [7] 2010-11-06 . 51964C721E751FD4E798252CC0E4FFB9 . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll [7] 2010-11-06 . BCEB709EF4C751E0BE355B76D834A954 . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll [7] 2010-11-05 . EA125FB2F7C9DECD3F163A7D0DA88D95 . 670208 . . [6.00.2900.6049] . . c:\windows\ie8\wininet.dll [7] 2010-11-05 . C39C416DEAE1C334695AB499781DADC8 . 671744 . . [6.00.2900.6049] . . c:\windows\$hf_mig$\KB2416400\SP3QFE\wininet.dll [7] 2010-09-10 . EA2E4CFB3F124DD54F3B02F3BCCF6E82 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll [7] 2010-09-10 . 5D081F5E3E46966C4F63D32231C93511 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll [7] 2010-09-09 . D7895DA575292E4E019CE778E4E3EA5A . 671744 . . [6.00.2900.6036] . . c:\windows\$hf_mig$\KB2360131\SP3QFE\wininet.dll [7] 2010-09-09 . A4D348E1DF97FA12C2FD4B03995706FC . 670208 . . [6.00.2900.6036] . . c:\windows\$NtUninstallKB2416400$\wininet.dll [7] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll [7] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [7] 2010-04-16 . B02C1753A7EEF7B51241DCB8924D2A2B . 670208 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\wininet.dll [7] 2010-04-16 . 975E4CB58BF8F6C625C0E143BAECB5D8 . 671744 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll [7] 2010-04-16 . D9A075142E71B267249F98BCAE603FAC . 665088 . . [6.00.2900.3698] . . c:\windows\$NtServicePackUninstall$\wininet.dll [7] 2010-04-16 . F513CBA281F35379064D710B516688C3 . 671744 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\wininet.dll [7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [7] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB2360131$\wininet.dll [7] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll [7] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wininet.dll [-] 2006-06-23 . 0960FA973421FF4630D024843341509E . 667648 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll [-] 2006-06-23 . 91A1532762382C31DA0103946B4A20D3 . 662016 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB982381$\wininet.dll [-] 2005-07-03 . C9567D2CD2441DFF60814E721EF6EB43 . 661504 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB918899$\wininet.dll [-] 2005-07-03 . C167930AEEF3C1739F340D5758834B01 . 662528 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll [7] 2004-08-04 . 6C7E1322898378C30BCD9F779A2621EE . 659456 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB896727$\wininet.dll . [7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ws2_32.dll [7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [7] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll . [7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ws2help.dll [7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [7] 2004-08-04 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll . [7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe [7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\explorer.exe [7] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe . [7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\regedit.exe [7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe [7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\regedit.exe [7] 2004-08-04 . 39C7FA0F39376599CFA59888816F477B . 153088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe . [7] 2011-11-01 . DB355CEF2B35481C21DD213C28560E86 . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll [7] 2011-11-01 . DB355CEF2B35481C21DD213C28560E86 . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll [7] 2011-11-01 . 02AF8E4C7B851A213AC70BF6DD6E3537 . 1288704 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll [7] 2010-07-16 . AD2B41BEAB5BB7A258F6A2CCDCA09B82 . 1287680 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll [7] 2010-07-16 . 57F12B548695C680421CD1EB8169A1C8 . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll [7] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll [7] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll [7] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ole32.dll [-] 2005-04-28 . 48629EDCD92AA071554304F9F9E96E38 . 1284608 . . [5.1.2600.2665] . . c:\windows\$NtServicePackUninstall$\ole32.dll [-] 2005-04-28 . 5C3B15C45ADF30B024927F1A0823BD16 . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll [-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll [-] 2005-01-13 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll [7] 2004-08-04 . 602969286376832E3F49F54E4F0F051A . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll . [7] 2010-04-16 . 36BA0AAABD0AA4798403CB3FF08D5DDD . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll [7] 2010-04-16 . 36BA0AAABD0AA4798403CB3FF08D5DDD . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll [7] 2010-04-16 . 7BB3922CB9973877D2BF4C7222EA8E70 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll [7] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll [7] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll [7] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\usp10.dll [7] 2004-08-04 . 24B72C7A002170ECC72B6AA5F642A705 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll . [7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll [7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ksuser.dll [7] 2004-08-03 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll [7] 2002-12-11 22:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\Driver Cache\i386\ksuser.dll [7] 2002-12-11 22:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll [7] 2002-12-11 22:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\system32\ksuser.dll [7] 2002-12-11 22:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\system32\dllcache\ksuser.dll . [7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ctfmon.exe [7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [7] 2004-08-04 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe . [7] 2009-07-27 . 2D5D4156292150FE571872C1B88E9299 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll [7] 2009-07-27 . 2D5D4156292150FE571872C1B88E9299 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll [7] 2009-07-27 . C28A9E9D28ACDAF8097BE4578C49559B . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll [7] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll [7] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [7] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\shsvcs.dll [-] 2006-12-19 . D6F2B8963663F2014FAFCD8E15E4E778 . 135168 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] 2006-12-19 . 20A1DFA416579DACEE28E15E331C3930 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [7] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll . [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\srsvc.dll [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-11-17 . BD2B4AC5CA73A9245291D0D652F593A3 . 171008 . . [5.1.2600.2567] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [7] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll . [7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wscntfy.exe [7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [7] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe . [7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\xmlprov.dll [7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [7] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll . [7] 2010-12-09 . 9011D64E9090247C04EE767ED6C7B4BE . 739328 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll [7] 2010-12-09 . 175BBCC9133387119BF15FA09D9EE202 . 739328 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll [7] 2010-12-09 . 175BBCC9133387119BF15FA09D9EE202 . 739328 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll [7] 2009-02-09 . 231DD439149F6955FF148E5CD8B02E7E . 736256 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll [7] 2009-02-09 . F06373320840F31D01E152F35DD68C42 . 735744 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntdll.dll [7] 2009-02-09 . F06373320840F31D01E152F35DD68C42 . 735744 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll [7] 2009-02-09 . D14297E4CA08347290F14604C7CFEEF3 . 736256 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntdll.dll [7] 2008-04-14 . EF5F6C88C4282A739844DB6013E15720 . 727040 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll [7] 2008-04-14 . EF5F6C88C4282A739844DB6013E15720 . 727040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll [7] 2008-04-14 . EF5F6C88C4282A739844DB6013E15720 . 727040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntdll.dll [7] 2004-08-04 . A558BE062173291AA6BB94D9FCB8FA7F . 729088 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntdll.dll . [7] 2008-04-14 . BC1C255415DFCA2E202924A1FBAE3D4F . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime [7] 2008-04-14 . BC1C255415DFCA2E202924A1FBAE3D4F . 177152 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\msctfime.ime [7] 2008-04-14 . BC1C255415DFCA2E202924A1FBAE3D4F . 177152 . . [5.1.2600.5512] . . c:\windows\system32\msctfime.ime [7] 2004-08-04 . A3CA3ED34D0752B11E9B52475187209D . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime . [7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\eventlog.dll [7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [7] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll . [7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\sfcfiles.dll [7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [7] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll . [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ipsec.sys [7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys [7] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys . [7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\regsvc.dll [7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [7] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll . [7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\schedsvc.dll [7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [7] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll . [7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ssdpsrv.dll [7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [7] 2004-08-04 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll . [7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\termsrv.dll [7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [7] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll . [7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll [7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\hnetcfg.dll [7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll [7] 2004-08-04 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll . [7] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll [7] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\appmgmts.dll [7] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll [7] 2004-08-04 . CC888653E0DEC81B525B956C77960F88 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll . [7] 2004-08-04 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\aec.sys [7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [7] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys . [7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\agp440.sys [7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys . [7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ip6fw.sys [7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [7] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys . [7] 2010-09-18 07:18 . C7F383764824117AEE9C3ED0FCA78044 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll [7] 2010-09-18 06:53 . 7892005CE5CDC809783F452B21FAF58F . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll [7] 2010-09-18 06:53 . 7892005CE5CDC809783F452B21FAF58F . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll [7] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll [7] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll [7] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\mfc40u.dll [-] 2006-11-01 19:19 . 13E52326F0F19A1A8D34681E3444E8D1 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll [-] 2004-08-04 08:00 . 8EED1D71C14C356684E586B0A7DB6BCE . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll . [7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\msgsvc.dll [7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [7] 2004-08-04 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll . [7] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [7] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll [7] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [7] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [7] 2004-08-04 08:00 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll . [7] 2012-05-05 . 1361DB701DCD157A8109CDCB63FDD918 . 2073472 . . [5.1.2600.6223] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [7] 2012-05-05 . 1361DB701DCD157A8109CDCB63FDD918 . 2073472 . . [5.1.2600.6223] . . c:\windows\system32\dllcache\ntkrnlpa.exe [7] 2012-05-05 . 84DF777F1A275A2829650E63E4673C5E . 2031104 . . [5.1.2600.6223] . . c:\windows\system32\ntkrnlpa.exe [7] 2012-05-05 . 94951D0E8759219CBBE0E602A3C9396C . 2073472 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe [7] 2012-04-11 . 0ED21672B45858B3D6F72B898362A3F2 . 2031104 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe [7] 2012-04-11 . 44F045B4BE9D99929DDD48C045480237 . 2073472 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe [7] 2011-10-26 . 8CAD5FC3D068F6164028EDAB20B8666F . 2031616 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe [7] 2011-10-26 . 769A1C9E9641DCED4D0AC50968ADDA4E . 2073728 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe [7] 2010-12-09 . BAD22963CD6046C0B2834D2BFFAB56B5 . 2073728 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe [7] 2010-12-09 . 2DB8EA01CD063A7723299FDBDCCAC82B . 2031616 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe [7] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe [7] 2010-04-28 . 6A55E209D8DC13CDA67C86AE4FBF72C2 . 2029056 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe [7] 2010-02-16 . 38D52FDA70F0275385D4CFD88E824688 . 2026496 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [7] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe [7] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [7] 2009-02-10 . 6A94A7317E28B6543D94174F9016BB68 . 2070400 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [7] 2009-02-09 . 3F52B22DDBC323A39F11B64E1D381D0E . 2025472 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [7] 2009-02-09 . 6DCC1CE955F33EC4C0CE271BFA5D3310 . 2028544 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe [7] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [7] 2008-04-14 . 1B3709F568AF90FDB935FD017C92E5E9 . 2028544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [7] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [7] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntkrnlpa.exe [-] 2006-12-19 . 4BF54C0431A9BB0BCE6C821CD4018F7D . 2063744 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe [-] 2006-12-19 . E28647B8E1DE0336D8479B9653390B9B . 2021888 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe [-] 2006-12-19 . 62916047D54775CBA4DFFE15C0FCD623 . 2020352 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe [7] 2004-08-03 . 6B9F48A34615E5F718E3A44E518B8E16 . 2019840 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB929338_0$\ntkrnlpa.exe . [7] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [7] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntmssvc.dll [7] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [7] 2004-08-04 08:00 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll . [7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\upnphost.dll [7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [7] 2004-08-04 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll . [7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\dsound.dll [7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [7] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll [7] 2004-07-09 02:27 . 033A45AB696EEF481707C2808C806E1A . 381952 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll [7] 2004-07-09 02:27 . 033A45AB696EEF481707C2808C806E1A . 381952 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\system32\dllcache\dsound.dll . [7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\d3d9.dll [7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [7] 2004-08-04 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll . [7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ddraw.dll [7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [7] 2004-08-04 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll [7] 2004-07-09 02:27 . 90114704C17A581DA1BAE029F20932BE . 292864 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll [7] 2004-07-09 02:27 . 90114704C17A581DA1BAE029F20932BE . 292864 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\system32\dllcache\ddraw.dll . [7] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [7] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\olepro32.dll [7] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [7] 2004-08-04 08:00 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll . [7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\perfctrs.dll [7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [7] 2004-08-04 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll . [7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll [7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\version.dll [7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll [7] 2004-08-04 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll . [7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe [7] 2008-04-14 . 164B6F619C579FAD4E548ACC654FF710 . 93184 . . [6.00.2900.5512] . . c:\windows\ie8\iexplore.exe [7] 2008-04-14 . 164B6F619C579FAD4E548ACC654FF710 . 93184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe [7] 2008-04-14 . 164B6F619C579FAD4E548ACC654FF710 . 93184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\iexplore.exe [7] 2004-08-04 . 78D969F35CD64BF0761F731FCA5FC99D . 93184 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\iexplore.exe . . [7] 2012-05-05 . ED172F03B8180DE03D9876F480B489CF . 2196992 . . [5.1.2600.6223] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [7] 2012-05-05 . ED172F03B8180DE03D9876F480B489CF . 2196992 . . [5.1.2600.6223] . . c:\windows\system32\dllcache\ntoskrnl.exe [7] 2012-05-05 . FC9FC84D2FE1B7659B98194849A63C01 . 2152960 . . [5.1.2600.6223] . . c:\windows\system32\ntoskrnl.exe [7] 2012-05-05 . 7F34C836C2F3C0A89DBCF0100929CD2B . 2196992 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe [7] 2012-04-11 . 7A34AE10A68CA9F94E9EDE5D18A94AE9 . 2152960 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe [7] 2012-04-11 . 46190EF7B8A978A3B677248A377F43D3 . 2196992 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe [7] 2011-10-26 . C8BAA79324ABD85E5B317CD00D3EFC2D . 2153472 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe [7] 2011-10-26 . CA76947F97276D52D4731EA2364ECBD8 . 2197120 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe [7] 2010-12-09 . 431D614A7395BADB939FE552DBDD8723 . 2197120 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe [7] 2010-12-09 . 5D23EB1B99728FBC24AE6B989128D261 . 2153472 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe [7] 2010-04-28 . B101D9AB9CCC09F2DDCF8B6C684CD939 . 2150912 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe [7] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe [7] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe [7] 2010-02-16 . E3ADA72560FE0DAE340389CE1DD0EF36 . 2148352 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [7] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [7] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [7] 2009-02-09 . A9C6F20FC84246A2761C10430B2BF5CF . 2147328 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [7] 2009-02-09 . 27380B877348030B0662A39C47AAEC11 . 2193408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [7] 2009-02-09 . AAC6BB111B1ACEAFCD3D3AD569BA3DD3 . 2149888 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe [7] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [7] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntoskrnl.exe . [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\srsvc.dll [7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-11-17 . BD2B4AC5CA73A9245291D0D652F593A3 . 171008 . . [5.1.2600.2567] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [7] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll . [7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll [7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\w32time.dll [7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll [7] 2004-08-04 . EF361E7A6319C445C21C81A131CF1F99 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll . [7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll [7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wiaservc.dll [7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll [-] 2006-12-19 . 1689AC8BD2FC31B377D5D23CC7D872A8 . 334336 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll [-] 2006-12-19 . 0BF8DE5896D9A02C99C4A4EF896E917E . 334336 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll [7] 2004-08-04 . A52AA02DDB663FEF22C18C693B0EE891 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll . [7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll [7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\midimap.dll [7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll [7] 2004-08-04 . E291F42AE2793304990C6EA77C482979 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll . [7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll [7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\rasadhlp.dll [7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll [-] 2006-06-26 . 5F1240D4B842F0122042FDA8540432FC . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll [-] 2006-06-26 . 91282911237187F11BD3AD8F834CB5E6 . 8192 . . [5.1.2600.2938] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll [7] 2004-08-04 . 9C38671C922A2C86802A7FA3F5834634 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll . [7] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll [7] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wshtcpip.dll [7] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll [7] 2004-08-04 . 70220C6EF8447A1BD5A921D77D502822 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-03 21432] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-07-03 975288] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsmqIntCert"="mqrt.dll" [2009-06-25 177152] "PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552] "PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456] "CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920] "Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976] "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344] "WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392] "tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-10 270336] "ConsumerClickSysTrayIcon"="c:\program files\ConsumerClick\ConsumerClickSysTrayIcon.exe" [2010-12-17 69632] "GfK-WatchDog"="c:\program files\GfKLSPService\GfK-WatchDog.exe" [2012-08-13 57592] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] "ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-03-19 73360] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-07-03 3524536] "ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-03-16 738944] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213] DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2010-12-10 192512] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2007-02-07 01:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\APSHook.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . R1 MpKsl0f97156c;MpKsl0f97156c;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0D17AD52-5415-489E-A3D1-3BE5A73D6912}\MpKsl0f97156c.sys [19-9-2012 20:34 29904] R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336] R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336] R2 GfK-Reporting-Service;GfK-Reporting-Service;c:\program files\GfK Internet Monitor\GfK-Reporting.exe [20-1-2011 16:00 102400] R2 GfK-Update-Service;GfK-Update-Service;c:\program files\GfK Internet Monitor\GfK-Updater.exe [20-1-2011 16:00 180224] R2 GfkLSPService;GfkLSPService;c:\program files\GfKLSPService\GfKLspService.exe [17-11-2010 13:15 3222776] R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [3-11-2011 16:44 27016] R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [3-11-2011 16:44 497280] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [16-9-2012 19:24 399432] R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2-8-2007 5:01 540448] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16-9-2012 19:24 676936] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13-7-2012 13:28 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8-6-2012 22:39 250056] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [6-6-2012 14:16 30312] S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [21-1-2012 15:10 20032] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16-9-2012 19:24 22856] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16-9-2012 22:50 40776] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26-4-2012 4:50 114144] S3 optousb;OPTO ELECTRONICS optousb;c:\windows\system32\drivers\optousb.sys [16-3-2011 21:14 18432] S3 optovcm;OPTO ELECTRONICS optovcm;c:\windows\system32\drivers\optovcm.sys [16-3-2011 21:14 26368] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [22-1-2011 16:14 591488] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [6-6-2012 14:16 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [6-6-2012 14:16 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [6-6-2012 14:16 136808] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - BITS *NewlyCreated* - WUAUSERV . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 Cognizance REG_MULTI_SZ ASBroker ASChannel hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HPService REG_MULTI_SZ HPSLPSVC . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-09-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 07:05] . 2012-09-19 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . . ------- Bijkomende Scan ------- . IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\agtjif03.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file) HKLM_ActiveSetup-ccc-core-static - msiexec AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-09-19 21:11 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????T??????????????|?M?|?????M?|&?@ . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-226067063-4292578343-2355287337-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,0d,ab,a3,f2,9d,39,42,be,b7,be,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1184) c:\windows\system32\Ati2evxx.dll c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll c:\program files\Hewlett-Packard\IAM\Bin\ItReports.DLL c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll c:\program files\Hewlett-Packard\IAM\Bin\ittal.dll c:\program files\Hewlett-Packard\IAM\Bin\STEngine.dll c:\program files\Hewlett-Packard\IAM\Bin\ItVCClient.dll c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll . - - - - - - - > 'lsass.exe'(1240) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll . - - - - - - - > 'explorer.exe'(5868) c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll c:\windows\system32\APSHook.dll c:\windows\system32\btmmhook.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Microsoft Security Client\MsMpEng.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\system32\Ati2evxx.exe c:\program files\Hewlett-Packard\IAM\bin\asghost.exe c:\windows\system32\msdtc.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files\Java\jre7\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\mqsvc.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\windows\system32\mqtgsvc.exe c:\program files\Hewlett-Packard\Shared\HpqToaster.exe c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe c:\windows\SoftwareDistribution\Download\Install\AM_Delta.exe c:\windows\system32\MpSigStub.exe . ************************************************************************** . Voltooingstijd: 2012-09-19 21:41:55 - machine werd herstart ComboFix-quarantined-files.txt 2012-09-19 19:41 . Pre-Run: 108.415.594.496 bytes beschikbaar Post-Run: 113.177.522.176 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer . - - End Of File - - 586EDEB6DF92E151CA711871B5BF01A7

deze stond er niet meer tussen: O4 - HKCU\..\RunOnce: [036E192F2B17D9791FE781E07B07D287] C:\Documents and Settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.exe ik kan de computer wel weer gewoon gebruiken maar de malware blijft bij surfen wel steeds naar voren komen! is het nu wijsheid om deze programma's te verwijderen en te kijken hoe het dan gaat?

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.0.1400 Malwarebytes : Free anti-malware download Databaseversie: v2012.09.16.07 Windows XP Service Pack 3 x86 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 8.0.6001.18702 Administrator :: GOUZWAARD4592 [administrator] Realtime bescherming: Uitgeschakeld 16-9-2012 19:26:59 mbam-log-2012-09-16 (19-26-59).txt Scantype: Volledige scan (C:\|D:\|E:\|) Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 339443 Verstreken tijd: 56 minuut/minuten, 54 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 4 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011041135} (PUP.Codec.PR) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011041135} (PUP.Codec.PR) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum (Trojan.LameShield) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|036E192F2B17D9791FE781E07B07D287 (Trojan.LameShield) -> Data: C:\Documents and Settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.exe -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Documents and Settings\Administrator\Local Settings\Application Data\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\n. -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 13 C:\Documents and Settings\Administrator\Mijn documenten\Downloads\SoftonicDownloader_voor_vlc-media-player.exe (PUP.OfferBundler.ST) -> Geen actie ondernomen. C:\Documents and Settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.exe (Trojan.LameShield) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Local Settings\Temp\27A.tmp (Trojan.LameShield) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Local Settings\Temp\27B.tmp (Trojan.Sirefef) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Local Settings\Temp\Uninstall.exe43312781.del (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Local Settings\Temp\43291187.Uninstall\Uninstall.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Mijn documenten\Downloads\Codec-C.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Administrator\Mijn documenten\Downloads\FLVPlayerSetup.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\System Volume Information\_restore{AF6CD0DB-9666-4CA4-8570-D47738BCECC6}\RP652\A0122899.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\Temp\gnquggbnst.exe (Trojan.Phex.THAGen6) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\Temp\kecmkjekfxzuskwkhgqhrcr.exe (Trojan.Cridex) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\Temp\mzyitcylscgyexywtgtocu.exe (Trojan.Phex.THAGen6) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\Temp\vohigzkbcn.exe (Trojan.Cridex) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:13:09, on 16-9-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Administrator\Bureaublad\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Gacela2 - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\GfK Internet Monitor\Gacela2.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe" O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [ConsumerClickSysTrayIcon] "C:\Program Files\ConsumerClick\ConsumerClickSysTrayIcon.exe" O4 - HKLM\..\Run: [GfK-WatchDog] "C:\Program Files\GfKLSPService\GfK-WatchDog.exe" /Debug O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [iSW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\RunOnce: [036E192F2B17D9791FE781E07B07D287] C:\Documents and Settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: CCC.lnk = ? (User 'SYSTEM') O4 - .DEFAULT Startup: CCC.lnk = ? (User 'Default user') O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\GfK Internet Monitor\Gacela2.dll O9 - Extra 'Tools' menuitem: Informatie over GfK Internet Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\GfK Internet Monitor\Gacela2.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: APSHook.dll O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: GfK-Reporting-Service - Unknown owner - C:\Program Files\GfK Internet Monitor\GfK-Reporting.exe O23 - Service: GfK-Update-Service - Unknown owner - C:\Program Files\GfK Internet Monitor\GfK-Updater.exe O23 - Service: GfkLSPService - GfK - C:\Program Files\GfKLSPService\GfKLSPService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- End of file - 11662 bytes

ik heb hetzelfde probleem alleen lukt het met niet om het logje te plakken met ctrl a en c hij is te snel weg! (van Hijackthis) het andere programma krijg ik wel gedownload maar niet geinstalleerd dat blokkeerd dat stomme virus