Ga naar inhoud

nbent

Lid
  • Items

    50
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door nbent

  1. opmerkelijk beter ;-) zat er een beestje in de laptop?
  2. ComboFix 12-09-22.02 - g 22-09-2012 20:45:57.4.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.502.247 [GMT 2:00] Gestart vanuit: c:\documents and settings\g\Bureaublad\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\URTTemp c:\windows\system32\URTTemp\regtlib.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-22 to 2012-09-22 )))))))))))))))))))))))))))))) . . 2012-09-22 13:03 . 2012-09-22 13:03 -------- d--h--r- c:\documents and settings\g\Onlangs geopend 2012-08-30 18:41 . 2012-08-30 18:41 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2012-08-30 18:41 . 2012-08-30 18:41 -------- d-----w- c:\program files\DVDVideoSoft 2012-08-30 18:40 . 2012-08-30 18:43 -------- d-----w- c:\documents and settings\g\Application Data\DVDVideoSoft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-21 16:24 . 2012-05-30 06:32 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-21 16:24 . 2011-12-11 17:28 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-07 15:04 . 2011-12-09 12:36 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 15:17 . 2009-06-13 17:27 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:17 . 2009-06-13 17:27 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-28 15:17 . 2008-04-15 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07 . 2009-06-13 17:29 385024 ----a-w- c:\windows\system32\html.iec 2012-07-06 13:58 . 2008-04-15 12:00 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 13:59 . 2011-12-09 10:55 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 18:21 . 2009-06-13 17:30 1875200 ----a-w- c:\windows\system32\win32k.sys 2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll 2012-09-07 17:51 . 2012-09-07 17:51 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "Athan"="c:\program files\Athan\Athan.exe" [2011-11-20 1204224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2009-03-08 128512] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= . R0 iastor78;iastor78;c:\windows\system32\drivers\iastor78.sys [14-6-2009 17:02 308248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9-12-2011 14:42 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9-12-2011 14:42 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9-12-2011 14:42 20568] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [18-9-2012 13:59 399432] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [30-4-2012 21:54 676936] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9-12-2011 14:36 22856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30-5-2012 8:32 250288] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6-5-2012 16:33 114144] S3 SteComposite;Acer Composite USB Service;c:\windows\system32\drivers\ste_compo.sys [24-6-2010 15:42 75264] . Inhoud van de 'Gedeelde Taken' map . 2012-09-22 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 16:24] . . ------- Bijkomende Scan ------- . uStart Page = Google IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 FF - ProfilePath - c:\documents and settings\g\Application Data\Mozilla\Firefox\Profiles\712ra1hw.default\ FF - prefs.js: browser.startup.homepage - google.be . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-09-22 20:55 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2012-09-22 20:58:27 ComboFix-quarantined-files.txt 2012-09-22 18:58 ComboFix2.txt 2012-06-03 17:28 . Pre-Run: 47.791.173.632 bytes beschikbaar Post-Run: 48.419.295.232 bytes beschikbaar . - - End Of File - - 27944AB45AEA2AB32D742208A53EB81E
  3. Hallo Wie kan me helpen het HJT logje onder de loep te nemen?? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:14:25, on 22-9-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\taskswitch.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Athan\Athan.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\DOCUME~1\g\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- End of file - 6138 bytes alvast dikke merci!
  4. ComboFix 12-06-03.01 - g 03-06-2012 19:14:07.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.502.275 [GMT 2:00] Gestart vanuit: c:\documents and settings\g\Bureaublad\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-03 to 2012-06-03 )))))))))))))))))))))))))))))) . . 2012-06-02 20:57 . 2012-06-02 20:57 -------- d--h--r- c:\documents and settings\g\Onlangs geopend 2012-05-30 06:32 . 2012-05-30 06:32 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-06 14:33 . 2012-05-06 14:33 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-05-06 14:33 . 2012-05-06 14:33 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe 2012-05-06 14:33 . 2012-05-06 14:33 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-30 06:32 . 2011-12-11 17:28 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-11 13:51 . 2009-02-09 11:19 2073472 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-11 13:51 . 2009-06-13 17:30 1871488 ----a-w- c:\windows\system32\win32k.sys 2012-04-11 13:51 . 2009-06-13 17:29 2196992 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-04 13:56 . 2011-12-09 12:36 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-06 14:33 . 2011-12-09 12:28 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-01-03_18.30.44 ))))))))))))))))))))))))))))))))))))))))) . + 2011-05-13 19:17 . 2011-05-13 19:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll + 2011-05-13 18:45 . 2011-05-13 18:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll + 2011-05-13 18:45 . 2011-05-13 18:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll + 2011-05-13 18:45 . 2011-05-13 18:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll + 2011-05-13 18:45 . 2011-05-13 18:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll + 2011-05-13 18:45 . 2011-05-13 18:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll + 2011-05-13 18:45 . 2011-05-13 18:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll + 2011-05-13 18:45 . 2011-05-13 18:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll + 2011-05-13 18:45 . 2011-05-13 18:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll + 2011-05-13 18:45 . 2011-05-13 18:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll + 2011-05-14 00:06 . 2011-05-14 00:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll + 2011-05-14 00:23 . 2011-05-14 00:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll + 2011-05-13 17:37 . 2011-05-13 17:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll + 2012-06-03 08:15 . 2012-06-03 08:15 16384 c:\windows\Temp\Perflib_Perfdata_9c0.dat + 2011-12-12 15:34 . 2009-02-27 02:42 66440 c:\windows\system32\spool\drivers\w32x86\msonpui.dll + 2011-12-12 15:34 . 2009-02-27 02:42 66440 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll + 2008-04-15 12:00 . 2012-05-12 22:07 92124 c:\windows\system32\perfc013.dat + 2008-04-15 12:00 . 2012-05-12 22:07 72484 c:\windows\system32\perfc009.dat + 2008-04-15 12:00 . 2011-11-20 06:12 60928 c:\windows\system32\packager.exe + 2011-12-12 15:34 . 2009-02-27 02:42 31640 c:\windows\system32\msonpmon.dll + 2009-06-13 17:27 . 2012-03-01 11:00 66560 c:\windows\system32\mshtmled.dll - 2009-06-13 17:27 . 2011-11-04 19:13 66560 c:\windows\system32\mshtmled.dll + 2011-12-09 10:55 . 2012-03-01 11:00 55296 c:\windows\system32\msfeedsbs.dll - 2011-12-09 10:55 . 2011-11-04 19:13 55296 c:\windows\system32\msfeedsbs.dll - 2008-04-15 12:00 . 2008-04-15 12:00 23040 c:\windows\system32\mciseq.dll + 2008-04-15 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll - 2009-06-13 17:27 . 2011-11-04 19:13 43520 c:\windows\system32\licmgr10.dll + 2009-06-13 17:27 . 2012-03-01 11:00 43520 c:\windows\system32\licmgr10.dll - 2009-06-13 17:27 . 2011-11-04 19:13 25600 c:\windows\system32\jsproxy.dll + 2009-06-13 17:27 . 2012-03-01 11:00 25600 c:\windows\system32\jsproxy.dll + 2012-01-27 18:20 . 2008-04-13 21:15 26112 c:\windows\system32\drivers\usbser.sys + 2010-06-24 13:42 . 2010-06-24 13:42 75264 c:\windows\system32\drivers\ste_compo.sys - 2011-12-09 14:01 . 2011-11-04 19:13 12800 c:\windows\system32\dllcache\xpshims.dll + 2011-12-09 14:01 . 2012-03-01 11:00 12800 c:\windows\system32\dllcache\xpshims.dll + 2012-01-27 18:20 . 2008-04-13 21:15 26112 c:\windows\system32\dllcache\usbser.sys + 2012-01-11 10:16 . 2011-11-20 06:12 60928 c:\windows\system32\dllcache\packager.exe - 2009-03-08 03:31 . 2011-11-04 19:13 66560 c:\windows\system32\dllcache\mshtmled.dll + 2009-03-08 03:31 . 2012-03-01 11:00 66560 c:\windows\system32\dllcache\mshtmled.dll + 2011-12-09 14:01 . 2012-03-01 11:00 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2011-12-09 14:01 . 2011-11-04 19:13 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2012-01-11 10:16 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll + 2009-03-08 03:34 . 2012-03-01 11:00 43520 c:\windows\system32\dllcache\licmgr10.dll - 2009-03-08 03:34 . 2011-11-04 19:13 43520 c:\windows\system32\dllcache\licmgr10.dll + 2009-03-08 03:33 . 2012-03-01 11:00 25600 c:\windows\system32\dllcache\jsproxy.dll - 2009-03-08 03:33 . 2011-11-04 19:13 25600 c:\windows\system32\dllcache\jsproxy.dll + 2012-01-04 20:29 . 2012-01-04 20:29 19968 c:\windows\Installer\762f63.msi + 2012-03-25 14:58 . 2012-03-25 14:58 22016 c:\windows\Installer\1207b57.msi - 2011-12-12 15:34 . 2011-12-20 07:42 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2011-12-12 15:34 . 2012-05-12 22:15 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2011-12-12 15:34 . 2012-05-12 22:15 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2011-12-12 15:34 . 2012-05-12 22:15 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2012-01-03 08:45 . 2012-01-03 08:45 16832 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\ViewerPS.dll + 2012-01-03 21:51 . 2012-01-03 21:51 37296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\reader_sl.exe + 2012-01-03 08:44 . 2012-01-03 08:44 79280 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\PDFPrevHndlr.dll + 2012-01-03 21:15 . 2012-01-03 21:15 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\eula.exe + 2012-01-03 20:52 . 2012-01-03 20:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\acrotextextractor.exe + 2012-01-03 07:19 . 2012-01-03 07:19 16824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroRd32Info.exe + 2012-01-03 07:16 . 2012-01-03 07:16 75200 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\acroiehelpershim.dll + 2012-01-03 07:16 . 2012-01-03 07:16 61888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroIEHelper.dll + 2006-07-24 09:50 . 2006-07-24 09:50 47920 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\VBAME.DLL + 2009-02-26 14:24 . 2009-02-26 14:24 71536 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONFILTER.DLL + 2009-02-26 14:24 . 2009-02-26 14:24 97680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONENOTEM.EXE + 2006-07-24 09:50 . 2006-07-24 09:50 92976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSADDNDR.DLL + 2011-12-12 15:31 . 2011-12-12 15:31 35648 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OLCTLPIA.DLL + 2009-04-02 11:01 . 2009-04-02 11:01 56680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXP_XPS.DLL + 2009-04-03 17:46 . 2009-04-03 17:46 97640 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXP_PDF.DLL + 2006-10-26 19:13 . 2006-10-26 19:13 56192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACECNFLT.EXE + 2012-04-11 19:34 . 2011-12-17 19:42 12800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll + 2012-04-11 19:34 . 2011-12-17 19:42 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll + 2012-04-11 19:34 . 2011-12-17 19:42 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll + 2012-04-11 19:34 . 2011-12-17 19:42 43520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll + 2012-04-11 19:34 . 2011-12-17 19:42 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll + 2012-02-16 09:47 . 2011-11-04 19:13 12800 c:\windows\ie8updates\KB2647516-IE8\xpshims.dll + 2012-02-16 09:47 . 2011-11-04 19:13 66560 c:\windows\ie8updates\KB2647516-IE8\mshtmled.dll + 2012-02-16 09:47 . 2011-11-04 19:13 55296 c:\windows\ie8updates\KB2647516-IE8\msfeedsbs.dll + 2012-02-16 09:47 . 2011-11-04 19:13 43520 c:\windows\ie8updates\KB2647516-IE8\licmgr10.dll + 2012-02-16 09:47 . 2011-11-04 19:13 25600 c:\windows\ie8updates\KB2647516-IE8\jsproxy.dll + 2012-04-11 19:31 . 2012-04-11 19:31 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_9f8cd7bc\System.Drawing.Design.dll + 2012-05-13 07:49 . 2012-05-13 07:49 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\7aac1fe67890463655aeeb3b8e4f2884\System.Web.DynamicData.Design.ni.dll + 2012-05-13 08:38 . 2012-05-13 08:38 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll + 2012-05-13 08:38 . 2012-05-13 08:38 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll + 2012-05-12 22:10 . 2012-05-12 22:10 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe + 2012-05-12 22:09 . 2012-05-12 22:09 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll + 2012-05-13 08:36 . 2012-05-13 08:36 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe + 2012-05-13 08:34 . 2012-05-13 08:34 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll + 2012-05-12 22:06 . 2012-05-12 22:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2012-01-01 10:58 . 2012-01-01 10:58 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2012-05-12 22:06 . 2012-05-12 22:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2012-01-01 10:58 . 2012-01-01 10:58 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2012-01-01 10:59 . 2012-01-01 10:59 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2012-05-12 22:06 . 2012-05-12 22:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2012-05-12 22:07 . 2012-05-12 22:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2012-01-01 11:00 . 2012-01-01 11:00 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2012-05-12 22:06 . 2012-05-12 22:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2012-01-01 11:00 . 2012-01-01 11:00 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2012-01-01 11:00 . 2012-01-01 11:00 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2012-05-12 22:06 . 2012-05-12 22:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2012-05-12 22:06 . 2012-05-12 22:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2012-01-01 10:59 . 2012-01-01 10:59 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2012-05-12 22:06 . 2012-05-12 22:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2012-01-01 10:59 . 2012-01-01 10:59 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2012-01-01 11:00 . 2012-01-01 11:00 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2012-05-12 22:06 . 2012-05-12 22:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2012-01-01 11:00 . 2012-01-01 11:00 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2012-05-12 22:06 . 2012-05-12 22:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2012-01-01 11:00 . 2012-01-01 11:00 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2012-05-12 22:06 . 2012-05-12 22:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2012-05-12 22:06 . 2012-05-12 22:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-01-01 11:00 . 2012-01-01 11:00 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-01-01 11:00 . 2012-01-01 11:00 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-05-12 22:06 . 2012-05-12 22:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-03-20 11:58 . 2012-03-20 11:58 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll + 2012-03-20 11:57 . 2012-03-20 11:57 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll - 2011-12-17 16:08 . 2011-12-17 16:08 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll + 2012-03-20 11:58 . 2012-03-20 11:58 34696 c:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll + 2012-01-12 19:37 . 2008-04-15 12:00 23040 c:\windows\$NtUninstallKB2598479$\mciseq.dll + 2012-01-12 09:19 . 2008-04-15 12:00 58880 c:\windows\$NtUninstallKB2584146$\packager.exe + 2012-04-11 19:34 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2675157-IE8\update\spcustom.dll + 2012-04-11 19:34 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2675157-IE8\spmsg.dll + 2012-04-11 17:03 . 2012-03-01 10:56 12800 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\xpshims.dll + 2012-04-11 17:03 . 2012-03-01 10:56 66560 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtmled.dll + 2012-04-11 17:03 . 2012-03-01 10:56 55296 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\msfeedsbs.dll + 2012-04-11 17:03 . 2012-03-01 10:56 43520 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\licmgr10.dll + 2012-04-11 17:03 . 2012-03-01 10:56 25600 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\jsproxy.dll + 2012-02-16 09:46 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2661637\update\spcustom.dll + 2012-02-16 09:46 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2661637\spmsg.dll + 2012-04-11 19:26 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2653956\update\spcustom.dll + 2012-04-11 19:26 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2653956\spmsg.dll + 2012-03-14 08:28 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2647518\update\spcustom.dll + 2012-03-14 08:28 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2647518\spmsg.dll + 2012-02-16 09:47 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2647516-IE8\update\spcustom.dll + 2012-02-16 09:47 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2647516-IE8\spmsg.dll + 2012-02-16 07:18 . 2011-12-17 19:41 12800 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\xpshims.dll + 2012-02-16 07:18 . 2011-12-17 19:41 66560 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtmled.dll + 2012-02-16 07:18 . 2011-12-17 19:41 55296 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\msfeedsbs.dll + 2012-02-16 07:18 . 2011-12-17 19:41 43520 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\licmgr10.dll + 2012-02-16 07:18 . 2011-12-17 19:41 25600 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\jsproxy.dll + 2012-01-12 19:37 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2603381\update\spcustom.dll + 2012-01-12 19:37 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2603381\spmsg.dll + 2012-01-12 19:37 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2598479\update\spcustom.dll + 2012-01-12 19:37 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2598479\spmsg.dll + 2012-01-11 10:16 . 2011-10-14 14:45 23040 c:\windows\$hf_mig$\KB2598479\SP3QFE\mciseq.dll + 2012-01-12 09:19 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2584146\update\spcustom.dll + 2012-01-12 09:19 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2584146\spmsg.dll + 2012-01-11 10:16 . 2011-11-20 06:11 60928 c:\windows\$hf_mig$\KB2584146\SP3QFE\packager.exe + 2012-05-12 22:06 . 2012-05-12 22:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2012-01-01 11:00 . 2012-01-01 11:00 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2012-02-16 07:16 . 2012-01-11 19:07 3072 c:\windows\system32\iacenc.dll + 2012-02-16 07:16 . 2012-01-11 19:07 3072 c:\windows\system32\dllcache\iacenc.dll + 2012-05-12 22:07 . 2012-05-12 22:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2012-01-01 11:00 . 2012-01-01 11:00 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2012-05-12 22:06 . 2012-05-12 22:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2012-01-01 10:58 . 2012-01-01 10:58 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2012-05-12 22:06 . 2012-05-12 22:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2012-01-01 11:00 . 2012-01-01 11:00 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2012-05-12 22:06 . 2012-05-12 22:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2012-01-01 11:00 . 2012-01-01 11:00 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2012-02-16 07:16 . 2012-01-11 19:05 3072 c:\windows\$hf_mig$\KB2661637\SP3QFE\iacenc.dll + 2012-01-11 10:15 . 2011-11-03 18:17 4608 c:\windows\$hf_mig$\KB2603381\update\customaddreg.dll - 2012-01-01 11:00 . 2012-01-01 11:00 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2012-05-12 22:06 . 2012-05-12 22:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2012-05-12 22:06 . 2012-05-12 22:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2012-01-01 11:00 . 2012-01-01 11:00 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2011-05-14 00:17 . 2011-05-14 00:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll + 2011-05-14 00:12 . 2011-05-14 00:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll + 2011-05-14 00:11 . 2011-05-14 00:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll + 2008-04-15 12:00 . 2012-02-29 14:10 177664 c:\windows\system32\wintrust.dll - 2008-04-15 12:00 . 2009-12-24 07:05 177664 c:\windows\system32\wintrust.dll - 2009-06-13 17:30 . 2011-06-20 17:43 293888 c:\windows\system32\winsrv.dll + 2009-06-13 17:30 . 2011-11-25 21:56 293888 c:\windows\system32\winsrv.dll - 2008-04-15 12:00 . 2008-04-15 12:00 179200 c:\windows\system32\winmm.dll + 2008-04-15 12:00 . 2011-10-14 14:47 179200 c:\windows\system32\winmm.dll + 2009-06-13 17:27 . 2012-03-01 11:00 916992 c:\windows\system32\wininet.dll - 2009-06-13 17:27 . 2011-11-04 19:13 916992 c:\windows\system32\wininet.dll + 2009-06-13 17:30 . 2011-11-16 14:20 354816 c:\windows\system32\winhttp.dll - 2009-06-13 17:30 . 2009-08-25 09:31 354816 c:\windows\system32\winhttp.dll - 2009-06-13 17:27 . 2011-11-04 19:13 105984 c:\windows\system32\url.dll + 2009-06-13 17:27 . 2012-03-01 11:00 105984 c:\windows\system32\url.dll + 2011-12-12 15:34 . 2009-02-27 02:42 863128 c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll + 2011-12-12 15:34 . 2009-02-27 02:42 863128 c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll + 2009-06-13 17:29 . 2011-11-16 14:20 152064 c:\windows\system32\schannel.dll - 2008-04-15 12:00 . 2008-04-15 12:00 386560 c:\windows\system32\qdvd.dll + 2008-04-15 12:00 . 2011-11-03 15:27 386560 c:\windows\system32\qdvd.dll + 2008-04-15 12:00 . 2012-05-12 22:07 512152 c:\windows\system32\perfh013.dat + 2008-04-15 12:00 . 2012-05-12 22:07 444226 c:\windows\system32\perfh009.dat + 2009-06-13 17:27 . 2012-03-01 11:00 206848 c:\windows\system32\occache.dll - 2009-06-13 17:27 . 2011-11-04 19:13 206848 c:\windows\system32\occache.dll + 2009-06-13 17:27 . 2012-03-01 11:00 611840 c:\windows\system32\mstime.dll - 2009-06-13 17:27 . 2011-11-04 19:13 611840 c:\windows\system32\mstime.dll + 2009-06-13 17:27 . 2012-03-01 11:00 602112 c:\windows\system32\msfeeds.dll - 2009-06-13 17:27 . 2011-11-04 19:13 602112 c:\windows\system32\msfeeds.dll + 2012-05-30 06:32 . 2012-05-30 06:32 351904 c:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe + 2012-05-30 06:32 . 2012-05-30 06:32 257696 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe + 2008-04-15 12:00 . 2012-02-29 14:10 148480 c:\windows\system32\imagehlp.dll + 2009-06-13 17:27 . 2012-03-01 11:00 184320 c:\windows\system32\iepeers.dll - 2009-06-13 17:27 . 2011-11-04 19:13 184320 c:\windows\system32\iepeers.dll + 2009-06-13 17:27 . 2012-03-01 11:00 387584 c:\windows\system32\iedkcs32.dll - 2009-06-13 17:27 . 2011-11-04 19:13 387584 c:\windows\system32\iedkcs32.dll + 2009-06-13 17:27 . 2012-02-29 12:18 174080 c:\windows\system32\ie4uinit.exe - 2009-06-13 17:27 . 2011-11-04 11:25 174080 c:\windows\system32\ie4uinit.exe - 2011-12-09 11:45 . 2011-12-17 18:22 271784 c:\windows\system32\FNTCACHE.DAT + 2011-12-09 11:45 . 2012-05-13 07:46 271784 c:\windows\system32\FNTCACHE.DAT + 2011-12-09 10:55 . 2012-01-09 16:19 139784 c:\windows\system32\drivers\rdpwd.sys - 2011-12-09 13:49 . 2009-12-24 07:05 177664 c:\windows\system32\dllcache\wintrust.dll + 2011-12-09 13:49 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll - 2011-12-09 14:23 . 2011-06-20 17:43 293888 c:\windows\system32\dllcache\winsrv.dll + 2011-12-09 14:23 . 2011-11-25 21:56 293888 c:\windows\system32\dllcache\winsrv.dll + 2012-01-11 10:16 . 2011-10-14 14:47 179200 c:\windows\system32\dllcache\winmm.dll + 2009-03-08 03:34 . 2012-03-01 11:00 916992 c:\windows\system32\dllcache\wininet.dll - 2009-03-08 03:34 . 2011-11-04 19:13 916992 c:\windows\system32\dllcache\wininet.dll - 2011-12-10 16:39 . 2009-08-25 09:31 354816 c:\windows\system32\dllcache\winhttp.dll + 2011-12-10 16:39 . 2011-11-16 14:20 354816 c:\windows\system32\dllcache\winhttp.dll - 2009-03-08 03:34 . 2011-11-04 19:13 105984 c:\windows\system32\dllcache\url.dll + 2009-03-08 03:34 . 2012-03-01 11:00 105984 c:\windows\system32\dllcache\url.dll + 2011-12-09 14:15 . 2011-11-16 14:20 152064 c:\windows\system32\dllcache\schannel.dll + 2011-12-09 14:02 . 2012-01-09 16:19 139784 c:\windows\system32\dllcache\rdpwd.sys + 2012-01-11 10:16 . 2011-11-03 15:27 386560 c:\windows\system32\dllcache\qdvd.dll + 2009-03-08 03:34 . 2012-03-01 11:00 206848 c:\windows\system32\dllcache\occache.dll - 2009-03-08 03:34 . 2011-11-04 19:13 206848 c:\windows\system32\dllcache\occache.dll - 2009-03-08 03:32 . 2011-11-04 19:13 611840 c:\windows\system32\dllcache\mstime.dll + 2009-03-08 03:32 . 2012-03-01 11:00 611840 c:\windows\system32\dllcache\mstime.dll - 2011-12-09 14:01 . 2011-11-04 19:13 602112 c:\windows\system32\dllcache\msfeeds.dll + 2011-12-09 14:01 . 2012-03-01 11:00 602112 c:\windows\system32\dllcache\msfeeds.dll + 2012-04-11 17:03 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll - 2011-12-09 14:01 . 2011-11-04 19:13 247808 c:\windows\system32\dllcache\ieproxy.dll + 2011-12-09 14:01 . 2012-03-01 11:00 247808 c:\windows\system32\dllcache\ieproxy.dll + 2009-03-08 03:31 . 2012-03-01 11:00 184320 c:\windows\system32\dllcache\iepeers.dll - 2009-03-08 03:31 . 2011-11-04 19:13 184320 c:\windows\system32\dllcache\iepeers.dll - 2011-12-09 14:01 . 2011-11-04 19:13 743424 c:\windows\system32\dllcache\iedvtool.dll + 2011-12-09 14:01 . 2012-03-01 11:00 743424 c:\windows\system32\dllcache\iedvtool.dll - 2009-03-08 13:09 . 2011-11-04 19:13 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2009-03-08 13:09 . 2012-03-01 11:00 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2009-03-08 03:32 . 2011-11-04 11:25 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2009-03-08 03:32 . 2012-02-29 12:18 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2012-04-05 21:52 . 2012-04-05 21:52 131168 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll + 2012-01-31 01:38 . 2012-01-31 01:38 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2011-12-25 01:50 . 2011-12-25 01:50 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2011-12-25 01:50 . 2011-12-25 01:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2011-12-25 01:50 . 2011-12-25 01:50 989968 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2012-01-27 15:35 . 2012-01-27 15:35 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll + 2012-02-02 21:56 . 2012-02-02 21:56 963584 c:\windows\Installer\87cbc7.msp + 2011-12-22 14:50 . 2011-12-22 14:50 256000 c:\windows\Installer\618eff.msp + 2012-01-28 11:18 . 2012-01-28 11:18 467456 c:\windows\Installer\442f6a.msi + 2012-01-27 18:29 . 2012-01-27 18:29 479232 c:\windows\Installer\14a3829.msi + 2012-01-27 18:28 . 2012-01-27 18:28 777216 c:\windows\Installer\14a37dd.msi - 2011-12-17 15:57 . 2011-12-17 15:57 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe + 2012-03-20 11:46 . 2012-03-20 11:46 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe + 2011-12-12 15:34 . 2012-05-12 22:15 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2011-12-12 15:34 . 2012-05-12 22:15 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2011-12-12 15:34 . 2012-05-12 22:15 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2011-12-12 15:34 . 2011-12-20 07:42 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2011-12-12 15:34 . 2012-05-12 22:15 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2011-12-12 15:34 . 2012-05-12 22:15 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2011-12-12 15:34 . 2012-05-12 22:15 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2011-12-12 15:34 . 2012-05-12 22:15 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2012-01-03 07:23 . 2012-01-03 07:23 378264 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\pdfshell.dll + 2012-01-03 08:44 . 2012-01-03 08:44 116168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\PDFPrevHndlrShim.exe + 2012-01-03 07:22 . 2012-01-03 07:22 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\nppdf32.dll + 2012-01-03 08:43 . 2012-01-03 08:43 550360 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AdobeCollabSync.exe + 2012-01-03 07:40 . 2012-01-03 07:40 120240 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroRdIF.dll + 2012-01-03 21:50 . 2012-01-03 21:50 357808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroRd32.exe + 2012-01-03 07:16 . 2012-01-03 07:16 665008 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroPDF.dll + 2012-01-03 08:38 . 2012-01-03 08:38 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\acrobroker.exe + 2012-01-03 08:08 . 2012-01-03 08:08 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\a3dutility.exe + 2008-07-29 17:59 . 2008-07-29 17:59 368640 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\System.Printing_x86.dll + 2011-12-09 11:02 . 2011-12-09 11:02 368640 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\System.Printing_GAC_x86.dll + 2008-07-29 17:59 . 2008-07-29 17:59 528384 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\ReachFramework_x86.dll + 2011-12-09 11:02 . 2011-12-09 11:02 528384 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\ReachFramework_GAC_x86.dll + 2011-01-14 06:10 . 2011-01-14 06:10 155520 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD6.DLL + 2011-01-14 06:10 . 2011-01-14 06:10 140160 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL2.DLL + 2011-09-15 19:41 . 2011-09-15 19:41 408936 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\WINWORD.EXE + 2007-06-07 18:51 . 2007-06-07 18:51 125320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SSGEN.DLL + 2007-06-07 18:51 . 2007-06-07 18:51 465800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OUTLFLTR.DLL + 2008-03-19 05:27 . 2008-03-19 05:27 661536 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OGALEGIT.DLL + 2006-07-24 09:50 . 2006-07-24 09:50 125744 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSSTDFMT.DLL + 2008-10-25 05:18 . 2008-10-25 05:18 172880 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\IEAWSDC.DLL + 2006-10-27 14:35 . 2006-10-27 14:35 436512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\UMOUTLOOKADDIN.DLL + 2006-10-26 19:13 . 2006-10-26 19:13 764800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACECNF.DLL + 2012-04-11 19:34 . 2011-12-17 19:42 916992 c:\windows\ie8updates\KB2675157-IE8\wininet.dll + 2012-04-11 19:34 . 2011-12-17 19:42 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll + 2012-04-11 19:34 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll + 2012-04-11 19:34 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe + 2012-04-11 19:34 . 2011-12-17 19:42 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll + 2012-04-11 19:34 . 2011-12-17 19:42 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll + 2012-04-11 19:34 . 2011-12-17 19:42 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll + 2012-04-11 19:34 . 2011-12-17 19:42 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll + 2012-04-11 19:34 . 2011-12-17 19:42 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll + 2012-04-11 19:34 . 2011-12-17 19:42 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll + 2012-04-11 19:34 . 2011-12-17 19:42 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll + 2012-04-11 19:34 . 2011-12-16 12:23 174080 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe + 2012-02-16 09:47 . 2011-11-04 19:13 916992 c:\windows\ie8updates\KB2647516-IE8\wininet.dll + 2012-02-16 09:47 . 2011-11-04 19:13 105984 c:\windows\ie8updates\KB2647516-IE8\url.dll + 2012-02-16 09:47 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2647516-IE8\spuninst\updspapi.dll + 2012-02-16 09:47 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2647516-IE8\spuninst\spuninst.exe + 2012-02-16 09:47 . 2011-11-04 19:13 206848 c:\windows\ie8updates\KB2647516-IE8\occache.dll + 2012-02-16 09:47 . 2011-11-04 19:13 611840 c:\windows\ie8updates\KB2647516-IE8\mstime.dll + 2012-02-16 09:47 . 2011-11-04 19:13 602112 c:\windows\ie8updates\KB2647516-IE8\msfeeds.dll + 2012-02-16 09:47 . 2011-11-04 19:13 247808 c:\windows\ie8updates\KB2647516-IE8\ieproxy.dll + 2012-02-16 09:47 . 2011-11-04 19:13 184320 c:\windows\ie8updates\KB2647516-IE8\iepeers.dll + 2012-02-16 09:47 . 2011-11-04 19:13 743424 c:\windows\ie8updates\KB2647516-IE8\iedvtool.dll + 2012-02-16 09:47 . 2011-11-04 19:13 387584 c:\windows\ie8updates\KB2647516-IE8\iedkcs32.dll + 2012-02-16 09:47 . 2011-11-04 11:25 174080 c:\windows\ie8updates\KB2647516-IE8\ie4uinit.exe + 2012-04-11 19:32 . 2012-04-11 19:32 843776 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_278ddaea\System.Drawing.dll + 2012-04-11 19:32 . 2012-04-11 19:32 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f108bdba\System.Drawing.Design.dll + 2012-05-13 08:37 . 2012-05-13 08:37 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe + 2012-05-13 07:52 . 2012-05-13 07:52 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6198de2c5b8f7d89404c2ba39d69ae56\WindowsFormsIntegration.ni.dll + 2012-05-13 07:50 . 2012-05-13 07:50 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll + 2012-05-13 07:49 . 2012-05-13 07:49 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\8bffbaa5d5abe40674d0bc124dfe8622\System.Web.Routing.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\a7908debe80c209b599529685a159fa0\System.Web.Extensions.Design.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\44ecb9f7be54a2ba46e6102d343e2e7e\System.Web.Entity.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\fee8237aa2daa36e48aec379ee642422\System.Web.Entity.Design.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\40d90d2c1484164b786067320ce778f4\System.Web.DynamicData.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6b4ce8cf2c3307b75ea7ebe77258bb26\System.Web.Abstractions.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8dc4a28c456f81ee7399da21bd9d55aa\System.ServiceProcess.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll + 2012-05-13 08:35 . 2012-05-13 08:35 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll + 2012-05-13 08:35 . 2012-05-13 08:35 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cd9c60a35d4958e94d2e3dd2f778e2e9\System.IdentityModel.Selectors.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.Wrapper.dll + 2012-05-13 08:39 . 2012-05-13 08:39 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll + 2012-05-12 22:15 . 2012-05-12 22:15 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\88aa4f80c7e5ac25f06f8950e42a1678\System.Drawing.Design.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ca484772955bc4db03b5dcb611c09423\System.DirectoryServices.Protocols.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ba5e68dddfd3279a8469d39eded48f3\System.DirectoryServices.AccountManagement.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a0109fce606a3110a5e7f9a4773f517e\System.Data.Services.Design.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3a68d0441f509ffa6f8f0fb9cfcc5780\System.Data.Services.Client.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04440b3dd5d822da4973a525ee04b05d\System.Data.Entity.Design.ni.dll + 2012-05-13 08:38 . 2012-05-13 08:38 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\7bbb5d9e3b161b4d4b968e590442d3ae\System.Data.DataSetExtensions.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\bf7d6af03e1230ccad546a8659245ae9\System.Configuration.Install.ni.dll + 2012-05-13 08:38 . 2012-05-13 08:38 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\931a2bece4668863db4f852401c828cf\System.AddIn.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6762f1ee780fa9c0b4ef66b285c64844\SMSvcHost.ni.exe + 2012-05-13 08:36 . 2012-05-13 08:36 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\660c4d6dd69ef22bc05587e1998cd135\SMDiagnostics.ni.dll + 2012-05-13 08:36 . 2012-05-13 08:36 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\47ed5bc9f42ea0054ce9acfde5e640b8\ServiceModelReg.ni.exe + 2012-05-12 22:11 . 2012-05-12 22:11 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a4706b850df9a3483f2fc439b6abe616\PresentationFramework.Royale.ni.dll + 2012-05-12 22:11 . 2012-05-12 22:11 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll + 2012-05-12 22:11 . 2012-05-12 22:11 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7416fe825e6e49a87fa8ff60c8971813\PresentationFramework.Classic.ni.dll + 2012-05-12 22:11 . 2012-05-12 22:11 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\186c27fbd7b38b5551889274f6fa2ccd\PresentationFramework.Aero.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5a121969a115d11b6256eb960c145686\MSBuild.ni.exe + 2012-05-13 08:36 . 2012-05-13 08:36 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\97c613d3899b320a6765793bdf490272\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\dec22fb7d6b8929a41380e5359741a07\Microsoft.Build.Utilities.v3.5.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\1009b31c86a1b798fffa9e0127cec29c\Microsoft.Build.Utilities.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\21d88631ef629715d3eecdd08e62e0b8\Microsoft.Build.Engine.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a0f38c6478cca8297fb160291346c1c9\Microsoft.Build.Conversion.v3.5.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bb26dd100d656605c576881a1a823667\CustomMarshalers.ni.dll + 2012-05-13 08:36 . 2012-05-13 08:36 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\9869c02d18825fdd32e64135a3e7246b\ComSvcConfig.ni.exe + 2012-05-13 08:35 . 2012-05-13 08:35 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e414683ec4cff1cac0c77aaefd67144e\AspNetMMCExt.ni.dll - 2012-01-01 10:58 . 2012-01-01 10:58 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-05-12 22:06 . 2012-05-12 22:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-05-12 22:06 . 2012-05-12 22:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2012-01-01 10:57 . 2012-01-01 10:57 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2012-01-01 10:59 . 2012-01-01 10:59 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2012-05-12 22:06 . 2012-05-12 22:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2012-05-12 22:06 . 2012-05-12 22:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2012-01-01 10:59 . 2012-01-01 10:59 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2012-01-01 11:00 . 2012-01-01 11:00 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2012-05-12 22:06 . 2012-05-12 22:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2012-01-01 11:00 . 2012-01-01 11:00 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2012-05-12 22:06 . 2012-05-12 22:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2012-01-01 11:00 . 2012-01-01 11:00 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-05-12 22:06 . 2012-05-12 22:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-05-12 22:06 . 2012-05-12 22:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2012-01-01 11:00 . 2012-01-01 11:00 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-05-12 22:06 . 2012-05-12 22:06 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-05-12 22:06 . 2012-05-12 22:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2012-01-01 11:00 . 2012-01-01 11:00 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2012-05-12 22:06 . 2012-05-12 22:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2012-01-01 11:00 . 2012-01-01 11:00 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2012-01-01 10:59 . 2012-01-01 10:59 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2012-05-12 22:06 . 2012-05-12 22:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2012-01-01 10:59 . 2012-01-01 10:59 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-05-12 22:06 . 2012-05-12 22:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-05-12 22:06 . 2012-05-12 22:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2012-01-01 10:59 . 2012-01-01 10:59 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2011-12-09 11:03 . 2011-12-09 11:03 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll + 2012-05-12 22:12 . 2012-05-12 22:12 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll + 2012-05-12 22:06 . 2012-05-12 22:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2012-01-01 10:59 . 2012-01-01 10:59 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2012-05-12 21:58 . 2012-05-12 21:58 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll - 2012-01-01 11:00 . 2012-01-01 11:00 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2012-05-12 22:07 . 2012-05-12 22:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2012-01-01 11:00 . 2012-01-01 11:00 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2012-05-12 22:07 . 2012-05-12 22:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2012-05-12 22:07 . 2012-05-12 22:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2012-01-01 11:00 . 2012-01-01 11:00 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2012-03-20 11:58 . 2012-03-20 11:58 608136 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll - 2012-01-01 11:00 . 2012-01-01 11:00 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2012-05-12 22:07 . 2012-05-12 22:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2012-05-12 22:06 . 2012-05-12 22:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2012-01-01 10:59 . 2012-01-01 10:59 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2012-05-12 22:06 . 2012-05-12 22:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2012-01-01 11:00 . 2012-01-01 11:00 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2012-01-01 10:57 . 2012-01-01 10:57 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2012-05-12 22:06 . 2012-05-12 22:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2012-05-12 22:07 . 2012-05-12 22:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2012-01-01 11:00 . 2012-01-01 11:00 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2011-12-09 11:02 . 2011-12-09 11:02 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-05-12 21:58 . 2012-05-12 21:58 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-05-12 22:06 . 2012-05-12 22:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2012-01-01 11:00 . 2012-01-01 11:00 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-05-12 22:06 . 2012-05-12 22:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2012-01-01 11:00 . 2012-01-01 11:00 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2012-01-01 10:59 . 2012-01-01 10:59 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2012-05-12 22:06 . 2012-05-12 22:06 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2012-03-20 11:58 . 2012-03-20 11:58 117160 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll + 2012-04-11 19:31 . 2012-04-11 19:31 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-03-20 11:58 . 2012-03-20 11:58 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll - 2011-12-17 16:09 . 2011-12-17 16:09 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2012-03-20 11:57 . 2012-03-20 11:57 149368 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll + 2012-02-16 09:46 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2661637$\spuninst\updspapi.dll + 2012-02-16 09:46 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2661637$\spuninst\spuninst.exe + 2012-02-16 09:48 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2660465$\spuninst\updspapi.dll + 2012-02-16 09:48 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2660465$\spuninst\spuninst.exe + 2012-04-11 19:26 . 2009-12-24 07:05 177664 c:\windows\$NtUninstallKB2653956$\wintrust.dll + 2012-04-11 19:26 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2653956$\spuninst\updspapi.dll + 2012-04-11 19:26 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2653956$\spuninst\spuninst.exe + 2012-04-11 19:26 . 2008-04-15 12:00 144384 c:\windows\$NtUninstallKB2653956$\imagehlp.dll + 2012-03-14 08:27 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2647518$\spuninst\updspapi.dll + 2012-03-14 08:27 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2647518$\spuninst\spuninst.exe + 2012-01-12 19:39 . 2011-06-20 17:43 293888 c:\windows\$NtUninstallKB2646524$\winsrv.dll + 2012-01-12 19:39 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2646524$\spuninst\updspapi.dll + 2012-01-12 19:39 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2646524$\spuninst\spuninst.exe + 2012-03-14 08:29 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2641653$\spuninst\updspapi.dll + 2012-03-14 08:29 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2641653$\spuninst\spuninst.exe + 2012-01-12 19:39 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2631813$\spuninst\updspapi.dll + 2012-01-12 19:39 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2631813$\spuninst\spuninst.exe + 2012-01-12 19:39 . 2008-04-15 12:00 386560 c:\windows\$NtUninstallKB2631813$\qdvd.dll + 2012-03-14 08:28 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2621440$\spuninst\updspapi.dll + 2012-03-14 08:28 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2621440$\spuninst\spuninst.exe + 2012-03-14 08:28 . 2011-06-24 14:09 139656 c:\windows\$NtUninstallKB2621440$\rdpwd.sys + 2012-01-12 19:37 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2603381$\spuninst\updspapi.dll + 2012-01-12 19:37 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2603381$\spuninst\spuninst.exe + 2012-01-12 19:37 . 2008-04-15 12:00 179200 c:\windows\$NtUninstallKB2598479$\winmm.dll + 2012-01-12 19:37 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2598479$\spuninst\updspapi.dll + 2012-01-12 19:37 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2598479$\spuninst\spuninst.exe + 2012-01-16 13:04 . 2009-08-25 09:31 354816 c:\windows\$NtUninstallKB2585542$\winhttp.dll + 2012-01-16 13:04 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2585542$\spuninst\updspapi.dll + 2012-01-16 13:04 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2585542$\spuninst\spuninst.exe + 2012-01-16 13:04 . 2011-04-29 17:23 151552 c:\windows\$NtUninstallKB2585542$\schannel.dll + 2012-01-12 09:19 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2584146$\spuninst\updspapi.dll + 2012-01-12 09:19 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2584146$\spuninst\spuninst.exe + 2012-04-11 19:34 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2675157-IE8\update\updspapi.dll + 2012-04-11 19:34 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2675157-IE8\update\update.exe + 2012-04-11 19:34 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2675157-IE8\spuninst.exe + 2012-04-11 17:03 . 2012-03-01 10:56 919552 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll + 2012-04-11 17:03 . 2012-03-01 10:56 105984 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\url.dll + 2012-04-11 17:03 . 2012-03-01 10:56 206848 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\occache.dll + 2012-04-11 17:03 . 2012-03-01 10:56 611840 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mstime.dll + 2012-04-11 17:03 . 2012-03-01 10:56 602112 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\msfeeds.dll + 2012-04-11 17:03 . 2012-03-01 10:56 247808 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ieproxy.dll + 2012-04-11 17:03 . 2012-03-01 10:56 184320 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iepeers.dll + 2012-04-11 17:03 . 2012-03-01 10:56 743424 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iedvtool.dll + 2012-04-11 17:03 . 2012-03-01 10:56 387584 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iedkcs32.dll + 2012-04-11 17:03 . 2012-02-29 12:30 174080 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ie4uinit.exe + 2012-02-16 09:46 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2661637\update\updspapi.dll + 2012-02-16 09:46 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2661637\update\update.exe + 2012-02-16 09:46 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2661637\spuninst.exe + 2012-04-11 19:26 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2653956\update\updspapi.dll + 2012-04-11 19:26 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2653956\update\update.exe + 2012-04-11 19:26 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2653956\spuninst.exe + 2012-04-11 17:03 . 2012-02-29 14:08 178176 c:\windows\$hf_mig$\KB2653956\SP3QFE\wintrust.dll + 2012-04-11 17:03 . 2012-02-29 14:08 148480 c:\windows\$hf_mig$\KB2653956\SP3QFE\imagehlp.dll + 2012-03-14 08:28 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2647518\update\updspapi.dll + 2012-03-14 08:28 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2647518\update\update.exe + 2012-03-14 08:28 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2647518\spuninst.exe + 2012-02-16 09:47 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2647516-IE8\update\updspapi.dll + 2012-02-16 09:47 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2647516-IE8\update\update.exe + 2012-02-16 09:47 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2647516-IE8\spuninst.exe + 2012-02-16 07:18 . 2011-12-17 19:41 919552 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll + 2012-02-16 07:18 . 2011-12-17 19:41 105984 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\url.dll + 2012-02-16 07:18 . 2011-12-17 19:41 206848 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\occache.dll + 2012-02-16 07:18 . 2011-12-17 19:41 611840 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mstime.dll + 2012-02-16 07:18 . 2011-12-17 19:41 602112 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\msfeeds.dll + 2012-02-16 07:18 . 2011-12-17 19:41 247808 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ieproxy.dll + 2012-02-16 07:18 . 2011-12-17 19:41 184320 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iepeers.dll + 2012-02-16 07:18 . 2011-12-17 19:41 743424 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iedvtool.dll + 2012-02-16 07:18 . 2011-12-17 19:41 387584 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iedkcs32.dll + 2012-02-16 07:18 . 2011-12-16 12:34 174080 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ie4uinit.exe + 2012-01-12 19:37 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2603381\update\updspapi.dll + 2012-01-12 19:37 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2603381\update\update.exe + 2012-01-12 19:37 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2603381\spuninst.exe + 2012-01-12 19:37 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2598479\update\updspapi.dll + 2012-01-12 19:37 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2598479\update\update.exe + 2012-01-12 19:37 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2598479\spuninst.exe + 2012-01-11 10:16 . 2011-10-14 14:45 179200 c:\windows\$hf_mig$\KB2598479\SP3QFE\winmm.dll + 2012-01-12 09:19 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2584146\update\updspapi.dll + 2012-01-12 09:19 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2584146\update\update.exe + 2012-01-12 09:19 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2584146\spuninst.exe + 2012-05-12 08:09 . 2012-02-09 15:43 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll + 2011-05-13 19:04 . 2011-05-13 19:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll + 2011-05-13 19:04 . 2011-05-13 19:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll + 2009-06-13 17:27 . 2012-03-01 11:00 1212416 c:\windows\system32\urlmon.dll - 2009-06-13 17:27 . 2011-11-04 19:13 1212416 c:\windows\system32\urlmon.dll + 2009-06-13 17:29 . 2011-11-03 15:27 1296384 c:\windows\system32\quartz.dll + 2009-06-13 17:29 . 2012-03-01 11:00 5978624 c:\windows\system32\mshtml.dll + 2012-05-30 06:32 . 2012-05-30 06:32 8797856 c:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll - 2009-06-13 17:27 . 2011-11-04 19:13 2000384 c:\windows\system32\iertutil.dll + 2009-06-13 17:27 . 2012-03-01 11:00 2000384 c:\windows\system32\iertutil.dll + 2011-07-07 01:28 . 2011-07-07 01:28 1193320 c:\windows\system32\FM20.DLL + 2011-12-09 14:21 . 2012-04-11 13:51 1871488 c:\windows\system32\dllcache\win32k.sys - 2009-03-08 03:34 . 2011-11-04 19:13 1212416 c:\windows\system32\dllcache\urlmon.dll + 2009-03-08 03:34 . 2012-03-01 11:00 1212416 c:\windows\system32\dllcache\urlmon.dll + 2011-12-09 14:18 . 2011-11-03 15:27 1296384 c:\windows\system32\dllcache\quartz.dll + 2011-12-09 13:50 . 2012-04-11 13:51 2196992 c:\windows\system32\dllcache\ntoskrnl.exe + 2011-12-09 13:50 . 2012-04-11 13:50 2031104 c:\windows\system32\dllcache\ntkrpamp.exe + 2010-12-09 19:44 . 2012-04-11 13:51 2073472 c:\windows\system32\dllcache\ntkrnlpa.exe + 2011-12-09 13:50 . 2012-04-11 13:51 2152960 c:\windows\system32\dllcache\ntkrnlmp.exe + 2009-03-08 03:41 . 2012-03-01 11:00 5978624 c:\windows\system32\dllcache\mshtml.dll - 2011-12-09 14:01 . 2011-11-04 19:13 2000384 c:\windows\system32\dllcache\iertutil.dll + 2011-12-09 14:01 . 2012-03-01 11:00 2000384 c:\windows\system32\dllcache\iertutil.dll - 2011-03-25 05:15 . 2011-03-25 05:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2011-12-25 01:50 . 2011-12-25 01:50 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2011-12-25 01:50 . 2011-12-25 01:50 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2011-12-25 01:50 . 2011-12-25 01:50 5913360 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - 2011-07-07 04:18 . 2011-07-07 04:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2011-12-25 01:50 . 2011-12-25 01:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2012-01-31 02:46 . 2012-01-31 02:46 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp + 2011-09-15 17:40 . 2011-09-15 17:40 7959552 c:\windows\Installer\e77036.msp + 2011-09-15 17:35 . 2011-09-15 17:35 1411072 c:\windows\Installer\e76e01.msp + 2012-02-03 14:13 . 2012-02-03 14:13 4988928 c:\windows\Installer\8bf4c0.msp + 2012-03-23 12:59 . 2012-03-23 12:59 7899648 c:\windows\Installer\87cbe4.msp + 2012-04-11 19:31 . 2012-04-11 19:31 7069184 c:\windows\Installer\87cbcf.msp + 2011-11-01 11:34 . 2011-11-01 11:34 1169920 c:\windows\Installer\87cbc0.msp + 2011-12-08 18:24 . 2011-12-08 18:24 4989952 c:\windows\Installer\730bfb.msp + 2011-10-30 21:54 . 2011-10-30 21:54 2748416 c:\windows\Installer\7135e4.msp + 2012-04-04 20:38 . 2012-04-04 20:38 2831360 c:\windows\Installer\618f31.msp + 2012-04-28 19:44 . 2012-04-28 19:44 9101824 c:\windows\Installer\618f1b.msp + 2012-04-28 19:44 . 2012-04-28 19:44 9586176 c:\windows\Installer\618eeb.msp + 2012-04-30 12:38 . 2012-04-30 12:38 5011456 c:\windows\Installer\618ed4.msp + 2012-04-04 20:38 . 2012-04-04 20:38 3620864 c:\windows\Installer\618ebe.msp + 2012-03-15 00:24 . 2012-03-15 00:24 1795584 c:\windows\Installer\618e9c.msp + 2012-04-28 19:43 . 2012-04-28 19:43 8459264 c:\windows\Installer\618e86.msp + 2012-02-17 06:45 . 2012-02-17 06:45 2299392 c:\windows\Installer\618e70.msp + 2012-03-26 22:28 . 2012-03-26 22:28 5009920 c:\windows\Installer\3cf85a.msp + 2012-02-29 22:45 . 2012-02-29 22:45 4989440 c:\windows\Installer\299e9e.msp + 2011-07-21 11:34 . 2011-07-21 11:34 3456000 c:\windows\Installer\28fd52.msp + 2012-01-12 19:36 . 2012-01-12 19:36 3970560 c:\windows\Installer\230fb4.msi + 2012-03-27 15:47 . 2012-03-27 15:47 4959232 c:\windows\Installer\15afd6.msp - 2011-12-12 15:34 . 2011-12-20 07:42 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2011-12-12 15:34 . 2012-05-12 22:15 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2011-12-12 15:34 . 2012-05-12 22:15 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2011-12-12 15:34 . 2011-12-20 07:42 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2012-01-03 07:18 . 2012-01-03 07:18 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\rt3d.dll + 2011-11-17 15:50 . 2011-11-17 15:50 6543872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\authplay.dll + 2011-01-14 06:10 . 2011-01-14 06:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD.DLL + 2011-01-14 06:10 . 2011-01-14 06:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKPOWERPOINT.DLL + 2011-01-14 06:10 . 2011-01-14 06:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL.DLL + 2011-08-17 08:49 . 2011-08-17 08:49 4683624 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\WRD12CNV.DLL + 2009-10-09 22:10 . 2009-10-09 22:10 2594632 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\VBE6.DLL + 2011-07-07 01:58 . 2011-07-07 01:58 1616240 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OGL.DLL + 2006-10-26 19:25 . 2006-10-26 19:25 2172688 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PSRCHFEA.DLL + 2012-04-11 19:34 . 2011-12-17 19:42 1212416 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll + 2012-04-11 19:34 . 2011-12-17 19:42 5979136 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll + 2012-04-11 19:34 . 2011-12-17 19:42 2000384 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll + 2012-02-16 09:47 . 2011-11-04 19:13 1212416 c:\windows\ie8updates\KB2647516-IE8\urlmon.dll + 2012-02-16 09:47 . 2011-11-04 19:13 5978112 c:\windows\ie8updates\KB2647516-IE8\mshtml.dll + 2012-02-16 09:47 . 2011-11-04 19:13 2000384 c:\windows\ie8updates\KB2647516-IE8\iertutil.dll + 2011-12-09 13:50 . 2012-04-11 13:51 2196992 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2011-12-09 13:50 . 2012-04-11 13:50 2031104 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2010-12-09 19:44 . 2012-04-11 13:51 2073472 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2011-12-09 13:50 . 2012-04-11 13:51 2152960 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2012-04-11 19:32 . 2012-04-11 19:32 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_9d82b21b\System.Windows.Forms.dll + 2012-04-11 19:32 . 2012-04-11 19:32 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_24582f15\System.Windows.Forms.dll + 2012-04-11 19:32 . 2012-04-11 19:32 2248704 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_6940430f\System.Drawing.dll + 2012-04-11 19:32 . 2012-04-11 19:32 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f061af95\System.Design.dll + 2012-04-11 19:32 . 2012-04-11 19:32 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_38a25aa0\System.Design.dll + 2012-05-12 22:09 . 2012-05-12 22:09 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll + 2012-05-13 07:49 . 2012-05-13 07:49 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\41a81b97625c113b591ed082c95276e2\UIAutomationClientsideProviders.ni.dll + 2012-05-12 22:09 . 2012-05-12 22:09 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll + 2012-05-13 07:49 . 2012-05-13 07:49 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\33fa6a2055bf857bff2e31020279b5e9\System.WorkflowServices.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5eccf6fef6bee8a2f93bc65ff33699bb\System.Workflow.Runtime.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\62bd2e1bf98b04ceca2102c8f54aab9d\System.Workflow.ComponentModel.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\8215548b3d4aabbaa0557ab747700778\System.Workflow.Activities.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3e11aea7d742b5eddbd0b6bd1012f7df\System.Web.Services.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\ff995dde9cd34ff1e8ac7ab55fc92d32\System.Web.Mobile.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8899d1091e64a4d0b6ae69060197091a\System.Web.Extensions.ni.dll + 2012-05-13 07:48 . 2012-05-13 07:48 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5efb50c91f3c5e49be2079f625d933b7\System.Speech.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\97d635f5c656ae43d94b55e67fc4ab50\System.ServiceModel.Web.ni.dll + 2012-05-13 08:35 . 2012-05-13 08:35 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll + 2012-05-12 22:15 . 2012-05-12 22:15 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\1d6707a5a9da16c1d1b88529837884d6\System.Printing.ni.dll + 2012-05-13 08:35 . 2012-05-13 08:35 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e09496ddb2bf6f3b69707924f2e6b5ff\System.IdentityModel.ni.dll + 2012-05-12 22:15 . 2012-05-12 22:15 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8ca00132a08c69697adf1cda32ebd835\System.Drawing.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b55887436d2cfbe1fb32dd18d554185b\System.DirectoryServices.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\832196527f0497078f085eaf9189265f\System.Deployment.ni.dll + 2012-05-12 22:14 . 2012-05-12 22:14 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\982b508698278c6ffb3d143bbe1e8bb8\System.Data.SqlXml.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de7666b1cd0a1bc363726c9553dc39c\System.Data.Services.ni.dll + 2012-05-12 22:14 . 2012-05-12 22:14 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\44a5fc9e7c71b1fe1e2c79b03ecc3bc7\System.Data.Linq.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\772c94f595cd87b7fa187d592ef46fcf\System.Data.Entity.ni.dll + 2012-05-12 22:13 . 2012-05-12 22:13 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll + 2012-05-12 22:13 . 2012-05-12 22:13 2146304 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\2ecefd16184a78f19aaf0f02cc0a7e1f\ReachFramework.ni.dll + 2012-05-12 22:13 . 2012-05-12 22:13 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\51204805c71113e0db2103faa064b313\PresentationUI.ni.dll + 2012-05-12 22:09 . 2012-05-12 22:09 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\8c509044eea2ab22689ea43926b30108\PresentationBuildTasks.ni.dll + 2012-05-13 08:38 . 2012-05-13 08:38 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\b49dd780ba8e3501b0adcf108b431e7b\Microsoft.VisualBasic.ni.dll + 2012-05-13 08:36 . 2012-05-13 08:36 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\42145ebf75f77cabad442f0801a81c64\Microsoft.Transactions.Bridge.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\cfe15312373b4668398404b5822bab7d\Microsoft.JScript.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f3fcd65eca42d13b746cf3f5bd993ee0\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2091903cd9b359e96f05ac2d6d25ef4e\Microsoft.Build.Tasks.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5aa63a1cb41e3a5e1e8ed17072e60ec3\Microsoft.Build.Engine.ni.dll + 2012-05-12 21:58 . 2012-05-12 21:58 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll - 2011-12-09 19:26 . 2011-12-09 19:26 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2012-05-12 22:06 . 2012-05-12 22:06 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2012-01-01 10:58 . 2012-01-01 10:58 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2012-05-12 22:06 . 2012-05-12 22:06 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2012-01-01 10:58 . 2012-01-01 10:58 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-05-12 22:06 . 2012-05-12 22:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2012-01-01 10:58 . 2012-01-01 10:58 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-05-12 22:06 . 2012-05-12 22:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-05-12 21:58 . 2012-05-12 21:58 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll - 2012-01-01 10:57 . 2012-01-01 10:57 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2012-05-12 22:06 . 2012-05-12 22:06 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2012-01-01 10:59 . 2012-01-01 10:59 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2012-05-12 22:06 . 2012-05-12 22:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2012-05-12 21:58 . 2012-05-12 21:58 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2012-01-01 10:58 . 2012-01-01 10:58 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-05-12 22:06 . 2012-05-12 22:06 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-03-20 11:58 . 2012-03-20 11:58 1279864 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll + 2012-02-16 09:48 . 2011-11-23 14:39 1868672 c:\windows\$NtUninstallKB2660465$\win32k.sys + 2012-03-14 08:29 . 2012-01-12 17:21 1869184 c:\windows\$NtUninstallKB2641653$\win32k.sys + 2012-01-12 19:39 . 2010-02-05 18:34 1295872 c:\windows\$NtUninstallKB2631813$\quartz.dll + 2012-04-11 17:03 . 2012-03-01 10:56 1214464 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\urlmon.dll + 2012-04-11 17:03 . 2012-03-01 10:56 5980672 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll + 2012-04-11 17:03 . 2012-03-01 10:56 2001408 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iertutil.dll + 2012-02-16 07:18 . 2011-12-17 19:41 1214464 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\urlmon.dll + 2012-02-16 07:18 . 2011-12-17 19:41 5980160 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll + 2012-02-16 07:18 . 2011-12-17 19:41 2001408 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iertutil.dll + 2009-06-13 17:31 . 2012-05-12 22:08 55656824 c:\windows\system32\mrt.exe + 2009-06-13 17:27 . 2012-03-02 04:00 11082752 c:\windows\system32\ieframe.dll + 2011-08-23 16:41 . 2012-03-02 04:00 11082752 c:\windows\system32\dllcache\ieframe.dll + 2011-09-15 17:39 . 2011-09-15 17:39 11163136 c:\windows\Installer\e7702d.msp + 2011-09-15 17:38 . 2011-09-15 17:38 10838528 c:\windows\Installer\e77022.msp + 2011-09-15 17:37 . 2011-09-15 17:37 16691712 c:\windows\Installer\e76e1c.msp + 2011-09-15 17:37 . 2011-09-15 17:37 34428416 c:\windows\Installer\e76e02.msp + 2012-04-06 00:12 . 2012-04-06 00:12 15709696 c:\windows\Installer\618f05.msp + 2012-01-04 00:25 . 2012-01-04 00:25 17751552 c:\windows\Installer\618ef8.msp + 2012-04-06 01:13 . 2012-04-06 01:13 16527872 c:\windows\Installer\618ea8.msp + 2012-01-03 21:15 . 2012-01-03 21:15 20559288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroRd32.dll + 2011-09-15 19:42 . 2011-09-15 19:42 18115432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\WWLIB.DLL + 2012-04-11 19:34 . 2011-12-18 13:42 11082240 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll + 2012-02-16 09:47 . 2011-11-05 13:13 11081728 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll + 2012-05-13 07:49 . 2012-05-13 07:49 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\995fcf39ead2c2a53e084505c2c67d49\System.Windows.Forms.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\7861cd979ea5db3fb7d30ed94fb0edd2\System.Web.ni.dll + 2012-05-13 08:36 . 2012-05-13 08:36 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll + 2012-05-12 22:14 . 2012-05-12 22:14 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\a9256d2ad7e4be2bbb4e9b18c3997b84\System.Design.ni.dll + 2012-05-12 22:11 . 2012-05-12 22:11 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5b8ff47c1db373a2a4c638ca31988bd2\PresentationFramework.ni.dll + 2012-05-12 22:10 . 2012-05-12 22:10 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\4eb3cd1f1d5a83617524a9dfb96a657d\PresentationCore.ni.dll + 2012-05-12 22:08 . 2012-05-12 22:08 11492352 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll + 2012-04-11 17:03 . 2012-03-01 10:56 11085312 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ieframe.dll + 2012-02-16 07:18 . 2011-12-17 19:41 11085312 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ieframe.dll + 2011-09-15 17:34 . 2011-09-15 17:34 428804608 c:\windows\Installer\e77018.msp . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "Athan"="c:\program files\Athan\Athan.exe" [2011-11-20 1204224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2009-03-08 128512] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= . R0 iastor78;iastor78;c:\windows\system32\drivers\iastor78.sys [14-6-2009 17:02 308248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9-12-2011 14:42 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9-12-2011 14:42 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9-12-2011 14:42 20568] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [30-4-2012 21:54 654408] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9-12-2011 14:36 22344] S2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 14:42 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30-5-2012 8:32 257696] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 14:42 136176] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6-5-2012 16:33 129976] S3 SteComposite;Acer Composite USB Service;c:\windows\system32\drivers\ste_compo.sys [24-6-2010 15:42 75264] . Inhoud van de 'Gedeelde Taken' map . 2012-06-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 06:32] . 2012-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . 2012-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . . ------- Bijkomende Scan ------- . uStart Page = Google IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 FF - ProfilePath - c:\documents and settings\g\Application Data\Mozilla\Firefox\Profiles\712ra1hw.default\ FF - prefs.js: browser.startup.homepage - google.be . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-03 19:25 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(2824) c:\windows\system32\msi.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\webcheck.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . Voltooingstijd: 2012-06-03 19:28:08 ComboFix-quarantined-files.txt 2012-06-03 17:28 ComboFix2.txt 2012-01-04 16:30 ComboFix3.txt 2012-01-03 18:33 . Pre-Run: 45.251.346.432 bytes beschikbaar Post-Run: 45.433.081.856 bytes beschikbaar . - - End Of File - - 5FEEA22A14E85EB6DC60E0B9CF366692 alstu!
  5. hallo mn laptop is weeeeer enorm traag bij het opstarten. nochtans is de internetverbinding zeer goed. hieronder ff een hjt logje, wie kan me helpen? thx Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:58:57, on 2-6-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\taskswitch.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Athan\Athan.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\DOCUME~1\g\LOCALS~1\Temp\RtkBtMnt.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\g\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- End of file - 6323 bytes
  6. ComboFix 12-01-04.02 - g 04-01-2012 17:19:12.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.502.243 [GMT 1:00] Gestart vanuit: c:\documents and settings\g\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\g\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\db1defdf097c94737c9c659d c:\db1defdf097c94737c9c659d\$shtdwn$.req c:\db1defdf097c94737c9c659d\1025\eula.rtf c:\db1defdf097c94737c9c659d\1025\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1028\eula.rtf c:\db1defdf097c94737c9c659d\1028\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1029\eula.rtf c:\db1defdf097c94737c9c659d\1029\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1030\eula.rtf c:\db1defdf097c94737c9c659d\1030\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1031\eula.rtf c:\db1defdf097c94737c9c659d\1031\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1032\eula.rtf c:\db1defdf097c94737c9c659d\1032\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1033\eula.rtf c:\db1defdf097c94737c9c659d\1033\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1035\eula.rtf c:\db1defdf097c94737c9c659d\1035\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1036\eula.rtf c:\db1defdf097c94737c9c659d\1036\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1037\eula.rtf c:\db1defdf097c94737c9c659d\1037\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1038\eula.rtf c:\db1defdf097c94737c9c659d\1038\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1040\eula.rtf c:\db1defdf097c94737c9c659d\1040\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1041\eula.rtf c:\db1defdf097c94737c9c659d\1041\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1042\eula.rtf c:\db1defdf097c94737c9c659d\1042\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1043\eula.rtf c:\db1defdf097c94737c9c659d\1043\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1044\eula.rtf c:\db1defdf097c94737c9c659d\1044\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1045\eula.rtf c:\db1defdf097c94737c9c659d\1045\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1046\eula.rtf c:\db1defdf097c94737c9c659d\1046\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1049\eula.rtf c:\db1defdf097c94737c9c659d\1049\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1053\eula.rtf c:\db1defdf097c94737c9c659d\1053\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1055\eula.rtf c:\db1defdf097c94737c9c659d\1055\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\2052\eula.rtf c:\db1defdf097c94737c9c659d\2052\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\2070\eula.rtf c:\db1defdf097c94737c9c659d\2070\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\3076\eula.rtf c:\db1defdf097c94737c9c659d\3076\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\3082\eula.rtf c:\db1defdf097c94737c9c659d\3082\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\DHtmlHeader.html c:\db1defdf097c94737c9c659d\header.bmp c:\db1defdf097c94737c9c659d\HotFixInstaller.exe c:\db1defdf097c94737c9c659d\NDP35SP1-KB2416473.msp c:\db1defdf097c94737c9c659d\ParameterInfo.xml c:\db1defdf097c94737c9c659d\watermark.bmp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-04 to 2012-01-04 )))))))))))))))))))))))))))))) . . 2011-12-12 15:26 . 2011-12-12 15:26 -------- d-----r- C:\MSOCache . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-23 14:39 . 2009-06-13 17:30 1868672 ----a-w- c:\windows\system32\win32k.sys 2011-11-04 19:13 . 2009-06-13 17:27 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2009-06-13 17:27 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2008-04-15 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2009-06-13 17:29 385024 ----a-w- c:\windows\system32\html.iec 2011-11-01 16:05 . 2009-06-13 17:29 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:31 . 2008-04-15 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 15:19 . 2009-02-09 11:19 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 10:49 . 2009-06-13 17:29 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-18 11:13 . 2008-04-15 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-11-21 04:40 . 2011-12-09 12:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-01-03_18.30.44 ))))))))))))))))))))))))))))))))))))))))) . + 2012-01-04 15:48 . 2012-01-04 15:48 16384 c:\windows\Temp\Perflib_Perfdata_b94.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872] "Athan"="c:\program files\Athan\Athan.exe" [2011-11-20 1204224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2009-03-08 128512] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= . R0 iastor78;iastor78;c:\windows\system32\drivers\iastor78.sys [14-6-2009 16:02 308248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9-12-2011 13:42 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9-12-2011 13:42 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9-12-2011 13:42 20568] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9-12-2011 13:36 652872] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9-12-2011 13:36 20464] S2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 13:42 136176] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 13:42 136176] . Inhoud van de 'Gedeelde Taken' map . 2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . 2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . . ------- Bijkomende Scan ------- . uStart Page = Google IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 FF - ProfilePath - c:\documents and settings\g\Application Data\Mozilla\Firefox\Profiles\712ra1hw.default\ FF - prefs.js: browser.startup.homepage - google.be . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-04 17:27 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2012-01-04 17:30:03 ComboFix-quarantined-files.txt 2012-01-04 16:30 ComboFix2.txt 2012-01-03 18:33 . Pre-Run: 50.280.882.176 bytes beschikbaar Post-Run: 50.285.436.928 bytes beschikbaar . - - End Of File - - 9A12923A594E70A3E20B5D2E1ECA8F07 alstu xD
  7. ComboFix 12-01-03.04 - g 03-01-2012 19:22:42.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.502.279 [GMT 1:00] Gestart vanuit: c:\documents and settings\g\Mijn documenten\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Default User\DelC43.tmp c:\documents and settings\g\DelC43.tmp c:\windows\iun6002.exe c:\windows\system32\config\systemprofile\DelC43.tmp c:\windows\system32\PowerToyReadme.htm c:\windows\system32\Thumbs.db . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-03 to 2012-01-03 )))))))))))))))))))))))))))))) . . 2011-12-12 15:26 . 2011-12-12 15:26 -------- d-----r- C:\MSOCache 2011-12-09 19:26 . 2011-12-09 19:26 -------- d-----w- C:\db1defdf097c94737c9c659d . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-23 14:39 . 2009-06-13 17:30 1868672 ----a-w- c:\windows\system32\win32k.sys 2011-11-04 19:13 . 2009-06-13 17:27 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2009-06-13 17:27 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2008-04-15 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2009-06-13 17:29 385024 ----a-w- c:\windows\system32\html.iec 2011-11-01 16:05 . 2009-06-13 17:29 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:31 . 2008-04-15 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 15:19 . 2009-02-09 11:19 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 10:49 . 2009-06-13 17:29 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-18 11:13 . 2008-04-15 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-11-21 04:40 . 2011-12-09 12:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872] "Athan"="c:\program files\Athan\Athan.exe" [2011-11-20 1204224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "_nltide_3"="advpack.dll" [2009-03-08 128512] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= . R0 iastor78;iastor78;c:\windows\system32\drivers\iastor78.sys [14-6-2009 16:02 308248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9-12-2011 13:42 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9-12-2011 13:42 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9-12-2011 13:42 20568] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9-12-2011 13:36 652872] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9-12-2011 13:36 20464] S2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 13:42 136176] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 13:42 136176] . Inhoud van de 'Gedeelde Taken' map . 2012-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . 2012-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . . ------- Bijkomende Scan ------- . uStart Page = Google IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 FF - ProfilePath - c:\documents and settings\g\Application Data\Mozilla\Firefox\Profiles\712ra1hw.default\ FF - prefs.js: browser.startup.homepage - google.be . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-Athan - c:\windows\iun6002.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-03 19:30 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . . C:\## aswSnx private storage . Scan succesvol afgerond verborgen bestanden: 1 . ************************************************************************** . Voltooingstijd: 2012-01-03 19:33:08 ComboFix-quarantined-files.txt 2012-01-03 18:33 . Pre-Run: 50.470.027.264 bytes beschikbaar Post-Run: 50.601.340.928 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 55D4F58B493906C33B1D0D6E74FC0F27
  8. hallo hier ben ik weer het opstarten van het internet duurt bij mij heel traag maar eens vertrokken gaat t allemaal redelijk vlotjes. ligt het aan mn internet verbinding of een of andere boosdoener? xD het MBAM logje is OK hieronder het HJT logje, dat is chinees voor me Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:15:26, on 2-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\taskswitch.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Athan\Athan.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\spoolsv.exe C:\DOCUME~1\g\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- End of file - 7387 bytes
  9. OK ik waag me eraan vanmiddag, ben op mn werk nu. Ik kan via avast kiezen om de usb zelf te scannen? of via MBAM?
  10. en bvb als ik gewoon niet alles verwijder van de stick is het ook niet opgelost? komen die bestanden dan niet in de prullenbak vd laptop en evt kans op besmetting op laptop? ik ben zo onzeker geworden omdat ik schrik heb dat ik weer prijs ga hebben he
  11. ja maar gaan die virussen niet terug in mn c schijf terecht komen vanaf dat ik de usb insteek? het is net daar dat die pharao in zat...
  12. nieuwe HJT logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:47:27, on 9-12-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\taskswitch.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\CTFMON.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Messenger\msmsgs.exe C:\DOCUME~1\g\LOCALS~1\Temp\RtkBtMnt.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- End of file - 5468 bytes ---------- Post toegevoegd om 14:50 ---------- Vorige post was om 14:48 ---------- het probleem is begonnen met men usb stick. zie boven. ik durf nu die usb niet meer in de laptop te steken omdat ik vrees dat het weer mn laptop zal aantasten. hoewel er enkel word bestandjes op de usb staan hoor... en die zijn zeer belangrijk voor de cursus die ik volg via avondschool. hoe kan ik die bestanden nog recupereren zonder de laptop weer naar de vaantjes te helpen? fotos die hiervoor op de laptop stonden, ben ik ook kwijt zeker :-s na het formatteren?
  13. hallo ik heb inmiddels de laptop laten formatteren. kon zelfs niet in veilige modus opstarten. en als ik de laptop opstartte, meldde hij telkens vanzelf meteen af en sloot af. ik ga hieronder een nieuw hjt logje plaatsen in de hoop dat de laptop echt clean is. toen ik gisteren scande kreeg ik het virus WAZEBAT of zoiets en pharao. grrrr ---------- Post toegevoegd om 13:46 ---------- Vorige post was om 13:45 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:46:36, on 9-12-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\taskswitch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Documents and Settings\g\Mijn documenten\Downloads\setup_av_free.exe C:\WINDOWS\system32\msiexec.exe C:\DOCUME~1\g\LOCALS~1\Temp\_av_sfx.tm~a01956\avast.setup C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\ashQuick.exe C:\Program Files\AVAST Software\Avast\setup\avast.setup C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- End of file - 6031 bytes ---------- Post toegevoegd om 13:47 ---------- Vorige post was om 13:46 ---------- ik gebruik als browser mozilla en heb MBAM en AVAST die continu online zijn en scannen. is dit voldoende?
  14. als ik de verkenner probeer te openen, zie ik de zandloper maar helaas volgt er niets... ook via deze computer kan ik de c schijf niet opnenen, er gebeurt gewoon niets...
  15. als ik dubbelklik op het icoontje met het logje opent het niet. als ik dan via kladblok ga om het te proberen openen, krijg ik de kladblok zelf ook niet open...
  16. hallo ik krijg het logje ni geopend en ook niet te zien als het gesaved is...
  17. hallo als ik met MBAM mn laptop scan krijg ik de melding dat sommige virussen niet verwijderd kunnen worden. bovendien duurt het enorm lang als ik opstart vooraleer ik mn bureaublad te zien krijg, enkel een zwart scherm. als ik mn usb insteek zie ik alle bestanden op de usb dubbel, het tweede bestand bevat dan wel 0 kb, dit zijn wss ook virussen? ook zie ik vanalle iconen die ik NOOIT op die usb heb gezet, bvb nokia73tools, kapersky, ... wat het ook moge zijn. bedankt alvast !!
  18. hallo in veilige modus krijg ik geen melding dat de usb stick is aangesloten hoewel deze aangesloten is, is dit typisch voor veilige modus? bovendien duurt het meer dan een half uur voor aleer ik het 'blauwe scherm' zie na het opstarten van de laptop en dan nog eens een half uur als ik de gebruiker kies... als ik de laptop 'normaal' opstart zie ik enkel (na een uur!) enkel de achtergrond van het scherm (een foto in mijn geval). voor de rest geen taakbalk, geen start-uitrolmenu, geen pictogrammen op mn bureaublad.... is men laptop naar de vaantjes? :-s
  19. bij het opstarten: foutmelding. C/windows/ifmesvcf.dll. ook een venster zonder inhoud met naam: blanck window 2 en nog een medling om het programma te beeindigen met naam: hello 4. allemaal dingen waar ik geen bal van snap ik heb trojan remover gedownlaod. ook die begint te scannen en tijdens het scannen valt mn laptop uit en krijg ik een blauw scherm waar vanalles opstaat maar erna valt de laptop meteen uit, dus ik kan niet lezen wat. ---------- Post toegevoegd om 20:12 ---------- Vorige post was om 20:11 ---------- ook superantispyware programma gedownload en ook hier: het begint te scannen en valt dan volledig weg..
  20. hallo denk dat ik weer een of ander virus op mn laptop staan heb. ik surf nu via veilige modus en krijg zelfs hjt en mbam niet opgestart om te scannen. wie kan me helpen???? ---------- Post toegevoegd om 17:14 ---------- Vorige post was om 17:01 ---------- mbam lukt maar valt vanzelf weg na 10 sec ... pff
  21. ik heb zonet de pc normaal opgestart gekregen zoals voorheen BEDANKT voor de snelle hulp.
  22. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:25:15, on 10/07/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Mozilla Firefox\plugin-container.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TriDefControlPanel] "C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe" M O4 - HKLM\..\Run: [Athan] C:\Programme\Athan\Athan.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Gemeinsame Dateien\fluxDVD\Lib\XEB\xebnavigation.ax O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\isPwdSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 7221 bytes ---------- Post toegevoegd om 19:33 ---------- Vorige post was om 19:25 ---------- Malwarebytes' Anti-Malware 1.51.0.1200 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 7064 Windows 5.1.2600 Service Pack 2 (Safe Mode) Internet Explorer 6.0.2900.2180 10/07/2011 21:33:08 mbam-log-2011-07-10 (21-33-08).txt Scantype: Snelle scan Objecten gescand: 172319 Verstreken tijd: 4 minuut/minuten, 46 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 1 Bestanden geïnfecteerd: 2 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: c:\sy5tw21.bin (Trojan.SpyEyes) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: c:\sy5tw21.bin\a0317581c58.exe (Trojan.SpyEyes) -> Quarantined and deleted successfully. c:\sy5tw21.bin\33f919d25944053 (Trojan.SpyEyes) -> Quarantined and deleted successfully. ---------- Post toegevoegd om 19:34 ---------- Vorige post was om 19:33 ---------- dat sp3 ding, waar kan ik die terug vinden? ik heb deze laptop nog iet zo lang, en het is een duitse versie daar ik ze gekocht heb op ebay, vandaar... grtz
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.