Yvonne Goudzwaard
-
Items
7 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Yvonne Goudzwaard
-
-
ComboFix 12-09-20.02 - Administrator 20-09-2012 22:33:27.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.895.239 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\ADMINI~1\LOCALS~1\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
c:\documents and settings\Administrator\Application Data\Iliwl
c:\documents and settings\Administrator\Application Data\Okbe
c:\documents and settings\Administrator\Application Data\Okbe\azilx.ipa
c:\documents and settings\Administrator\Application Data\Okbe\azilx.tmp
c:\documents and settings\Administrator\Local Settings\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287
c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287
c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.ico
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-08-20 to 2012-09-20 ))))))))))))))))))))))))))))))
.
.
2012-09-20 20:57 . 2012-09-20 20:57 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\MpKsl9a27b3a9.sys
2012-09-20 20:22 . 2012-09-20 20:22 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\MpKsl77587ddf.sys
2012-09-19 19:41 . 2012-08-30 08:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\mpengine.dll
2012-09-18 16:41 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-16 20:50 . 2012-09-16 21:07 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-16 17:24 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-29 19:15 . 2012-08-29 19:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities
2012-08-25 21:24 . 2012-08-25 21:24 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun
2012-08-24 15:27 . 2008-04-14 16:03 20992 ----a-w- c:\windows\system32\dshowext.ax
2012-08-23 15:08 . 2012-08-23 15:08 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-23 15:08 . 2012-08-23 15:08 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-20 20:05 . 2012-06-08 20:39 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-20 20:05 . 2011-05-15 19:49 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-23 15:08 . 2012-04-07 17:56 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-23 15:08 . 2010-12-10 21:44 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-13 15:41 . 2011-08-06 07:00 380152 ----a-w- c:\windows\system32\GfKLSPService64.dll
2012-08-13 15:41 . 2011-03-16 19:31 312056 ----a-w- c:\windows\system32\GfKLSPService.dll
2012-07-06 13:58 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2004-08-04 08:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:23 . 2004-08-04 08:00 1866240 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2004-08-04 08:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2004-08-04 08:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2004-08-04 08:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-04 08:00 385024 ------w- c:\windows\system32\html.iec
2012-06-26 07:02 . 2011-10-31 10:22 45320 ----a-w- c:\windows\system32\MAMACExtract.dll
2012-09-08 10:24 . 2012-09-08 10:21 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-09-19_19.10.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-09-20 20:54 . 2012-09-20 20:54 16384 c:\windows\Temp\Perflib_Perfdata_300.dat
- 2004-08-04 08:00 . 2012-05-11 14:44 67072 c:\windows\system32\mshtmled.dll
+ 2004-08-04 08:00 . 2012-07-02 17:38 67072 c:\windows\system32\mshtmled.dll
+ 2009-03-08 03:31 . 2012-07-02 17:38 55296 c:\windows\system32\msfeedsbs.dll
- 2009-03-08 03:31 . 2012-05-11 14:44 55296 c:\windows\system32\msfeedsbs.dll
- 2004-08-04 08:00 . 2012-05-11 14:44 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 08:00 . 2012-07-02 17:38 25600 c:\windows\system32\jsproxy.dll
+ 2010-12-25 13:53 . 2012-07-02 17:38 12800 c:\windows\system32\dllcache\xpshims.dll
- 2010-12-25 13:53 . 2012-05-11 14:44 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-09-09 14:24 . 2012-07-02 17:38 67072 c:\windows\system32\dllcache\mshtmled.dll
- 2010-09-09 14:24 . 2012-05-11 14:44 67072 c:\windows\system32\dllcache\mshtmled.dll
- 2010-12-25 13:53 . 2012-05-11 14:44 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-12-25 13:53 . 2012-07-02 17:38 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-03-08 03:34 . 2012-05-11 14:44 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 03:34 . 2012-07-02 17:38 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 03:33 . 2012-07-02 17:38 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-03-08 03:33 . 2012-05-11 14:44 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2012-07-06 13:58 . 2012-07-06 13:58 78336 c:\windows\system32\dllcache\browser.dll
- 2007-08-02 03:00 . 2012-07-11 08:38 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
+ 2007-08-02 03:00 . 2012-09-19 21:02 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
+ 2007-08-02 03:00 . 2012-09-19 21:02 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
- 2007-08-02 03:00 . 2012-07-11 08:38 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
- 2007-08-02 03:00 . 2012-07-11 08:38 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
+ 2007-08-02 03:00 . 2012-09-19 21:02 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-09-19 20:52 . 2012-05-11 14:44 12800 c:\windows\ie8updates\KB2722913-IE8\xpshims.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 67072 c:\windows\ie8updates\KB2722913-IE8\mshtmled.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 55296 c:\windows\ie8updates\KB2722913-IE8\msfeedsbs.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 43520 c:\windows\ie8updates\KB2722913-IE8\licmgr10.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 25600 c:\windows\ie8updates\KB2722913-IE8\jsproxy.dll
- 2004-08-04 08:00 . 2012-05-11 14:44 105984 c:\windows\system32\url.dll
+ 2004-08-04 08:00 . 2012-07-02 17:38 105984 c:\windows\system32\url.dll
+ 2004-08-04 08:00 . 2012-07-02 17:38 206848 c:\windows\system32\occache.dll
- 2004-08-04 08:00 . 2012-05-11 14:44 206848 c:\windows\system32\occache.dll
+ 2004-08-04 08:00 . 2012-07-06 13:58 337920 c:\windows\system32\netapi32.dll
- 2004-08-04 08:00 . 2012-05-11 14:44 611840 c:\windows\system32\mstime.dll
+ 2004-08-04 08:00 . 2012-07-02 17:38 611840 c:\windows\system32\mstime.dll
- 2009-03-08 03:32 . 2012-05-11 14:44 629760 c:\windows\system32\msfeeds.dll
+ 2009-03-08 03:32 . 2012-07-02 17:38 629760 c:\windows\system32\msfeeds.dll
+ 2012-09-20 20:05 . 2012-09-20 20:05 690096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_4_402_278_Plugin.exe
+ 2012-09-20 19:07 . 2012-09-20 19:07 690096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe
+ 2012-09-20 19:07 . 2012-09-20 19:07 474544 c:\windows\system32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.dll
+ 2012-06-08 20:39 . 2012-09-20 20:05 250288 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
- 2004-08-04 08:00 . 2009-05-07 15:34 347136 c:\windows\system32\localspl.dll
+ 2004-08-04 08:00 . 2012-05-14 09:23 347136 c:\windows\system32\localspl.dll
+ 2004-08-04 08:00 . 2012-07-02 17:38 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 08:00 . 2012-05-11 14:44 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 08:00 . 2012-07-02 17:38 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-04 08:00 . 2012-05-11 14:44 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-04 08:00 . 2012-05-11 11:38 174080 c:\windows\system32\ie4uinit.exe
+ 2004-08-04 08:00 . 2012-07-02 12:05 174080 c:\windows\system32\ie4uinit.exe
- 2004-09-08 07:48 . 2012-07-12 06:14 321928 c:\windows\system32\FNTCACHE.DAT
+ 2004-09-08 07:48 . 2012-09-20 10:08 321928 c:\windows\system32\FNTCACHE.DAT
- 2010-09-09 14:24 . 2012-05-16 15:09 916992 c:\windows\system32\dllcache\wininet.dll
+ 2010-09-09 14:24 . 2012-07-02 17:38 916992 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-08 03:34 . 2012-07-02 17:38 105984 c:\windows\system32\dllcache\url.dll
- 2009-03-08 03:34 . 2012-05-11 14:44 105984 c:\windows\system32\dllcache\url.dll
+ 2011-08-11 07:46 . 2012-07-04 14:05 139784 c:\windows\system32\dllcache\rdpwd.sys
+ 2009-03-08 03:34 . 2012-07-02 17:38 206848 c:\windows\system32\dllcache\occache.dll
- 2009-03-08 03:34 . 2012-05-11 14:44 206848 c:\windows\system32\dllcache\occache.dll
+ 2010-12-11 22:07 . 2012-07-06 13:58 337920 c:\windows\system32\dllcache\netapi32.dll
+ 2010-11-05 05:02 . 2012-07-02 17:38 611840 c:\windows\system32\dllcache\mstime.dll
- 2010-11-05 05:02 . 2012-05-11 14:44 611840 c:\windows\system32\dllcache\mstime.dll
- 2010-12-25 13:53 . 2012-05-11 14:44 629760 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-12-25 13:53 . 2012-07-02 17:38 629760 c:\windows\system32\dllcache\msfeeds.dll
- 2009-05-07 15:34 . 2009-05-07 15:34 347136 c:\windows\system32\dllcache\localspl.dll
+ 2009-05-07 15:34 . 2012-05-14 09:23 347136 c:\windows\system32\dllcache\localspl.dll
- 2012-06-13 08:18 . 2012-05-11 14:44 521728 c:\windows\system32\dllcache\jsdbgui.dll
+ 2012-06-13 08:18 . 2012-07-02 17:38 521728 c:\windows\system32\dllcache\jsdbgui.dll
+ 2010-12-25 13:53 . 2012-07-02 17:38 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2010-12-25 13:53 . 2012-05-11 14:44 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2010-09-09 14:24 . 2012-05-11 14:44 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-09-09 14:24 . 2012-07-02 17:38 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-12-25 13:53 . 2012-05-11 14:44 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-12-25 13:53 . 2012-07-02 17:38 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2009-03-08 13:09 . 2012-05-11 14:44 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 13:09 . 2012-07-02 17:38 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 03:32 . 2012-07-02 12:05 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-03-08 03:32 . 2012-05-11 11:38 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2012-07-18 13:46 . 2012-07-18 13:46 593408 c:\windows\Installer\5f4b90.msp
- 2007-08-02 03:00 . 2012-07-11 08:38 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
+ 2007-08-02 03:00 . 2012-09-19 21:02 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
- 2007-08-02 03:00 . 2012-07-11 08:38 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
+ 2007-08-02 03:00 . 2012-09-19 21:02 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
+ 2007-08-02 03:00 . 2012-09-19 21:02 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
- 2007-08-02 03:00 . 2012-07-11 08:38 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
+ 2007-08-02 03:00 . 2012-09-19 21:02 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
- 2007-08-02 03:00 . 2012-07-11 08:38 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
+ 2007-08-02 03:00 . 2012-09-19 21:02 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
- 2007-08-02 03:00 . 2012-07-11 08:38 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-06-23 08:54 . 2011-06-23 08:54 119160 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\MSCONV97.DLL
+ 2012-09-19 20:52 . 2012-05-16 15:09 916992 c:\windows\ie8updates\KB2722913-IE8\wininet.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 105984 c:\windows\ie8updates\KB2722913-IE8\url.dll
+ 2012-09-19 20:52 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2722913-IE8\spuninst\updspapi.dll
+ 2012-09-19 20:52 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2722913-IE8\spuninst\spuninst.exe
+ 2012-09-19 20:52 . 2012-05-11 14:44 206848 c:\windows\ie8updates\KB2722913-IE8\occache.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 611840 c:\windows\ie8updates\KB2722913-IE8\mstime.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 629760 c:\windows\ie8updates\KB2722913-IE8\msfeeds.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 521728 c:\windows\ie8updates\KB2722913-IE8\jsdbgui.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 247808 c:\windows\ie8updates\KB2722913-IE8\ieproxy.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 184320 c:\windows\ie8updates\KB2722913-IE8\iepeers.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 743424 c:\windows\ie8updates\KB2722913-IE8\iedvtool.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 387584 c:\windows\ie8updates\KB2722913-IE8\iedkcs32.dll
+ 2012-09-19 20:52 . 2012-05-11 11:38 174080 c:\windows\ie8updates\KB2722913-IE8\ie4uinit.exe
- 2004-08-04 08:00 . 2012-05-11 14:44 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-04 08:00 . 2012-07-02 17:38 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-04 08:00 . 2012-07-02 17:38 6008320 c:\windows\system32\mshtml.dll
+ 2012-09-20 20:05 . 2012-09-20 20:05 9813424 c:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll
- 2009-03-08 03:32 . 2012-05-11 14:44 2000384 c:\windows\system32\iertutil.dll
+ 2009-03-08 03:32 . 2012-07-02 17:38 2000384 c:\windows\system32\iertutil.dll
- 2010-09-01 07:57 . 2012-06-13 13:55 1866240 c:\windows\system32\dllcache\win32k.sys
+ 2010-09-01 07:57 . 2012-07-03 18:23 1866240 c:\windows\system32\dllcache\win32k.sys
+ 2010-09-09 14:24 . 2012-07-02 17:38 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2010-09-09 14:24 . 2012-05-11 14:44 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2010-09-09 14:24 . 2012-07-02 17:38 6008320 c:\windows\system32\dllcache\mshtml.dll
+ 2010-12-25 13:53 . 2012-07-02 17:38 2000384 c:\windows\system32\dllcache\iertutil.dll
- 2010-12-25 13:53 . 2012-05-11 14:44 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2012-08-30 01:06 . 2012-08-30 01:06 5007872 c:\windows\Installer\5f4c08.msp
+ 2012-06-26 16:03 . 2012-06-26 16:03 3875840 c:\windows\Installer\5f4be0.msp
- 2007-08-02 03:00 . 2012-07-11 08:38 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
+ 2007-08-02 03:00 . 2012-09-19 21:02 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
+ 2007-08-02 03:00 . 2012-09-19 21:02 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
- 2007-08-02 03:00 . 2012-07-11 08:38 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
- 2011-01-10 19:35 . 2012-07-11 08:36 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-01-10 19:35 . 2012-09-19 21:02 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-01-10 19:34 . 2012-09-19 21:02 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2011-01-10 19:34 . 2012-07-11 08:36 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2012-09-19 20:52 . 2012-05-11 14:44 1212416 c:\windows\ie8updates\KB2722913-IE8\urlmon.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 6007808 c:\windows\ie8updates\KB2722913-IE8\mshtml.dll
+ 2012-09-19 20:52 . 2012-05-11 14:44 2000384 c:\windows\ie8updates\KB2722913-IE8\iertutil.dll
+ 2010-12-12 09:35 . 2012-08-30 22:12 62164608 c:\windows\system32\MRT.exe
- 2009-03-08 03:39 . 2012-05-11 18:14 11111424 c:\windows\system32\ieframe.dll
+ 2009-03-08 03:39 . 2012-07-02 21:08 11111424 c:\windows\system32\ieframe.dll
- 2010-12-25 13:52 . 2012-05-11 18:14 11111424 c:\windows\system32\dllcache\ieframe.dll
+ 2010-12-25 13:52 . 2012-07-02 21:08 11111424 c:\windows\system32\dllcache\ieframe.dll
+ 2012-07-25 14:59 . 2012-07-25 14:59 11032064 c:\windows\Installer\5f4bb8.msp
+ 2012-07-18 13:53 . 2012-07-18 13:53 10937344 c:\windows\Installer\5f4b68.msp
+ 2011-08-03 18:53 . 2011-08-03 18:53 17324928 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\MSO.DLL
+ 2012-09-19 20:52 . 2012-05-11 18:14 11111424 c:\windows\ie8updates\KB2722913-IE8\ieframe.dll
.
-- Snapshot teruggezet naar huidige datum --
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-03 21432]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-07-03 975288]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912]
"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-10 270336]
"ConsumerClickSysTrayIcon"="c:\program files\ConsumerClick\ConsumerClickSysTrayIcon.exe" [2010-12-17 69632]
"GfK-WatchDog"="c:\program files\GfKLSPService\GfK-WatchDog.exe" [2012-08-13 57592]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-03-19 73360]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-07-03 3524536]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-03-16 738944]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2010-12-10 192512]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-07 01:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 MpKsl9a27b3a9;MpKsl9a27b3a9;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6878BE8D-7910-4E3D-B3D2-33E48936D36D}\MpKsl9a27b3a9.sys [20-9-2012 22:57 29904]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336]
R2 GfK-Reporting-Service;GfK-Reporting-Service;c:\program files\GfK Internet Monitor\GfK-Reporting.exe [20-1-2011 16:00 102400]
R2 GfK-Update-Service;GfK-Update-Service;c:\program files\GfK Internet Monitor\GfK-Updater.exe [20-1-2011 16:00 180224]
R2 GfkLSPService;GfkLSPService;c:\program files\GfKLSPService\GfKLspService.exe [17-11-2010 13:15 3222776]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [3-11-2011 16:44 27016]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [3-11-2011 16:44 497280]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [16-9-2012 19:24 399432]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16-9-2012 19:24 676936]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2-8-2007 5:01 540448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16-9-2012 19:24 22856]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13-7-2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8-6-2012 22:39 250288]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [6-6-2012 14:16 30312]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [21-1-2012 15:10 20032]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16-9-2012 22:50 40776]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26-4-2012 4:50 114144]
S3 optousb;OPTO ELECTRONICS optousb;c:\windows\system32\drivers\optousb.sys [16-3-2011 21:14 18432]
S3 optovcm;OPTO ELECTRONICS optovcm;c:\windows\system32\drivers\optovcm.sys [16-3-2011 21:14 26368]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [22-1-2011 16:14 591488]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [6-6-2012 14:16 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [6-6-2012 14:16 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [6-6-2012 14:16 136808]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MPKSL9A27B3A9
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
Cognizance REG_MULTI_SZ ASBroker ASChannel
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 20:05]
.
2012-09-20 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
.
------- Bijkomende Scan -------
.
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\agtjif03.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-09-20 22:57
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????T??????????????|?M?|?????M?|&?@
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): Het proces heeft geen toegang tot het bestand omdat
het bestand door een ander proces wordt gebruikt.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-226067063-4292578343-2355287337-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,0d,ab,a3,f2,9d,39,42,be,b7,be,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(1184)
c:\windows\system32\Ati2evxx.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll
c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItReports.DLL
c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll
c:\program files\Hewlett-Packard\IAM\Bin\ittal.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll
c:\program files\Hewlett-Packard\IAM\Bin\STEngine.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItVCClient.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(1240)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(4808)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\APSHook.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\msdtc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\mqsvc.exe
c:\windows\system32\mqtgsvc.exe
c:\program files\Hewlett-Packard\IAM\bin\asghost.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Voltooingstijd: 2012-09-20 23:17:27 - machine werd herstart
ComboFix-quarantined-files.txt 2012-09-20 21:17
ComboFix2.txt 2012-09-19 19:41
.
Pre-Run: 113.097.093.120 bytes beschikbaar
Post-Run: 113.084.592.128 bytes beschikbaar
.
- - End Of File - - F4C69C7F3D581C34A117E83338199BFC
-
ComboFix 12-09-18.07 - Administrator 19-09-2012 20:43:25.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.895.145 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: ZoneAlarm Free Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\ADMINI~1\LOCALS~1\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
c:\documents and settings\Administrator\Application Data\.#
c:\documents and settings\Administrator\Application Data\.#\MBX@11D4@3F3F80.###
c:\documents and settings\Administrator\Application Data\.#\MBX@11D4@3F3FB0.###
c:\documents and settings\Administrator\Application Data\.#\MBX@3FC@3F3F80.###
c:\documents and settings\Administrator\Application Data\.#\MBX@3FC@3F3FB0.###
c:\documents and settings\Administrator\Application Data\Acet
c:\documents and settings\Administrator\Application Data\Acet\wyix.efw
c:\documents and settings\Administrator\Local Settings\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
D:\AUTORUN.INF
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-08-19 to 2012-09-19 ))))))))))))))))))))))))))))))
.
.
2012-09-19 18:47 . 2012-09-19 18:47 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0D17AD52-5415-489E-A3D1-3BE5A73D6912}\offreg.dll
2012-09-19 18:34 . 2012-09-19 18:34 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0D17AD52-5415-489E-A3D1-3BE5A73D6912}\MpKsl0f97156c.sys
2012-09-18 16:41 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0D17AD52-5415-489E-A3D1-3BE5A73D6912}\mpengine.dll
2012-09-16 20:50 . 2012-09-16 21:07 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-16 17:24 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-15 20:14 . 2012-09-16 18:24 -------- d-----w- c:\documents and settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287
2012-09-13 04:44 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-29 19:15 . 2012-08-29 19:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities
2012-08-29 19:13 . 2012-09-02 07:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\Iliwl
2012-08-29 19:13 . 2012-08-29 19:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\Okbe
2012-08-25 21:24 . 2012-08-25 21:24 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun
2012-08-24 15:27 . 2008-04-14 16:03 20992 ----a-w- c:\windows\system32\dshowext.ax
2012-08-23 15:08 . 2012-08-23 15:08 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-23 15:08 . 2012-08-23 15:08 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-23 15:08 . 2012-04-07 17:56 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-23 15:08 . 2010-12-10 21:44 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-15 07:05 . 2012-06-08 20:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 07:05 . 2011-05-15 19:49 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-15 07:04 . 2012-08-15 06:05 9826504 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-08-13 15:41 . 2011-08-06 07:00 380152 ----a-w- c:\windows\system32\GfKLSPService64.dll
2012-08-13 15:41 . 2011-03-16 19:31 312056 ----a-w- c:\windows\system32\GfKLSPService.dll
2012-06-26 07:02 . 2011-10-31 10:22 45320 ----a-w- c:\windows\system32\MAMACExtract.dll
2012-09-08 10:24 . 2012-09-08 10:21 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
[7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asyncmac.sys
[7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[7] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[7] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[7] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[7] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\kbdclass.sys
[7] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[7] 2004-08-03 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
[7] 2004-08-03 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\kbdclass.sys
.
[7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ndis.sys
[7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2006-01-10 . AA898F84D2B59129FB92E143A2C73434 . 182528 . . [5.1.2600.2824] . . c:\windows\$NtServicePackUninstall$\ndis.sys
[7] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB912436$\ndis.sys
.
[7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntfs.sys
[7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[7] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
.
[7] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys
[7] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys
.
[7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\browser.dll
[7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[7] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
.
[7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\lsass.exe
[7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[7] 2004-08-04 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\netman.dll
[7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[7] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll
.
[7] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[7] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\comres.dll
[7] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[7] 2004-08-04 08:00 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\qmgr.dll
[7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[7] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[7] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[7] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[7] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[7] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[7] 2009-02-09 . 72C2074FFA3B38078173A11008198019 . 401408 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[7] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[7] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[7] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\rpcss.dll
[-] 2005-04-28 . 6D61211D515EA7E31FDB7B0FA9CEF878 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . 0468AA524F6912F449BC14CF7DACAF68 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll
[-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[7] 2004-08-04 . DDE0457B7706C3AD4E5AFDD502698A06 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll
.
[7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[7] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2009-02-09 . CE06E39F34BBF6B0ADA70F37F70CF0D8 . 111104 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe
[7] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[7] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[7] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\services.exe
[7] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe
.
[7] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[7] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[7] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[7] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[7] 2004-08-04 . CCCB8B94B17466EFB9DC27F42625B0E5 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe
.
[7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\winlogon.exe
[7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\system32\wuauclt.exe
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\system32\dllcache\wuauclt.exe
[7] 2008-04-14 . FCACAD9819D9A698AC93A7188D97F355 . 112128 . . [5.4.3790.5512] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[7] 2008-04-14 . FCACAD9819D9A698AC93A7188D97F355 . 112128 . . [5.4.3790.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wuauclt.exe
.
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[7] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[7] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 01D982636AFC3A79537B81D9C3DA897A . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[7] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\comctl32.dll
[7] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asms\60\msft\windows\common\controls\comctl32.dll
[7] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2006-08-25 . F67AE54BCA3873D48A1AC722A9CA70BF . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . F567148940C1F5D93070822C0F3C0C34 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[7] 2004-08-04 . 8A473F553E9E45DB4EF6FF11AB54E4E1 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[7] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\cryptsvc.dll
[7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[7] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[7] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[7] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[7] 2008-07-07 20:23 . B3A4422CBD8DAA6710431F67C679DA24 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[7] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[7] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[7] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\es.dll
[7] 2004-08-04 08:00 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll
.
[7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\imm32.dll
[7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[7] 2004-08-04 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[7] 2009-03-21 . B30975B6B1B08A5A18AAC7E3577C7C53 . 1027072 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[7] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2009-03-21 . 67A29642EC9A1ADA0768605B21AA4552 . 1030144 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[7] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[7] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\kernel32.dll
[-] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . F2352FB7D9E5C70374568724A32B5CB7 . 1025024 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll
[7] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
.
[7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\linkinfo.dll
[7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[7] 2004-08-04 . 5B42639BE48C8E84FD52C66958A44427 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\lpk.dll
[7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[7] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[7] 2012-05-11 . 13D1764BA6AEDF0E8846428CAF915738 . 6007808 . . [8.00.6001.19258] . . c:\windows\system32\mshtml.dll
[7] 2012-05-11 . 13D1764BA6AEDF0E8846428CAF915738 . 6007808 . . [8.00.6001.19258] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2012-05-11 . F45E5701FF03719D2AC7FE1B426FCABA . 6009344 . . [8.00.6001.23345] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll
[7] 2012-03-01 . 6E0E7C508B5060F81992D5ED0B1A5556 . 5978624 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\mshtml.dll
[7] 2012-03-01 . 467D9D5FB15DD88E82768C6F31A7A5D4 . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll
[7] 2011-12-17 . 5C55673322584D9F5A32D0971D83858B . 5979136 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
[7] 2011-12-17 . 46FE106946083872716147AD223F20C1 . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll
[7] 2011-11-04 . 958ECE072DA2D840BD3658A3AB708F58 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
[7] 2011-11-04 . E43D37858B634BDE1E099E92F0202458 . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
[7] 2011-10-03 . 2ECD546FB8594A4C5D807E489045627F . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
[7] 2011-10-03 . 5AF7AC6924E7CB72D76A796262B1C25E . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
[7] 2011-07-25 . 39ADF0F29F47896DD726833735AB825C . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
[7] 2011-07-25 . 03B085EEE1DB5F2E32721CF5C72F7A26 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
[7] 2011-05-30 . 7EA2A988004ED9A3D9DC5192DC547C57 . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
[7] 2011-05-30 . 6DE2D62A51F4C110AA995583B7463487 . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
[7] 2011-02-22 . 80A564DD39C82A79F34F5A093CE1A6BD . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
[7] 2011-02-22 . E7618AEF7203F57D94266153C7E514C4 . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
[7] 2010-12-20 . 91F5FB2C81CBE00B36B7F90E8DFDEC9E . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
.
[7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\msvcrt.dll
[7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[7] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asms\70\msft\windows\mswincrt\msvcrt.dll
[7] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[7] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[7] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[7] 2004-08-04 . 40AC9CE966A05B05C9A4DB5B306A26C3 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
.
[7] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[7] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[7] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[7] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[7] 2008-06-20 . FF59588E31F864FED9D0258969559A4B . 247296 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[7] 2008-06-20 . 71AB52C70B9436C0A0B704FDE9D1A7CD . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[7] 2008-06-20 . 4522CBE00A9E9EEE36AA82ED4B319148 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[7] 2008-06-20 . 4522CBE00A9E9EEE36AA82ED4B319148 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[7] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[7] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[7] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\mswsock.dll
[7] 2004-08-04 . 0C53DB0671AB5A93D169DAFFC8DA11CF . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll
.
[7] 2009-02-06 . 45AE58ACDD9B4A8767064544533F94E2 . 408064 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
[7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\netlogon.dll
[7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[7] 2004-08-04 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB968389_0$\netlogon.dll
.
[7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\powrprof.dll
[7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[7] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\scecli.dll
[7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[7] 2004-08-04 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\sfc.dll
[7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[7] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\svchost.exe
[7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[7] 2004-08-04 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\tapisrv.dll
[7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[7] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
.
[7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\user32.dll
[7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[7] 2004-08-04 . 8E5D344FD717D35EE7ED1C8E0AD0CBE6 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\userinit.exe
[7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[7] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[7] 2012-05-16 . C1466A8E803261BB11FC25EF096E4E3D . 916992 . . [8.00.6001.19272] . . c:\windows\system32\wininet.dll
[7] 2012-05-16 . C1466A8E803261BB11FC25EF096E4E3D . 916992 . . [8.00.6001.19272] . . c:\windows\system32\dllcache\wininet.dll
[7] 2012-05-16 . 7FC207568D4D9AAFC266FC84F716FEC1 . 920064 . . [8.00.6001.23359] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll
[7] 2012-03-01 . CFF17B16BFF8179FBBA29075245E8BE1 . 916992 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\wininet.dll
[7] 2012-03-01 . B2E54BC4C5B399547EE3C8188DBBA509 . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll
[7] 2011-12-17 . 03CB14FB6B75EC8AC2FDEC54E904C30B . 916992 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll
[7] 2011-12-17 . 38C3CDBC40464D40C7B716C8E154B86C . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll
[7] 2011-11-04 . D47FE623B45DF066647469DB73AE3215 . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll
[7] 2011-11-04 . A484703720C95391777DF05F2458FEF8 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
[7] 2011-08-22 . 381FDBF8A25C7629696E5EE2B213F8CC . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll
[7] 2011-08-22 . EDD945F6C0630DB8453673DF9E7B009E . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
[7] 2011-06-23 . 14FB4665EFBDCE6931A55752A44F7DE2 . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll
[7] 2011-06-23 . 3BC2081CD791584B4ED373F3B4959CC8 . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
[7] 2011-04-25 . 1C95CF3DBAEBB3CCA34845CD884FB8CA . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll
[7] 2011-04-25 . 00F17371D9145B114061564BDABD8C24 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
[7] 2011-02-22 . CC5AE9A79DA18AFD29FB7CF95F23A143 . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
[7] 2011-02-22 . 51B29ABC95E882F7AD80FDBFD5E729CC . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll
[7] 2010-12-20 . 81BB5AF5584545323F20AA75610EBD01 . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll
[7] 2010-12-20 . 21A739156ED963C45419D3EB02E44F0C . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
[7] 2010-11-06 . 51964C721E751FD4E798252CC0E4FFB9 . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[7] 2010-11-06 . BCEB709EF4C751E0BE355B76D834A954 . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll
[7] 2010-11-05 . EA125FB2F7C9DECD3F163A7D0DA88D95 . 670208 . . [6.00.2900.6049] . . c:\windows\ie8\wininet.dll
[7] 2010-11-05 . C39C416DEAE1C334695AB499781DADC8 . 671744 . . [6.00.2900.6049] . . c:\windows\$hf_mig$\KB2416400\SP3QFE\wininet.dll
[7] 2010-09-10 . EA2E4CFB3F124DD54F3B02F3BCCF6E82 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll
[7] 2010-09-10 . 5D081F5E3E46966C4F63D32231C93511 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[7] 2010-09-09 . D7895DA575292E4E019CE778E4E3EA5A . 671744 . . [6.00.2900.6036] . . c:\windows\$hf_mig$\KB2360131\SP3QFE\wininet.dll
[7] 2010-09-09 . A4D348E1DF97FA12C2FD4B03995706FC . 670208 . . [6.00.2900.6036] . . c:\windows\$NtUninstallKB2416400$\wininet.dll
[7] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll
[7] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[7] 2010-04-16 . B02C1753A7EEF7B51241DCB8924D2A2B . 670208 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\wininet.dll
[7] 2010-04-16 . 975E4CB58BF8F6C625C0E143BAECB5D8 . 671744 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll
[7] 2010-04-16 . D9A075142E71B267249F98BCAE603FAC . 665088 . . [6.00.2900.3698] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[7] 2010-04-16 . F513CBA281F35379064D710B516688C3 . 671744 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[7] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB2360131$\wininet.dll
[7] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[7] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wininet.dll
[-] 2006-06-23 . 0960FA973421FF4630D024843341509E . 667648 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll
[-] 2006-06-23 . 91A1532762382C31DA0103946B4A20D3 . 662016 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB982381$\wininet.dll
[-] 2005-07-03 . C9567D2CD2441DFF60814E721EF6EB43 . 661504 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB918899$\wininet.dll
[-] 2005-07-03 . C167930AEEF3C1739F340D5758834B01 . 662528 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll
[7] 2004-08-04 . 6C7E1322898378C30BCD9F779A2621EE . 659456 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB896727$\wininet.dll
.
[7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ws2_32.dll
[7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[7] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ws2help.dll
[7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[7] 2004-08-04 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\explorer.exe
[7] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\regedit.exe
[7] 2004-08-04 . 39C7FA0F39376599CFA59888816F477B . 153088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2011-11-01 . DB355CEF2B35481C21DD213C28560E86 . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll
[7] 2011-11-01 . DB355CEF2B35481C21DD213C28560E86 . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll
[7] 2011-11-01 . 02AF8E4C7B851A213AC70BF6DD6E3537 . 1288704 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[7] 2010-07-16 . AD2B41BEAB5BB7A258F6A2CCDCA09B82 . 1287680 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll
[7] 2010-07-16 . 57F12B548695C680421CD1EB8169A1C8 . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[7] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ole32.dll
[-] 2005-04-28 . 48629EDCD92AA071554304F9F9E96E38 . 1284608 . . [5.1.2600.2665] . . c:\windows\$NtServicePackUninstall$\ole32.dll
[-] 2005-04-28 . 5C3B15C45ADF30B024927F1A0823BD16 . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
[-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll
[-] 2005-01-13 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll
[7] 2004-08-04 . 602969286376832E3F49F54E4F0F051A . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll
.
[7] 2010-04-16 . 36BA0AAABD0AA4798403CB3FF08D5DDD . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[7] 2010-04-16 . 36BA0AAABD0AA4798403CB3FF08D5DDD . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[7] 2010-04-16 . 7BB3922CB9973877D2BF4C7222EA8E70 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[7] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[7] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[7] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\usp10.dll
[7] 2004-08-04 . 24B72C7A002170ECC72B6AA5F642A705 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ksuser.dll
[7] 2004-08-03 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
[7] 2002-12-11 22:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\Driver Cache\i386\ksuser.dll
[7] 2002-12-11 22:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll
[7] 2002-12-11 22:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\system32\ksuser.dll
[7] 2002-12-11 22:14 . 15914E0BF4DDA56CF797993DCCB637D1 . 4096 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\system32\dllcache\ksuser.dll
.
[7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ctfmon.exe
[7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-04 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[7] 2009-07-27 . 2D5D4156292150FE571872C1B88E9299 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[7] 2009-07-27 . 2D5D4156292150FE571872C1B88E9299 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[7] 2009-07-27 . C28A9E9D28ACDAF8097BE4578C49559B . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[7] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[7] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[7] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\shsvcs.dll
[-] 2006-12-19 . D6F2B8963663F2014FAFCD8E15E4E778 . 135168 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . 20A1DFA416579DACEE28E15E331C3930 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[7] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll
.
[7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\srsvc.dll
[7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-11-17 . BD2B4AC5CA73A9245291D0D652F593A3 . 171008 . . [5.1.2600.2567] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
[7] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll
.
[7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wscntfy.exe
[7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[7] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\xmlprov.dll
[7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[7] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[7] 2010-12-09 . 9011D64E9090247C04EE767ED6C7B4BE . 739328 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
[7] 2010-12-09 . 175BBCC9133387119BF15FA09D9EE202 . 739328 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
[7] 2010-12-09 . 175BBCC9133387119BF15FA09D9EE202 . 739328 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll
[7] 2009-02-09 . 231DD439149F6955FF148E5CD8B02E7E . 736256 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
[7] 2009-02-09 . F06373320840F31D01E152F35DD68C42 . 735744 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntdll.dll
[7] 2009-02-09 . F06373320840F31D01E152F35DD68C42 . 735744 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll
[7] 2009-02-09 . D14297E4CA08347290F14604C7CFEEF3 . 736256 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntdll.dll
[7] 2008-04-14 . EF5F6C88C4282A739844DB6013E15720 . 727040 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll
[7] 2008-04-14 . EF5F6C88C4282A739844DB6013E15720 . 727040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll
[7] 2008-04-14 . EF5F6C88C4282A739844DB6013E15720 . 727040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntdll.dll
[7] 2004-08-04 . A558BE062173291AA6BB94D9FCB8FA7F . 729088 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntdll.dll
.
[7] 2008-04-14 . BC1C255415DFCA2E202924A1FBAE3D4F . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime
[7] 2008-04-14 . BC1C255415DFCA2E202924A1FBAE3D4F . 177152 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\msctfime.ime
[7] 2008-04-14 . BC1C255415DFCA2E202924A1FBAE3D4F . 177152 . . [5.1.2600.5512] . . c:\windows\system32\msctfime.ime
[7] 2004-08-04 . A3CA3ED34D0752B11E9B52475187209D . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime
.
[7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\eventlog.dll
[7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[7] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\sfcfiles.dll
[7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[7] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[7] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\regsvc.dll
[7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[7] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\schedsvc.dll
[7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[7] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ssdpsrv.dll
[7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[7] 2004-08-04 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\termsrv.dll
[7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[7] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\hnetcfg.dll
[7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[7] 2004-08-04 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[7] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[7] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\appmgmts.dll
[7] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[7] 2004-08-04 . CC888653E0DEC81B525B956C77960F88 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[7] 2004-08-04 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\aec.sys
[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[7] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys
.
[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\agp440.sys
[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
.
[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ip6fw.sys
[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[7] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[7] 2010-09-18 07:18 . C7F383764824117AEE9C3ED0FCA78044 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[7] 2010-09-18 06:53 . 7892005CE5CDC809783F452B21FAF58F . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[7] 2010-09-18 06:53 . 7892005CE5CDC809783F452B21FAF58F . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[7] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[7] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[7] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\mfc40u.dll
[-] 2006-11-01 19:19 . 13E52326F0F19A1A8D34681E3444E8D1 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
[-] 2004-08-04 08:00 . 8EED1D71C14C356684E586B0A7DB6BCE . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll
.
[7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\msgsvc.dll
[7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[7] 2004-08-04 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[7] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[7] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[7] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[7] 2005-01-28 11:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[7] 2004-08-04 08:00 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
.
[7] 2012-05-05 . 1361DB701DCD157A8109CDCB63FDD918 . 2073472 . . [5.1.2600.6223] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2012-05-05 . 1361DB701DCD157A8109CDCB63FDD918 . 2073472 . . [5.1.2600.6223] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2012-05-05 . 84DF777F1A275A2829650E63E4673C5E . 2031104 . . [5.1.2600.6223] . . c:\windows\system32\ntkrnlpa.exe
[7] 2012-05-05 . 94951D0E8759219CBBE0E602A3C9396C . 2073472 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
[7] 2012-04-11 . 0ED21672B45858B3D6F72B898362A3F2 . 2031104 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe
[7] 2012-04-11 . 44F045B4BE9D99929DDD48C045480237 . 2073472 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
[7] 2011-10-26 . 8CAD5FC3D068F6164028EDAB20B8666F . 2031616 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe
[7] 2011-10-26 . 769A1C9E9641DCED4D0AC50968ADDA4E . 2073728 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . BAD22963CD6046C0B2834D2BFFAB56B5 . 2073728 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 2DB8EA01CD063A7723299FDBDCCAC82B . 2031616 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
[7] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-04-28 . 6A55E209D8DC13CDA67C86AE4FBF72C2 . 2029056 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[7] 2010-02-16 . 38D52FDA70F0275385D4CFD88E824688 . 2026496 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2009-02-10 . 6A94A7317E28B6543D94174F9016BB68 . 2070400 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-09 . 3F52B22DDBC323A39F11B64E1D381D0E . 2025472 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-02-09 . 6DCC1CE955F33EC4C0CE271BFA5D3310 . 2028544 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[7] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . 1B3709F568AF90FDB935FD017C92E5E9 . 2028544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[7] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntkrnlpa.exe
[-] 2006-12-19 . 4BF54C0431A9BB0BCE6C821CD4018F7D . 2063744 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2006-12-19 . E28647B8E1DE0336D8479B9653390B9B . 2021888 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
[-] 2006-12-19 . 62916047D54775CBA4DFFE15C0FCD623 . 2020352 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe
[7] 2004-08-03 . 6B9F48A34615E5F718E3A44E518B8E16 . 2019840 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB929338_0$\ntkrnlpa.exe
.
[7] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[7] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntmssvc.dll
[7] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[7] 2004-08-04 08:00 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\upnphost.dll
[7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[7] 2004-08-04 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
[7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\dsound.dll
[7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[7] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
[7] 2004-07-09 02:27 . 033A45AB696EEF481707C2808C806E1A . 381952 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
[7] 2004-07-09 02:27 . 033A45AB696EEF481707C2808C806E1A . 381952 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\system32\dllcache\dsound.dll
.
[7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\d3d9.dll
[7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[7] 2004-08-04 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ddraw.dll
[7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[7] 2004-08-04 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
[7] 2004-07-09 02:27 . 90114704C17A581DA1BAE029F20932BE . 292864 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
[7] 2004-07-09 02:27 . 90114704C17A581DA1BAE029F20932BE . 292864 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\system32\dllcache\ddraw.dll
.
[7] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[7] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\olepro32.dll
[7] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[7] 2004-08-04 08:00 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\perfctrs.dll
[7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[7] 2004-08-04 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\version.dll
[7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[7] 2004-08-04 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2008-04-14 . 164B6F619C579FAD4E548ACC654FF710 . 93184 . . [6.00.2900.5512] . . c:\windows\ie8\iexplore.exe
[7] 2008-04-14 . 164B6F619C579FAD4E548ACC654FF710 . 93184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[7] 2008-04-14 . 164B6F619C579FAD4E548ACC654FF710 . 93184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\iexplore.exe
[7] 2004-08-04 . 78D969F35CD64BF0761F731FCA5FC99D . 93184 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\iexplore.exe
.
.
[7] 2012-05-05 . ED172F03B8180DE03D9876F480B489CF . 2196992 . . [5.1.2600.6223] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2012-05-05 . ED172F03B8180DE03D9876F480B489CF . 2196992 . . [5.1.2600.6223] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2012-05-05 . FC9FC84D2FE1B7659B98194849A63C01 . 2152960 . . [5.1.2600.6223] . . c:\windows\system32\ntoskrnl.exe
[7] 2012-05-05 . 7F34C836C2F3C0A89DBCF0100929CD2B . 2196992 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe
[7] 2012-04-11 . 7A34AE10A68CA9F94E9EDE5D18A94AE9 . 2152960 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe
[7] 2012-04-11 . 46190EF7B8A978A3B677248A377F43D3 . 2196992 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
[7] 2011-10-26 . C8BAA79324ABD85E5B317CD00D3EFC2D . 2153472 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe
[7] 2011-10-26 . CA76947F97276D52D4731EA2364ECBD8 . 2197120 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . 431D614A7395BADB939FE552DBDD8723 . 2197120 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . 5D23EB1B99728FBC24AE6B989128D261 . 2153472 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
[7] 2010-04-28 . B101D9AB9CCC09F2DDCF8B6C684CD939 . 2150912 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[7] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[7] 2010-02-16 . E3ADA72560FE0DAE340389CE1DD0EF36 . 2148352 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . A9C6F20FC84246A2761C10430B2BF5CF . 2147328 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[7] 2009-02-09 . 27380B877348030B0662A39C47AAEC11 . 2193408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[7] 2009-02-09 . AAC6BB111B1ACEAFCD3D3AD569BA3DD3 . 2149888 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[7] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[7] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntoskrnl.exe
.
[7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\srsvc.dll
[7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-11-17 . BD2B4AC5CA73A9245291D0D652F593A3 . 171008 . . [5.1.2600.2567] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
[7] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll
.
[7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\w32time.dll
[7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[7] 2004-08-04 . EF361E7A6319C445C21C81A131CF1F99 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wiaservc.dll
[7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2006-12-19 . 1689AC8BD2FC31B377D5D23CC7D872A8 . 334336 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
[-] 2006-12-19 . 0BF8DE5896D9A02C99C4A4EF896E917E . 334336 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
[7] 2004-08-04 . A52AA02DDB663FEF22C18C693B0EE891 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll
.
[7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\midimap.dll
[7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[7] 2004-08-04 . E291F42AE2793304990C6EA77C482979 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\rasadhlp.dll
[7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2006-06-26 . 5F1240D4B842F0122042FDA8540432FC . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
[-] 2006-06-26 . 91282911237187F11BD3AD8F834CB5E6 . 8192 . . [5.1.2600.2938] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
[7] 2004-08-04 . 9C38671C922A2C86802A7FA3F5834634 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll
.
[7] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
[7] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wshtcpip.dll
[7] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[7] 2004-08-04 . 70220C6EF8447A1BD5A921D77D502822 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-03 21432]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-07-03 975288]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912]
"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-10 270336]
"ConsumerClickSysTrayIcon"="c:\program files\ConsumerClick\ConsumerClickSysTrayIcon.exe" [2010-12-17 69632]
"GfK-WatchDog"="c:\program files\GfKLSPService\GfK-WatchDog.exe" [2012-08-13 57592]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-03-19 73360]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-07-03 3524536]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-03-16 738944]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2010-12-10 192512]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-07 01:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 MpKsl0f97156c;MpKsl0f97156c;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0D17AD52-5415-489E-A3D1-3BE5A73D6912}\MpKsl0f97156c.sys [19-9-2012 20:34 29904]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336]
R2 GfK-Reporting-Service;GfK-Reporting-Service;c:\program files\GfK Internet Monitor\GfK-Reporting.exe [20-1-2011 16:00 102400]
R2 GfK-Update-Service;GfK-Update-Service;c:\program files\GfK Internet Monitor\GfK-Updater.exe [20-1-2011 16:00 180224]
R2 GfkLSPService;GfkLSPService;c:\program files\GfKLSPService\GfKLspService.exe [17-11-2010 13:15 3222776]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [3-11-2011 16:44 27016]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [3-11-2011 16:44 497280]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [16-9-2012 19:24 399432]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2-8-2007 5:01 540448]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16-9-2012 19:24 676936]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13-7-2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8-6-2012 22:39 250056]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [6-6-2012 14:16 30312]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [21-1-2012 15:10 20032]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16-9-2012 19:24 22856]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16-9-2012 22:50 40776]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26-4-2012 4:50 114144]
S3 optousb;OPTO ELECTRONICS optousb;c:\windows\system32\drivers\optousb.sys [16-3-2011 21:14 18432]
S3 optovcm;OPTO ELECTRONICS optovcm;c:\windows\system32\drivers\optovcm.sys [16-3-2011 21:14 26368]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [22-1-2011 16:14 591488]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [6-6-2012 14:16 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [6-6-2012 14:16 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [6-6-2012 14:16 136808]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - BITS
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
Cognizance REG_MULTI_SZ ASBroker ASChannel
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-09-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 07:05]
.
2012-09-19 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
.
------- Bijkomende Scan -------
.
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\agtjif03.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)
HKLM_ActiveSetup-ccc-core-static - msiexec
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-09-19 21:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????T??????????????|?M?|?????M?|&?@
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-226067063-4292578343-2355287337-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,0d,ab,a3,f2,9d,39,42,be,b7,be,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(1184)
c:\windows\system32\Ati2evxx.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll
c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItReports.DLL
c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll
c:\program files\Hewlett-Packard\IAM\Bin\ittal.dll
c:\program files\Hewlett-Packard\IAM\Bin\STEngine.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItVCClient.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(1240)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(5868)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\APSHook.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Hewlett-Packard\IAM\bin\asghost.exe
c:\windows\system32\msdtc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\mqsvc.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\mqtgsvc.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\SoftwareDistribution\Download\Install\AM_Delta.exe
c:\windows\system32\MpSigStub.exe
.
**************************************************************************
.
Voltooingstijd: 2012-09-19 21:41:55 - machine werd herstart
ComboFix-quarantined-files.txt 2012-09-19 19:41
.
Pre-Run: 108.415.594.496 bytes beschikbaar
Post-Run: 113.177.522.176 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 586EDEB6DF92E151CA711871B5BF01A7
-
deze stond er niet meer tussen:
O4 - HKCU\..\RunOnce: [036E192F2B17D9791FE781E07B07D287] C:\Documents and Settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.exe
ik kan de computer wel weer gewoon gebruiken maar de malware blijft bij surfen wel steeds naar voren komen! is het nu wijsheid om deze programma's te verwijderen en te kijken hoe het dan gaat?
-
Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.0.1400
Malwarebytes : Free anti-malware download
Databaseversie: v2012.09.16.07
Windows XP Service Pack 3 x86 NTFS (Veilige modus/netwerkmogelijkheden)
Internet Explorer 8.0.6001.18702
Administrator :: GOUZWAARD4592 [administrator]
Realtime bescherming: Uitgeschakeld
16-9-2012 19:26:59
mbam-log-2012-09-16 (19-26-59).txt
Scantype: Volledige scan (C:\|D:\|E:\|)
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 339443
Verstreken tijd: 56 minuut/minuten, 54 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011041135} (PUP.Codec.PR) -> Geen actie ondernomen.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011041135} (PUP.Codec.PR) -> Geen actie ondernomen.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum (Trojan.LameShield) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|036E192F2B17D9791FE781E07B07D287 (Trojan.LameShield) -> Data: C:\Documents and Settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.exe -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Documents and Settings\Administrator\Local Settings\Application Data\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\n. -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd.
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 13
C:\Documents and Settings\Administrator\Mijn documenten\Downloads\SoftonicDownloader_voor_vlc-media-player.exe (PUP.OfferBundler.ST) -> Geen actie ondernomen.
C:\Documents and Settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.exe (Trojan.LameShield) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Administrator\Local Settings\Temp\27A.tmp (Trojan.LameShield) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Administrator\Local Settings\Temp\27B.tmp (Trojan.Sirefef) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Administrator\Local Settings\Temp\Uninstall.exe43312781.del (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Administrator\Local Settings\Temp\43291187.Uninstall\Uninstall.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Administrator\Mijn documenten\Downloads\Codec-C.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Administrator\Mijn documenten\Downloads\FLVPlayerSetup.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\System Volume Information\_restore{AF6CD0DB-9666-4CA4-8570-D47738BCECC6}\RP652\A0122899.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\Temp\gnquggbnst.exe (Trojan.Phex.THAGen6) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\Temp\kecmkjekfxzuskwkhgqhrcr.exe (Trojan.Cridex) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\Temp\mzyitcylscgyexywtgtocu.exe (Trojan.Phex.THAGen6) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\WINDOWS\Temp\vohigzkbcn.exe (Trojan.Cridex) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:13:09, on 16-9-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Bureaublad\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Gacela2 - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\GfK Internet Monitor\Gacela2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [ConsumerClickSysTrayIcon] "C:\Program Files\ConsumerClick\ConsumerClickSysTrayIcon.exe"
O4 - HKLM\..\Run: [GfK-WatchDog] "C:\Program Files\GfKLSPService\GfK-WatchDog.exe" /Debug
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [iSW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\RunOnce: [036E192F2B17D9791FE781E07B07D287] C:\Documents and Settings\All Users\Application Data\036E192F2B17D9791FE781E07B07D287\036E192F2B17D9791FE781E07B07D287.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: CCC.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: CCC.lnk = ? (User 'Default user')
O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\GfK Internet Monitor\Gacela2.dll
O9 - Extra 'Tools' menuitem: Informatie over GfK Internet Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\GfK Internet Monitor\Gacela2.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: GfK-Reporting-Service - Unknown owner - C:\Program Files\GfK Internet Monitor\GfK-Reporting.exe
O23 - Service: GfK-Update-Service - Unknown owner - C:\Program Files\GfK Internet Monitor\GfK-Updater.exe
O23 - Service: GfkLSPService - GfK - C:\Program Files\GfKLSPService\GfKLSPService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
--
End of file - 11662 bytes
-
ik heb hetzelfde probleem alleen lukt het met niet om het logje te plakken met ctrl a en c hij is te snel weg! (van Hijackthis) het andere programma krijg ik wel gedownload maar niet geinstalleerd dat blokkeerd dat stomme virus
live security platform
in Archief Bestrijding malware & virussen
Geplaatst:
ComboFix 12-09-20.03 - Administrator 21-09-2012 15:28:43.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.895.411 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: ZoneAlarm Free Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\ADMINI~1\LOCALS~1\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
c:\documents and settings\Administrator\Local Settings\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-08-21 to 2012-09-21 ))))))))))))))))))))))))))))))
.
.
2012-09-21 15:20 . 2012-09-21 15:20 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\MpKslb18ab3d8.sys
2012-09-21 13:23 . 2012-09-21 13:23 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\MpKsl7d23df20.sys
2012-09-20 21:12 . 2012-08-30 08:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\mpengine.dll
2012-09-19 19:41 . 2012-08-30 08:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-16 20:50 . 2012-09-16 21:07 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2012-09-16 17:24 . 2012-09-16 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-08-29 19:15 . 2012-08-29 19:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities
2012-08-25 21:24 . 2012-08-25 21:24 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun
2012-08-24 15:27 . 2008-04-14 16:03 20992 ----a-w- c:\windows\system32\dshowext.ax
2012-08-23 15:08 . 2012-08-23 15:08 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-23 15:08 . 2012-08-23 15:08 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-20 20:05 . 2012-06-08 20:39 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-20 20:05 . 2011-05-15 19:49 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-23 15:08 . 2012-04-07 17:56 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-23 15:08 . 2010-12-10 21:44 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-13 15:41 . 2011-08-06 07:00 380152 ----a-w- c:\windows\system32\GfKLSPService64.dll
2012-08-13 15:41 . 2011-03-16 19:31 312056 ----a-w- c:\windows\system32\GfKLSPService.dll
2012-07-06 13:58 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2004-08-04 08:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:23 . 2004-08-04 08:00 1866240 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2004-08-04 08:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2004-08-04 08:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2004-08-04 08:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-04 08:00 385024 ------w- c:\windows\system32\html.iec
2012-06-26 07:02 . 2011-10-31 10:22 45320 ----a-w- c:\windows\system32\MAMACExtract.dll
2012-09-08 10:24 . 2012-09-08 10:21 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-03 21432]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-07-03 975288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 177456]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912]
"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 57344]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-10 270336]
"ConsumerClickSysTrayIcon"="c:\program files\ConsumerClick\ConsumerClickSysTrayIcon.exe" [2010-12-17 69632]
"GfK-WatchDog"="c:\program files\GfKLSPService\GfK-WatchDog.exe" [2012-08-13 57592]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-03-19 73360]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-07-03 3524536]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-03-16 738944]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2010-12-10 192512]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-07 01:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 MpKslb18ab3d8;MpKslb18ab3d8;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C1F5895-BC49-4722-A09D-8C2DD7C12A86}\MpKslb18ab3d8.sys [21-9-2012 17:20 29904]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4-8-2004 10:00 14336]
R2 GfK-Reporting-Service;GfK-Reporting-Service;c:\program files\GfK Internet Monitor\GfK-Reporting.exe [20-1-2011 16:00 102400]
R2 GfK-Update-Service;GfK-Update-Service;c:\program files\GfK Internet Monitor\GfK-Updater.exe [20-1-2011 16:00 180224]
R2 GfkLSPService;GfkLSPService;c:\program files\GfKLSPService\GfKLspService.exe [17-11-2010 13:15 3222776]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [3-11-2011 16:44 27016]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [3-11-2011 16:44 497280]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2-8-2007 5:01 540448]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13-7-2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [8-6-2012 22:39 250288]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [6-6-2012 14:16 30312]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [21-1-2012 15:10 20032]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16-9-2012 22:50 40776]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26-4-2012 4:50 114144]
S3 optousb;OPTO ELECTRONICS optousb;c:\windows\system32\drivers\optousb.sys [16-3-2011 21:14 18432]
S3 optovcm;OPTO ELECTRONICS optovcm;c:\windows\system32\drivers\optovcm.sys [16-3-2011 21:14 26368]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [22-1-2011 16:14 591488]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [6-6-2012 14:16 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [6-6-2012 14:16 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [6-6-2012 14:16 136808]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MPKSLB18AB3D8
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
Cognizance REG_MULTI_SZ ASBroker ASChannel
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-09-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 20:05]
.
2012-09-21 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
.
------- Bijkomende Scan -------
.
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\agtjif03.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-09-21 17:20
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????T??????????????|?M?|?????M?|&?@
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-226067063-4292578343-2355287337-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,0d,ab,a3,f2,9d,39,42,be,b7,be,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,71,71,10,e3,43,ba,4d,a5,f6,ed,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(1128)
c:\windows\system32\Ati2evxx.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll
c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItReports.DLL
c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll
c:\program files\Hewlett-Packard\IAM\Bin\ittal.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(1184)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(5648)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\APSHook.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\msdtc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\mqsvc.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\mqtgsvc.exe
c:\program files\Hewlett-Packard\IAM\bin\asghost.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\windows\system32\msiexec.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Voltooingstijd: 2012-09-21 17:27:14 - machine werd herstart
ComboFix-quarantined-files.txt 2012-09-21 15:27
ComboFix2.txt 2012-09-20 21:17
ComboFix3.txt 2012-09-19 19:41
.
Pre-Run: 112.980.197.376 bytes beschikbaar
Post-Run: 113.058.713.600 bytes beschikbaar
.
- - End Of File - - A42192DC2E5E5430A077827E54B0168D
Het lijk beter te gaan heb al de programma's eraf gegooid om te kijken of ik nog popup meldingen kreeg, maar dat lijkt goed te gaan. Krijg alleen bij opstarten nog een melding van skype maar dat heeft te maken met samsung kies programma. Hierboven is mijn laatste scan weet niet of jullie hier nog iets bijzonders aan zien? Heel erg bedankt tot nu toe!