nbent
-
Items
50 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door nbent
-
dringend: drwtsn32 ??? pc blokkeert
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
moet ik de scan uitvoeren in de veilige modus? de normale modus reageert op niets... ---------- Post toegevoegd om 10:33 ---------- Vorige post was om 10:32 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:33:31, on 10/07/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Mozilla Firefox\plugin-container.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TriDefControlPanel] "C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe" M O4 - HKLM\..\Run: [Athan] C:\Programme\Athan\Athan.exe O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [0FXZ1FUAVY8W5X1BVLFDZML] C:\sy5tw21.bin\A0317581C58.exe /q O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Acer Empowering Technology.lnk = ? O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Gemeinsame Dateien\fluxDVD\Lib\XEB\xebnavigation.ax O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\isPwdSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 7501 bytes -
dringend: drwtsn32 ??? pc blokkeert
nbent plaatste een topic in Archief Bestrijding malware & virussen
hallo allen. sinds gisteravond flipt men pctje. als ik de laptop opstart krijg ik constant een zandloper, kan niets opendoen en krijg de foutmelding drwtsn32 en iets van LASS.exe. die foutmelding blijft maar verschijnen op mijn scherm tot de pc zich uiteindelijk zelf aflsuit en terug opstart en zo dus telkens weer. nu heb ik de pc opgestart in veilige modus, daarmee dat ik nu nog gelukkig op internet men vraag stellen kan. hopelijk kan iemand me helpen en is men laptop niet naar de knoppen :-s pffff -
hallo allemaal heeft er iemand tijd om eens een kijkje te werpen of deze logjes... laptop is weer extreem traag Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:33:41, on 2/06/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe C:\Programme\Athan\Athan.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\DOKUME~1\TOBIAS~1\LOKALE~1\Temp\RtkBtMnt.exe C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\igfxext.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\Programme\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe C:\Programme\Malwarebytes' Anti-Malware\mbam.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe C:\Programme\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TriDefControlPanel] "C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe" M O4 - HKLM\..\Run: [Athan] C:\Programme\Athan\Athan.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -update plugin O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Acer Empowering Technology.lnk = ? O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Gemeinsame Dateien\fluxDVD\Lib\XEB\xebnavigation.ax O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\isPwdSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 9003 bytes Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:33:41, on 2/06/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe C:\Programme\Athan\Athan.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\DOKUME~1\TOBIAS~1\LOKALE~1\Temp\RtkBtMnt.exe C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\igfxext.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\Programme\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe C:\Programme\Malwarebytes' Anti-Malware\mbam.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe C:\Programme\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe
-
ok toch dikke merci
-
zal mijn geschiedenis onthouden... maar indien ik ze via de geschiedenis knop manueel link per link wis, vind ik ze dan nog ergens terug of zijn ze definitief weg?
-
ik kan niet op onlangs gesloten tabbladen klikken, dat staat zo transparant aangegeven, dus onmogelijk om op te klikken
-
Hey hey men kan via geschiedenis - alle geschiedenis weergeven - bijvoorbeeld vandaag- alle geraadpleegde adressen terug vinden. als ik rechts klik en op verwijderen is deze link verwijderd. Is er een mogelijkheid om toch na te gaan wat er reeds gewist is of laat dit nadat het gewist is nergens sporen na? greetz
-
hallo kan iemand ff dit HJT logje checken, laptop is extreem traag geworden Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:47:46, on 24/01/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\DOKUME~1\TOBIAS~1\LOKALE~1\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe C:\Programme\Athan\Athan.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\Programme\OpenOffice.org 3\program\soffice.exe C:\Programme\OpenOffice.org 3\program\soffice.bin C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\igfxext.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\Programme\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Mozilla Firefox\plugin-container.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\NppBho.dll O3 - Toolbar: Norton-Symbolleiste anzeigen - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TriDefControlPanel] "C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe" M O4 - HKLM\..\Run: [Athan] C:\Programme\Athan\Athan.exe O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Acer Empowering Technology.lnk = ? O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O18 - Protocol: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Gemeinsame Dateien\fluxDVD\Lib\XEB\xebnavigation.ax O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 9155 bytes
-
HJT logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:23:27, on 27/12/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\Programme\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\DOKUME~1\TOBIAS~1\LOKALE~1\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\igfxext.exe C:\Programme\Messenger\msmsgs.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Mozilla Firefox\plugin-container.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O3 - Toolbar: Norton-Symbolleiste anzeigen - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TriDefControlPanel] "C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe" M O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Acer Empowering Technology.lnk = ? O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Tobias Künkel\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O18 - Protocol: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Gemeinsame Dateien\fluxDVD\Lib\XEB\xebnavigation.ax O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 10295 bytes MBAM logje Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Databaseversie: 5390 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 27/12/2010 19:46:16 mbam-log-2010-12-27 (19-46-16).txt Scantype: Snelle scan Objecten gescand: 150673 Verstreken tijd: 7 minuut/minuten, 59 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Nog enkele bijkomende vraagjes wat is die SP3 hoe stel ik de taal in op het Ndl? grts
-
hieronder het MBAM bestandje Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Databaseversie: 5390 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 24/12/2010 20:35:07 mbam-log-2010-12-24 (20-35-07).txt Scantype: Snelle scan Objecten gescand: 150930 Verstreken tijd: 8 minuut/minuten, 4 seconde(n) Geheugenprocessen geïnfecteerd: 2 Geheugenmodulen geïnfecteerd: 6 Registersleutels geïnfecteerd: 121 Registerwaarden geïnfecteerd: 10 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 38 Bestanden geïnfecteerd: 61 Geheugenprocessen geïnfecteerd: c:\dokumente und einstellungen\all users\anwendungsdaten\resultbar\resultbar115.exe (Adware.ResultBar) -> 2424 -> Unloaded process successfully. c:\programme\resultbar\resultbar.exe (Adware.ResultBar) -> 2524 -> Unloaded process successfully. Geheugenmodulen geïnfecteerd: c:\programme\resultbar\resultbar.dll (Adware.Agent.Gen) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\CmndFF.dll (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\mozillaps.dll (Adware.ShopperReports) -> Delete on reboot. c:\programme\clickpotatolite\bin\10.0.628.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> Delete on reboot. Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ResultBar Service (Adware.ResultBar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{573F4ABB-A1A2-44ed-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbGuru (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{5FE0CEAE-CB69-40af-A323-40F94257DACB} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{E343EDFC-1E6C-4cb5-AA29-E9C922641C80} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.KOPFF.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.KOPFF (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Scopes (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.Stock (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.CntntDic.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.CntntDic (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{CFC16189-8A92-4a29-A940-60248385F426} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.CntntDisp.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.CntntDisp (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.ReportData (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RESULTBAR_SERVICE (Adware.ResultBar) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Value: {B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4A02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Value: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B2} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{C5428486-50A0-4a02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Value: {C5428486-50A0-4a02-9D20-520B59A9F9B3} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.0.517.0 (Adware.HotBar) -> Value: ShopperReports 3.0.517.0 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790475B276555B33AA97 (Malware.Trace) -> Value: SRS_IT_E8790475B276555B33AA97 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ShopperReports@ShopperReports.com (ShopperReports) -> Value: ShopperReports@ShopperReports.com -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully. Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: c:\dokumente und einstellungen\all users\anwendungsdaten\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\anwendungsdaten\resultbar (Adware.ResultBar) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programme\clickpotatolite (Adware.ClickPotato) -> Delete on reboot. c:\programme\clickpotatolite\bin (Adware.ClickPotato) -> Delete on reboot. c:\programme\clickpotatolite\bin\10.0.628.0 (Adware.ClickPotato) -> Delete on reboot. c:\programme\clickpotatolite\bin\10.0.628.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programme\clickpotatolite\bin\10.0.628.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programme\clickpotatolite\bin\10.0.628.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programme\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0} (Adware.ResultBar) -> Delete on reboot. c:\programme\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\chrome (Adware.ResultBar) -> Delete on reboot. c:\programme\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\defaults (Adware.ResultBar) -> Quarantined and deleted successfully. c:\programme\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\defaults\preferences (Adware.ResultBar) -> Quarantined and deleted successfully. c:\programme\resultbar (Adware.ResultBar) -> Delete on reboot. c:\programme\shopperreports3 (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0 (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\firefox (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Delete on reboot. c:\dokumente und einstellungen\all users\startmenü\programme\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\startmenü\programme\shopperreports (Adware.ShopperReports) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: c:\dokumente und einstellungen\all users\anwendungsdaten\resultbar\resultbar115.exe (Adware.ResultBar) -> Quarantined and deleted successfully. c:\programme\resultbar\resultbar.dll (Adware.Agent.Gen) -> Delete on reboot. c:\programme\resultbar\resultbar.exe (Adware.ResultBar) -> Quarantined and deleted successfully. c:\programme\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\CmndFF.dll (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\mozillaps.dll (Adware.ShopperReports) -> Delete on reboot. c:\programme\clickpotatolite\bin\10.0.628.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> Delete on reboot. c:\programme\clickpotatolite\bin\10.0.628.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programme\clickpotatolite\bin\10.0.628.0\clickpotatolitesabho.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programme\shopperreports3\bin\3.0.517.0\cntntcntr.dll (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programme\shopperreports3\bin\3.0.517.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programme\mozilla firefox\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\RECYCLER\s-1-5-21-3748286452-58308823-4199547500-1008\Dc40.exe (Adware.Hotbar) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\lokale einstellungen\Temp\ZANFA.exe (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\lokale einstellungen\Temp\nssFD.tmp\Install.dll (Adware.Seekmo) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\lokale einstellungen\Temp\nssFD.tmp\Resource.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\lokale einstellungen\Temp\nssFD.tmp\Setup.dll (Adware.Seekmo) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\RES5.tmp\upgrade.exe (Adware.Dropper.Gen) -> Quarantined and deleted successfully. c:\WINDOWS\Temp\RES6B.tmp\upgrade.exe (Adware.Dropper.Gen) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\anwendungsdaten\resultbar\resultbar113.exe (Adware.ResultBar) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\Firefox\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\tobias künkel\anwendungsdaten\shopperreports3\IE\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programme\clickpotatolite\bin\10.0.628.0\clickpotatolitesa.exe (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programme\clickpotatolite\bin\10.0.628.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programme\clickpotatolite\bin\10.0.628.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programme\clickpotatolite\bin\10.0.628.0\firefox\extensions\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\programme\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\chrome.manifest (Adware.ResultBar) -> Quarantined and deleted successfully. c:\programme\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\install.rdf (Adware.ResultBar) -> Quarantined and deleted successfully. c:\programme\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\chrome\resultbar.jar (Adware.ResultBar) -> Delete on reboot. c:\programme\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\defaults\preferences\prefs.js (Adware.ResultBar) -> Quarantined and deleted successfully. c:\programme\resultbar\uninstall.exe (Adware.ResultBar) -> Quarantined and deleted successfully. c:\programme\shopperreports3\bin\3.0.517.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programme\shopperreports3\bin\3.0.517.0\shopperreportsuninstaller.exe (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programme\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programme\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\programme\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> Delete on reboot. c:\programme\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\startmenü\programme\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\startmenü\programme\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\startmenü\programme\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\startmenü\programme\shopperreports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\startmenü\programme\shopperreports\customer support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\all users\startmenü\programme\shopperreports\shopperreports uninstall instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
-
BEDANKT xD ik zie net dat office 2007 er wel op staat maar er wordt achter een product key gevraagd kan ik die ergens terug vinden?
-
bedankt, heb het HJT logje uitgevoerd en gewist wat nodig was hieronder volgt een recent logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:03:34, on 24/12/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ResultBar\resultbar115.exe C:\Programme\ResultBar\resultbar.exe C:\Programme\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\DOKUME~1\TOBIAS~1\LOKALE~1\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programme\Messenger\msmsgs.exe C:\WINDOWS\system32\igfxext.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Mozilla Firefox\plugin-container.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O3 - Toolbar: Norton-Symbolleiste anzeigen - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TriDefControlPanel] "C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe" M O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Acer Empowering Technology.lnk = ? O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Tobias Künkel\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Programme\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Programme\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O18 - Protocol: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Gemeinsame Dateien\fluxDVD\Lib\XEB\xebnavigation.ax O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: ResultBar Service - Unknown owner - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ResultBar\resultbar115.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 10912 bytes ik heb deze laptop via ebay gewonnen, vandaar er staat geen office op, hoe kan ik dit gratis downloaden? grts
-
hallo daar ik een laptop heb overgekocht en er veel progs opstaan er veel popups vercshijnenm had ik deze graag wat opgeschoond ken er iemand het HJT logje eens nakijken aub? thx Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:37:45, on 23/12/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ResultBar\resultbar115.exe C:\Programme\ResultBar\resultbar.exe C:\Programme\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\DOKUME~1\TOBIAS~1\LOKALE~1\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe C:\Programme\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSA.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programme\Messenger\msmsgs.exe C:\WINDOWS\system32\igfxext.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\msiexec.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ShopperReports - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Programme\ShopperReports3\bin\3.0.517.0\ShopperReports.dll O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\GEMEIN~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O3 - Toolbar: Norton-Symbolleiste anzeigen - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TriDefControlPanel] "C:\Programme\DDD\TriDef\Common\TriDefControlPanel.exe" M O4 - HKLM\..\Run: [ClickPotatoLiteSA] "C:\Programme\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSA.exe" O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Acer Empowering Technology.lnk = ? O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Tobias Künkel\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Programme\ClickPotatoLite\bin\10.0.628.0\ClickPotatoLiteSABHO.dll O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Programme\ShopperReports3\bin\3.0.517.0\ShopperReports.dll O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Programme\ShopperReports3\bin\3.0.517.0\ShopperReports.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O18 - Protocol: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Gemeinsame Dateien\fluxDVD\Lib\XEB\xebnavigation.ax O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: ResultBar Service - Unknown owner - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ResultBar\resultbar115.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 11655 bytes PS. het is een duitse laptop, hoe verander ik de taal naar het NDL?
-
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
als ik ga zien in de lijst van de software vind ik dit terug: microsoft .NET framework 2.0 servicepack 2 (184 MB) maar ook een SP 3.0 (179 MB) en een 3.5 SP1 (28.18 MB) zijn deze alle 3 nodig? -
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
toen ik dat bestandje sleepte naar het combifix icoontje, vond dezelfde procedure plaats als de eerste scan met combofix, klopt dit? verbinding is veel beter hoor! maar IE werkt opmerkelijk trager dan mozilla. hieronder nog eens een logje van HJT, dat was ik nog vergeten Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:34:08, on 12/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pac.telenet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- End of file - 3169 bytes groetjes ps: als ik scan met MBAM, kan ik erna alles gewoon wissen? hoevaak moet dit gebeuren? -
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
ComboFix 10-08-12.01 - user 12/08/2010 20:52:54.3.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.247.96 [GMT 2:00] Gestart vanuit: c:\documents and settings\user\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\user\Bureaublad\CFScript.txt AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "c:\program files\Hitman Pro\hitmanpro2.sys" "c:\windows\system32\DRIVERS\avgfwdx.sys" "c:\windows\system32\drivers\ctredr15.sys" "c:\windows\system32\drivers\ctredrv.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_CTREDR15.SYS -------\Legacy_CTREDRV.SYS -------\Legacy_HITMANPRO2 -------\Service_Avgfwdx -------\Service_Avgfwfd -------\Service_ctredr15.sys -------\Service_ctredrv.sys -------\Service_hitmanpro2 (((((((((((((((((((( Bestanden Gemaakt van 2010-07-12 to 2010-08-12 )))))))))))))))))))))))))))))) . 2010-08-10 20:57 . 2010-08-12 16:22 -------- d--h--r- c:\documents and settings\user\Onlangs geopend 2010-08-08 22:16 . 2010-08-08 22:16 -------- d-----w- c:\program files\Trend Micro 2010-08-08 21:47 . 2010-08-08 21:47 -------- d-----w- c:\documents and settings\user\Application Data\Malwarebytes 2010-08-08 21:45 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-08 21:45 . 2010-08-08 21:45 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-08 21:45 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-08 21:45 . 2010-08-08 21:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-13 20:58 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-11 23:09 . 2008-12-21 18:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-08-11 23:06 . 2003-04-08 12:00 87100 ----a-w- c:\windows\system32\perfc013.dat 2010-08-11 23:06 . 2003-04-08 12:00 502130 ----a-w- c:\windows\system32\perfh013.dat 2010-08-10 17:27 . 2009-12-25 20:53 -------- dc----w- c:\documents and settings\All Users\Application Data\avg9 2010-08-10 13:06 . 2010-05-08 13:30 0 ----a-w- c:\documents and settings\user\Local Settings\Application Data\prvlcl.dat 2010-08-08 22:16 . 2010-08-08 22:16 388096 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-01 13:53 . 2005-01-16 18:24 -------- d-----w- c:\documents and settings\user\Application Data\MSN6 2010-06-30 12:33 . 2003-04-08 12:00 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-29 11:43 . 2009-08-13 15:10 -------- d-----w- c:\documents and settings\user\Application Data\VoipBuster 2010-06-26 10:19 . 2010-06-26 10:19 -------- d-----w- c:\program files\directx 2010-06-26 10:19 . 2006-04-30 13:05 -------- d-----w- c:\program files\CIF USB CAMERA 2010-06-26 10:18 . 2004-09-30 14:45 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-25 16:37 . 2005-02-21 19:04 -------- d-----w- c:\program files\MSN Messenger 2010-06-25 16:29 . 2010-06-25 16:29 -------- d-----w- c:\program files\Microsoft 2010-06-25 16:29 . 2008-02-27 12:58 -------- d-----w- c:\program files\Windows Live 2010-06-25 16:01 . 2006-01-19 12:39 15256 ----a-w- c:\documents and settings\user\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll 2010-06-24 19:49 . 2010-01-14 20:24 -------- d-----w- c:\program files\LG Electronics 2010-06-24 19:39 . 2005-03-21 05:59 -------- d-----w- c:\program files\Skype 2010-06-24 12:27 . 2005-02-18 15:37 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 11:34 . 2009-12-24 11:20 -------- d-----w- c:\documents and settings\user\Application Data\PoivY 2010-06-24 09:02 . 2003-04-08 12:00 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2003-04-08 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2003-04-08 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2004-09-30 14:29 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe 2010-06-14 07:43 . 2003-04-08 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll . ------- Sigcheck ------- [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys [-] 2003-04-08 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys [-] 2003-04-08 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2003-04-08 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2004-08-04 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys [-] 2003-04-08 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\I386\NTFS.SYS [-] 2003-04-08 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2003-04-08 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys [-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys [-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys [-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys [-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys [-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys [-] 2005-03-14 . 0E66B538096A6529D1AC66E78EB0D5C8 . 359808 . . [5.1.2600.2631] . . c:\windows\$hf_mig$\KB893066\SP2GDR\tcpip.sys [-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys [-] 2003-04-08 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB893066_0$\tcpip.sys [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2004-08-04 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2005-08-22 . F32049792BCBF64954FF964508E47AFB . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll [-] 2005-08-22 . 269182FF03F1FDD0EF803AEB63C01080 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll [-] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [-] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll [-] 2003-04-08 . 9F93E038B7D35F4EA7F46D0CD392D018 . 223232 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2005-07-26 . B52BD9DB0BD6D01BDB01B0DBFBB804CD . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2005-07-26 . 23B465FD2354D83218AC091D0EE6D91B . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll [-] 2005-04-28 . 6D61211D515EA7E31FDB7B0FA9CEF878 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll [-] 2005-04-28 . 0468AA524F6912F449BC14CF7DACAF68 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll [-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll [-] 2004-08-04 . DDE0457B7706C3AD4E5AFDD502698A06 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll [-] 2004-03-06 . C9B092E9EEE8C5F7F6CBD588B232274D . 263680 . . [5.1.2600.1361] . . c:\windows\$NtUninstallKB873333_0$\rpcss.dll [-] 2003-04-08 . 18CC35AADF5D21F564246FC580A43378 . 260608 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB828741$\rpcss.dll [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe [-] 2004-08-04 . CCCB8B94B17466EFB9DC27F42625B0E5 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe [-] 2003-04-08 . D375231CCA973A06C43E4B6087BFA706 . 519168 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB841533$\winlogon.exe [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2006-08-25 . F67AE54BCA3873D48A1AC722A9CA70BF . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2004-08-04 . 8A473F553E9E45DB4EF6FF11AB54E4E1 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [-] 2003-04-08 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll [-] 2003-04-08 . 4563396E23EA861523C08AEDA0666014 . 53248 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB826939$\cryptsvc.dll [-] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:23 . B3A4422CBD8DAA6710431F67C679DA24 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll [-] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll [-] 2004-08-04 08:03 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll [-] 2003-04-08 12:00 . 4A652DAF0BFD8FF8AA5DB61C7B798DCB . 225280 . . [2001.12.4414.46] . . c:\windows\$NtUninstallKB828741$\es.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2004-08-04 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2007-04-16 . 68757F5935D6D76DD10975B7B7A9751D . 1027072 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [-] 2007-04-16 . 6557EA471552BB9AF16B66902D572BD5 . 1025536 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [-] 2006-07-05 . F2352FB7D9E5C70374568724A32B5CB7 . 1025024 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll [-] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll [-] 2003-04-08 . CDE58E6276B4B9104ECC70B90AE386A2 . 971264 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\kernel32.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2005-09-01 . BDF49EB509B446650A752F751634AA1C . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll [-] 2005-09-01 . 74B59D2B62583D3932FCE6CBB6EB5F77 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll [-] 2004-08-04 . 5B42639BE48C8E84FD52C66958A44427 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll [-] 2003-04-08 . A4DF53419129963DCE45B16C44E7D182 . 15360 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB841356$\linkinfo.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll [-] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll [-] 2010-06-24 . 4866ECEEFB5964BB1CB081FB3A2A370D . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll [-] 2010-06-24 . 4866ECEEFB5964BB1CB081FB3A2A370D . 5954560 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\mshtml.dll [-] 2010-06-24 . 1048BF4C23101A0404252A19A9151C16 . 5951488 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\mshtml.dll [-] 2010-06-24 . 1048BF4C23101A0404252A19A9151C16 . 5951488 . . [8.00.6001.18939] . . c:\windows\system32\mshtml.dll [-] 2010-06-24 . 1048BF4C23101A0404252A19A9151C16 . 5951488 . . [8.00.6001.18939] . . c:\windows\system32\dllcache\mshtml.dll [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-02-25 . A38971E011619C2CF1B87ADE965F5DD4 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll [-] 2010-02-25 . 2399C13AE076A84037794AA0E9BF152A . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll [-] 2009-12-21 . 0C92E8AAD0E68E0A5358813353F31CE3 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll [-] 2009-12-21 . 585A8B2FD6373FC06D6893867754CF74 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . 1185E34AB3243194BB57FD3C31385700 . 3091968 . . [6.00.2900.5897] . . c:\windows\ie8\mshtml.dll [-] 2009-10-29 . A66CEDA2AA6FA052D3F7A46CE7553D21 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll [-] 2009-10-29 . 6D626567986D37E021F44EE66446D515 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . F7E06360F7DAFED78647AAFCC7ADBBC5 . 3094016 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll [-] 2009-10-19 . 0B2E964BEB51B4004329061F87B261FB . 3091968 . . [6.00.2900.5890] . . c:\windows\$NtUninstallKB976325$\mshtml.dll [-] 2009-10-19 . 2ECF5281C946A38CFDA0E591C2B1A258 . 3093504 . . [6.00.2900.5890] . . c:\windows\$hf_mig$\KB976749\SP3QFE\mshtml.dll [-] 2009-09-25 . 03C83F354CDFAA7A804AC5B76D46AC07 . 3091968 . . [6.00.2900.5880] . . c:\windows\$NtUninstallKB976749$\mshtml.dll [-] 2009-09-25 . A5C706F4A21ED747E30F93547A7CCA38 . 3093504 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\mshtml.dll [-] 2009-07-18 . E704809CCDA1A4B3CBAEF906B22D21B6 . 3090432 . . [6.00.2900.5848] . . c:\windows\$NtUninstallKB974455$\mshtml.dll [-] 2009-07-18 . B88A200864586C3E97C8EF3A09B98BFD . 3090944 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll [-] 2009-04-29 . BE9435BD7871B348A41F7B17AB137766 . 3089920 . . [6.00.2900.5803] . . c:\windows\$NtUninstallKB972260$\mshtml.dll [-] 2009-04-29 . 69DAFA0F9F6B0CEF2F2FDD29B3E9710E . 3090432 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll [-] 2009-02-20 . D78DF30D280521BA82405D241FBE7E03 . 3089408 . . [6.00.2900.5764] . . c:\windows\$NtUninstallKB969897$\mshtml.dll [-] 2009-02-20 . 3157B61958A0B4841ADF6A2135293D31 . 3089408 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\mshtml.dll [-] 2008-12-12 . AC658A3AF4AA1E6510CB31546080D601 . 3088896 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll [-] 2008-12-12 . D51029CBD8303F10EC90758C6A40D7B4 . 3088896 . . [6.00.2900.5726] . . c:\windows\$NtUninstallKB963027$\mshtml.dll [-] 2008-10-16 . F9AE67D44A434A7433288F028A84D133 . 3088896 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll [-] 2008-10-16 . 990088BAAFB3D01FAE958DA7F62EC737 . 3088896 . . [6.00.2900.5694] . . c:\windows\$NtUninstallKB960714$\mshtml.dll [-] 2008-08-20 . D81AFE63AFB1E2C59D73A2E83B1350CF . 3088896 . . [6.00.2900.5659] . . c:\windows\$NtUninstallKB958215$\mshtml.dll [-] 2008-08-20 . DDE475588393F4CA42FD3CAEE917E15A . 3088896 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll [-] 2008-06-25 . 0DF998D5B19A8A3463F8E38402A026EC . 3088896 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll [-] 2008-06-23 . 6975533B9EDB4A5963E688F7B22C3F79 . 3088384 . . [6.00.2900.3395] . . c:\windows\$NtServicePackUninstall$\mshtml.dll [-] 2008-06-23 . CC51CAD063737BC57732638C990C255B . 3088384 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll [-] 2008-06-23 . CC51CAD063737BC57732638C990C255B . 3088384 . . [6.00.2900.5626] . . c:\windows\$NtUninstallKB956390$\mshtml.dll [-] 2008-04-23 . 67F763A3FD377AFB75CD60BC10677EA1 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll [-] 2008-04-21 . 3F63F6905BE003FA3AA87D91C5997F43 . 3087872 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838_0$\mshtml.dll [-] 2008-04-21 . A7C4AB35FCAF4BB70D57D74C3602C701 . 3087872 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll [-] 2008-04-21 . A7C4AB35FCAF4BB70D57D74C3602C701 . 3087872 . . [6.00.2900.5583] . . c:\windows\$NtUninstallKB953838$\mshtml.dll [-] 2008-04-21 . 672278873C3BB6898FAFF498C78A99F8 . 3088384 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB950759$\mshtml.dll [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll [-] 2008-03-01 . 78D65657B4864C9ECD8079EEE5D1A6BA . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll [-] 2008-03-01 . 438C16DB8952A4E108E89B4C5E55C526 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll [-] 2007-12-07 . FF6518F3E721C4BC2C15262A1EABCEF7 . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . 88B6B490A22D720BE43B37C649AD1B4B . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . 80880B8B13A8005FDF3065DEB9E8043F . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll [-] 2007-08-20 . 1A1ECAD58E3400DDC405B30A30057437 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll [-] 2007-07-18 . AF15C3F7F8071CE05B1759B7AFAA1CDC . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll [-] 2007-06-15 . 34AF8680725DD035053A920683C373BB . 3085312 . . [6.00.2900.3157] . . c:\windows\$hf_mig$\KB937143\SP2QFE\mshtml.dll [-] 2007-06-15 . 34AF8680725DD035053A920683C373BB . 3085312 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB950759_0$\mshtml.dll [-] 2007-06-14 . 683372B959D5F69CE3B96266F757FE0B . 3079680 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB937143$\mshtml.dll [-] 2007-05-04 . D9B1913BA7F86A3758A2EAA2E8548A1D . 3085312 . . [6.00.2900.3132] . . c:\windows\$hf_mig$\KB933566\SP2QFE\mshtml.dll [-] 2007-05-04 . BFA1BA84ADE42D2F2F8A79D06B44A53A . 3079680 . . [6.00.2900.3132] . . c:\windows\$NtUninstallKB937143_0$\mshtml.dll [-] 2007-02-19 . 4E7FF99E55197D1A772A2152EE7BCB80 . 3077632 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\mshtml.dll [-] 2007-02-19 . 58777FEFC19FDDE25CB613EFC2B79605 . 3084288 . . [6.00.2900.3086] . . c:\windows\$hf_mig$\KB931768\SP2QFE\mshtml.dll [-] 2007-01-04 . 51E8C6369DB16D9F42826DC272C7CC09 . 3083264 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\mshtml.dll [-] 2007-01-04 . 3B25611555C91AF75B1AE6E9E46F2674 . 3077632 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\mshtml.dll [-] 2006-10-23 . B2C3664C38FB778922EDF24C783526BB . 3082240 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll [-] 2006-10-23 . D9646B8EE340C0E6061D001BCF1FF04D . 3076096 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll [-] 2006-09-14 . 757A68BF9CBAB1C0CA8580FBDAA3D645 . 3075584 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\mshtml.dll [-] 2006-09-14 . 64C50B7D71B8E2EF31806D8693B87681 . 3079680 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\mshtml.dll [-] 2006-07-28 . FB8009A211F49770D185B677242028A6 . 3079168 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll [-] 2006-07-28 . 5279BE2163D43987B4EF8CA7583E8349 . 3075072 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll [-] 2006-05-19 . 4F28F3A73CC983164857187F39D1E683 . 3073536 . . [6.00.2900.2912] . . c:\windows\$NtUninstallKB918899$\mshtml.dll [-] 2006-05-19 . FE29524C7865A3654570D08B6DDB21A8 . 3076096 . . [6.00.2900.2912] . . c:\windows\$hf_mig$\KB916281\SP2QFE\mshtml.dll [-] 2006-03-23 . F37385D022068930B4F3C19F80302CF6 . 3074560 . . [6.00.2900.2873] . . c:\windows\$NtUninstallKB916281$\mshtml.dll [-] 2006-03-23 . 23DA243CB47559DB090F074E7B1A106A . 3076608 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll [-] 2005-11-24 . FCAE3A45159DE7C92A8FAFD5D781D7B1 . 3013632 . . [6.00.2900.2802] . . c:\windows\$NtUninstallKB912812$\mshtml.dll [-] 2005-11-24 . 25BEB0FE406B51D230059D55DD4D8073 . 3016192 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll [-] 2005-10-05 . 3660E3C5182D286BEE71E2AF42889D5A . 3015680 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll [-] 2005-10-04 . F765EA3A7ADAB0E9C4A8698F2620CCB4 . 3013120 . . [6.00.2900.2769] . . c:\windows\$NtUninstallKB905915$\mshtml.dll [-] 2005-07-20 . 89881B165F5D47BBA473B4730DFF26B8 . 3014144 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll [-] 2005-07-20 . DDBE7ADD11664BE7AB98A431C522D233 . 3012096 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB896688$\mshtml.dll [-] 2005-05-02 . 4A8BADAD69F188573B99EAFFAD8BDE36 . 3012608 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll [-] 2005-05-02 . A84B1A1E5D482821E23A4CB135379BF3 . 3011072 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\mshtml.dll [-] 2005-03-10 . D9C48BC1DBBE8154703C6CB078044D08 . 3010560 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB883939$\mshtml.dll [-] 2005-03-10 . 8D9257DB6CB9AE5E2F3C7DBD88B14280 . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll [-] 2005-01-27 15:03 . 2CEA86656469554716FDE133CC35C480 . 2806272 . . [6.00.2800.1491] . . c:\windows\$NtUninstallKB890923-IE6SP1-20050225.103456$\mshtml.dll [-] 2004-08-04 . 43E31383850CFEA3C0F445BED9A700F4 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB890923$\mshtml.dll [-] 2003-04-08 . 28BA7BF8F2BB53E4DD9D43914142737E . 2833920 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB867282-IE6SP1-20050127.163319$\mshtml.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [-] 2003-04-08 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL [-] 2003-04-08 12:00 . E826A484EDE25C3AE19F1B8086511F4B . 267536 . . [4.20.6201] . . c:\windows\I386\WIN9XUPG\MSVCRT.DLL [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . FF59588E31F864FED9D0258969559A4B . 247296 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll [-] 2008-06-20 . 71AB52C70B9436C0A0B704FDE9D1A7CD . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll [-] 2004-08-04 . 0C53DB0671AB5A93D169DAFFC8DA11CF . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2004-08-04 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll [-] 2010-04-28 . 548AED38DF451C1783037390194A04DC . 2194304 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2010-04-28 . 548AED38DF451C1783037390194A04DC . 2194304 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR\ntoskrnl.exe [-] 2010-04-28 . 548AED38DF451C1783037390194A04DC . 2194304 . . [5.1.2600.5973] . . c:\windows\system32\ntoskrnl.exe [-] 2010-04-28 . 548AED38DF451C1783037390194A04DC . 2194304 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe [-] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE\ntoskrnl.exe [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe [-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-10 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 13C15BFF7E82D3F9FD215ADD54A3929D . 2193536 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-08-04 . 270DE336026B0815F064BB8BD4CFD336 . 2193536 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165-v2$\ntoskrnl.exe [-] 2009-08-04 . 2F1443AB72A64182FD8258BBAE801EA7 . 2193664 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . 27380B877348030B0662A39C47AAEC11 . 2193408 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2008-08-14 . E332B6DE826D4222A758E3264AD8D520 . 2193536 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-08-14 . 3E5E63D926C5E9F81045F3646815D2A1 . 2193536 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [-] 2007-02-28 . 59DCA97DC201792C1CCF9FE621EE5ED7 . 2186496 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe [-] 2007-02-28 . CAAA8FD3C034A227691A43B60873F097 . 2184704 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [-] 2006-12-19 . 4CB6C3B16587971C56AAA8A9B0511BC7 . 2186368 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe [-] 2006-12-19 . F609063BAE4D058A4019C4D99A1FD8DD . 2184704 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [-] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntoskrnl.exe [-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe [-] 2004-10-28 . A49D4E759C43334350BBDFCF83194502 . 2092672 . . [5.1.2600.1605] . . c:\windows\$NtUninstallKB890859_0$\ntoskrnl.exe [-] 2004-10-28 . A49D4E759C43334350BBDFCF83194502 . 2092672 . . [5.1.2600.1605] . . c:\windows\SoftwareDistribution\Download\b8341db1436dce67521cf460d64618b2\sp1qfe\ntoskrnl.exe [-] 2004-08-04 . 87AAEA3908E069FB1BE37380C895DFB8 . 2185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe [-] 2004-06-17 . 07B2A892B0D617922CB6E5776146AA42 . 2055808 . . [5.1.2600.1568] . . c:\windows\$NtUninstallKB885835_0$\ntoskrnl.exe [-] 2003-04-08 . ED3086CF7C835D8A3FD0E6FBD95C0F53 . 2046464 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\ntoskrnl.exe [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2004-08-04 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2004-08-04 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [-] 2005-07-08 . C2A4E29888F45E7FC1FD64C83D5EA669 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll [-] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2007-03-08 . FA35431E333943F4B2A6D33FA4EE3CE9 . 579584 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 . CB18F701A5D55A6308FAB8D18322C060 . 579072 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2005-03-02 . 0B62745CE93E8C6F56547F70269DBABC . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . A9F2EBFC6EF9C1FB38CEDCF747162B6C . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\user32.dll [-] 2005-03-02 . A9F2EBFC6EF9C1FB38CEDCF747162B6C . 578560 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll [-] 2004-12-29 . A31CAC81F627FEB537AFD5CF51150287 . 576000 . . [5.1.2600.1617] . . c:\windows\$NtUninstallKB890859_0$\user32.dll [-] 2004-08-04 . 8E5D344FD717D35EE7ED1C8E0AD0CBE6 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll [-] 2003-04-08 . 2E8CEC28BE4D9B830BA0AFF73C9279F7 . 561664 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB891711$\user32.dll [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe [-] 2010-06-24 . 8168F7D81CD04C83D7E04F3981A7D0F5 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . 8168F7D81CD04C83D7E04F3981A7D0F5 . 919040 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\wininet.dll [-] 2010-06-24 . A3D63C0EF4D32F1F04D9E9596AEA0FFE . 916480 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\wininet.dll [-] 2010-06-24 . A3D63C0EF4D32F1F04D9E9596AEA0FFE . 916480 . . [8.00.6001.18939] . . c:\windows\system32\wininet.dll [-] 2010-06-24 . A3D63C0EF4D32F1F04D9E9596AEA0FFE . 916480 . . [8.00.6001.18939] . . c:\windows\system32\dllcache\wininet.dll [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . 2A850B8F7B435ACFB9DCD0A566FD720C . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . BB424C9406140FEAFB4732025BEBB69B . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2009-12-21 . FA2B753F8FE84904A6940589A43F30B4 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 4C145AB616871611FCE38F053C75807C . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 765E049E1F6E2EF9265B85E02DE487B5 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-10-29 . D906535CAB4BB8A60AC060351EDE159F . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 772A3480B543FB5280DE1679FA73E799 . 670208 . . [6.00.2900.5897] . . c:\windows\ie8\wininet.dll [-] 2009-10-29 . 77DA6400FF88337FE260CF87A530D64C . 671744 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll [-] 2009-09-25 . E3A0D172FF21D1F0B30CB3B9671ADEBF . 670208 . . [6.00.2900.5880] . . c:\windows\$NtUninstallKB976325$\wininet.dll [-] 2009-09-25 . 2A7566FCBB31765DC1D710EA5928D059 . 671744 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\wininet.dll [-] 2009-06-26 . 4D027430F9191F5398E5AC3767258475 . 669696 . . [6.00.2900.5835] . . c:\windows\$NtUninstallKB974455$\wininet.dll [-] 2009-06-26 . 61C88D0B3D62B1F2856883C91A904037 . 671232 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll [-] 2009-04-29 . CBB2C7EBD98F1CC84B6EF105547657BD . 669696 . . [6.00.2900.5803] . . c:\windows\$NtUninstallKB972260$\wininet.dll [-] 2009-04-29 . 482D2FD463A02A9E65CBC8045DA052FE . 671232 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll [-] 2009-02-20 . 61920ED8DAA8CEB90450A3C54563EB9A . 669184 . . [6.00.2900.5764] . . c:\windows\$NtUninstallKB969897$\wininet.dll [-] 2009-02-20 . 65EA1865F761726955258B650037CF2F . 670720 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll [-] 2008-10-16 . A9CB7C8F4FB538DCAA26FFF76C2F8F14 . 670208 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll [-] 2008-10-16 . FD8DC8F2FA8C3F3CC00C99018AF1530C . 669184 . . [6.00.2900.5694] . . c:\windows\$NtUninstallKB963027$\wininet.dll [-] 2008-08-20 . BC9059433D2F0889A71E3CDFF5AB2F71 . 669184 . . [6.00.2900.5659] . . c:\windows\$NtUninstallKB958215$\wininet.dll [-] 2008-08-20 . F77FD23458C5C4C16C37667FDDDCECBA . 669696 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll [-] 2008-06-23 . 745795941F497E1CB3918A4AD3BEDEEE . 670208 . . [6.00.2900.3395] . . c:\windows\$NtServicePackUninstall$\wininet.dll [-] 2008-06-23 . 8ADFF2F029A90FED04A322CBF084F3EA . 669184 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll [-] 2008-06-23 . 8ADFF2F029A90FED04A322CBF084F3EA . 669184 . . [6.00.2900.5626] . . c:\windows\$NtUninstallKB956390$\wininet.dll [-] 2008-06-23 . AE1A6AEA7F65F452C0916FB1399D832E . 669696 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll [-] 2008-04-23 . 49ECC612EE5B23CA669A1EB15EE6DB3E . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll [-] 2008-04-21 . 20238850AFE4A19A885CD5658433D60D . 669696 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838_0$\wininet.dll [-] 2008-04-21 . 0E4C070B2D83D7D76CF2A0384FA50750 . 669184 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll [-] 2008-04-21 . 0E4C070B2D83D7D76CF2A0384FA50750 . 669184 . . [6.00.2900.5583] . . c:\windows\$NtUninstallKB953838$\wininet.dll [-] 2008-04-21 . 438F668DDACCAD59F934772EE894A704 . 669696 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB950759$\wininet.dll [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll [-] 2008-03-01 . 0BC8124D6EA627A1BB864094A43C2698 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll [-] 2008-03-01 . 1073283DC2D66C5539301BAEF0BCB442 . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll [-] 2007-12-07 . 9294B445326B926BABC3F382F8410A31 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll [-] 2007-10-10 . 8AEB1E98D785BEA8278BDF2D3389D6E2 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll [-] 2007-10-10 . 79A07C04C00D4ACF47AFDB44E7FEF1CC . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll [-] 2007-08-20 . 077B22B5FEBAA055AAC0406413F53A5F . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll [-] 2007-06-27 . 1E9D35BA9240592A68BB5980AA23FDB9 . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll [-] 2007-06-26 . 7A0C9A702ED8F8695AC925C5B1850A07 . 668672 . . [6.00.2900.3164] . . c:\windows\$hf_mig$\KB937143\SP2QFE\wininet.dll [-] 2007-06-26 . 7A0C9A702ED8F8695AC925C5B1850A07 . 668672 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB950759_0$\wininet.dll [-] 2007-06-26 . 514AD1D91EE71CF2D93E6DD5423F5C13 . 662016 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB937143$\wininet.dll [-] 2007-04-18 . B2219D7AF938DE9372EB159C68FF83B5 . 668672 . . [6.00.2900.3121] . . c:\windows\$hf_mig$\KB933566\SP2QFE\wininet.dll [-] 2007-04-18 . 6B755E9D272AF1DAA6FA618329D2AB18 . 662016 . . [6.00.2900.3121] . . c:\windows\$NtUninstallKB937143_0$\wininet.dll [-] 2007-02-19 . 48E1C53BA8C6267BB97925EF729BDE90 . 668672 . . [6.00.2900.3086] . . c:\windows\$hf_mig$\KB931768\SP2QFE\wininet.dll [-] 2007-02-19 . 55BE69A43120FDA4CFB7C0C1F305DB1A . 662016 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\wininet.dll [-] 2007-01-04 . 243988BB76262D72A48E8312BF8A0231 . 668160 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\wininet.dll [-] 2007-01-04 . 366EC67E75F81D891ADFCC9941F1DE45 . 662016 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\wininet.dll [-] 2006-10-23 . 7693CCDD13B082985CA0AC2862CBCAF7 . 667648 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll [-] 2006-10-23 . E30AD3B3927B33D894486EFACCD48014 . 662016 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll [-] 2006-09-14 . 75C38DD0613B2F170F8F6B2DCBDD6343 . 662016 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\wininet.dll [-] 2006-09-14 . 0D3A915A798CD9568ABDBBE55489DD51 . 667648 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll [-] 2006-06-23 . 0960FA973421FF4630D024843341509E . 667648 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll [-] 2006-06-23 . 91A1532762382C31DA0103946B4A20D3 . 662016 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll [-] 2006-05-10 . 79C938AB59D5FDB3A4297C117A6858D5 . 666624 . . [6.00.2900.2904] . . c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll [-] 2006-05-10 . FE03AAC620CDFCD835F18760D71F6E6E . 661504 . . [6.00.2900.2904] . . c:\windows\$NtUninstallKB918899$\wininet.dll [-] 2006-03-04 . B81CF479B43ED1CA2DF12C878B596B2E . 666624 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll [-] 2006-03-04 . 7DCC79C2DE609F74AA67E16E8E77AF4C . 661504 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB916281$\wininet.dll [-] 2005-10-21 . 24059DA5B7131CB82C2B8A39701D93F9 . 661504 . . [6.00.2900.2781] . . c:\windows\$NtUninstallKB912812$\wininet.dll [-] 2005-10-21 . 06AE5BD6363190E622F1AA91591F41C4 . 664576 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll [-] 2005-09-02 . 632629B24EB816FE354F66B48513E104 . 663552 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll [-] 2005-09-02 . FBC6550971ED432F77E35DD376D573B0 . 661504 . . [6.00.2900.2753] . . c:\windows\$NtUninstallKB905915$\wininet.dll [-] 2005-07-03 . C9567D2CD2441DFF60814E721EF6EB43 . 661504 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB896688$\wininet.dll [-] 2005-07-03 . C167930AEEF3C1739F340D5758834B01 . 662528 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll [-] 2005-05-02 . C048C90CE1CE329AB9E1E412DEC87920 . 662016 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll [-] 2005-05-02 . 2D9BCCC29C0F34794DADE5E4C95E9239 . 660992 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\wininet.dll [-] 2005-03-10 . 810BBD0592B40908C5D88B9E7823B54D . 659968 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB883939$\wininet.dll [-] 2005-03-10 . 8010EECE634E0F3D6FF176457DF63619 . 660992 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll [-] 2004-12-07 18:19 . B74A58F27BA66936CC6CAE53AB2E8CBA . 593920 . . [6.00.2800.1485] . . c:\windows\$NtUninstallKB890923-IE6SP1-20050225.103456$\wininet.dll [-] 2004-08-04 . 6C7E1322898378C30BCD9F779A2621EE . 659456 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB890923$\wininet.dll [-] 2003-04-08 . 87DF44F9B70BBF94D4143C21A5CB42BA . 602112 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB867282-IE6SP1-20050127.163319$\wininet.dll [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2004-08-04 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2007-06-13 . 147E95A42A58CE99E403F7F57656BBEB . 1036800 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2007-06-13 . 1D6245AFBD3FAABC16A885116BE1874D . 1036800 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [-] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\system32\ole32.dll [-] 2005-07-26 . 588443247F2EE6A61B5864B64A7E270E . 1284608 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll [-] 2005-07-26 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll [-] 2005-04-28 . 5C3B15C45ADF30B024927F1A0823BD16 . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll [-] 2005-04-28 . 48629EDCD92AA071554304F9F9E96E38 . 1284608 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll [-] 2005-01-14 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\ole32.dll [-] 2005-01-14 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll [-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll [-] 2004-08-04 . 602969286376832E3F49F54E4F0F051A . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll [-] 2004-03-06 . 4F659421A1AD32AD4FF95751ACBDBC4E . 1183744 . . [5.1.2600.1362] . . c:\windows\$NtUninstallKB873333_0$\ole32.dll [-] 2003-04-08 . 8C57515321D7FFD77ADD70517D7BE737 . 1169920 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB828741$\ole32.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2004-08-04 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll [-] 2006-12-19 . D6F2B8963663F2014FAFCD8E15E4E778 . 135168 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] 2006-12-19 . 20A1DFA416579DACEE28E15E331C3930 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [-] 2004-10-28 . 40EFC4BD8F43AFC13A3E3147FCBEAB4E . 117248 . . [6.00.2800.1605] . . c:\windows\SoftwareDistribution\Download\b8341db1436dce67521cf460d64618b2\sp1qfe\shsvcs.dll [-] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll [-] 2003-04-08 . 99792E295E5A4E7BCD08F4D708E16AAB . 116736 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB885835_0$\shsvcs.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll [-] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll [-] 2003-04-08 . 5239C9913F5166838D772BF4A61C7844 . 160256 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB841873$\schedsvc.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2004-08-04 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll [-] 2003-04-08 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys [-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys [-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll [-] 2006-11-01 19:19 . 13E52326F0F19A1A8D34681E3444E8D1 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll [-] 2003-04-08 12:00 . 8EED1D71C14C356684E586B0A7DB6BCE . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2004-08-04 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll [-] 2003-04-08 . F9DAEE255E7ED81BC6DCD67BFEF826EA . 34304 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB828035$\msgsvc.dll [-] 2005-01-28 07:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [-] 2005-01-28 07:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\mspmsnsv.dll [-] 2004-08-04 08:03 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll [-] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe [-] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE\ntkrnlpa.exe [-] 2010-04-28 . F98305BD47DC7A0B2A978000E3C31FAB . 2071168 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2010-04-28 . F98305BD47DC7A0B2A978000E3C31FAB . 2071168 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR\ntkrnlpa.exe [-] 2010-04-28 . F98305BD47DC7A0B2A978000E3C31FAB . 2071168 . . [5.1.2600.5973] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-04-28 . F98305BD47DC7A0B2A978000E3C31FAB . 2071168 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe [-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-10 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . F63B0CC3CE1E6E8EA39B4933B595C73A . 2070400 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-08-04 . AB21A63A3B15653043E71126E5BBE3DE . 2070528 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . BF6965EA17CC1E48DA287783AEEF3CDB . 2070400 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165-v2$\ntkrnlpa.exe [-] 2009-02-10 . 6A94A7317E28B6543D94174F9016BB68 . 2070400 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . DE961B54D30C7DD6AA6C3BD27D584E30 . 2070400 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . C92E65CBB38161373319BB11340DE919 . 2070400 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [-] 2007-02-28 . F51B8D8B0703518349096604E788B83E . 2063744 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe [-] 2007-02-28 . 57B09AD681C1D8DB77CCC3E92D8F5D14 . 2061952 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [-] 2006-12-19 . 4BF54C0431A9BB0BCE6C821CD4018F7D . 2063744 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe [-] 2006-12-19 . 6D080DDC482E83A69C9A862C247FA50D . 2061952 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [-] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe [-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe [-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe [-] 2004-10-28 . D345DCF163BDE4E2AE74026077B657F0 . 1960064 . . [5.1.2600.1605] . . c:\windows\$NtUninstallKB890859_0$\ntkrnlpa.exe [-] 2004-10-28 . D345DCF163BDE4E2AE74026077B657F0 . 1960064 . . [5.1.2600.1605] . . c:\windows\SoftwareDistribution\Download\b8341db1436dce67521cf460d64618b2\sp1qfe\ntkrnlpa.exe [-] 2004-08-04 . E0399688D466B7C3AFDFFB5A2ED9F351 . 2061184 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe [-] 2004-06-17 . 67309819BE2F65C24138983BA3236913 . 1958912 . . [5.1.2600.1568] . . c:\windows\$NtUninstallKB885835_0$\ntkrnlpa.exe [-] 2003-04-08 . 13C45289C0E4F23CF129417DCA1F2F6E . 1952128 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\ntkrnlpa.exe [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2004-08-04 08:03 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [-] 2007-02-05 . 063B30C37E3902760919D3E5D98CC7C9 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll [-] 2007-02-05 . DE0A3D72D98A08A115300E2B2DC4374B . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll [-] 2004-08-04 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll [-] 2004-07-09 03:27 . 0568B105D80634F3059185B9317D74CA . 363520 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll [-] 2004-08-04 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2004-08-04 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll [-] 2004-07-09 03:27 . 595E0EF7ECB3D19DAC621D0EFE80C86E . 265728 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2004-08-04 08:03 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2004-08-04 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0stera [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [7/03/2010 4:01 108289] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mWindow Title = Telenet Internet uInternet Settings,ProxyServer = pac.telenet.be:8080 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\icd40qnr.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/firefox FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search= FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-12 21:08 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(1888) c:\windows\system32\webcheck.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE dit is het nieuwe logje van combofix (hoop ik) groetjes! c:\windows\System32\wdfmgr.exe . ************************************************************************** . Voltooingstijd: 2010-08-12 21:23:05 - machine werd herstart ComboFix-quarantined-files.txt 2010-08-12 19:22 ComboFix2.txt 2010-08-11 20:48 ComboFix3.txt 2010-08-11 18:47 Pre-Run: 38.643.978.240 bytes beschikbaar Post-Run: 38.891.360.256 bytes beschikbaar - - End Of File - - D5346778A9954C32D9B0E835119A14EA -
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
dit is de nieuwe log van combofix maar ik weet niet of ik dat bestand al dan niet juist heb gesleept, kan je dit checken? moest ik dat txt-bestand slepen naar het blauwe scherm van combofix? ComboFix 10-08-11.02 - user 11/08/2010 22:26:47.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.247.95 [GMT 2:00] Gestart vanuit: c:\documents and settings\user\Bureaublad\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-11 to 2010-08-11 )))))))))))))))))))))))))))))) . 2010-08-10 20:57 . 2010-08-11 20:19 -------- d--h--r- c:\documents and settings\user\Onlangs geopend 2010-08-08 22:16 . 2010-08-08 22:16 -------- d-----w- c:\program files\Trend Micro 2010-08-08 21:47 . 2010-08-08 21:47 -------- d-----w- c:\documents and settings\user\Application Data\Malwarebytes 2010-08-08 21:45 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-08 21:45 . 2010-08-08 21:45 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-08 21:45 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-08 21:45 . 2010-08-08 21:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-13 20:58 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-10 17:27 . 2009-12-25 20:53 -------- dc----w- c:\documents and settings\All Users\Application Data\avg9 2010-08-10 13:06 . 2010-05-08 13:30 0 ----a-w- c:\documents and settings\user\Local Settings\Application Data\prvlcl.dat 2010-08-08 22:16 . 2010-08-08 22:16 388096 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-01 13:53 . 2005-01-16 18:24 -------- d-----w- c:\documents and settings\user\Application Data\MSN6 2010-07-13 21:30 . 2008-12-21 18:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-06-29 11:43 . 2009-08-13 15:10 -------- d-----w- c:\documents and settings\user\Application Data\VoipBuster 2010-06-26 10:19 . 2010-06-26 10:19 -------- d-----w- c:\program files\directx 2010-06-26 10:19 . 2006-04-30 13:05 -------- d-----w- c:\program files\CIF USB CAMERA 2010-06-26 10:18 . 2004-09-30 14:45 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-25 16:37 . 2005-02-21 19:04 -------- d-----w- c:\program files\MSN Messenger 2010-06-25 16:29 . 2010-06-25 16:29 -------- d-----w- c:\program files\Microsoft 2010-06-25 16:29 . 2008-02-27 12:58 -------- d-----w- c:\program files\Windows Live 2010-06-25 16:01 . 2006-01-19 12:39 15256 ----a-w- c:\documents and settings\user\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll 2010-06-24 19:49 . 2010-01-14 20:24 -------- d-----w- c:\program files\LG Electronics 2010-06-24 19:39 . 2005-03-21 05:59 -------- d-----w- c:\program files\Skype 2010-06-24 11:34 . 2009-12-24 11:20 -------- d-----w- c:\documents and settings\user\Application Data\PoivY 2010-06-23 21:17 . 2003-04-08 12:00 79250 ----a-w- c:\windows\system32\perfc013.dat 2010-06-23 21:17 . 2003-04-08 12:00 484906 ----a-w- c:\windows\system32\perfh013.dat 2010-06-14 14:31 . 2004-09-30 14:29 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe . ------- Sigcheck ------- [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys [-] 2003-04-08 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys [-] 2003-04-08 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2003-04-08 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2004-08-04 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys [-] 2003-04-08 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\I386\NTFS.SYS [-] 2003-04-08 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2003-04-08 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys [-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys [-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys [-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys [-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys [-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys [-] 2005-03-14 . 0E66B538096A6529D1AC66E78EB0D5C8 . 359808 . . [5.1.2600.2631] . . c:\windows\$hf_mig$\KB893066\SP2GDR\tcpip.sys [-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys [-] 2003-04-08 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB893066_0$\tcpip.sys [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2004-08-04 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2005-08-22 . F32049792BCBF64954FF964508E47AFB . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll [-] 2005-08-22 . 269182FF03F1FDD0EF803AEB63C01080 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll [-] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [-] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll [-] 2003-04-08 . 9F93E038B7D35F4EA7F46D0CD392D018 . 223232 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2005-07-26 . B52BD9DB0BD6D01BDB01B0DBFBB804CD . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2005-07-26 . 23B465FD2354D83218AC091D0EE6D91B . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll [-] 2005-04-28 . 6D61211D515EA7E31FDB7B0FA9CEF878 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll [-] 2005-04-28 . 0468AA524F6912F449BC14CF7DACAF68 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll [-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll [-] 2004-08-04 . DDE0457B7706C3AD4E5AFDD502698A06 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll [-] 2004-03-06 . C9B092E9EEE8C5F7F6CBD588B232274D . 263680 . . [5.1.2600.1361] . . c:\windows\$NtUninstallKB873333_0$\rpcss.dll [-] 2003-04-08 . 18CC35AADF5D21F564246FC580A43378 . 260608 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB828741$\rpcss.dll [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe [-] 2004-08-04 . CCCB8B94B17466EFB9DC27F42625B0E5 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe [-] 2003-04-08 . D375231CCA973A06C43E4B6087BFA706 . 519168 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB841533$\winlogon.exe [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2006-08-25 . F67AE54BCA3873D48A1AC722A9CA70BF . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2004-08-04 . 8A473F553E9E45DB4EF6FF11AB54E4E1 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [-] 2003-04-08 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll [-] 2003-04-08 . 4563396E23EA861523C08AEDA0666014 . 53248 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB826939$\cryptsvc.dll [-] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:23 . B3A4422CBD8DAA6710431F67C679DA24 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll [-] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll [-] 2004-08-04 08:03 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll [-] 2003-04-08 12:00 . 4A652DAF0BFD8FF8AA5DB61C7B798DCB . 225280 . . [2001.12.4414.46] . . c:\windows\$NtUninstallKB828741$\es.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2004-08-04 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2007-04-16 . 68757F5935D6D76DD10975B7B7A9751D . 1027072 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [-] 2007-04-16 . 6557EA471552BB9AF16B66902D572BD5 . 1025536 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [-] 2006-07-05 . F2352FB7D9E5C70374568724A32B5CB7 . 1025024 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll [-] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll [-] 2003-04-08 . CDE58E6276B4B9104ECC70B90AE386A2 . 971264 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\kernel32.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2005-09-01 . BDF49EB509B446650A752F751634AA1C . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll [-] 2005-09-01 . 74B59D2B62583D3932FCE6CBB6EB5F77 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll [-] 2004-08-04 . 5B42639BE48C8E84FD52C66958A44427 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll [-] 2003-04-08 . A4DF53419129963DCE45B16C44E7D182 . 15360 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB841356$\linkinfo.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll [-] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll [-] 2010-06-24 . 4866ECEEFB5964BB1CB081FB3A2A370D . 5954560 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\mshtml.dll [-] 2010-06-24 . 1048BF4C23101A0404252A19A9151C16 . 5951488 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\mshtml.dll [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-02-25 . A38971E011619C2CF1B87ADE965F5DD4 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll [-] 2010-02-25 . 2399C13AE076A84037794AA0E9BF152A . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll [-] 2009-12-21 . 0C92E8AAD0E68E0A5358813353F31CE3 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll [-] 2009-12-21 . 585A8B2FD6373FC06D6893867754CF74 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . 1185E34AB3243194BB57FD3C31385700 . 3091968 . . [6.00.2900.5897] . . c:\windows\ie8\mshtml.dll [-] 2009-10-29 . A66CEDA2AA6FA052D3F7A46CE7553D21 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll [-] 2009-10-29 . 6D626567986D37E021F44EE66446D515 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . F7E06360F7DAFED78647AAFCC7ADBBC5 . 3094016 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll [-] 2009-10-19 . 0B2E964BEB51B4004329061F87B261FB . 3091968 . . [6.00.2900.5890] . . c:\windows\$NtUninstallKB976325$\mshtml.dll [-] 2009-10-19 . 2ECF5281C946A38CFDA0E591C2B1A258 . 3093504 . . [6.00.2900.5890] . . c:\windows\$hf_mig$\KB976749\SP3QFE\mshtml.dll [-] 2009-09-25 . 03C83F354CDFAA7A804AC5B76D46AC07 . 3091968 . . [6.00.2900.5880] . . c:\windows\$NtUninstallKB976749$\mshtml.dll [-] 2009-09-25 . A5C706F4A21ED747E30F93547A7CCA38 . 3093504 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\mshtml.dll [-] 2009-07-18 . E704809CCDA1A4B3CBAEF906B22D21B6 . 3090432 . . [6.00.2900.5848] . . c:\windows\$NtUninstallKB974455$\mshtml.dll [-] 2009-07-18 . B88A200864586C3E97C8EF3A09B98BFD . 3090944 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll [-] 2009-04-29 . BE9435BD7871B348A41F7B17AB137766 . 3089920 . . [6.00.2900.5803] . . c:\windows\$NtUninstallKB972260$\mshtml.dll [-] 2009-04-29 . 69DAFA0F9F6B0CEF2F2FDD29B3E9710E . 3090432 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll [-] 2009-02-20 . D78DF30D280521BA82405D241FBE7E03 . 3089408 . . [6.00.2900.5764] . . c:\windows\$NtUninstallKB969897$\mshtml.dll [-] 2009-02-20 . 3157B61958A0B4841ADF6A2135293D31 . 3089408 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\mshtml.dll [-] 2008-12-12 . AC658A3AF4AA1E6510CB31546080D601 . 3088896 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll [-] 2008-12-12 . D51029CBD8303F10EC90758C6A40D7B4 . 3088896 . . [6.00.2900.5726] . . c:\windows\$NtUninstallKB963027$\mshtml.dll [-] 2008-10-16 . F9AE67D44A434A7433288F028A84D133 . 3088896 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll [-] 2008-10-16 . 990088BAAFB3D01FAE958DA7F62EC737 . 3088896 . . [6.00.2900.5694] . . c:\windows\$NtUninstallKB960714$\mshtml.dll [-] 2008-08-20 . D81AFE63AFB1E2C59D73A2E83B1350CF . 3088896 . . [6.00.2900.5659] . . c:\windows\$NtUninstallKB958215$\mshtml.dll [-] 2008-08-20 . DDE475588393F4CA42FD3CAEE917E15A . 3088896 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll [-] 2008-06-25 . 0DF998D5B19A8A3463F8E38402A026EC . 3088896 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll [-] 2008-06-23 . 6975533B9EDB4A5963E688F7B22C3F79 . 3088384 . . [6.00.2900.3395] . . c:\windows\$NtServicePackUninstall$\mshtml.dll [-] 2008-06-23 . CC51CAD063737BC57732638C990C255B . 3088384 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll [-] 2008-06-23 . CC51CAD063737BC57732638C990C255B . 3088384 . . [6.00.2900.5626] . . c:\windows\$NtUninstallKB956390$\mshtml.dll [-] 2008-04-23 . 67F763A3FD377AFB75CD60BC10677EA1 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll [-] 2008-04-21 . 3F63F6905BE003FA3AA87D91C5997F43 . 3087872 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838_0$\mshtml.dll [-] 2008-04-21 . A7C4AB35FCAF4BB70D57D74C3602C701 . 3087872 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll [-] 2008-04-21 . A7C4AB35FCAF4BB70D57D74C3602C701 . 3087872 . . [6.00.2900.5583] . . c:\windows\$NtUninstallKB953838$\mshtml.dll [-] 2008-04-21 . 672278873C3BB6898FAFF498C78A99F8 . 3088384 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB950759$\mshtml.dll [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll [-] 2008-03-01 . 78D65657B4864C9ECD8079EEE5D1A6BA . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll [-] 2008-03-01 . 438C16DB8952A4E108E89B4C5E55C526 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll [-] 2007-12-07 . FF6518F3E721C4BC2C15262A1EABCEF7 . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . 88B6B490A22D720BE43B37C649AD1B4B . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . 80880B8B13A8005FDF3065DEB9E8043F . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll [-] 2007-08-20 . 1A1ECAD58E3400DDC405B30A30057437 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll [-] 2007-07-18 . AF15C3F7F8071CE05B1759B7AFAA1CDC . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll [-] 2007-06-15 . 34AF8680725DD035053A920683C373BB . 3085312 . . [6.00.2900.3157] . . c:\windows\$hf_mig$\KB937143\SP2QFE\mshtml.dll [-] 2007-06-15 . 34AF8680725DD035053A920683C373BB . 3085312 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB950759_0$\mshtml.dll [-] 2007-06-14 . 683372B959D5F69CE3B96266F757FE0B . 3079680 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB937143$\mshtml.dll [-] 2007-05-04 . D9B1913BA7F86A3758A2EAA2E8548A1D . 3085312 . . [6.00.2900.3132] . . c:\windows\$hf_mig$\KB933566\SP2QFE\mshtml.dll [-] 2007-05-04 . BFA1BA84ADE42D2F2F8A79D06B44A53A . 3079680 . . [6.00.2900.3132] . . c:\windows\$NtUninstallKB937143_0$\mshtml.dll [-] 2007-02-19 . 4E7FF99E55197D1A772A2152EE7BCB80 . 3077632 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\mshtml.dll [-] 2007-02-19 . 58777FEFC19FDDE25CB613EFC2B79605 . 3084288 . . [6.00.2900.3086] . . c:\windows\$hf_mig$\KB931768\SP2QFE\mshtml.dll [-] 2007-01-04 . 51E8C6369DB16D9F42826DC272C7CC09 . 3083264 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\mshtml.dll [-] 2007-01-04 . 3B25611555C91AF75B1AE6E9E46F2674 . 3077632 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\mshtml.dll [-] 2006-10-23 . B2C3664C38FB778922EDF24C783526BB . 3082240 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll [-] 2006-10-23 . D9646B8EE340C0E6061D001BCF1FF04D . 3076096 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll [-] 2006-09-14 . 757A68BF9CBAB1C0CA8580FBDAA3D645 . 3075584 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\mshtml.dll [-] 2006-09-14 . 64C50B7D71B8E2EF31806D8693B87681 . 3079680 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\mshtml.dll [-] 2006-07-28 . FB8009A211F49770D185B677242028A6 . 3079168 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll [-] 2006-07-28 . 5279BE2163D43987B4EF8CA7583E8349 . 3075072 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll [-] 2006-05-19 . 4F28F3A73CC983164857187F39D1E683 . 3073536 . . [6.00.2900.2912] . . c:\windows\$NtUninstallKB918899$\mshtml.dll [-] 2006-05-19 . FE29524C7865A3654570D08B6DDB21A8 . 3076096 . . [6.00.2900.2912] . . c:\windows\$hf_mig$\KB916281\SP2QFE\mshtml.dll [-] 2006-03-23 . F37385D022068930B4F3C19F80302CF6 . 3074560 . . [6.00.2900.2873] . . c:\windows\$NtUninstallKB916281$\mshtml.dll [-] 2006-03-23 . 23DA243CB47559DB090F074E7B1A106A . 3076608 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll [-] 2005-11-24 . FCAE3A45159DE7C92A8FAFD5D781D7B1 . 3013632 . . [6.00.2900.2802] . . c:\windows\$NtUninstallKB912812$\mshtml.dll [-] 2005-11-24 . 25BEB0FE406B51D230059D55DD4D8073 . 3016192 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll [-] 2005-10-05 . 3660E3C5182D286BEE71E2AF42889D5A . 3015680 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll [-] 2005-10-04 . F765EA3A7ADAB0E9C4A8698F2620CCB4 . 3013120 . . [6.00.2900.2769] . . c:\windows\$NtUninstallKB905915$\mshtml.dll [-] 2005-07-20 . 89881B165F5D47BBA473B4730DFF26B8 . 3014144 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll [-] 2005-07-20 . DDBE7ADD11664BE7AB98A431C522D233 . 3012096 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB896688$\mshtml.dll [-] 2005-05-02 . 4A8BADAD69F188573B99EAFFAD8BDE36 . 3012608 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll [-] 2005-05-02 . A84B1A1E5D482821E23A4CB135379BF3 . 3011072 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\mshtml.dll [-] 2005-03-10 . D9C48BC1DBBE8154703C6CB078044D08 . 3010560 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB883939$\mshtml.dll [-] 2005-03-10 . 8D9257DB6CB9AE5E2F3C7DBD88B14280 . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll [-] 2005-01-27 15:03 . 2CEA86656469554716FDE133CC35C480 . 2806272 . . [6.00.2800.1491] . . c:\windows\$NtUninstallKB890923-IE6SP1-20050225.103456$\mshtml.dll [-] 2004-08-04 . 43E31383850CFEA3C0F445BED9A700F4 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB890923$\mshtml.dll [-] 2003-04-08 . 28BA7BF8F2BB53E4DD9D43914142737E . 2833920 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB867282-IE6SP1-20050127.163319$\mshtml.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [-] 2003-04-08 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL [-] 2003-04-08 12:00 . E826A484EDE25C3AE19F1B8086511F4B . 267536 . . [4.20.6201] . . c:\windows\I386\WIN9XUPG\MSVCRT.DLL [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . FF59588E31F864FED9D0258969559A4B . 247296 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll [-] 2008-06-20 . 71AB52C70B9436C0A0B704FDE9D1A7CD . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll [-] 2004-08-04 . 0C53DB0671AB5A93D169DAFFC8DA11CF . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2004-08-04 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll [-] 2010-04-28 . 548AED38DF451C1783037390194A04DC . 2194304 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR\ntoskrnl.exe [-] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE\ntoskrnl.exe [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32\ntoskrnl.exe [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-10 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 13C15BFF7E82D3F9FD215ADD54A3929D . 2193536 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-08-04 . 270DE336026B0815F064BB8BD4CFD336 . 2193536 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165-v2$\ntoskrnl.exe [-] 2009-08-04 . 2F1443AB72A64182FD8258BBAE801EA7 . 2193664 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . 27380B877348030B0662A39C47AAEC11 . 2193408 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2008-08-14 . E332B6DE826D4222A758E3264AD8D520 . 2193536 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-08-14 . 3E5E63D926C5E9F81045F3646815D2A1 . 2193536 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [-] 2007-02-28 . 59DCA97DC201792C1CCF9FE621EE5ED7 . 2186496 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe [-] 2007-02-28 . CAAA8FD3C034A227691A43B60873F097 . 2184704 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [-] 2006-12-19 . 4CB6C3B16587971C56AAA8A9B0511BC7 . 2186368 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe [-] 2006-12-19 . F609063BAE4D058A4019C4D99A1FD8DD . 2184704 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [-] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntoskrnl.exe [-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe [-] 2004-10-28 . A49D4E759C43334350BBDFCF83194502 . 2092672 . . [5.1.2600.1605] . . c:\windows\$NtUninstallKB890859_0$\ntoskrnl.exe [-] 2004-10-28 . A49D4E759C43334350BBDFCF83194502 . 2092672 . . [5.1.2600.1605] . . c:\windows\SoftwareDistribution\Download\b8341db1436dce67521cf460d64618b2\sp1qfe\ntoskrnl.exe [-] 2004-08-04 . 87AAEA3908E069FB1BE37380C895DFB8 . 2185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe [-] 2004-06-17 . 07B2A892B0D617922CB6E5776146AA42 . 2055808 . . [5.1.2600.1568] . . c:\windows\$NtUninstallKB885835_0$\ntoskrnl.exe [-] 2003-04-08 . ED3086CF7C835D8A3FD0E6FBD95C0F53 . 2046464 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\ntoskrnl.exe [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2004-08-04 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2004-08-04 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [-] 2005-07-08 . C2A4E29888F45E7FC1FD64C83D5EA669 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll [-] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2007-03-08 . FA35431E333943F4B2A6D33FA4EE3CE9 . 579584 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 . CB18F701A5D55A6308FAB8D18322C060 . 579072 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2005-03-02 . 0B62745CE93E8C6F56547F70269DBABC . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . A9F2EBFC6EF9C1FB38CEDCF747162B6C . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\user32.dll [-] 2005-03-02 . A9F2EBFC6EF9C1FB38CEDCF747162B6C . 578560 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll [-] 2004-12-29 . A31CAC81F627FEB537AFD5CF51150287 . 576000 . . [5.1.2600.1617] . . c:\windows\$NtUninstallKB890859_0$\user32.dll [-] 2004-08-04 . 8E5D344FD717D35EE7ED1C8E0AD0CBE6 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll [-] 2003-04-08 . 2E8CEC28BE4D9B830BA0AFF73C9279F7 . 561664 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB891711$\user32.dll [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe [-] 2010-06-24 . 8168F7D81CD04C83D7E04F3981A7D0F5 . 919040 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\wininet.dll [-] 2010-06-24 . A3D63C0EF4D32F1F04D9E9596AEA0FFE . 916480 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\wininet.dll [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . 2A850B8F7B435ACFB9DCD0A566FD720C . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . BB424C9406140FEAFB4732025BEBB69B . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2009-12-21 . FA2B753F8FE84904A6940589A43F30B4 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 4C145AB616871611FCE38F053C75807C . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 765E049E1F6E2EF9265B85E02DE487B5 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-10-29 . D906535CAB4BB8A60AC060351EDE159F . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 772A3480B543FB5280DE1679FA73E799 . 670208 . . [6.00.2900.5897] . . c:\windows\ie8\wininet.dll [-] 2009-10-29 . 77DA6400FF88337FE260CF87A530D64C . 671744 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll [-] 2009-09-25 . E3A0D172FF21D1F0B30CB3B9671ADEBF . 670208 . . [6.00.2900.5880] . . c:\windows\$NtUninstallKB976325$\wininet.dll [-] 2009-09-25 . 2A7566FCBB31765DC1D710EA5928D059 . 671744 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\wininet.dll [-] 2009-06-26 . 4D027430F9191F5398E5AC3767258475 . 669696 . . [6.00.2900.5835] . . c:\windows\$NtUninstallKB974455$\wininet.dll [-] 2009-06-26 . 61C88D0B3D62B1F2856883C91A904037 . 671232 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll [-] 2009-04-29 . CBB2C7EBD98F1CC84B6EF105547657BD . 669696 . . [6.00.2900.5803] . . c:\windows\$NtUninstallKB972260$\wininet.dll [-] 2009-04-29 . 482D2FD463A02A9E65CBC8045DA052FE . 671232 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll [-] 2009-02-20 . 61920ED8DAA8CEB90450A3C54563EB9A . 669184 . . [6.00.2900.5764] . . c:\windows\$NtUninstallKB969897$\wininet.dll [-] 2009-02-20 . 65EA1865F761726955258B650037CF2F . 670720 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll [-] 2008-10-16 . A9CB7C8F4FB538DCAA26FFF76C2F8F14 . 670208 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll [-] 2008-10-16 . FD8DC8F2FA8C3F3CC00C99018AF1530C . 669184 . . [6.00.2900.5694] . . c:\windows\$NtUninstallKB963027$\wininet.dll [-] 2008-08-20 . BC9059433D2F0889A71E3CDFF5AB2F71 . 669184 . . [6.00.2900.5659] . . c:\windows\$NtUninstallKB958215$\wininet.dll [-] 2008-08-20 . F77FD23458C5C4C16C37667FDDDCECBA . 669696 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll [-] 2008-06-23 . 745795941F497E1CB3918A4AD3BEDEEE . 670208 . . [6.00.2900.3395] . . c:\windows\$NtServicePackUninstall$\wininet.dll [-] 2008-06-23 . 8ADFF2F029A90FED04A322CBF084F3EA . 669184 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll [-] 2008-06-23 . 8ADFF2F029A90FED04A322CBF084F3EA . 669184 . . [6.00.2900.5626] . . c:\windows\$NtUninstallKB956390$\wininet.dll [-] 2008-06-23 . AE1A6AEA7F65F452C0916FB1399D832E . 669696 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll [-] 2008-04-23 . 49ECC612EE5B23CA669A1EB15EE6DB3E . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll [-] 2008-04-21 . 20238850AFE4A19A885CD5658433D60D . 669696 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838_0$\wininet.dll [-] 2008-04-21 . 0E4C070B2D83D7D76CF2A0384FA50750 . 669184 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll [-] 2008-04-21 . 0E4C070B2D83D7D76CF2A0384FA50750 . 669184 . . [6.00.2900.5583] . . c:\windows\$NtUninstallKB953838$\wininet.dll [-] 2008-04-21 . 438F668DDACCAD59F934772EE894A704 . 669696 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB950759$\wininet.dll [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll [-] 2008-03-01 . 0BC8124D6EA627A1BB864094A43C2698 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll [-] 2008-03-01 . 1073283DC2D66C5539301BAEF0BCB442 . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll [-] 2007-12-07 . 9294B445326B926BABC3F382F8410A31 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll [-] 2007-10-10 . 8AEB1E98D785BEA8278BDF2D3389D6E2 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll [-] 2007-10-10 . 79A07C04C00D4ACF47AFDB44E7FEF1CC . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll [-] 2007-08-20 . 077B22B5FEBAA055AAC0406413F53A5F . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll [-] 2007-06-27 . 1E9D35BA9240592A68BB5980AA23FDB9 . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll [-] 2007-06-26 . 7A0C9A702ED8F8695AC925C5B1850A07 . 668672 . . [6.00.2900.3164] . . c:\windows\$hf_mig$\KB937143\SP2QFE\wininet.dll [-] 2007-06-26 . 7A0C9A702ED8F8695AC925C5B1850A07 . 668672 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB950759_0$\wininet.dll [-] 2007-06-26 . 514AD1D91EE71CF2D93E6DD5423F5C13 . 662016 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB937143$\wininet.dll [-] 2007-04-18 . B2219D7AF938DE9372EB159C68FF83B5 . 668672 . . [6.00.2900.3121] . . c:\windows\$hf_mig$\KB933566\SP2QFE\wininet.dll [-] 2007-04-18 . 6B755E9D272AF1DAA6FA618329D2AB18 . 662016 . . [6.00.2900.3121] . . c:\windows\$NtUninstallKB937143_0$\wininet.dll [-] 2007-02-19 . 48E1C53BA8C6267BB97925EF729BDE90 . 668672 . . [6.00.2900.3086] . . c:\windows\$hf_mig$\KB931768\SP2QFE\wininet.dll [-] 2007-02-19 . 55BE69A43120FDA4CFB7C0C1F305DB1A . 662016 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\wininet.dll [-] 2007-01-04 . 243988BB76262D72A48E8312BF8A0231 . 668160 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\wininet.dll [-] 2007-01-04 . 366EC67E75F81D891ADFCC9941F1DE45 . 662016 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\wininet.dll [-] 2006-10-23 . 7693CCDD13B082985CA0AC2862CBCAF7 . 667648 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll [-] 2006-10-23 . E30AD3B3927B33D894486EFACCD48014 . 662016 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll [-] 2006-09-14 . 75C38DD0613B2F170F8F6B2DCBDD6343 . 662016 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\wininet.dll [-] 2006-09-14 . 0D3A915A798CD9568ABDBBE55489DD51 . 667648 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll [-] 2006-06-23 . 0960FA973421FF4630D024843341509E . 667648 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll [-] 2006-06-23 . 91A1532762382C31DA0103946B4A20D3 . 662016 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll [-] 2006-05-10 . 79C938AB59D5FDB3A4297C117A6858D5 . 666624 . . [6.00.2900.2904] . . c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll [-] 2006-05-10 . FE03AAC620CDFCD835F18760D71F6E6E . 661504 . . [6.00.2900.2904] . . c:\windows\$NtUninstallKB918899$\wininet.dll [-] 2006-03-04 . B81CF479B43ED1CA2DF12C878B596B2E . 666624 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll [-] 2006-03-04 . 7DCC79C2DE609F74AA67E16E8E77AF4C . 661504 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB916281$\wininet.dll [-] 2005-10-21 . 24059DA5B7131CB82C2B8A39701D93F9 . 661504 . . [6.00.2900.2781] . . c:\windows\$NtUninstallKB912812$\wininet.dll [-] 2005-10-21 . 06AE5BD6363190E622F1AA91591F41C4 . 664576 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll [-] 2005-09-02 . 632629B24EB816FE354F66B48513E104 . 663552 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll [-] 2005-09-02 . FBC6550971ED432F77E35DD376D573B0 . 661504 . . [6.00.2900.2753] . . c:\windows\$NtUninstallKB905915$\wininet.dll [-] 2005-07-03 . C9567D2CD2441DFF60814E721EF6EB43 . 661504 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB896688$\wininet.dll [-] 2005-07-03 . C167930AEEF3C1739F340D5758834B01 . 662528 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll [-] 2005-05-02 . C048C90CE1CE329AB9E1E412DEC87920 . 662016 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll [-] 2005-05-02 . 2D9BCCC29C0F34794DADE5E4C95E9239 . 660992 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\wininet.dll [-] 2005-03-10 . 810BBD0592B40908C5D88B9E7823B54D . 659968 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB883939$\wininet.dll [-] 2005-03-10 . 8010EECE634E0F3D6FF176457DF63619 . 660992 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll [-] 2004-12-07 18:19 . B74A58F27BA66936CC6CAE53AB2E8CBA . 593920 . . [6.00.2800.1485] . . c:\windows\$NtUninstallKB890923-IE6SP1-20050225.103456$\wininet.dll [-] 2004-08-04 . 6C7E1322898378C30BCD9F779A2621EE . 659456 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB890923$\wininet.dll [-] 2003-04-08 . 87DF44F9B70BBF94D4143C21A5CB42BA . 602112 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB867282-IE6SP1-20050127.163319$\wininet.dll [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2004-08-04 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2007-06-13 . 147E95A42A58CE99E403F7F57656BBEB . 1036800 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2007-06-13 . 1D6245AFBD3FAABC16A885116BE1874D . 1036800 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [-] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\system32\ole32.dll [-] 2005-07-26 . 588443247F2EE6A61B5864B64A7E270E . 1284608 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll [-] 2005-07-26 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll [-] 2005-04-28 . 5C3B15C45ADF30B024927F1A0823BD16 . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll [-] 2005-04-28 . 48629EDCD92AA071554304F9F9E96E38 . 1284608 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll [-] 2005-01-14 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\ole32.dll [-] 2005-01-14 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll [-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll [-] 2004-08-04 . 602969286376832E3F49F54E4F0F051A . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll [-] 2004-03-06 . 4F659421A1AD32AD4FF95751ACBDBC4E . 1183744 . . [5.1.2600.1362] . . c:\windows\$NtUninstallKB873333_0$\ole32.dll [-] 2003-04-08 . 8C57515321D7FFD77ADD70517D7BE737 . 1169920 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB828741$\ole32.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2004-08-04 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll [-] 2006-12-19 . D6F2B8963663F2014FAFCD8E15E4E778 . 135168 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] 2006-12-19 . 20A1DFA416579DACEE28E15E331C3930 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [-] 2004-10-28 . 40EFC4BD8F43AFC13A3E3147FCBEAB4E . 117248 . . [6.00.2800.1605] . . c:\windows\SoftwareDistribution\Download\b8341db1436dce67521cf460d64618b2\sp1qfe\shsvcs.dll [-] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll [-] 2003-04-08 . 99792E295E5A4E7BCD08F4D708E16AAB . 116736 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB885835_0$\shsvcs.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll [-] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll [-] 2003-04-08 . 5239C9913F5166838D772BF4A61C7844 . 160256 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB841873$\schedsvc.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2004-08-04 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll [-] 2003-04-08 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys [-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys [-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll [-] 2006-11-01 19:19 . 13E52326F0F19A1A8D34681E3444E8D1 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll [-] 2003-04-08 12:00 . 8EED1D71C14C356684E586B0A7DB6BCE . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2004-08-04 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll [-] 2003-04-08 . F9DAEE255E7ED81BC6DCD67BFEF826EA . 34304 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB828035$\msgsvc.dll [-] 2005-01-28 07:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [-] 2005-01-28 07:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\mspmsnsv.dll [-] 2004-08-04 08:03 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll [-] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE\ntkrnlpa.exe [-] 2010-04-28 . F98305BD47DC7A0B2A978000E3C31FAB . 2071168 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR\ntkrnlpa.exe [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-10 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . F63B0CC3CE1E6E8EA39B4933B595C73A . 2070400 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-08-04 . AB21A63A3B15653043E71126E5BBE3DE . 2070528 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . BF6965EA17CC1E48DA287783AEEF3CDB . 2070400 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165-v2$\ntkrnlpa.exe [-] 2009-02-10 . 6A94A7317E28B6543D94174F9016BB68 . 2070400 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . DE961B54D30C7DD6AA6C3BD27D584E30 . 2070400 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . C92E65CBB38161373319BB11340DE919 . 2070400 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [-] 2007-02-28 . F51B8D8B0703518349096604E788B83E . 2063744 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe [-] 2007-02-28 . 57B09AD681C1D8DB77CCC3E92D8F5D14 . 2061952 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [-] 2006-12-19 . 4BF54C0431A9BB0BCE6C821CD4018F7D . 2063744 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe [-] 2006-12-19 . 6D080DDC482E83A69C9A862C247FA50D . 2061952 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [-] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe [-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe [-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe [-] 2004-10-28 . D345DCF163BDE4E2AE74026077B657F0 . 1960064 . . [5.1.2600.1605] . . c:\windows\$NtUninstallKB890859_0$\ntkrnlpa.exe [-] 2004-10-28 . D345DCF163BDE4E2AE74026077B657F0 . 1960064 . . [5.1.2600.1605] . . c:\windows\SoftwareDistribution\Download\b8341db1436dce67521cf460d64618b2\sp1qfe\ntkrnlpa.exe [-] 2004-08-04 . E0399688D466B7C3AFDFFB5A2ED9F351 . 2061184 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe [-] 2004-06-17 . 67309819BE2F65C24138983BA3236913 . 1958912 . . [5.1.2600.1568] . . c:\windows\$NtUninstallKB885835_0$\ntkrnlpa.exe [-] 2003-04-08 . 13C45289C0E4F23CF129417DCA1F2F6E . 1952128 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\ntkrnlpa.exe [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2004-08-04 08:03 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [-] 2007-02-05 . 063B30C37E3902760919D3E5D98CC7C9 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll [-] 2007-02-05 . DE0A3D72D98A08A115300E2B2DC4374B . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll [-] 2004-08-04 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll [-] 2004-07-09 03:27 . 0568B105D80634F3059185B9317D74CA . 363520 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll [-] 2004-08-04 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2004-08-04 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll [-] 2004-07-09 03:27 . 595E0EF7ECB3D19DAC621D0EFE80C86E . 265728 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2004-08-04 08:03 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2004-08-04 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0stera [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [7/03/2010 4:01 108289] S1 ctredr15.sys;ctredr15.sys;\??\c:\windows\system32\drivers\ctredr15.sys --> c:\windows\system32\drivers\ctredr15.sys [?] S1 ctredrv.sys;ctredrv.sys;\??\c:\windows\system32\drivers\ctredrv.sys --> c:\windows\system32\drivers\ctredrv.sys [?] S3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?] S3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?] S3 hitmanpro2;Hitman Pro 2 Driver;\??\c:\program files\Hitman Pro\hitmanpro2.sys --> c:\program files\Hitman Pro\hitmanpro2.sys [?] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mWindow Title = Telenet Internet uInternet Settings,ProxyServer = pac.telenet.be:8080 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\icd40qnr.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/firefox FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search= FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-11 22:36 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(516) c:\windows\system32\igfxsrvc.dll c:\windows\system32\hccutils.DLL - - - - - - - > 'explorer.exe'(1968) c:\windows\system32\webcheck.dll dit is de nieuwe log van HJT Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:03:55, on 11/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pac.telenet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- End of file - 3038 bytes . Voltooingstijd: 2010-08-11 22:47:59 ComboFix-quarantined-files.txt 2010-08-11 20:47 ComboFix2.txt 2010-08-11 18:47 Pre-Run: 39.826.763.776 bytes beschikbaar Post-Run: 39.833.477.120 bytes beschikbaar - - End Of File - - 159783142782DE3FF6714CD80B072625 -
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
ComboFix 10-08-10.07 - user 11/08/2010 20:16:20.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.247.91 [GMT 2:00] Gestart vanuit: c:\documents and settings\user\Bureaublad\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\desktop.ini c:\program files\Common Files\Companion Wizard c:\program files\Need2Find c:\program files\Need2Find\bar\1.bin\N2FFXTBR.JAR c:\program files\Need2Find\bar\1.bin\N2NTSTBR.JAR c:\program files\Need2Find\bar\1.bin\PARTNER.DAT c:\program files\Need2Find\bar\Cache\0006A00B c:\program files\Need2Find\bar\Cache\00215B5E c:\program files\Need2Find\bar\Cache\files.ini c:\program files\Need2Find\bar\History\search c:\program files\Need2Find\bar\Settings\prevcfg.htm c:\windows\Fonts\acrsec.fon c:\windows\system32\stera.log c:\windows\system32\system . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FOPN -------\Legacy_NDISRD (((((((((((((((((((( Bestanden Gemaakt van 2010-07-11 to 2010-08-11 )))))))))))))))))))))))))))))) . 2010-08-10 20:57 . 2010-08-11 17:49 -------- d--h--r- c:\documents and settings\user\Onlangs geopend 2010-08-08 22:16 . 2010-08-08 22:16 388096 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-08 22:16 . 2010-08-08 22:16 -------- d-----w- c:\program files\Trend Micro 2010-08-08 21:47 . 2010-08-08 21:47 -------- d-----w- c:\documents and settings\user\Application Data\Malwarebytes 2010-08-08 21:45 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-08 21:45 . 2010-08-08 21:45 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-08 21:45 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-08 21:45 . 2010-08-08 21:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-13 20:58 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-10 17:27 . 2009-12-25 20:53 -------- dc----w- c:\documents and settings\All Users\Application Data\avg9 2010-08-10 13:06 . 2010-05-08 13:30 0 ----a-w- c:\documents and settings\user\Local Settings\Application Data\prvlcl.dat 2010-08-01 13:53 . 2005-01-16 18:24 -------- d-----w- c:\documents and settings\user\Application Data\MSN6 2010-07-13 21:30 . 2008-12-21 18:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-06-29 11:43 . 2009-08-13 15:10 -------- d-----w- c:\documents and settings\user\Application Data\VoipBuster 2010-06-26 10:19 . 2010-06-26 10:19 -------- d-----w- c:\program files\directx 2010-06-26 10:19 . 2006-04-30 13:05 -------- d-----w- c:\program files\CIF USB CAMERA 2010-06-26 10:18 . 2004-09-30 14:45 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-25 16:37 . 2005-02-21 19:04 -------- d-----w- c:\program files\MSN Messenger 2010-06-25 16:29 . 2010-06-25 16:29 -------- d-----w- c:\program files\Microsoft 2010-06-25 16:29 . 2008-02-27 12:58 -------- d-----w- c:\program files\Windows Live 2010-06-25 16:01 . 2006-01-19 12:39 15256 ----a-w- c:\documents and settings\user\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll 2010-06-24 19:49 . 2010-01-14 20:24 -------- d-----w- c:\program files\LG Electronics 2010-06-24 19:39 . 2005-03-21 05:59 -------- d-----w- c:\program files\Skype 2010-06-24 11:34 . 2009-12-24 11:20 -------- d-----w- c:\documents and settings\user\Application Data\PoivY 2010-06-23 21:17 . 2003-04-08 12:00 79250 ----a-w- c:\windows\system32\perfc013.dat 2010-06-23 21:17 . 2003-04-08 12:00 484906 ----a-w- c:\windows\system32\perfh013.dat 2010-06-14 14:31 . 2004-09-30 14:29 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe . ------- Sigcheck ------- [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys [-] 2003-04-08 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys [-] 2003-04-08 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2003-04-08 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2004-08-04 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys [-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys [-] 2003-04-08 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\I386\NTFS.SYS [-] 2003-04-08 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2003-04-08 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys [-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys [-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys [-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys [-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys [-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys [-] 2005-03-14 . 0E66B538096A6529D1AC66E78EB0D5C8 . 359808 . . [5.1.2600.2631] . . c:\windows\$hf_mig$\KB893066\SP2GDR\tcpip.sys [-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys [-] 2003-04-08 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB893066_0$\tcpip.sys [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2004-08-04 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2005-08-22 . F32049792BCBF64954FF964508E47AFB . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll [-] 2005-08-22 . 269182FF03F1FDD0EF803AEB63C01080 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll [-] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [-] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll [-] 2003-04-08 . 9F93E038B7D35F4EA7F46D0CD392D018 . 223232 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2005-07-26 . B52BD9DB0BD6D01BDB01B0DBFBB804CD . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2005-07-26 . 23B465FD2354D83218AC091D0EE6D91B . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll [-] 2005-04-28 . 6D61211D515EA7E31FDB7B0FA9CEF878 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll [-] 2005-04-28 . 0468AA524F6912F449BC14CF7DACAF68 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\rpcss.dll [-] 2005-01-14 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll [-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll [-] 2004-08-04 . DDE0457B7706C3AD4E5AFDD502698A06 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll [-] 2004-03-06 . C9B092E9EEE8C5F7F6CBD588B232274D . 263680 . . [5.1.2600.1361] . . c:\windows\$NtUninstallKB873333_0$\rpcss.dll [-] 2003-04-08 . 18CC35AADF5D21F564246FC580A43378 . 260608 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB828741$\rpcss.dll [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe [-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe [-] 2004-08-04 . CCCB8B94B17466EFB9DC27F42625B0E5 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe [-] 2003-04-08 . D375231CCA973A06C43E4B6087BFA706 . 519168 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB841533$\winlogon.exe [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2006-08-25 . F67AE54BCA3873D48A1AC722A9CA70BF . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll [-] 2004-08-04 . 8A473F553E9E45DB4EF6FF11AB54E4E1 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll [-] 2003-04-08 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll [-] 2003-04-08 . 4563396E23EA861523C08AEDA0666014 . 53248 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB826939$\cryptsvc.dll [-] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:23 . B3A4422CBD8DAA6710431F67C679DA24 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll [-] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll [-] 2004-08-04 08:03 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll [-] 2003-04-08 12:00 . 4A652DAF0BFD8FF8AA5DB61C7B798DCB . 225280 . . [2001.12.4414.46] . . c:\windows\$NtUninstallKB828741$\es.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2004-08-04 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2007-04-16 . 68757F5935D6D76DD10975B7B7A9751D . 1027072 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [-] 2007-04-16 . 6557EA471552BB9AF16B66902D572BD5 . 1025536 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [-] 2006-07-05 . F2352FB7D9E5C70374568724A32B5CB7 . 1025024 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll [-] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll [-] 2003-04-08 . CDE58E6276B4B9104ECC70B90AE386A2 . 971264 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\kernel32.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2005-09-01 . BDF49EB509B446650A752F751634AA1C . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll [-] 2005-09-01 . 74B59D2B62583D3932FCE6CBB6EB5F77 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll [-] 2004-08-04 . 5B42639BE48C8E84FD52C66958A44427 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll [-] 2003-04-08 . A4DF53419129963DCE45B16C44E7D182 . 15360 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB841356$\linkinfo.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll [-] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll [-] 2010-06-24 . 4866ECEEFB5964BB1CB081FB3A2A370D . 5954560 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\mshtml.dll [-] 2010-06-24 . 1048BF4C23101A0404252A19A9151C16 . 5951488 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\mshtml.dll [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll [-] 2010-02-25 . A38971E011619C2CF1B87ADE965F5DD4 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll [-] 2010-02-25 . 2399C13AE076A84037794AA0E9BF152A . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll [-] 2009-12-21 . 0C92E8AAD0E68E0A5358813353F31CE3 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll [-] 2009-12-21 . 585A8B2FD6373FC06D6893867754CF74 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . 1185E34AB3243194BB57FD3C31385700 . 3091968 . . [6.00.2900.5897] . . c:\windows\ie8\mshtml.dll [-] 2009-10-29 . A66CEDA2AA6FA052D3F7A46CE7553D21 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll [-] 2009-10-29 . 6D626567986D37E021F44EE66446D515 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll [-] 2009-10-29 . F7E06360F7DAFED78647AAFCC7ADBBC5 . 3094016 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll [-] 2009-10-19 . 0B2E964BEB51B4004329061F87B261FB . 3091968 . . [6.00.2900.5890] . . c:\windows\$NtUninstallKB976325$\mshtml.dll [-] 2009-10-19 . 2ECF5281C946A38CFDA0E591C2B1A258 . 3093504 . . [6.00.2900.5890] . . c:\windows\$hf_mig$\KB976749\SP3QFE\mshtml.dll [-] 2009-09-25 . 03C83F354CDFAA7A804AC5B76D46AC07 . 3091968 . . [6.00.2900.5880] . . c:\windows\$NtUninstallKB976749$\mshtml.dll [-] 2009-09-25 . A5C706F4A21ED747E30F93547A7CCA38 . 3093504 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\mshtml.dll [-] 2009-07-18 . E704809CCDA1A4B3CBAEF906B22D21B6 . 3090432 . . [6.00.2900.5848] . . c:\windows\$NtUninstallKB974455$\mshtml.dll [-] 2009-07-18 . B88A200864586C3E97C8EF3A09B98BFD . 3090944 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll [-] 2009-04-29 . BE9435BD7871B348A41F7B17AB137766 . 3089920 . . [6.00.2900.5803] . . c:\windows\$NtUninstallKB972260$\mshtml.dll [-] 2009-04-29 . 69DAFA0F9F6B0CEF2F2FDD29B3E9710E . 3090432 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\mshtml.dll [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll [-] 2009-02-20 . D78DF30D280521BA82405D241FBE7E03 . 3089408 . . [6.00.2900.5764] . . c:\windows\$NtUninstallKB969897$\mshtml.dll [-] 2009-02-20 . 3157B61958A0B4841ADF6A2135293D31 . 3089408 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\mshtml.dll [-] 2008-12-12 . AC658A3AF4AA1E6510CB31546080D601 . 3088896 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll [-] 2008-12-12 . D51029CBD8303F10EC90758C6A40D7B4 . 3088896 . . [6.00.2900.5726] . . c:\windows\$NtUninstallKB963027$\mshtml.dll [-] 2008-10-16 . F9AE67D44A434A7433288F028A84D133 . 3088896 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll [-] 2008-10-16 . 990088BAAFB3D01FAE958DA7F62EC737 . 3088896 . . [6.00.2900.5694] . . c:\windows\$NtUninstallKB960714$\mshtml.dll [-] 2008-08-20 . D81AFE63AFB1E2C59D73A2E83B1350CF . 3088896 . . [6.00.2900.5659] . . c:\windows\$NtUninstallKB958215$\mshtml.dll [-] 2008-08-20 . DDE475588393F4CA42FD3CAEE917E15A . 3088896 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll [-] 2008-06-25 . 0DF998D5B19A8A3463F8E38402A026EC . 3088896 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll [-] 2008-06-23 . 6975533B9EDB4A5963E688F7B22C3F79 . 3088384 . . [6.00.2900.3395] . . c:\windows\$NtServicePackUninstall$\mshtml.dll [-] 2008-06-23 . CC51CAD063737BC57732638C990C255B . 3088384 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll [-] 2008-06-23 . CC51CAD063737BC57732638C990C255B . 3088384 . . [6.00.2900.5626] . . c:\windows\$NtUninstallKB956390$\mshtml.dll [-] 2008-04-23 . 67F763A3FD377AFB75CD60BC10677EA1 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll [-] 2008-04-21 . 3F63F6905BE003FA3AA87D91C5997F43 . 3087872 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838_0$\mshtml.dll [-] 2008-04-21 . A7C4AB35FCAF4BB70D57D74C3602C701 . 3087872 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll [-] 2008-04-21 . A7C4AB35FCAF4BB70D57D74C3602C701 . 3087872 . . [6.00.2900.5583] . . c:\windows\$NtUninstallKB953838$\mshtml.dll [-] 2008-04-21 . 672278873C3BB6898FAFF498C78A99F8 . 3088384 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB950759$\mshtml.dll [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll [-] 2008-03-01 . 78D65657B4864C9ECD8079EEE5D1A6BA . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll [-] 2008-03-01 . 438C16DB8952A4E108E89B4C5E55C526 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll [-] 2007-12-07 . FF6518F3E721C4BC2C15262A1EABCEF7 . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . 88B6B490A22D720BE43B37C649AD1B4B . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll [-] 2007-10-30 . 80880B8B13A8005FDF3065DEB9E8043F . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll [-] 2007-08-20 . 1A1ECAD58E3400DDC405B30A30057437 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll [-] 2007-07-18 . AF15C3F7F8071CE05B1759B7AFAA1CDC . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll [-] 2007-06-15 . 34AF8680725DD035053A920683C373BB . 3085312 . . [6.00.2900.3157] . . c:\windows\$hf_mig$\KB937143\SP2QFE\mshtml.dll [-] 2007-06-15 . 34AF8680725DD035053A920683C373BB . 3085312 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB950759_0$\mshtml.dll [-] 2007-06-14 . 683372B959D5F69CE3B96266F757FE0B . 3079680 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB937143$\mshtml.dll [-] 2007-05-04 . D9B1913BA7F86A3758A2EAA2E8548A1D . 3085312 . . [6.00.2900.3132] . . c:\windows\$hf_mig$\KB933566\SP2QFE\mshtml.dll [-] 2007-05-04 . BFA1BA84ADE42D2F2F8A79D06B44A53A . 3079680 . . [6.00.2900.3132] . . c:\windows\$NtUninstallKB937143_0$\mshtml.dll [-] 2007-02-19 . 4E7FF99E55197D1A772A2152EE7BCB80 . 3077632 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\mshtml.dll [-] 2007-02-19 . 58777FEFC19FDDE25CB613EFC2B79605 . 3084288 . . [6.00.2900.3086] . . c:\windows\$hf_mig$\KB931768\SP2QFE\mshtml.dll [-] 2007-01-04 . 51E8C6369DB16D9F42826DC272C7CC09 . 3083264 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\mshtml.dll [-] 2007-01-04 . 3B25611555C91AF75B1AE6E9E46F2674 . 3077632 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\mshtml.dll [-] 2006-10-23 . B2C3664C38FB778922EDF24C783526BB . 3082240 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll [-] 2006-10-23 . D9646B8EE340C0E6061D001BCF1FF04D . 3076096 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll [-] 2006-09-14 . 757A68BF9CBAB1C0CA8580FBDAA3D645 . 3075584 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\mshtml.dll [-] 2006-09-14 . 64C50B7D71B8E2EF31806D8693B87681 . 3079680 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\mshtml.dll [-] 2006-07-28 . FB8009A211F49770D185B677242028A6 . 3079168 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll [-] 2006-07-28 . 5279BE2163D43987B4EF8CA7583E8349 . 3075072 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll [-] 2006-05-19 . 4F28F3A73CC983164857187F39D1E683 . 3073536 . . [6.00.2900.2912] . . c:\windows\$NtUninstallKB918899$\mshtml.dll [-] 2006-05-19 . FE29524C7865A3654570D08B6DDB21A8 . 3076096 . . [6.00.2900.2912] . . c:\windows\$hf_mig$\KB916281\SP2QFE\mshtml.dll [-] 2006-03-23 . F37385D022068930B4F3C19F80302CF6 . 3074560 . . [6.00.2900.2873] . . c:\windows\$NtUninstallKB916281$\mshtml.dll [-] 2006-03-23 . 23DA243CB47559DB090F074E7B1A106A . 3076608 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll [-] 2005-11-24 . FCAE3A45159DE7C92A8FAFD5D781D7B1 . 3013632 . . [6.00.2900.2802] . . c:\windows\$NtUninstallKB912812$\mshtml.dll [-] 2005-11-24 . 25BEB0FE406B51D230059D55DD4D8073 . 3016192 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll [-] 2005-10-05 . 3660E3C5182D286BEE71E2AF42889D5A . 3015680 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll [-] 2005-10-04 . F765EA3A7ADAB0E9C4A8698F2620CCB4 . 3013120 . . [6.00.2900.2769] . . c:\windows\$NtUninstallKB905915$\mshtml.dll [-] 2005-07-20 . 89881B165F5D47BBA473B4730DFF26B8 . 3014144 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll [-] 2005-07-20 . DDBE7ADD11664BE7AB98A431C522D233 . 3012096 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB896688$\mshtml.dll [-] 2005-05-02 . 4A8BADAD69F188573B99EAFFAD8BDE36 . 3012608 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll [-] 2005-05-02 . A84B1A1E5D482821E23A4CB135379BF3 . 3011072 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\mshtml.dll [-] 2005-03-10 . D9C48BC1DBBE8154703C6CB078044D08 . 3010560 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB883939$\mshtml.dll [-] 2005-03-10 . 8D9257DB6CB9AE5E2F3C7DBD88B14280 . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll [-] 2005-01-27 15:03 . 2CEA86656469554716FDE133CC35C480 . 2806272 . . [6.00.2800.1491] . . c:\windows\$NtUninstallKB890923-IE6SP1-20050225.103456$\mshtml.dll [-] 2004-08-04 . 43E31383850CFEA3C0F445BED9A700F4 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB890923$\mshtml.dll [-] 2003-04-08 . 28BA7BF8F2BB53E4DD9D43914142737E . 2833920 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB867282-IE6SP1-20050127.163319$\mshtml.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [-] 2003-04-08 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL [-] 2003-04-08 12:00 . E826A484EDE25C3AE19F1B8086511F4B . 267536 . . [4.20.6201] . . c:\windows\I386\WIN9XUPG\MSVCRT.DLL [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . FF59588E31F864FED9D0258969559A4B . 247296 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll [-] 2008-06-20 . 71AB52C70B9436C0A0B704FDE9D1A7CD . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll [-] 2004-08-04 . 0C53DB0671AB5A93D169DAFFC8DA11CF . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2004-08-04 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll [-] 2010-04-28 . 548AED38DF451C1783037390194A04DC . 2194304 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR\ntoskrnl.exe [-] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE\ntoskrnl.exe [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32\ntoskrnl.exe [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-10 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 13C15BFF7E82D3F9FD215ADD54A3929D . 2193536 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-08-04 . 270DE336026B0815F064BB8BD4CFD336 . 2193536 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165-v2$\ntoskrnl.exe [-] 2009-08-04 . 2F1443AB72A64182FD8258BBAE801EA7 . 2193664 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . 27380B877348030B0662A39C47AAEC11 . 2193408 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2008-08-14 . E332B6DE826D4222A758E3264AD8D520 . 2193536 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-08-14 . 3E5E63D926C5E9F81045F3646815D2A1 . 2193536 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [-] 2007-02-28 . 59DCA97DC201792C1CCF9FE621EE5ED7 . 2186496 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe [-] 2007-02-28 . CAAA8FD3C034A227691A43B60873F097 . 2184704 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe [-] 2006-12-19 . 4CB6C3B16587971C56AAA8A9B0511BC7 . 2186368 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe [-] 2006-12-19 . F609063BAE4D058A4019C4D99A1FD8DD . 2184704 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [-] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntoskrnl.exe [-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe [-] 2004-10-28 . A49D4E759C43334350BBDFCF83194502 . 2092672 . . [5.1.2600.1605] . . c:\windows\$NtUninstallKB890859_0$\ntoskrnl.exe [-] 2004-10-28 . A49D4E759C43334350BBDFCF83194502 . 2092672 . . [5.1.2600.1605] . . c:\windows\SoftwareDistribution\Download\b8341db1436dce67521cf460d64618b2\sp1qfe\ntoskrnl.exe [-] 2004-08-04 . 87AAEA3908E069FB1BE37380C895DFB8 . 2185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe [-] 2004-06-17 . 07B2A892B0D617922CB6E5776146AA42 . 2055808 . . [5.1.2600.1568] . . c:\windows\$NtUninstallKB885835_0$\ntoskrnl.exe [-] 2003-04-08 . ED3086CF7C835D8A3FD0E6FBD95C0F53 . 2046464 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\ntoskrnl.exe [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2004-08-04 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2004-08-04 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll [-] 2005-07-08 . C2A4E29888F45E7FC1FD64C83D5EA669 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll [-] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2007-03-08 . FA35431E333943F4B2A6D33FA4EE3CE9 . 579584 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 . CB18F701A5D55A6308FAB8D18322C060 . 579072 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2005-03-02 . 0B62745CE93E8C6F56547F70269DBABC . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 . A9F2EBFC6EF9C1FB38CEDCF747162B6C . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\user32.dll [-] 2005-03-02 . A9F2EBFC6EF9C1FB38CEDCF747162B6C . 578560 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll [-] 2004-12-29 . A31CAC81F627FEB537AFD5CF51150287 . 576000 . . [5.1.2600.1617] . . c:\windows\$NtUninstallKB890859_0$\user32.dll [-] 2004-08-04 . 8E5D344FD717D35EE7ED1C8E0AD0CBE6 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll [-] 2003-04-08 . 2E8CEC28BE4D9B830BA0AFF73C9279F7 . 561664 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB891711$\user32.dll [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe [-] 2010-06-24 . 8168F7D81CD04C83D7E04F3981A7D0F5 . 919040 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\wininet.dll [-] 2010-06-24 . A3D63C0EF4D32F1F04D9E9596AEA0FFE . 916480 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\wininet.dll [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . 2A850B8F7B435ACFB9DCD0A566FD720C . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . BB424C9406140FEAFB4732025BEBB69B . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2009-12-21 . FA2B753F8FE84904A6940589A43F30B4 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 4C145AB616871611FCE38F053C75807C . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 765E049E1F6E2EF9265B85E02DE487B5 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-10-29 . D906535CAB4BB8A60AC060351EDE159F . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 772A3480B543FB5280DE1679FA73E799 . 670208 . . [6.00.2900.5897] . . c:\windows\ie8\wininet.dll [-] 2009-10-29 . 77DA6400FF88337FE260CF87A530D64C . 671744 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll [-] 2009-09-25 . E3A0D172FF21D1F0B30CB3B9671ADEBF . 670208 . . [6.00.2900.5880] . . c:\windows\$NtUninstallKB976325$\wininet.dll [-] 2009-09-25 . 2A7566FCBB31765DC1D710EA5928D059 . 671744 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\wininet.dll [-] 2009-06-26 . 4D027430F9191F5398E5AC3767258475 . 669696 . . [6.00.2900.5835] . . c:\windows\$NtUninstallKB974455$\wininet.dll [-] 2009-06-26 . 61C88D0B3D62B1F2856883C91A904037 . 671232 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll [-] 2009-04-29 . CBB2C7EBD98F1CC84B6EF105547657BD . 669696 . . [6.00.2900.5803] . . c:\windows\$NtUninstallKB972260$\wininet.dll [-] 2009-04-29 . 482D2FD463A02A9E65CBC8045DA052FE . 671232 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll [-] 2009-02-20 . 61920ED8DAA8CEB90450A3C54563EB9A . 669184 . . [6.00.2900.5764] . . c:\windows\$NtUninstallKB969897$\wininet.dll [-] 2009-02-20 . 65EA1865F761726955258B650037CF2F . 670720 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll [-] 2008-10-16 . A9CB7C8F4FB538DCAA26FFF76C2F8F14 . 670208 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll [-] 2008-10-16 . FD8DC8F2FA8C3F3CC00C99018AF1530C . 669184 . . [6.00.2900.5694] . . c:\windows\$NtUninstallKB963027$\wininet.dll [-] 2008-08-20 . BC9059433D2F0889A71E3CDFF5AB2F71 . 669184 . . [6.00.2900.5659] . . c:\windows\$NtUninstallKB958215$\wininet.dll [-] 2008-08-20 . F77FD23458C5C4C16C37667FDDDCECBA . 669696 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll [-] 2008-06-23 . 745795941F497E1CB3918A4AD3BEDEEE . 670208 . . [6.00.2900.3395] . . c:\windows\$NtServicePackUninstall$\wininet.dll [-] 2008-06-23 . 8ADFF2F029A90FED04A322CBF084F3EA . 669184 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll [-] 2008-06-23 . 8ADFF2F029A90FED04A322CBF084F3EA . 669184 . . [6.00.2900.5626] . . c:\windows\$NtUninstallKB956390$\wininet.dll [-] 2008-06-23 . AE1A6AEA7F65F452C0916FB1399D832E . 669696 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll [-] 2008-04-23 . 49ECC612EE5B23CA669A1EB15EE6DB3E . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll [-] 2008-04-21 . 20238850AFE4A19A885CD5658433D60D . 669696 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838_0$\wininet.dll [-] 2008-04-21 . 0E4C070B2D83D7D76CF2A0384FA50750 . 669184 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll [-] 2008-04-21 . 0E4C070B2D83D7D76CF2A0384FA50750 . 669184 . . [6.00.2900.5583] . . c:\windows\$NtUninstallKB953838$\wininet.dll [-] 2008-04-21 . 438F668DDACCAD59F934772EE894A704 . 669696 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB950759$\wininet.dll [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll [-] 2008-03-01 . 0BC8124D6EA627A1BB864094A43C2698 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll [-] 2008-03-01 . 1073283DC2D66C5539301BAEF0BCB442 . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll [-] 2007-12-07 . 9294B445326B926BABC3F382F8410A31 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll [-] 2007-10-10 . 8AEB1E98D785BEA8278BDF2D3389D6E2 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll [-] 2007-10-10 . 79A07C04C00D4ACF47AFDB44E7FEF1CC . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll [-] 2007-08-20 . 077B22B5FEBAA055AAC0406413F53A5F . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll [-] 2007-06-27 . 1E9D35BA9240592A68BB5980AA23FDB9 . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll [-] 2007-06-26 . 7A0C9A702ED8F8695AC925C5B1850A07 . 668672 . . [6.00.2900.3164] . . c:\windows\$hf_mig$\KB937143\SP2QFE\wininet.dll [-] 2007-06-26 . 7A0C9A702ED8F8695AC925C5B1850A07 . 668672 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB950759_0$\wininet.dll [-] 2007-06-26 . 514AD1D91EE71CF2D93E6DD5423F5C13 . 662016 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB937143$\wininet.dll [-] 2007-04-18 . B2219D7AF938DE9372EB159C68FF83B5 . 668672 . . [6.00.2900.3121] . . c:\windows\$hf_mig$\KB933566\SP2QFE\wininet.dll [-] 2007-04-18 . 6B755E9D272AF1DAA6FA618329D2AB18 . 662016 . . [6.00.2900.3121] . . c:\windows\$NtUninstallKB937143_0$\wininet.dll [-] 2007-02-19 . 48E1C53BA8C6267BB97925EF729BDE90 . 668672 . . [6.00.2900.3086] . . c:\windows\$hf_mig$\KB931768\SP2QFE\wininet.dll [-] 2007-02-19 . 55BE69A43120FDA4CFB7C0C1F305DB1A . 662016 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\wininet.dll [-] 2007-01-04 . 243988BB76262D72A48E8312BF8A0231 . 668160 . . [6.00.2900.3059] . . c:\windows\$hf_mig$\KB928090\SP2QFE\wininet.dll [-] 2007-01-04 . 366EC67E75F81D891ADFCC9941F1DE45 . 662016 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\wininet.dll [-] 2006-10-23 . 7693CCDD13B082985CA0AC2862CBCAF7 . 667648 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll [-] 2006-10-23 . E30AD3B3927B33D894486EFACCD48014 . 662016 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll [-] 2006-09-14 . 75C38DD0613B2F170F8F6B2DCBDD6343 . 662016 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\wininet.dll [-] 2006-09-14 . 0D3A915A798CD9568ABDBBE55489DD51 . 667648 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll [-] 2006-06-23 . 0960FA973421FF4630D024843341509E . 667648 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll [-] 2006-06-23 . 91A1532762382C31DA0103946B4A20D3 . 662016 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll [-] 2006-05-10 . 79C938AB59D5FDB3A4297C117A6858D5 . 666624 . . [6.00.2900.2904] . . c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll [-] 2006-05-10 . FE03AAC620CDFCD835F18760D71F6E6E . 661504 . . [6.00.2900.2904] . . c:\windows\$NtUninstallKB918899$\wininet.dll [-] 2006-03-04 . B81CF479B43ED1CA2DF12C878B596B2E . 666624 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll [-] 2006-03-04 . 7DCC79C2DE609F74AA67E16E8E77AF4C . 661504 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB916281$\wininet.dll [-] 2005-10-21 . 24059DA5B7131CB82C2B8A39701D93F9 . 661504 . . [6.00.2900.2781] . . c:\windows\$NtUninstallKB912812$\wininet.dll [-] 2005-10-21 . 06AE5BD6363190E622F1AA91591F41C4 . 664576 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll [-] 2005-09-02 . 632629B24EB816FE354F66B48513E104 . 663552 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll [-] 2005-09-02 . FBC6550971ED432F77E35DD376D573B0 . 661504 . . [6.00.2900.2753] . . c:\windows\$NtUninstallKB905915$\wininet.dll [-] 2005-07-03 . C9567D2CD2441DFF60814E721EF6EB43 . 661504 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB896688$\wininet.dll [-] 2005-07-03 . C167930AEEF3C1739F340D5758834B01 . 662528 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll [-] 2005-05-02 . C048C90CE1CE329AB9E1E412DEC87920 . 662016 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll [-] 2005-05-02 . 2D9BCCC29C0F34794DADE5E4C95E9239 . 660992 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\wininet.dll [-] 2005-03-10 . 810BBD0592B40908C5D88B9E7823B54D . 659968 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB883939$\wininet.dll [-] 2005-03-10 . 8010EECE634E0F3D6FF176457DF63619 . 660992 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll [-] 2004-12-07 18:19 . B74A58F27BA66936CC6CAE53AB2E8CBA . 593920 . . [6.00.2800.1485] . . c:\windows\$NtUninstallKB890923-IE6SP1-20050225.103456$\wininet.dll [-] 2004-08-04 . 6C7E1322898378C30BCD9F779A2621EE . 659456 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB890923$\wininet.dll [-] 2003-04-08 . 87DF44F9B70BBF94D4143C21A5CB42BA . 602112 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB867282-IE6SP1-20050127.163319$\wininet.dll [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2004-08-04 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2007-06-13 . 147E95A42A58CE99E403F7F57656BBEB . 1036800 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2007-06-13 . 1D6245AFBD3FAABC16A885116BE1874D . 1036800 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe [-] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\system32\ole32.dll [-] 2005-07-26 . 588443247F2EE6A61B5864B64A7E270E . 1284608 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll [-] 2005-07-26 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll [-] 2005-04-28 . 5C3B15C45ADF30B024927F1A0823BD16 . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll [-] 2005-04-28 . 48629EDCD92AA071554304F9F9E96E38 . 1284608 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll [-] 2005-01-14 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\ole32.dll [-] 2005-01-14 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll [-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll [-] 2004-08-04 . 602969286376832E3F49F54E4F0F051A . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll [-] 2004-03-06 . 4F659421A1AD32AD4FF95751ACBDBC4E . 1183744 . . [5.1.2600.1362] . . c:\windows\$NtUninstallKB873333_0$\ole32.dll [-] 2003-04-08 . 8C57515321D7FFD77ADD70517D7BE737 . 1169920 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB828741$\ole32.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2004-08-04 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll [-] 2006-12-19 . D6F2B8963663F2014FAFCD8E15E4E778 . 135168 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] 2006-12-19 . 20A1DFA416579DACEE28E15E331C3930 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll [-] 2004-10-28 . 40EFC4BD8F43AFC13A3E3147FCBEAB4E . 117248 . . [6.00.2800.1605] . . c:\windows\SoftwareDistribution\Download\b8341db1436dce67521cf460d64618b2\sp1qfe\shsvcs.dll [-] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll [-] 2003-04-08 . 99792E295E5A4E7BCD08F4D708E16AAB . 116736 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB885835_0$\shsvcs.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll [-] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll [-] 2003-04-08 . 5239C9913F5166838D772BF4A61C7844 . 160256 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB841873$\schedsvc.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2004-08-04 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll [-] 2003-04-08 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys [-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys [-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys [-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll [-] 2006-11-01 19:19 . 13E52326F0F19A1A8D34681E3444E8D1 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll [-] 2003-04-08 12:00 . 8EED1D71C14C356684E586B0A7DB6BCE . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2004-08-04 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll [-] 2003-04-08 . F9DAEE255E7ED81BC6DCD67BFEF826EA . 34304 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB828035$\msgsvc.dll [-] 2005-01-28 07:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [-] 2005-01-28 07:53 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\mspmsnsv.dll [-] 2004-08-04 08:03 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll [-] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE\ntkrnlpa.exe [-] 2010-04-28 . F98305BD47DC7A0B2A978000E3C31FAB . 2071168 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR\ntkrnlpa.exe [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-10 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . F63B0CC3CE1E6E8EA39B4933B595C73A . 2070400 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-08-04 . AB21A63A3B15653043E71126E5BBE3DE . 2070528 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . BF6965EA17CC1E48DA287783AEEF3CDB . 2070400 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165-v2$\ntkrnlpa.exe [-] 2009-02-10 . 6A94A7317E28B6543D94174F9016BB68 . 2070400 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . DE961B54D30C7DD6AA6C3BD27D584E30 . 2070400 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . C92E65CBB38161373319BB11340DE919 . 2070400 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [-] 2007-02-28 . F51B8D8B0703518349096604E788B83E . 2063744 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe [-] 2007-02-28 . 57B09AD681C1D8DB77CCC3E92D8F5D14 . 2061952 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe [-] 2006-12-19 . 4BF54C0431A9BB0BCE6C821CD4018F7D . 2063744 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe [-] 2006-12-19 . 6D080DDC482E83A69C9A862C247FA50D . 2061952 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [-] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe [-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2GDR\ntkrnlpa.exe [-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe [-] 2004-10-28 . D345DCF163BDE4E2AE74026077B657F0 . 1960064 . . [5.1.2600.1605] . . c:\windows\$NtUninstallKB890859_0$\ntkrnlpa.exe [-] 2004-10-28 . D345DCF163BDE4E2AE74026077B657F0 . 1960064 . . [5.1.2600.1605] . . c:\windows\SoftwareDistribution\Download\b8341db1436dce67521cf460d64618b2\sp1qfe\ntkrnlpa.exe [-] 2004-08-04 . E0399688D466B7C3AFDFFB5A2ED9F351 . 2061184 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe [-] 2004-06-17 . 67309819BE2F65C24138983BA3236913 . 1958912 . . [5.1.2600.1568] . . c:\windows\$NtUninstallKB885835_0$\ntkrnlpa.exe [-] 2003-04-08 . 13C45289C0E4F23CF129417DCA1F2F6E . 1952128 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\ntkrnlpa.exe [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2004-08-04 08:03 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [-] 2007-02-05 . 063B30C37E3902760919D3E5D98CC7C9 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll [-] 2007-02-05 . DE0A3D72D98A08A115300E2B2DC4374B . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll [-] 2004-08-04 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll [-] 2004-07-09 03:27 . 0568B105D80634F3059185B9317D74CA . 363520 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll [-] 2004-08-04 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2004-08-04 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll [-] 2004-07-09 03:27 . 595E0EF7ECB3D19DAC621D0EFE80C86E . 265728 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2004-08-04 08:03 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2004-08-04 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0stera [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [7/03/2010 4:01 108289] S1 ctredr15.sys;ctredr15.sys;\??\c:\windows\system32\drivers\ctredr15.sys --> c:\windows\system32\drivers\ctredr15.sys [?] S1 ctredrv.sys;ctredrv.sys;\??\c:\windows\system32\drivers\ctredrv.sys --> c:\windows\system32\drivers\ctredrv.sys [?] S3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?] S3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?] S3 hitmanpro2;Hitman Pro 2 Driver;\??\c:\program files\Hitman Pro\hitmanpro2.sys --> c:\program files\Hitman Pro\hitmanpro2.sys [?] . Inhoud van de 'Gedeelde Taken' map . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mWindow Title = Telenet Internet uInternet Settings,ProxyServer = pac.telenet.be:8080 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\icd40qnr.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/firefox FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search= FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-11 20:30 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(2356) c:\windows\system32\webcheck.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\System32\wdfmgr.exe c:\program files\Avira\AntiVir Desktop\avnotify.exe . ************************************************************************** . Voltooingstijd: 2010-08-11 20:47:58 - machine werd herstart ComboFix-quarantined-files.txt 2010-08-11 18:47 Pre-Run: 39.832.211.456 bytes beschikbaar Post-Run: 39.809.818.624 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn - - End Of File - - F7C0C43C22B4A5B1D3F548FABB7C3F02 -
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
thanks! de verbinding is idd al wat sneller maar toch nog niet wat ik verwachtte... maar heb hier op het forum iets van combofix gelezen, voor wat is dat? kan ik voortaan dan die stappen doen: MBAM, HJT en CCcleaner? welke browser is het meest optimaal? mozilla of IE? hoe haal je het stof uit de ventilator van de pc? gewoon met de stofzuiger? grtjs -
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
HJT Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:54:54, on 10/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\spider.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pac.telenet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [PoivY] "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- End of file - 3645 bytes MBAM Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4408 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 10/08/2010 21:09:49 mbam-log-2010-08-10 (21-09-49).txt Scantype: Snelle scan Objecten gescand: 129603 Verstreken tijd: 13 minuut/minuten, 21 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) NOGMAALS BEDANKT! -
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
LOG MBAM Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4408 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 9/08/2010 4:10:28 mbam-log-2010-08-09 (04-10-28).txt Scantype: Snelle scan Objecten gescand: 131619 Verstreken tijd: 2 uur/uren, 28 minuut/minuten, 5 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 2 Registersleutels geïnfecteerd: 69 Registerwaarden geïnfecteerd: 5 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 49 Bestanden geïnfecteerd: 68 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.dll (Adware.DoubleD) -> Delete on reboot. C:\Program Files\Web Search Operator\3.1.0.1840\WSOCommon.dll (Adware.Agent) -> Delete on reboot. Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1081d532-7de4-40bd-b912-388fa6b27c78} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{629cd6c2-e4c5-4554-aeb8-12e4e2cd40ff} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{dd469a88-316c-441d-b712-783d9b9a6707} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{d28cd14c-50be-4cfa-951e-b37f25da3472} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{981bda1d-c8ad-46ff-be2c-fddd859ac6f5} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{2a743834-05f4-4ed4-8a1c-41332b10ac0c} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{565dd573-549e-4da9-8cd7-6ae3df25339a} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{f5b8c69c-9b45-4a6a-9380-df225c546ae7} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{d724f038-df89-4a1a-83d1-fd9164b78077} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{502f728b-67b8-409e-bceb-7ee8632f321a} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{d2cd81e5-cc37-44b3-93b7-c52cb993ba34} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{da295dae-fce7-4168-bcb8-edc3a433bd97} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ed40af28-f03f-492a-9542-e24945cd65aa} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e6bb8b70-8ad2-43b6-a952-83e462ce80de} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Local AppWizard-Generated Applications\AlertSpy (Rogue.AlertSpy) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\winantivirus pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Delete on reboot. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\QuestService Service (Adware.DoubleD) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\bootstera (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. C:\Program Files\Common Files\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer (Adware.Agent) -> Delete on reboot. C:\Program Files\Automated Content Enhancer\4.1.0.5190 (Adware.Agent) -> Delete on reboot. C:\Program Files\Automated Content Enhancer\4.1.0.5190\Data (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF (Adware.Agent) -> Delete on reboot. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome (Adware.Agent) -> Delete on reboot. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Content Management Wizard (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Content Management Wizard\1.1.0.1870 (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer (Adware.Agent) -> Delete on reboot. C:\Program Files\Customized Platform Advancer\3.1.0.1630 (Adware.Agent) -> Delete on reboot. C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF (Adware.Agent) -> Delete on reboot. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome (Adware.Agent) -> Delete on reboot. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190 (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\MyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1610 (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1610\data (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1610\for_anti_av (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1610\for_anti_av\1.1.0.1610 (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator (Adware.Agent) -> Delete on reboot. C:\Program Files\Web Search Operator\3.1.0.1840 (Adware.Agent) -> Delete on reboot. C:\Program Files\Web Search Operator\3.1.0.1840\Data (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\FF (Adware.Agent) -> Delete on reboot. C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome (Adware.Agent) -> Delete on reboot. C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\FF\components (Adware.Agent) -> Delete on reboot. C:\Documents and Settings\user\Local Settings\Application Data\Automated Content Enhancer (Adware.DoubleD) -> Delete on reboot. C:\Documents and Settings\user\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190 (Adware.DoubleD) -> Delete on reboot. C:\Documents and Settings\user\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190 (Adware.DoubleD) -> Files: 797 -> Delete on reboot. C:\Documents and Settings\user\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Delete on reboot. C:\Documents and Settings\user\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630 (Adware.DoubleD) -> Delete on reboot. C:\Documents and Settings\user\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630 (Adware.DoubleD) -> Files: 801 -> Delete on reboot. C:\Documents and Settings\user\Local Settings\Application Data\HottieStar Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Local Settings\Application Data\Textual Content Provider (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Local Settings\Application Data\Textual Content Provider\1.1.0.1610 (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Local Settings\Application Data\Web Search Operator\3.1.0.1840 (Adware.DoubleD) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.dll (Adware.DoubleD) -> Delete on reboot. C:\Program Files\Web Search Operator\3.1.0.1840\WSO.dll (Adware.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\bpssc1.1.dll (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Application Data\WinAntiVirus Pro 2006\PGE.dat (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACECommon.dll (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\ACEAddOn.jar (Adware.Agent) -> Delete on reboot. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\content\ACEAddOn.js (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\content\ACEAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components\ACEFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components\ACEFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Content Management Wizard\1.1.0.1870\cmwsh.dll (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Content Management Wizard\1.1.0.1870\config.mx (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Content Management Wizard\1.1.0.1870\data.mx (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Content Management Wizard\1.1.0.1870\exclude.mx (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Content Management Wizard\1.1.0.1870\MatchingData.zd5 (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Content Management Wizard\1.1.0.1870\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Content Management Wizard\1.1.0.1870\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Content Management Wizard\1.1.0.1870\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPACommon.dll (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Delete on reboot. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Internet Today\1.1.0.1190\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\QuestService\questservice.exe (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1610\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1610\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1610\data\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1610\data\TP_Config.mx (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1610\data\TP_Data.mx (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Textual Content Provider\1.1.0.1610\data\TP_DomainExcludeList.mx (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\WSOCommon.dll (Adware.Agent) -> Delete on reboot. C:\Program Files\Web Search Operator\3.1.0.1840\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Delete on reboot. C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Web Search Operator\3.1.0.1840\FF\components\WSOFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_Data.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_DomainExcludeList.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\user\Local Settings\Application Data\Web Search Operator\3.1.0.1840\config.md (Adware.DoubleD) -> Quarantined and deleted successfully. C:\WINDOWS\system32\stera.job (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully. (had dit ook al eerder gedaan en erna alles gewist) NIEUWE LOG HJT Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:18:11, on 10/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\spider.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pac.telenet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing) O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [PoivY] "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- End of file - 4613 bytes groetjes -
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
oei, heb ik dan 'noodzakelijke' dingen verwijderd?? :s -
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
het prog van HJT kende ik via via. ik heb die scan eergisteren ook uitgevoerd en dan op fix checked geklikt, candaar dat ik nu maar weinig krijg, kan dit? heb dat vorig logje wel ff bewaard, zie hieronder: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:49:42, on 9/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgfws9.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pac.telenet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - (no file) O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [smartVoip] "C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe" -nosplash -minimized O4 - HKCU\..\Run: [PoivY] "C:\Program Files\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://www.speakychat.info/speakyldr.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://66.252.1.214/talk.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/NET/Import/ImageUploader4.cab O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.be/net/Import/ImageUploader3.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.be/ImageUploader4.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} (Pixum EasyUploadX Control) - http://www.pixum.de/int/EasyUpload/ImgUploader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O21 - SSODL: mtklefa - {0F1C3F2F-6231-4376-04AE-C13AE02C92D5} - (no file) O21 - SSODL: mtklefap - {777A37EF-7EA5-4B99-3583-4B045F4DB811} - (no file) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O24 - Desktop Component 0: (no name) - http://www.babybrabbel.nl/dynban/cyclusbanner/1135292400/28/2.png O24 - Desktop Component 1: (no name) - http://daisypath.com/ani/060313/3/2/+10/2 O24 - Desktop Component 2: (no name) - http://amin.beebiesite.be/final/home/images/tmp/7959.png O24 - Desktop Component 3: (no name) - http://www.babybrabbel.nl/dynban/babybanner/1125690000/5/1/1/255/165/165/0/148/206/amin.png O24 - Desktop Component 4: (no name) - Glitter Graphics - Myspace Comments - Glitter Your Way O24 - Desktop Component 5: (no name) - Glitter Graphics - Myspace Comments - Glitter Your Way O24 - Desktop Component 6: (no name) - http://tickers.tickerfactory.com/ezt/d/2;54;28/st/20050902/n/Amin/k/3373/age.png O24 - Desktop Component 7: (no name) - http://tickers.tickerfactory.com/ezt/d/4;10732;127/st/20060705/e/Marokko/k/7421/event.png O24 - Desktop Component 8: (no name) - http://daisypath.com/pic/051227/2818ec4.jpg -- End of file - 9533 bytes ---------- Post toegevoegd om 15:59 ---------- Vorige post was om 15:57 ---------- avg heb ik al lang geleden geinstalleerd maar krijg ik dus niet gedeinstalleerd... kan dit? als i via 'software' dit probeer te verwijderen, krijg ik de melding dat dit niet gaat. avira staat er sinds maart op. is dit een goed antivirus prog? alvast dikke merci! -
alles supertraag: opstart pc + internet
nbent reageerde op nbent's topic in Archief Bestrijding malware & virussen
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:38:04, on 10/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgfws9.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pac.telenet.be:8080 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- End of file - 2051 bytes btw: ik reageer nu via internet explorer, normaal gebruik ik mozilla, maar daar krijg ik mn bericht niet geplaatst?? -
alles supertraag: opstart pc + internet
nbent plaatste een topic in Archief Bestrijding malware & virussen
hallo het probleem begint al bij het opstarten van de pc. (zonder connectie met internet te maken!) als ik in de startmenu iets wil aanvinken duurt het even voor de balk zich uitrolt. als ik dan iets aan klik duurt het ook veel te lang voor ik te zien krijg wat ik wil. internet: idem. vaak loopt alles vast (wit vierkante in bovenste balk + 'reageert ni' melding) ook soms melding: onvoldoende virtueel geheugen. ik heb de express XL verbinding van telenet, dus daar kan het niet aan liggen. virussen mss? te veel rommel op pc? grtjs
