Ga naar inhoud

nbent

Lid
  • Items

    50
  • Registratiedatum

  • Laatst bezocht

nbent's prestaties

  1. opmerkelijk beter ;-) zat er een beestje in de laptop?
  2. ComboFix 12-09-22.02 - g 22-09-2012 20:45:57.4.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.502.247 [GMT 2:00] Gestart vanuit: c:\documents and settings\g\Bureaublad\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\URTTemp c:\windows\system32\URTTemp\regtlib.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-22 to 2012-09-22 )))))))))))))))))))))))))))))) . . 2012-09-22 13:03 . 2012-09-22 13:03 -------- d--h--r- c:\documents and settings\g\Onlangs geopend 2012-08-30 18:41 . 2012-08-30 18:41 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2012-08-30 18:41 . 2012-08-30 18:41 -------- d-----w- c:\program files\DVDVideoSoft 2012-08-30 18:40 . 2012-08-30 18:43 -------- d-----w- c:\documents and settings\g\Application Data\DVDVideoSoft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-21 16:24 . 2012-05-30 06:32 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-21 16:24 . 2011-12-11 17:28 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-07 15:04 . 2011-12-09 12:36 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 15:17 . 2009-06-13 17:27 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:17 . 2009-06-13 17:27 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-28 15:17 . 2008-04-15 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07 . 2009-06-13 17:29 385024 ----a-w- c:\windows\system32\html.iec 2012-07-06 13:58 . 2008-04-15 12:00 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 13:59 . 2011-12-09 10:55 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 18:21 . 2009-06-13 17:30 1875200 ----a-w- c:\windows\system32\win32k.sys 2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll 2012-09-07 17:51 . 2012-09-07 17:51 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "Athan"="c:\program files\Athan\Athan.exe" [2011-11-20 1204224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2009-03-08 128512] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= . R0 iastor78;iastor78;c:\windows\system32\drivers\iastor78.sys [14-6-2009 17:02 308248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9-12-2011 14:42 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9-12-2011 14:42 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9-12-2011 14:42 20568] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [18-9-2012 13:59 399432] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [30-4-2012 21:54 676936] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9-12-2011 14:36 22856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30-5-2012 8:32 250288] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6-5-2012 16:33 114144] S3 SteComposite;Acer Composite USB Service;c:\windows\system32\drivers\ste_compo.sys [24-6-2010 15:42 75264] . Inhoud van de 'Gedeelde Taken' map . 2012-09-22 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 16:24] . . ------- Bijkomende Scan ------- . uStart Page = Google IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 FF - ProfilePath - c:\documents and settings\g\Application Data\Mozilla\Firefox\Profiles\712ra1hw.default\ FF - prefs.js: browser.startup.homepage - google.be . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-09-22 20:55 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2012-09-22 20:58:27 ComboFix-quarantined-files.txt 2012-09-22 18:58 ComboFix2.txt 2012-06-03 17:28 . Pre-Run: 47.791.173.632 bytes beschikbaar Post-Run: 48.419.295.232 bytes beschikbaar . - - End Of File - - 27944AB45AEA2AB32D742208A53EB81E
  3. Hallo Wie kan me helpen het HJT logje onder de loep te nemen?? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:14:25, on 22-9-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\taskswitch.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Athan\Athan.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\DOCUME~1\g\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- End of file - 6138 bytes alvast dikke merci!
  4. ComboFix 12-06-03.01 - g 03-06-2012 19:14:07.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.502.275 [GMT 2:00] Gestart vanuit: c:\documents and settings\g\Bureaublad\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-03 to 2012-06-03 )))))))))))))))))))))))))))))) . . 2012-06-02 20:57 . 2012-06-02 20:57 -------- d--h--r- c:\documents and settings\g\Onlangs geopend 2012-05-30 06:32 . 2012-05-30 06:32 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-06 14:33 . 2012-05-06 14:33 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-05-06 14:33 . 2012-05-06 14:33 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe 2012-05-06 14:33 . 2012-05-06 14:33 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-30 06:32 . 2011-12-11 17:28 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-11 13:51 . 2009-02-09 11:19 2073472 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-11 13:51 . 2009-06-13 17:30 1871488 ----a-w- c:\windows\system32\win32k.sys 2012-04-11 13:51 . 2009-06-13 17:29 2196992 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-04 13:56 . 2011-12-09 12:36 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-06 14:33 . 2011-12-09 12:28 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-01-03_18.30.44 ))))))))))))))))))))))))))))))))))))))))) . + 2011-05-13 19:17 . 2011-05-13 19:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll + 2011-05-13 18:45 . 2011-05-13 18:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll + 2011-05-13 18:45 . 2011-05-13 18:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll + 2011-05-13 18:45 . 2011-05-13 18:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll + 2011-05-13 18:45 . 2011-05-13 18:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll + 2011-05-13 18:45 . 2011-05-13 18:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll + 2011-05-13 18:45 . 2011-05-13 18:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll + 2011-05-13 18:45 . 2011-05-13 18:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll + 2011-05-13 18:45 . 2011-05-13 18:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll + 2011-05-13 18:45 . 2011-05-13 18:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll + 2011-05-14 00:06 . 2011-05-14 00:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll + 2011-05-14 00:23 . 2011-05-14 00:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll + 2011-05-13 17:37 . 2011-05-13 17:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll + 2012-06-03 08:15 . 2012-06-03 08:15 16384 c:\windows\Temp\Perflib_Perfdata_9c0.dat + 2011-12-12 15:34 . 2009-02-27 02:42 66440 c:\windows\system32\spool\drivers\w32x86\msonpui.dll + 2011-12-12 15:34 . 2009-02-27 02:42 66440 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll + 2008-04-15 12:00 . 2012-05-12 22:07 92124 c:\windows\system32\perfc013.dat + 2008-04-15 12:00 . 2012-05-12 22:07 72484 c:\windows\system32\perfc009.dat + 2008-04-15 12:00 . 2011-11-20 06:12 60928 c:\windows\system32\packager.exe + 2011-12-12 15:34 . 2009-02-27 02:42 31640 c:\windows\system32\msonpmon.dll + 2009-06-13 17:27 . 2012-03-01 11:00 66560 c:\windows\system32\mshtmled.dll - 2009-06-13 17:27 . 2011-11-04 19:13 66560 c:\windows\system32\mshtmled.dll + 2011-12-09 10:55 . 2012-03-01 11:00 55296 c:\windows\system32\msfeedsbs.dll - 2011-12-09 10:55 . 2011-11-04 19:13 55296 c:\windows\system32\msfeedsbs.dll - 2008-04-15 12:00 . 2008-04-15 12:00 23040 c:\windows\system32\mciseq.dll + 2008-04-15 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll - 2009-06-13 17:27 . 2011-11-04 19:13 43520 c:\windows\system32\licmgr10.dll + 2009-06-13 17:27 . 2012-03-01 11:00 43520 c:\windows\system32\licmgr10.dll - 2009-06-13 17:27 . 2011-11-04 19:13 25600 c:\windows\system32\jsproxy.dll + 2009-06-13 17:27 . 2012-03-01 11:00 25600 c:\windows\system32\jsproxy.dll + 2012-01-27 18:20 . 2008-04-13 21:15 26112 c:\windows\system32\drivers\usbser.sys + 2010-06-24 13:42 . 2010-06-24 13:42 75264 c:\windows\system32\drivers\ste_compo.sys - 2011-12-09 14:01 . 2011-11-04 19:13 12800 c:\windows\system32\dllcache\xpshims.dll + 2011-12-09 14:01 . 2012-03-01 11:00 12800 c:\windows\system32\dllcache\xpshims.dll + 2012-01-27 18:20 . 2008-04-13 21:15 26112 c:\windows\system32\dllcache\usbser.sys + 2012-01-11 10:16 . 2011-11-20 06:12 60928 c:\windows\system32\dllcache\packager.exe - 2009-03-08 03:31 . 2011-11-04 19:13 66560 c:\windows\system32\dllcache\mshtmled.dll + 2009-03-08 03:31 . 2012-03-01 11:00 66560 c:\windows\system32\dllcache\mshtmled.dll + 2011-12-09 14:01 . 2012-03-01 11:00 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2011-12-09 14:01 . 2011-11-04 19:13 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2012-01-11 10:16 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll + 2009-03-08 03:34 . 2012-03-01 11:00 43520 c:\windows\system32\dllcache\licmgr10.dll - 2009-03-08 03:34 . 2011-11-04 19:13 43520 c:\windows\system32\dllcache\licmgr10.dll + 2009-03-08 03:33 . 2012-03-01 11:00 25600 c:\windows\system32\dllcache\jsproxy.dll - 2009-03-08 03:33 . 2011-11-04 19:13 25600 c:\windows\system32\dllcache\jsproxy.dll + 2012-01-04 20:29 . 2012-01-04 20:29 19968 c:\windows\Installer\762f63.msi + 2012-03-25 14:58 . 2012-03-25 14:58 22016 c:\windows\Installer\1207b57.msi - 2011-12-12 15:34 . 2011-12-20 07:42 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2011-12-12 15:34 . 2012-05-12 22:15 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2011-12-12 15:34 . 2012-05-12 22:15 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2011-12-12 15:34 . 2012-05-12 22:15 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2012-01-03 08:45 . 2012-01-03 08:45 16832 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\ViewerPS.dll + 2012-01-03 21:51 . 2012-01-03 21:51 37296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\reader_sl.exe + 2012-01-03 08:44 . 2012-01-03 08:44 79280 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\PDFPrevHndlr.dll + 2012-01-03 21:15 . 2012-01-03 21:15 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\eula.exe + 2012-01-03 20:52 . 2012-01-03 20:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\acrotextextractor.exe + 2012-01-03 07:19 . 2012-01-03 07:19 16824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroRd32Info.exe + 2012-01-03 07:16 . 2012-01-03 07:16 75200 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\acroiehelpershim.dll + 2012-01-03 07:16 . 2012-01-03 07:16 61888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroIEHelper.dll + 2006-07-24 09:50 . 2006-07-24 09:50 47920 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\VBAME.DLL + 2009-02-26 14:24 . 2009-02-26 14:24 71536 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONFILTER.DLL + 2009-02-26 14:24 . 2009-02-26 14:24 97680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONENOTEM.EXE + 2006-07-24 09:50 . 2006-07-24 09:50 92976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSADDNDR.DLL + 2011-12-12 15:31 . 2011-12-12 15:31 35648 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OLCTLPIA.DLL + 2009-04-02 11:01 . 2009-04-02 11:01 56680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXP_XPS.DLL + 2009-04-03 17:46 . 2009-04-03 17:46 97640 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXP_PDF.DLL + 2006-10-26 19:13 . 2006-10-26 19:13 56192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACECNFLT.EXE + 2012-04-11 19:34 . 2011-12-17 19:42 12800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll + 2012-04-11 19:34 . 2011-12-17 19:42 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll + 2012-04-11 19:34 . 2011-12-17 19:42 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll + 2012-04-11 19:34 . 2011-12-17 19:42 43520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll + 2012-04-11 19:34 . 2011-12-17 19:42 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll + 2012-02-16 09:47 . 2011-11-04 19:13 12800 c:\windows\ie8updates\KB2647516-IE8\xpshims.dll + 2012-02-16 09:47 . 2011-11-04 19:13 66560 c:\windows\ie8updates\KB2647516-IE8\mshtmled.dll + 2012-02-16 09:47 . 2011-11-04 19:13 55296 c:\windows\ie8updates\KB2647516-IE8\msfeedsbs.dll + 2012-02-16 09:47 . 2011-11-04 19:13 43520 c:\windows\ie8updates\KB2647516-IE8\licmgr10.dll + 2012-02-16 09:47 . 2011-11-04 19:13 25600 c:\windows\ie8updates\KB2647516-IE8\jsproxy.dll + 2012-04-11 19:31 . 2012-04-11 19:31 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_9f8cd7bc\System.Drawing.Design.dll + 2012-05-13 07:49 . 2012-05-13 07:49 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\7aac1fe67890463655aeeb3b8e4f2884\System.Web.DynamicData.Design.ni.dll + 2012-05-13 08:38 . 2012-05-13 08:38 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll + 2012-05-13 08:38 . 2012-05-13 08:38 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll + 2012-05-12 22:10 . 2012-05-12 22:10 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe + 2012-05-12 22:09 . 2012-05-12 22:09 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll + 2012-05-13 08:36 . 2012-05-13 08:36 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe + 2012-05-13 08:34 . 2012-05-13 08:34 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll + 2012-05-12 22:06 . 2012-05-12 22:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2012-01-01 10:58 . 2012-01-01 10:58 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2012-05-12 22:06 . 2012-05-12 22:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2012-01-01 10:58 . 2012-01-01 10:58 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2012-01-01 10:59 . 2012-01-01 10:59 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2012-05-12 22:06 . 2012-05-12 22:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2012-05-12 22:07 . 2012-05-12 22:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2012-01-01 11:00 . 2012-01-01 11:00 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2012-05-12 22:06 . 2012-05-12 22:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2012-01-01 11:00 . 2012-01-01 11:00 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2012-01-01 11:00 . 2012-01-01 11:00 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2012-05-12 22:06 . 2012-05-12 22:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2012-05-12 22:06 . 2012-05-12 22:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2012-01-01 10:59 . 2012-01-01 10:59 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2012-05-12 22:06 . 2012-05-12 22:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2012-01-01 10:59 . 2012-01-01 10:59 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2012-01-01 11:00 . 2012-01-01 11:00 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2012-05-12 22:06 . 2012-05-12 22:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2012-01-01 11:00 . 2012-01-01 11:00 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2012-05-12 22:06 . 2012-05-12 22:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2012-01-01 11:00 . 2012-01-01 11:00 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2012-05-12 22:06 . 2012-05-12 22:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2012-05-12 22:06 . 2012-05-12 22:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-01-01 11:00 . 2012-01-01 11:00 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-01-01 11:00 . 2012-01-01 11:00 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-05-12 22:06 . 2012-05-12 22:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-03-20 11:58 . 2012-03-20 11:58 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll + 2012-03-20 11:57 . 2012-03-20 11:57 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll - 2011-12-17 16:08 . 2011-12-17 16:08 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll + 2012-03-20 11:58 . 2012-03-20 11:58 34696 c:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll + 2012-01-12 19:37 . 2008-04-15 12:00 23040 c:\windows\$NtUninstallKB2598479$\mciseq.dll + 2012-01-12 09:19 . 2008-04-15 12:00 58880 c:\windows\$NtUninstallKB2584146$\packager.exe + 2012-04-11 19:34 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2675157-IE8\update\spcustom.dll + 2012-04-11 19:34 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2675157-IE8\spmsg.dll + 2012-04-11 17:03 . 2012-03-01 10:56 12800 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\xpshims.dll + 2012-04-11 17:03 . 2012-03-01 10:56 66560 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtmled.dll + 2012-04-11 17:03 . 2012-03-01 10:56 55296 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\msfeedsbs.dll + 2012-04-11 17:03 . 2012-03-01 10:56 43520 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\licmgr10.dll + 2012-04-11 17:03 . 2012-03-01 10:56 25600 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\jsproxy.dll + 2012-02-16 09:46 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2661637\update\spcustom.dll + 2012-02-16 09:46 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2661637\spmsg.dll + 2012-04-11 19:26 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2653956\update\spcustom.dll + 2012-04-11 19:26 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2653956\spmsg.dll + 2012-03-14 08:28 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2647518\update\spcustom.dll + 2012-03-14 08:28 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2647518\spmsg.dll + 2012-02-16 09:47 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2647516-IE8\update\spcustom.dll + 2012-02-16 09:47 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2647516-IE8\spmsg.dll + 2012-02-16 07:18 . 2011-12-17 19:41 12800 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\xpshims.dll + 2012-02-16 07:18 . 2011-12-17 19:41 66560 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtmled.dll + 2012-02-16 07:18 . 2011-12-17 19:41 55296 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\msfeedsbs.dll + 2012-02-16 07:18 . 2011-12-17 19:41 43520 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\licmgr10.dll + 2012-02-16 07:18 . 2011-12-17 19:41 25600 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\jsproxy.dll + 2012-01-12 19:37 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2603381\update\spcustom.dll + 2012-01-12 19:37 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2603381\spmsg.dll + 2012-01-12 19:37 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2598479\update\spcustom.dll + 2012-01-12 19:37 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2598479\spmsg.dll + 2012-01-11 10:16 . 2011-10-14 14:45 23040 c:\windows\$hf_mig$\KB2598479\SP3QFE\mciseq.dll + 2012-01-12 09:19 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2584146\update\spcustom.dll + 2012-01-12 09:19 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2584146\spmsg.dll + 2012-01-11 10:16 . 2011-11-20 06:11 60928 c:\windows\$hf_mig$\KB2584146\SP3QFE\packager.exe + 2012-05-12 22:06 . 2012-05-12 22:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2012-01-01 11:00 . 2012-01-01 11:00 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2012-02-16 07:16 . 2012-01-11 19:07 3072 c:\windows\system32\iacenc.dll + 2012-02-16 07:16 . 2012-01-11 19:07 3072 c:\windows\system32\dllcache\iacenc.dll + 2012-05-12 22:07 . 2012-05-12 22:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2012-01-01 11:00 . 2012-01-01 11:00 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2012-05-12 22:06 . 2012-05-12 22:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2012-01-01 10:58 . 2012-01-01 10:58 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2012-05-12 22:06 . 2012-05-12 22:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2012-01-01 11:00 . 2012-01-01 11:00 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2012-05-12 22:06 . 2012-05-12 22:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2012-01-01 11:00 . 2012-01-01 11:00 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2012-02-16 07:16 . 2012-01-11 19:05 3072 c:\windows\$hf_mig$\KB2661637\SP3QFE\iacenc.dll + 2012-01-11 10:15 . 2011-11-03 18:17 4608 c:\windows\$hf_mig$\KB2603381\update\customaddreg.dll - 2012-01-01 11:00 . 2012-01-01 11:00 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2012-05-12 22:06 . 2012-05-12 22:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2012-05-12 22:06 . 2012-05-12 22:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2012-01-01 11:00 . 2012-01-01 11:00 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2011-05-14 00:17 . 2011-05-14 00:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll + 2011-05-14 00:12 . 2011-05-14 00:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll + 2011-05-14 00:11 . 2011-05-14 00:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll + 2008-04-15 12:00 . 2012-02-29 14:10 177664 c:\windows\system32\wintrust.dll - 2008-04-15 12:00 . 2009-12-24 07:05 177664 c:\windows\system32\wintrust.dll - 2009-06-13 17:30 . 2011-06-20 17:43 293888 c:\windows\system32\winsrv.dll + 2009-06-13 17:30 . 2011-11-25 21:56 293888 c:\windows\system32\winsrv.dll - 2008-04-15 12:00 . 2008-04-15 12:00 179200 c:\windows\system32\winmm.dll + 2008-04-15 12:00 . 2011-10-14 14:47 179200 c:\windows\system32\winmm.dll + 2009-06-13 17:27 . 2012-03-01 11:00 916992 c:\windows\system32\wininet.dll - 2009-06-13 17:27 . 2011-11-04 19:13 916992 c:\windows\system32\wininet.dll + 2009-06-13 17:30 . 2011-11-16 14:20 354816 c:\windows\system32\winhttp.dll - 2009-06-13 17:30 . 2009-08-25 09:31 354816 c:\windows\system32\winhttp.dll - 2009-06-13 17:27 . 2011-11-04 19:13 105984 c:\windows\system32\url.dll + 2009-06-13 17:27 . 2012-03-01 11:00 105984 c:\windows\system32\url.dll + 2011-12-12 15:34 . 2009-02-27 02:42 863128 c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll + 2011-12-12 15:34 . 2009-02-27 02:42 863128 c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll + 2009-06-13 17:29 . 2011-11-16 14:20 152064 c:\windows\system32\schannel.dll - 2008-04-15 12:00 . 2008-04-15 12:00 386560 c:\windows\system32\qdvd.dll + 2008-04-15 12:00 . 2011-11-03 15:27 386560 c:\windows\system32\qdvd.dll + 2008-04-15 12:00 . 2012-05-12 22:07 512152 c:\windows\system32\perfh013.dat + 2008-04-15 12:00 . 2012-05-12 22:07 444226 c:\windows\system32\perfh009.dat + 2009-06-13 17:27 . 2012-03-01 11:00 206848 c:\windows\system32\occache.dll - 2009-06-13 17:27 . 2011-11-04 19:13 206848 c:\windows\system32\occache.dll + 2009-06-13 17:27 . 2012-03-01 11:00 611840 c:\windows\system32\mstime.dll - 2009-06-13 17:27 . 2011-11-04 19:13 611840 c:\windows\system32\mstime.dll + 2009-06-13 17:27 . 2012-03-01 11:00 602112 c:\windows\system32\msfeeds.dll - 2009-06-13 17:27 . 2011-11-04 19:13 602112 c:\windows\system32\msfeeds.dll + 2012-05-30 06:32 . 2012-05-30 06:32 351904 c:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe + 2012-05-30 06:32 . 2012-05-30 06:32 257696 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe + 2008-04-15 12:00 . 2012-02-29 14:10 148480 c:\windows\system32\imagehlp.dll + 2009-06-13 17:27 . 2012-03-01 11:00 184320 c:\windows\system32\iepeers.dll - 2009-06-13 17:27 . 2011-11-04 19:13 184320 c:\windows\system32\iepeers.dll + 2009-06-13 17:27 . 2012-03-01 11:00 387584 c:\windows\system32\iedkcs32.dll - 2009-06-13 17:27 . 2011-11-04 19:13 387584 c:\windows\system32\iedkcs32.dll + 2009-06-13 17:27 . 2012-02-29 12:18 174080 c:\windows\system32\ie4uinit.exe - 2009-06-13 17:27 . 2011-11-04 11:25 174080 c:\windows\system32\ie4uinit.exe - 2011-12-09 11:45 . 2011-12-17 18:22 271784 c:\windows\system32\FNTCACHE.DAT + 2011-12-09 11:45 . 2012-05-13 07:46 271784 c:\windows\system32\FNTCACHE.DAT + 2011-12-09 10:55 . 2012-01-09 16:19 139784 c:\windows\system32\drivers\rdpwd.sys - 2011-12-09 13:49 . 2009-12-24 07:05 177664 c:\windows\system32\dllcache\wintrust.dll + 2011-12-09 13:49 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll - 2011-12-09 14:23 . 2011-06-20 17:43 293888 c:\windows\system32\dllcache\winsrv.dll + 2011-12-09 14:23 . 2011-11-25 21:56 293888 c:\windows\system32\dllcache\winsrv.dll + 2012-01-11 10:16 . 2011-10-14 14:47 179200 c:\windows\system32\dllcache\winmm.dll + 2009-03-08 03:34 . 2012-03-01 11:00 916992 c:\windows\system32\dllcache\wininet.dll - 2009-03-08 03:34 . 2011-11-04 19:13 916992 c:\windows\system32\dllcache\wininet.dll - 2011-12-10 16:39 . 2009-08-25 09:31 354816 c:\windows\system32\dllcache\winhttp.dll + 2011-12-10 16:39 . 2011-11-16 14:20 354816 c:\windows\system32\dllcache\winhttp.dll - 2009-03-08 03:34 . 2011-11-04 19:13 105984 c:\windows\system32\dllcache\url.dll + 2009-03-08 03:34 . 2012-03-01 11:00 105984 c:\windows\system32\dllcache\url.dll + 2011-12-09 14:15 . 2011-11-16 14:20 152064 c:\windows\system32\dllcache\schannel.dll + 2011-12-09 14:02 . 2012-01-09 16:19 139784 c:\windows\system32\dllcache\rdpwd.sys + 2012-01-11 10:16 . 2011-11-03 15:27 386560 c:\windows\system32\dllcache\qdvd.dll + 2009-03-08 03:34 . 2012-03-01 11:00 206848 c:\windows\system32\dllcache\occache.dll - 2009-03-08 03:34 . 2011-11-04 19:13 206848 c:\windows\system32\dllcache\occache.dll - 2009-03-08 03:32 . 2011-11-04 19:13 611840 c:\windows\system32\dllcache\mstime.dll + 2009-03-08 03:32 . 2012-03-01 11:00 611840 c:\windows\system32\dllcache\mstime.dll - 2011-12-09 14:01 . 2011-11-04 19:13 602112 c:\windows\system32\dllcache\msfeeds.dll + 2011-12-09 14:01 . 2012-03-01 11:00 602112 c:\windows\system32\dllcache\msfeeds.dll + 2012-04-11 17:03 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll - 2011-12-09 14:01 . 2011-11-04 19:13 247808 c:\windows\system32\dllcache\ieproxy.dll + 2011-12-09 14:01 . 2012-03-01 11:00 247808 c:\windows\system32\dllcache\ieproxy.dll + 2009-03-08 03:31 . 2012-03-01 11:00 184320 c:\windows\system32\dllcache\iepeers.dll - 2009-03-08 03:31 . 2011-11-04 19:13 184320 c:\windows\system32\dllcache\iepeers.dll - 2011-12-09 14:01 . 2011-11-04 19:13 743424 c:\windows\system32\dllcache\iedvtool.dll + 2011-12-09 14:01 . 2012-03-01 11:00 743424 c:\windows\system32\dllcache\iedvtool.dll - 2009-03-08 13:09 . 2011-11-04 19:13 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2009-03-08 13:09 . 2012-03-01 11:00 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2009-03-08 03:32 . 2011-11-04 11:25 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2009-03-08 03:32 . 2012-02-29 12:18 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2012-04-05 21:52 . 2012-04-05 21:52 131168 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll + 2012-01-31 01:38 . 2012-01-31 01:38 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2011-12-25 01:50 . 2011-12-25 01:50 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2011-12-25 01:50 . 2011-12-25 01:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2011-12-25 01:50 . 2011-12-25 01:50 989968 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2012-01-27 15:35 . 2012-01-27 15:35 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll + 2012-02-02 21:56 . 2012-02-02 21:56 963584 c:\windows\Installer\87cbc7.msp + 2011-12-22 14:50 . 2011-12-22 14:50 256000 c:\windows\Installer\618eff.msp + 2012-01-28 11:18 . 2012-01-28 11:18 467456 c:\windows\Installer\442f6a.msi + 2012-01-27 18:29 . 2012-01-27 18:29 479232 c:\windows\Installer\14a3829.msi + 2012-01-27 18:28 . 2012-01-27 18:28 777216 c:\windows\Installer\14a37dd.msi - 2011-12-17 15:57 . 2011-12-17 15:57 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe + 2012-03-20 11:46 . 2012-03-20 11:46 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe + 2011-12-12 15:34 . 2012-05-12 22:15 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2011-12-12 15:34 . 2012-05-12 22:15 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2011-12-12 15:34 . 2012-05-12 22:15 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2011-12-12 15:34 . 2011-12-20 07:42 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2011-12-12 15:34 . 2012-05-12 22:15 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2011-12-12 15:34 . 2012-05-12 22:15 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2011-12-12 15:34 . 2012-05-12 22:15 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2011-12-12 15:34 . 2012-05-12 22:15 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2011-12-12 15:34 . 2011-12-20 07:42 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2012-01-03 07:23 . 2012-01-03 07:23 378264 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\pdfshell.dll + 2012-01-03 08:44 . 2012-01-03 08:44 116168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\PDFPrevHndlrShim.exe + 2012-01-03 07:22 . 2012-01-03 07:22 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\nppdf32.dll + 2012-01-03 08:43 . 2012-01-03 08:43 550360 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AdobeCollabSync.exe + 2012-01-03 07:40 . 2012-01-03 07:40 120240 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroRdIF.dll + 2012-01-03 21:50 . 2012-01-03 21:50 357808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroRd32.exe + 2012-01-03 07:16 . 2012-01-03 07:16 665008 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroPDF.dll + 2012-01-03 08:38 . 2012-01-03 08:38 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\acrobroker.exe + 2012-01-03 08:08 . 2012-01-03 08:08 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\a3dutility.exe + 2008-07-29 17:59 . 2008-07-29 17:59 368640 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\System.Printing_x86.dll + 2011-12-09 11:02 . 2011-12-09 11:02 368640 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\System.Printing_GAC_x86.dll + 2008-07-29 17:59 . 2008-07-29 17:59 528384 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\ReachFramework_x86.dll + 2011-12-09 11:02 . 2011-12-09 11:02 528384 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\ReachFramework_GAC_x86.dll + 2011-01-14 06:10 . 2011-01-14 06:10 155520 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD6.DLL + 2011-01-14 06:10 . 2011-01-14 06:10 140160 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL2.DLL + 2011-09-15 19:41 . 2011-09-15 19:41 408936 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\WINWORD.EXE + 2007-06-07 18:51 . 2007-06-07 18:51 125320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SSGEN.DLL + 2007-06-07 18:51 . 2007-06-07 18:51 465800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OUTLFLTR.DLL + 2008-03-19 05:27 . 2008-03-19 05:27 661536 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OGALEGIT.DLL + 2006-07-24 09:50 . 2006-07-24 09:50 125744 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSSTDFMT.DLL + 2008-10-25 05:18 . 2008-10-25 05:18 172880 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\IEAWSDC.DLL + 2006-10-27 14:35 . 2006-10-27 14:35 436512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\UMOUTLOOKADDIN.DLL + 2006-10-26 19:13 . 2006-10-26 19:13 764800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACECNF.DLL + 2012-04-11 19:34 . 2011-12-17 19:42 916992 c:\windows\ie8updates\KB2675157-IE8\wininet.dll + 2012-04-11 19:34 . 2011-12-17 19:42 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll + 2012-04-11 19:34 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll + 2012-04-11 19:34 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe + 2012-04-11 19:34 . 2011-12-17 19:42 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll + 2012-04-11 19:34 . 2011-12-17 19:42 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll + 2012-04-11 19:34 . 2011-12-17 19:42 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll + 2012-04-11 19:34 . 2011-12-17 19:42 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll + 2012-04-11 19:34 . 2011-12-17 19:42 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll + 2012-04-11 19:34 . 2011-12-17 19:42 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll + 2012-04-11 19:34 . 2011-12-17 19:42 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll + 2012-04-11 19:34 . 2011-12-16 12:23 174080 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe + 2012-02-16 09:47 . 2011-11-04 19:13 916992 c:\windows\ie8updates\KB2647516-IE8\wininet.dll + 2012-02-16 09:47 . 2011-11-04 19:13 105984 c:\windows\ie8updates\KB2647516-IE8\url.dll + 2012-02-16 09:47 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2647516-IE8\spuninst\updspapi.dll + 2012-02-16 09:47 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2647516-IE8\spuninst\spuninst.exe + 2012-02-16 09:47 . 2011-11-04 19:13 206848 c:\windows\ie8updates\KB2647516-IE8\occache.dll + 2012-02-16 09:47 . 2011-11-04 19:13 611840 c:\windows\ie8updates\KB2647516-IE8\mstime.dll + 2012-02-16 09:47 . 2011-11-04 19:13 602112 c:\windows\ie8updates\KB2647516-IE8\msfeeds.dll + 2012-02-16 09:47 . 2011-11-04 19:13 247808 c:\windows\ie8updates\KB2647516-IE8\ieproxy.dll + 2012-02-16 09:47 . 2011-11-04 19:13 184320 c:\windows\ie8updates\KB2647516-IE8\iepeers.dll + 2012-02-16 09:47 . 2011-11-04 19:13 743424 c:\windows\ie8updates\KB2647516-IE8\iedvtool.dll + 2012-02-16 09:47 . 2011-11-04 19:13 387584 c:\windows\ie8updates\KB2647516-IE8\iedkcs32.dll + 2012-02-16 09:47 . 2011-11-04 11:25 174080 c:\windows\ie8updates\KB2647516-IE8\ie4uinit.exe + 2012-04-11 19:32 . 2012-04-11 19:32 843776 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_278ddaea\System.Drawing.dll + 2012-04-11 19:32 . 2012-04-11 19:32 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f108bdba\System.Drawing.Design.dll + 2012-05-13 08:37 . 2012-05-13 08:37 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe + 2012-05-13 07:52 . 2012-05-13 07:52 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6198de2c5b8f7d89404c2ba39d69ae56\WindowsFormsIntegration.ni.dll + 2012-05-13 07:50 . 2012-05-13 07:50 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll + 2012-05-13 07:49 . 2012-05-13 07:49 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\8bffbaa5d5abe40674d0bc124dfe8622\System.Web.Routing.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\a7908debe80c209b599529685a159fa0\System.Web.Extensions.Design.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\44ecb9f7be54a2ba46e6102d343e2e7e\System.Web.Entity.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\fee8237aa2daa36e48aec379ee642422\System.Web.Entity.Design.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\40d90d2c1484164b786067320ce778f4\System.Web.DynamicData.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6b4ce8cf2c3307b75ea7ebe77258bb26\System.Web.Abstractions.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8dc4a28c456f81ee7399da21bd9d55aa\System.ServiceProcess.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll + 2012-05-13 08:35 . 2012-05-13 08:35 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll + 2012-05-13 08:35 . 2012-05-13 08:35 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cd9c60a35d4958e94d2e3dd2f778e2e9\System.IdentityModel.Selectors.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.Wrapper.dll + 2012-05-13 08:39 . 2012-05-13 08:39 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll + 2012-05-12 22:15 . 2012-05-12 22:15 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\88aa4f80c7e5ac25f06f8950e42a1678\System.Drawing.Design.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ca484772955bc4db03b5dcb611c09423\System.DirectoryServices.Protocols.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ba5e68dddfd3279a8469d39eded48f3\System.DirectoryServices.AccountManagement.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a0109fce606a3110a5e7f9a4773f517e\System.Data.Services.Design.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3a68d0441f509ffa6f8f0fb9cfcc5780\System.Data.Services.Client.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04440b3dd5d822da4973a525ee04b05d\System.Data.Entity.Design.ni.dll + 2012-05-13 08:38 . 2012-05-13 08:38 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\7bbb5d9e3b161b4d4b968e590442d3ae\System.Data.DataSetExtensions.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\bf7d6af03e1230ccad546a8659245ae9\System.Configuration.Install.ni.dll + 2012-05-13 08:38 . 2012-05-13 08:38 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\931a2bece4668863db4f852401c828cf\System.AddIn.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6762f1ee780fa9c0b4ef66b285c64844\SMSvcHost.ni.exe + 2012-05-13 08:36 . 2012-05-13 08:36 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\660c4d6dd69ef22bc05587e1998cd135\SMDiagnostics.ni.dll + 2012-05-13 08:36 . 2012-05-13 08:36 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\47ed5bc9f42ea0054ce9acfde5e640b8\ServiceModelReg.ni.exe + 2012-05-12 22:11 . 2012-05-12 22:11 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a4706b850df9a3483f2fc439b6abe616\PresentationFramework.Royale.ni.dll + 2012-05-12 22:11 . 2012-05-12 22:11 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll + 2012-05-12 22:11 . 2012-05-12 22:11 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7416fe825e6e49a87fa8ff60c8971813\PresentationFramework.Classic.ni.dll + 2012-05-12 22:11 . 2012-05-12 22:11 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\186c27fbd7b38b5551889274f6fa2ccd\PresentationFramework.Aero.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5a121969a115d11b6256eb960c145686\MSBuild.ni.exe + 2012-05-13 08:36 . 2012-05-13 08:36 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\97c613d3899b320a6765793bdf490272\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\dec22fb7d6b8929a41380e5359741a07\Microsoft.Build.Utilities.v3.5.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\1009b31c86a1b798fffa9e0127cec29c\Microsoft.Build.Utilities.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\21d88631ef629715d3eecdd08e62e0b8\Microsoft.Build.Engine.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a0f38c6478cca8297fb160291346c1c9\Microsoft.Build.Conversion.v3.5.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bb26dd100d656605c576881a1a823667\CustomMarshalers.ni.dll + 2012-05-13 08:36 . 2012-05-13 08:36 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\9869c02d18825fdd32e64135a3e7246b\ComSvcConfig.ni.exe + 2012-05-13 08:35 . 2012-05-13 08:35 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e414683ec4cff1cac0c77aaefd67144e\AspNetMMCExt.ni.dll - 2012-01-01 10:58 . 2012-01-01 10:58 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-05-12 22:06 . 2012-05-12 22:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-05-12 22:06 . 2012-05-12 22:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2012-01-01 10:57 . 2012-01-01 10:57 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2012-01-01 10:59 . 2012-01-01 10:59 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2012-05-12 22:06 . 2012-05-12 22:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2012-05-12 22:06 . 2012-05-12 22:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2012-01-01 10:59 . 2012-01-01 10:59 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2012-01-01 11:00 . 2012-01-01 11:00 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2012-05-12 22:06 . 2012-05-12 22:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2012-01-01 11:00 . 2012-01-01 11:00 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2012-05-12 22:06 . 2012-05-12 22:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2012-01-01 11:00 . 2012-01-01 11:00 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-05-12 22:06 . 2012-05-12 22:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-05-12 22:06 . 2012-05-12 22:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2012-01-01 11:00 . 2012-01-01 11:00 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-05-12 22:06 . 2012-05-12 22:06 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-05-12 22:06 . 2012-05-12 22:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2012-01-01 11:00 . 2012-01-01 11:00 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2012-05-12 22:06 . 2012-05-12 22:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2012-01-01 11:00 . 2012-01-01 11:00 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2012-01-01 10:59 . 2012-01-01 10:59 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2012-05-12 22:06 . 2012-05-12 22:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2012-01-01 10:59 . 2012-01-01 10:59 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-05-12 22:06 . 2012-05-12 22:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-05-12 22:06 . 2012-05-12 22:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2012-01-01 10:59 . 2012-01-01 10:59 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2011-12-09 11:03 . 2011-12-09 11:03 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll + 2012-05-12 22:12 . 2012-05-12 22:12 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll + 2012-05-12 22:06 . 2012-05-12 22:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2012-01-01 10:59 . 2012-01-01 10:59 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2012-05-12 21:58 . 2012-05-12 21:58 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll - 2012-01-01 11:00 . 2012-01-01 11:00 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2012-05-12 22:07 . 2012-05-12 22:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2012-01-01 11:00 . 2012-01-01 11:00 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2012-05-12 22:07 . 2012-05-12 22:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2012-05-12 22:07 . 2012-05-12 22:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2012-01-01 11:00 . 2012-01-01 11:00 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2012-03-20 11:58 . 2012-03-20 11:58 608136 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll - 2012-01-01 11:00 . 2012-01-01 11:00 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2012-05-12 22:07 . 2012-05-12 22:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2012-05-12 22:06 . 2012-05-12 22:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2012-01-01 10:59 . 2012-01-01 10:59 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2012-05-12 22:06 . 2012-05-12 22:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2012-01-01 11:00 . 2012-01-01 11:00 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2012-01-01 10:57 . 2012-01-01 10:57 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2012-05-12 22:06 . 2012-05-12 22:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2012-05-12 22:07 . 2012-05-12 22:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2012-01-01 11:00 . 2012-01-01 11:00 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2011-12-09 11:02 . 2011-12-09 11:02 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-05-12 21:58 . 2012-05-12 21:58 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-05-12 22:06 . 2012-05-12 22:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2012-01-01 11:00 . 2012-01-01 11:00 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-05-12 22:06 . 2012-05-12 22:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2012-01-01 11:00 . 2012-01-01 11:00 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2012-01-01 10:59 . 2012-01-01 10:59 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2012-05-12 22:06 . 2012-05-12 22:06 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2012-03-20 11:58 . 2012-03-20 11:58 117160 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll + 2012-04-11 19:31 . 2012-04-11 19:31 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-03-20 11:58 . 2012-03-20 11:58 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll - 2011-12-17 16:09 . 2011-12-17 16:09 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2012-03-20 11:57 . 2012-03-20 11:57 149368 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll + 2012-02-16 09:46 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2661637$\spuninst\updspapi.dll + 2012-02-16 09:46 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2661637$\spuninst\spuninst.exe + 2012-02-16 09:48 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2660465$\spuninst\updspapi.dll + 2012-02-16 09:48 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2660465$\spuninst\spuninst.exe + 2012-04-11 19:26 . 2009-12-24 07:05 177664 c:\windows\$NtUninstallKB2653956$\wintrust.dll + 2012-04-11 19:26 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2653956$\spuninst\updspapi.dll + 2012-04-11 19:26 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2653956$\spuninst\spuninst.exe + 2012-04-11 19:26 . 2008-04-15 12:00 144384 c:\windows\$NtUninstallKB2653956$\imagehlp.dll + 2012-03-14 08:27 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2647518$\spuninst\updspapi.dll + 2012-03-14 08:27 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2647518$\spuninst\spuninst.exe + 2012-01-12 19:39 . 2011-06-20 17:43 293888 c:\windows\$NtUninstallKB2646524$\winsrv.dll + 2012-01-12 19:39 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2646524$\spuninst\updspapi.dll + 2012-01-12 19:39 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2646524$\spuninst\spuninst.exe + 2012-03-14 08:29 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2641653$\spuninst\updspapi.dll + 2012-03-14 08:29 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2641653$\spuninst\spuninst.exe + 2012-01-12 19:39 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2631813$\spuninst\updspapi.dll + 2012-01-12 19:39 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2631813$\spuninst\spuninst.exe + 2012-01-12 19:39 . 2008-04-15 12:00 386560 c:\windows\$NtUninstallKB2631813$\qdvd.dll + 2012-03-14 08:28 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2621440$\spuninst\updspapi.dll + 2012-03-14 08:28 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2621440$\spuninst\spuninst.exe + 2012-03-14 08:28 . 2011-06-24 14:09 139656 c:\windows\$NtUninstallKB2621440$\rdpwd.sys + 2012-01-12 19:37 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2603381$\spuninst\updspapi.dll + 2012-01-12 19:37 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2603381$\spuninst\spuninst.exe + 2012-01-12 19:37 . 2008-04-15 12:00 179200 c:\windows\$NtUninstallKB2598479$\winmm.dll + 2012-01-12 19:37 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2598479$\spuninst\updspapi.dll + 2012-01-12 19:37 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2598479$\spuninst\spuninst.exe + 2012-01-16 13:04 . 2009-08-25 09:31 354816 c:\windows\$NtUninstallKB2585542$\winhttp.dll + 2012-01-16 13:04 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2585542$\spuninst\updspapi.dll + 2012-01-16 13:04 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2585542$\spuninst\spuninst.exe + 2012-01-16 13:04 . 2011-04-29 17:23 151552 c:\windows\$NtUninstallKB2585542$\schannel.dll + 2012-01-12 09:19 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2584146$\spuninst\updspapi.dll + 2012-01-12 09:19 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2584146$\spuninst\spuninst.exe + 2012-04-11 19:34 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2675157-IE8\update\updspapi.dll + 2012-04-11 19:34 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2675157-IE8\update\update.exe + 2012-04-11 19:34 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2675157-IE8\spuninst.exe + 2012-04-11 17:03 . 2012-03-01 10:56 919552 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll + 2012-04-11 17:03 . 2012-03-01 10:56 105984 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\url.dll + 2012-04-11 17:03 . 2012-03-01 10:56 206848 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\occache.dll + 2012-04-11 17:03 . 2012-03-01 10:56 611840 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mstime.dll + 2012-04-11 17:03 . 2012-03-01 10:56 602112 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\msfeeds.dll + 2012-04-11 17:03 . 2012-03-01 10:56 247808 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ieproxy.dll + 2012-04-11 17:03 . 2012-03-01 10:56 184320 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iepeers.dll + 2012-04-11 17:03 . 2012-03-01 10:56 743424 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iedvtool.dll + 2012-04-11 17:03 . 2012-03-01 10:56 387584 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iedkcs32.dll + 2012-04-11 17:03 . 2012-02-29 12:30 174080 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ie4uinit.exe + 2012-02-16 09:46 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2661637\update\updspapi.dll + 2012-02-16 09:46 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2661637\update\update.exe + 2012-02-16 09:46 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2661637\spuninst.exe + 2012-04-11 19:26 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2653956\update\updspapi.dll + 2012-04-11 19:26 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2653956\update\update.exe + 2012-04-11 19:26 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2653956\spuninst.exe + 2012-04-11 17:03 . 2012-02-29 14:08 178176 c:\windows\$hf_mig$\KB2653956\SP3QFE\wintrust.dll + 2012-04-11 17:03 . 2012-02-29 14:08 148480 c:\windows\$hf_mig$\KB2653956\SP3QFE\imagehlp.dll + 2012-03-14 08:28 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2647518\update\updspapi.dll + 2012-03-14 08:28 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2647518\update\update.exe + 2012-03-14 08:28 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2647518\spuninst.exe + 2012-02-16 09:47 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2647516-IE8\update\updspapi.dll + 2012-02-16 09:47 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2647516-IE8\update\update.exe + 2012-02-16 09:47 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2647516-IE8\spuninst.exe + 2012-02-16 07:18 . 2011-12-17 19:41 919552 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll + 2012-02-16 07:18 . 2011-12-17 19:41 105984 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\url.dll + 2012-02-16 07:18 . 2011-12-17 19:41 206848 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\occache.dll + 2012-02-16 07:18 . 2011-12-17 19:41 611840 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mstime.dll + 2012-02-16 07:18 . 2011-12-17 19:41 602112 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\msfeeds.dll + 2012-02-16 07:18 . 2011-12-17 19:41 247808 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ieproxy.dll + 2012-02-16 07:18 . 2011-12-17 19:41 184320 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iepeers.dll + 2012-02-16 07:18 . 2011-12-17 19:41 743424 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iedvtool.dll + 2012-02-16 07:18 . 2011-12-17 19:41 387584 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iedkcs32.dll + 2012-02-16 07:18 . 2011-12-16 12:34 174080 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ie4uinit.exe + 2012-01-12 19:37 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2603381\update\updspapi.dll + 2012-01-12 19:37 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2603381\update\update.exe + 2012-01-12 19:37 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2603381\spuninst.exe + 2012-01-12 19:37 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2598479\update\updspapi.dll + 2012-01-12 19:37 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2598479\update\update.exe + 2012-01-12 19:37 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2598479\spuninst.exe + 2012-01-11 10:16 . 2011-10-14 14:45 179200 c:\windows\$hf_mig$\KB2598479\SP3QFE\winmm.dll + 2012-01-12 09:19 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2584146\update\updspapi.dll + 2012-01-12 09:19 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2584146\update\update.exe + 2012-01-12 09:19 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2584146\spuninst.exe + 2012-05-12 08:09 . 2012-02-09 15:43 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll + 2011-05-13 19:04 . 2011-05-13 19:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll + 2011-05-13 19:04 . 2011-05-13 19:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll + 2009-06-13 17:27 . 2012-03-01 11:00 1212416 c:\windows\system32\urlmon.dll - 2009-06-13 17:27 . 2011-11-04 19:13 1212416 c:\windows\system32\urlmon.dll + 2009-06-13 17:29 . 2011-11-03 15:27 1296384 c:\windows\system32\quartz.dll + 2009-06-13 17:29 . 2012-03-01 11:00 5978624 c:\windows\system32\mshtml.dll + 2012-05-30 06:32 . 2012-05-30 06:32 8797856 c:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll - 2009-06-13 17:27 . 2011-11-04 19:13 2000384 c:\windows\system32\iertutil.dll + 2009-06-13 17:27 . 2012-03-01 11:00 2000384 c:\windows\system32\iertutil.dll + 2011-07-07 01:28 . 2011-07-07 01:28 1193320 c:\windows\system32\FM20.DLL + 2011-12-09 14:21 . 2012-04-11 13:51 1871488 c:\windows\system32\dllcache\win32k.sys - 2009-03-08 03:34 . 2011-11-04 19:13 1212416 c:\windows\system32\dllcache\urlmon.dll + 2009-03-08 03:34 . 2012-03-01 11:00 1212416 c:\windows\system32\dllcache\urlmon.dll + 2011-12-09 14:18 . 2011-11-03 15:27 1296384 c:\windows\system32\dllcache\quartz.dll + 2011-12-09 13:50 . 2012-04-11 13:51 2196992 c:\windows\system32\dllcache\ntoskrnl.exe + 2011-12-09 13:50 . 2012-04-11 13:50 2031104 c:\windows\system32\dllcache\ntkrpamp.exe + 2010-12-09 19:44 . 2012-04-11 13:51 2073472 c:\windows\system32\dllcache\ntkrnlpa.exe + 2011-12-09 13:50 . 2012-04-11 13:51 2152960 c:\windows\system32\dllcache\ntkrnlmp.exe + 2009-03-08 03:41 . 2012-03-01 11:00 5978624 c:\windows\system32\dllcache\mshtml.dll - 2011-12-09 14:01 . 2011-11-04 19:13 2000384 c:\windows\system32\dllcache\iertutil.dll + 2011-12-09 14:01 . 2012-03-01 11:00 2000384 c:\windows\system32\dllcache\iertutil.dll - 2011-03-25 05:15 . 2011-03-25 05:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2011-12-25 01:50 . 2011-12-25 01:50 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2011-12-25 01:50 . 2011-12-25 01:50 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2011-12-25 01:50 . 2011-12-25 01:50 5913360 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - 2011-07-07 04:18 . 2011-07-07 04:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2011-12-25 01:50 . 2011-12-25 01:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2012-01-31 02:46 . 2012-01-31 02:46 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp + 2011-09-15 17:40 . 2011-09-15 17:40 7959552 c:\windows\Installer\e77036.msp + 2011-09-15 17:35 . 2011-09-15 17:35 1411072 c:\windows\Installer\e76e01.msp + 2012-02-03 14:13 . 2012-02-03 14:13 4988928 c:\windows\Installer\8bf4c0.msp + 2012-03-23 12:59 . 2012-03-23 12:59 7899648 c:\windows\Installer\87cbe4.msp + 2012-04-11 19:31 . 2012-04-11 19:31 7069184 c:\windows\Installer\87cbcf.msp + 2011-11-01 11:34 . 2011-11-01 11:34 1169920 c:\windows\Installer\87cbc0.msp + 2011-12-08 18:24 . 2011-12-08 18:24 4989952 c:\windows\Installer\730bfb.msp + 2011-10-30 21:54 . 2011-10-30 21:54 2748416 c:\windows\Installer\7135e4.msp + 2012-04-04 20:38 . 2012-04-04 20:38 2831360 c:\windows\Installer\618f31.msp + 2012-04-28 19:44 . 2012-04-28 19:44 9101824 c:\windows\Installer\618f1b.msp + 2012-04-28 19:44 . 2012-04-28 19:44 9586176 c:\windows\Installer\618eeb.msp + 2012-04-30 12:38 . 2012-04-30 12:38 5011456 c:\windows\Installer\618ed4.msp + 2012-04-04 20:38 . 2012-04-04 20:38 3620864 c:\windows\Installer\618ebe.msp + 2012-03-15 00:24 . 2012-03-15 00:24 1795584 c:\windows\Installer\618e9c.msp + 2012-04-28 19:43 . 2012-04-28 19:43 8459264 c:\windows\Installer\618e86.msp + 2012-02-17 06:45 . 2012-02-17 06:45 2299392 c:\windows\Installer\618e70.msp + 2012-03-26 22:28 . 2012-03-26 22:28 5009920 c:\windows\Installer\3cf85a.msp + 2012-02-29 22:45 . 2012-02-29 22:45 4989440 c:\windows\Installer\299e9e.msp + 2011-07-21 11:34 . 2011-07-21 11:34 3456000 c:\windows\Installer\28fd52.msp + 2012-01-12 19:36 . 2012-01-12 19:36 3970560 c:\windows\Installer\230fb4.msi + 2012-03-27 15:47 . 2012-03-27 15:47 4959232 c:\windows\Installer\15afd6.msp - 2011-12-12 15:34 . 2011-12-20 07:42 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2011-12-12 15:34 . 2012-05-12 22:15 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2011-12-12 15:34 . 2012-05-12 22:15 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2011-12-12 15:34 . 2011-12-20 07:42 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2012-01-03 07:18 . 2012-01-03 07:18 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\rt3d.dll + 2011-11-17 15:50 . 2011-11-17 15:50 6543872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\authplay.dll + 2011-01-14 06:10 . 2011-01-14 06:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD.DLL + 2011-01-14 06:10 . 2011-01-14 06:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKPOWERPOINT.DLL + 2011-01-14 06:10 . 2011-01-14 06:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL.DLL + 2011-08-17 08:49 . 2011-08-17 08:49 4683624 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\WRD12CNV.DLL + 2009-10-09 22:10 . 2009-10-09 22:10 2594632 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\VBE6.DLL + 2011-07-07 01:58 . 2011-07-07 01:58 1616240 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OGL.DLL + 2006-10-26 19:25 . 2006-10-26 19:25 2172688 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PSRCHFEA.DLL + 2012-04-11 19:34 . 2011-12-17 19:42 1212416 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll + 2012-04-11 19:34 . 2011-12-17 19:42 5979136 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll + 2012-04-11 19:34 . 2011-12-17 19:42 2000384 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll + 2012-02-16 09:47 . 2011-11-04 19:13 1212416 c:\windows\ie8updates\KB2647516-IE8\urlmon.dll + 2012-02-16 09:47 . 2011-11-04 19:13 5978112 c:\windows\ie8updates\KB2647516-IE8\mshtml.dll + 2012-02-16 09:47 . 2011-11-04 19:13 2000384 c:\windows\ie8updates\KB2647516-IE8\iertutil.dll + 2011-12-09 13:50 . 2012-04-11 13:51 2196992 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2011-12-09 13:50 . 2012-04-11 13:50 2031104 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2010-12-09 19:44 . 2012-04-11 13:51 2073472 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2011-12-09 13:50 . 2012-04-11 13:51 2152960 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2012-04-11 19:32 . 2012-04-11 19:32 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_9d82b21b\System.Windows.Forms.dll + 2012-04-11 19:32 . 2012-04-11 19:32 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_24582f15\System.Windows.Forms.dll + 2012-04-11 19:32 . 2012-04-11 19:32 2248704 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_6940430f\System.Drawing.dll + 2012-04-11 19:32 . 2012-04-11 19:32 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f061af95\System.Design.dll + 2012-04-11 19:32 . 2012-04-11 19:32 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_38a25aa0\System.Design.dll + 2012-05-12 22:09 . 2012-05-12 22:09 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll + 2012-05-13 07:49 . 2012-05-13 07:49 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\41a81b97625c113b591ed082c95276e2\UIAutomationClientsideProviders.ni.dll + 2012-05-12 22:09 . 2012-05-12 22:09 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll + 2012-05-13 07:49 . 2012-05-13 07:49 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\33fa6a2055bf857bff2e31020279b5e9\System.WorkflowServices.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5eccf6fef6bee8a2f93bc65ff33699bb\System.Workflow.Runtime.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\62bd2e1bf98b04ceca2102c8f54aab9d\System.Workflow.ComponentModel.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\8215548b3d4aabbaa0557ab747700778\System.Workflow.Activities.ni.dll + 2012-05-13 08:41 . 2012-05-13 08:41 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3e11aea7d742b5eddbd0b6bd1012f7df\System.Web.Services.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\ff995dde9cd34ff1e8ac7ab55fc92d32\System.Web.Mobile.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8899d1091e64a4d0b6ae69060197091a\System.Web.Extensions.ni.dll + 2012-05-13 07:48 . 2012-05-13 07:48 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5efb50c91f3c5e49be2079f625d933b7\System.Speech.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\97d635f5c656ae43d94b55e67fc4ab50\System.ServiceModel.Web.ni.dll + 2012-05-13 08:35 . 2012-05-13 08:35 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll + 2012-05-12 22:15 . 2012-05-12 22:15 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\1d6707a5a9da16c1d1b88529837884d6\System.Printing.ni.dll + 2012-05-13 08:35 . 2012-05-13 08:35 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e09496ddb2bf6f3b69707924f2e6b5ff\System.IdentityModel.ni.dll + 2012-05-12 22:15 . 2012-05-12 22:15 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8ca00132a08c69697adf1cda32ebd835\System.Drawing.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b55887436d2cfbe1fb32dd18d554185b\System.DirectoryServices.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\832196527f0497078f085eaf9189265f\System.Deployment.ni.dll + 2012-05-12 22:14 . 2012-05-12 22:14 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\982b508698278c6ffb3d143bbe1e8bb8\System.Data.SqlXml.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de7666b1cd0a1bc363726c9553dc39c\System.Data.Services.ni.dll + 2012-05-12 22:14 . 2012-05-12 22:14 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\44a5fc9e7c71b1fe1e2c79b03ecc3bc7\System.Data.Linq.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\772c94f595cd87b7fa187d592ef46fcf\System.Data.Entity.ni.dll + 2012-05-12 22:13 . 2012-05-12 22:13 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll + 2012-05-12 22:13 . 2012-05-12 22:13 2146304 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\2ecefd16184a78f19aaf0f02cc0a7e1f\ReachFramework.ni.dll + 2012-05-12 22:13 . 2012-05-12 22:13 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\51204805c71113e0db2103faa064b313\PresentationUI.ni.dll + 2012-05-12 22:09 . 2012-05-12 22:09 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\8c509044eea2ab22689ea43926b30108\PresentationBuildTasks.ni.dll + 2012-05-13 08:38 . 2012-05-13 08:38 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\b49dd780ba8e3501b0adcf108b431e7b\Microsoft.VisualBasic.ni.dll + 2012-05-13 08:36 . 2012-05-13 08:36 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\42145ebf75f77cabad442f0801a81c64\Microsoft.Transactions.Bridge.ni.dll + 2012-05-13 08:39 . 2012-05-13 08:39 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\cfe15312373b4668398404b5822bab7d\Microsoft.JScript.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f3fcd65eca42d13b746cf3f5bd993ee0\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2091903cd9b359e96f05ac2d6d25ef4e\Microsoft.Build.Tasks.ni.dll + 2012-05-13 08:37 . 2012-05-13 08:37 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5aa63a1cb41e3a5e1e8ed17072e60ec3\Microsoft.Build.Engine.ni.dll + 2012-05-12 21:58 . 2012-05-12 21:58 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll - 2011-12-09 19:26 . 2011-12-09 19:26 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2012-05-12 22:06 . 2012-05-12 22:06 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2012-01-01 10:58 . 2012-01-01 10:58 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2012-05-12 22:06 . 2012-05-12 22:06 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2012-01-01 10:58 . 2012-01-01 10:58 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-05-12 22:06 . 2012-05-12 22:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2012-01-01 10:58 . 2012-01-01 10:58 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-05-12 22:06 . 2012-05-12 22:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-05-12 21:58 . 2012-05-12 21:58 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll - 2012-01-01 10:57 . 2012-01-01 10:57 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2012-05-12 22:06 . 2012-05-12 22:06 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2012-01-01 10:59 . 2012-01-01 10:59 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2012-05-12 22:06 . 2012-05-12 22:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2012-05-12 21:58 . 2012-05-12 21:58 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2012-01-01 10:58 . 2012-01-01 10:58 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-05-12 22:06 . 2012-05-12 22:06 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-03-20 11:58 . 2012-03-20 11:58 1279864 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll + 2012-02-16 09:48 . 2011-11-23 14:39 1868672 c:\windows\$NtUninstallKB2660465$\win32k.sys + 2012-03-14 08:29 . 2012-01-12 17:21 1869184 c:\windows\$NtUninstallKB2641653$\win32k.sys + 2012-01-12 19:39 . 2010-02-05 18:34 1295872 c:\windows\$NtUninstallKB2631813$\quartz.dll + 2012-04-11 17:03 . 2012-03-01 10:56 1214464 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\urlmon.dll + 2012-04-11 17:03 . 2012-03-01 10:56 5980672 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll + 2012-04-11 17:03 . 2012-03-01 10:56 2001408 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iertutil.dll + 2012-02-16 07:18 . 2011-12-17 19:41 1214464 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\urlmon.dll + 2012-02-16 07:18 . 2011-12-17 19:41 5980160 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll + 2012-02-16 07:18 . 2011-12-17 19:41 2001408 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iertutil.dll + 2009-06-13 17:31 . 2012-05-12 22:08 55656824 c:\windows\system32\mrt.exe + 2009-06-13 17:27 . 2012-03-02 04:00 11082752 c:\windows\system32\ieframe.dll + 2011-08-23 16:41 . 2012-03-02 04:00 11082752 c:\windows\system32\dllcache\ieframe.dll + 2011-09-15 17:39 . 2011-09-15 17:39 11163136 c:\windows\Installer\e7702d.msp + 2011-09-15 17:38 . 2011-09-15 17:38 10838528 c:\windows\Installer\e77022.msp + 2011-09-15 17:37 . 2011-09-15 17:37 16691712 c:\windows\Installer\e76e1c.msp + 2011-09-15 17:37 . 2011-09-15 17:37 34428416 c:\windows\Installer\e76e02.msp + 2012-04-06 00:12 . 2012-04-06 00:12 15709696 c:\windows\Installer\618f05.msp + 2012-01-04 00:25 . 2012-01-04 00:25 17751552 c:\windows\Installer\618ef8.msp + 2012-04-06 01:13 . 2012-04-06 01:13 16527872 c:\windows\Installer\618ea8.msp + 2012-01-03 21:15 . 2012-01-03 21:15 20559288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroRd32.dll + 2011-09-15 19:42 . 2011-09-15 19:42 18115432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\WWLIB.DLL + 2012-04-11 19:34 . 2011-12-18 13:42 11082240 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll + 2012-02-16 09:47 . 2011-11-05 13:13 11081728 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll + 2012-05-13 07:49 . 2012-05-13 07:49 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\995fcf39ead2c2a53e084505c2c67d49\System.Windows.Forms.ni.dll + 2012-05-13 08:40 . 2012-05-13 08:40 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\7861cd979ea5db3fb7d30ed94fb0edd2\System.Web.ni.dll + 2012-05-13 08:36 . 2012-05-13 08:36 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll + 2012-05-12 22:14 . 2012-05-12 22:14 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\a9256d2ad7e4be2bbb4e9b18c3997b84\System.Design.ni.dll + 2012-05-12 22:11 . 2012-05-12 22:11 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5b8ff47c1db373a2a4c638ca31988bd2\PresentationFramework.ni.dll + 2012-05-12 22:10 . 2012-05-12 22:10 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\4eb3cd1f1d5a83617524a9dfb96a657d\PresentationCore.ni.dll + 2012-05-12 22:08 . 2012-05-12 22:08 11492352 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll + 2012-04-11 17:03 . 2012-03-01 10:56 11085312 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ieframe.dll + 2012-02-16 07:18 . 2011-12-17 19:41 11085312 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ieframe.dll + 2011-09-15 17:34 . 2011-09-15 17:34 428804608 c:\windows\Installer\e77018.msp . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "Athan"="c:\program files\Athan\Athan.exe" [2011-11-20 1204224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2009-03-08 128512] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= . R0 iastor78;iastor78;c:\windows\system32\drivers\iastor78.sys [14-6-2009 17:02 308248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9-12-2011 14:42 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9-12-2011 14:42 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9-12-2011 14:42 20568] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [30-4-2012 21:54 654408] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9-12-2011 14:36 22344] S2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 14:42 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30-5-2012 8:32 257696] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 14:42 136176] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6-5-2012 16:33 129976] S3 SteComposite;Acer Composite USB Service;c:\windows\system32\drivers\ste_compo.sys [24-6-2010 15:42 75264] . Inhoud van de 'Gedeelde Taken' map . 2012-06-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 06:32] . 2012-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . 2012-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . . ------- Bijkomende Scan ------- . uStart Page = Google IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 FF - ProfilePath - c:\documents and settings\g\Application Data\Mozilla\Firefox\Profiles\712ra1hw.default\ FF - prefs.js: browser.startup.homepage - google.be . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-03 19:25 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(2824) c:\windows\system32\msi.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\webcheck.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . Voltooingstijd: 2012-06-03 19:28:08 ComboFix-quarantined-files.txt 2012-06-03 17:28 ComboFix2.txt 2012-01-04 16:30 ComboFix3.txt 2012-01-03 18:33 . Pre-Run: 45.251.346.432 bytes beschikbaar Post-Run: 45.433.081.856 bytes beschikbaar . - - End Of File - - 5FEEA22A14E85EB6DC60E0B9CF366692 alstu!
  5. hallo mn laptop is weeeeer enorm traag bij het opstarten. nochtans is de internetverbinding zeer goed. hieronder ff een hjt logje, wie kan me helpen? thx Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:58:57, on 2-6-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\taskswitch.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Athan\Athan.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\DOCUME~1\g\LOCALS~1\Temp\RtkBtMnt.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\g\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- End of file - 6323 bytes
  6. ComboFix 12-01-04.02 - g 04-01-2012 17:19:12.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.502.243 [GMT 1:00] Gestart vanuit: c:\documents and settings\g\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\g\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\db1defdf097c94737c9c659d c:\db1defdf097c94737c9c659d\$shtdwn$.req c:\db1defdf097c94737c9c659d\1025\eula.rtf c:\db1defdf097c94737c9c659d\1025\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1028\eula.rtf c:\db1defdf097c94737c9c659d\1028\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1029\eula.rtf c:\db1defdf097c94737c9c659d\1029\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1030\eula.rtf c:\db1defdf097c94737c9c659d\1030\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1031\eula.rtf c:\db1defdf097c94737c9c659d\1031\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1032\eula.rtf c:\db1defdf097c94737c9c659d\1032\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1033\eula.rtf c:\db1defdf097c94737c9c659d\1033\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1035\eula.rtf c:\db1defdf097c94737c9c659d\1035\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1036\eula.rtf c:\db1defdf097c94737c9c659d\1036\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1037\eula.rtf c:\db1defdf097c94737c9c659d\1037\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1038\eula.rtf c:\db1defdf097c94737c9c659d\1038\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1040\eula.rtf c:\db1defdf097c94737c9c659d\1040\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1041\eula.rtf c:\db1defdf097c94737c9c659d\1041\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1042\eula.rtf c:\db1defdf097c94737c9c659d\1042\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1043\eula.rtf c:\db1defdf097c94737c9c659d\1043\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1044\eula.rtf c:\db1defdf097c94737c9c659d\1044\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1045\eula.rtf c:\db1defdf097c94737c9c659d\1045\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1046\eula.rtf c:\db1defdf097c94737c9c659d\1046\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1049\eula.rtf c:\db1defdf097c94737c9c659d\1049\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1053\eula.rtf c:\db1defdf097c94737c9c659d\1053\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\1055\eula.rtf c:\db1defdf097c94737c9c659d\1055\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\2052\eula.rtf c:\db1defdf097c94737c9c659d\2052\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\2070\eula.rtf c:\db1defdf097c94737c9c659d\2070\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\3076\eula.rtf c:\db1defdf097c94737c9c659d\3076\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\3082\eula.rtf c:\db1defdf097c94737c9c659d\3082\HotFixInstallerUI.dll c:\db1defdf097c94737c9c659d\DHtmlHeader.html c:\db1defdf097c94737c9c659d\header.bmp c:\db1defdf097c94737c9c659d\HotFixInstaller.exe c:\db1defdf097c94737c9c659d\NDP35SP1-KB2416473.msp c:\db1defdf097c94737c9c659d\ParameterInfo.xml c:\db1defdf097c94737c9c659d\watermark.bmp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-04 to 2012-01-04 )))))))))))))))))))))))))))))) . . 2011-12-12 15:26 . 2011-12-12 15:26 -------- d-----r- C:\MSOCache . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-23 14:39 . 2009-06-13 17:30 1868672 ----a-w- c:\windows\system32\win32k.sys 2011-11-04 19:13 . 2009-06-13 17:27 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2009-06-13 17:27 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2008-04-15 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2009-06-13 17:29 385024 ----a-w- c:\windows\system32\html.iec 2011-11-01 16:05 . 2009-06-13 17:29 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:31 . 2008-04-15 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 15:19 . 2009-02-09 11:19 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 10:49 . 2009-06-13 17:29 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-18 11:13 . 2008-04-15 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-11-21 04:40 . 2011-12-09 12:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-01-03_18.30.44 ))))))))))))))))))))))))))))))))))))))))) . + 2012-01-04 15:48 . 2012-01-04 15:48 16384 c:\windows\Temp\Perflib_Perfdata_b94.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872] "Athan"="c:\program files\Athan\Athan.exe" [2011-11-20 1204224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2009-03-08 128512] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= . R0 iastor78;iastor78;c:\windows\system32\drivers\iastor78.sys [14-6-2009 16:02 308248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9-12-2011 13:42 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9-12-2011 13:42 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9-12-2011 13:42 20568] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9-12-2011 13:36 652872] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9-12-2011 13:36 20464] S2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 13:42 136176] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 13:42 136176] . Inhoud van de 'Gedeelde Taken' map . 2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . 2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . . ------- Bijkomende Scan ------- . uStart Page = Google IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 FF - ProfilePath - c:\documents and settings\g\Application Data\Mozilla\Firefox\Profiles\712ra1hw.default\ FF - prefs.js: browser.startup.homepage - google.be . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-04 17:27 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2012-01-04 17:30:03 ComboFix-quarantined-files.txt 2012-01-04 16:30 ComboFix2.txt 2012-01-03 18:33 . Pre-Run: 50.280.882.176 bytes beschikbaar Post-Run: 50.285.436.928 bytes beschikbaar . - - End Of File - - 9A12923A594E70A3E20B5D2E1ECA8F07 alstu xD
  7. ComboFix 12-01-03.04 - g 03-01-2012 19:22:42.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.502.279 [GMT 1:00] Gestart vanuit: c:\documents and settings\g\Mijn documenten\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Default User\DelC43.tmp c:\documents and settings\g\DelC43.tmp c:\windows\iun6002.exe c:\windows\system32\config\systemprofile\DelC43.tmp c:\windows\system32\PowerToyReadme.htm c:\windows\system32\Thumbs.db . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-03 to 2012-01-03 )))))))))))))))))))))))))))))) . . 2011-12-12 15:26 . 2011-12-12 15:26 -------- d-----r- C:\MSOCache 2011-12-09 19:26 . 2011-12-09 19:26 -------- d-----w- C:\db1defdf097c94737c9c659d . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-23 14:39 . 2009-06-13 17:30 1868672 ----a-w- c:\windows\system32\win32k.sys 2011-11-04 19:13 . 2009-06-13 17:27 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2009-06-13 17:27 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2008-04-15 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2009-06-13 17:29 385024 ----a-w- c:\windows\system32\html.iec 2011-11-01 16:05 . 2009-06-13 17:29 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:31 . 2008-04-15 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 15:19 . 2009-02-09 11:19 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 10:49 . 2009-06-13 17:29 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-18 11:13 . 2008-04-15 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-11-21 04:40 . 2011-12-09 12:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872] "Athan"="c:\program files\Athan\Athan.exe" [2011-11-20 1204224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "_nltide_3"="advpack.dll" [2009-03-08 128512] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= . R0 iastor78;iastor78;c:\windows\system32\drivers\iastor78.sys [14-6-2009 16:02 308248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9-12-2011 13:42 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9-12-2011 13:42 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9-12-2011 13:42 20568] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9-12-2011 13:36 652872] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9-12-2011 13:36 20464] S2 gupdate;Google Update-service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 13:42 136176] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9-12-2011 13:42 136176] . Inhoud van de 'Gedeelde Taken' map . 2012-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . 2012-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-09 12:42] . . ------- Bijkomende Scan ------- . uStart Page = Google IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 FF - ProfilePath - c:\documents and settings\g\Application Data\Mozilla\Firefox\Profiles\712ra1hw.default\ FF - prefs.js: browser.startup.homepage - google.be . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-Athan - c:\windows\iun6002.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-03 19:30 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . . C:\## aswSnx private storage . Scan succesvol afgerond verborgen bestanden: 1 . ************************************************************************** . Voltooingstijd: 2012-01-03 19:33:08 ComboFix-quarantined-files.txt 2012-01-03 18:33 . Pre-Run: 50.470.027.264 bytes beschikbaar Post-Run: 50.601.340.928 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 55D4F58B493906C33B1D0D6E74FC0F27
  8. hallo hier ben ik weer het opstarten van het internet duurt bij mij heel traag maar eens vertrokken gaat t allemaal redelijk vlotjes. ligt het aan mn internet verbinding of een of andere boosdoener? xD het MBAM logje is OK hieronder het HJT logje, dat is chinees voor me Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:15:26, on 2-1-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\taskswitch.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Athan\Athan.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\spoolsv.exe C:\DOCUME~1\g\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- End of file - 7387 bytes
  9. OK ik waag me eraan vanmiddag, ben op mn werk nu. Ik kan via avast kiezen om de usb zelf te scannen? of via MBAM?
  10. en bvb als ik gewoon niet alles verwijder van de stick is het ook niet opgelost? komen die bestanden dan niet in de prullenbak vd laptop en evt kans op besmetting op laptop? ik ben zo onzeker geworden omdat ik schrik heb dat ik weer prijs ga hebben he
  11. ja maar gaan die virussen niet terug in mn c schijf terecht komen vanaf dat ik de usb insteek? het is net daar dat die pharao in zat...
  12. nieuwe HJT logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:47:27, on 9-12-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\taskswitch.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\CTFMON.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Messenger\msmsgs.exe C:\DOCUME~1\g\LOCALS~1\Temp\RtkBtMnt.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- End of file - 5468 bytes ---------- Post toegevoegd om 14:50 ---------- Vorige post was om 14:48 ---------- het probleem is begonnen met men usb stick. zie boven. ik durf nu die usb niet meer in de laptop te steken omdat ik vrees dat het weer mn laptop zal aantasten. hoewel er enkel word bestandjes op de usb staan hoor... en die zijn zeer belangrijk voor de cursus die ik volg via avondschool. hoe kan ik die bestanden nog recupereren zonder de laptop weer naar de vaantjes te helpen? fotos die hiervoor op de laptop stonden, ben ik ook kwijt zeker :-s na het formatteren?
  13. hallo ik heb inmiddels de laptop laten formatteren. kon zelfs niet in veilige modus opstarten. en als ik de laptop opstartte, meldde hij telkens vanzelf meteen af en sloot af. ik ga hieronder een nieuw hjt logje plaatsen in de hoop dat de laptop echt clean is. toen ik gisteren scande kreeg ik het virus WAZEBAT of zoiets en pharao. grrrr ---------- Post toegevoegd om 13:46 ---------- Vorige post was om 13:45 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:46:36, on 9-12-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\taskswitch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Documents and Settings\g\Mijn documenten\Downloads\setup_av_free.exe C:\WINDOWS\system32\msiexec.exe C:\DOCUME~1\g\LOCALS~1\Temp\_av_sfx.tm~a01956\avast.setup C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\ashQuick.exe C:\Program Files\AVAST Software\Avast\setup\avast.setup C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- End of file - 6031 bytes ---------- Post toegevoegd om 13:47 ---------- Vorige post was om 13:46 ---------- ik gebruik als browser mozilla en heb MBAM en AVAST die continu online zijn en scannen. is dit voldoende?
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.