Ga naar inhoud

hulp gevraagd bij laptop


Dollydotteke

Aanbevolen berichten

hallo iedereen ,

ik zit hier met de laptop van mijn schoonmoeder aangezien deze zware traagheid vertoont

aangezien ik helemaal niets kan van een laptop vraag ik dus jullie hulp

zij vroeg aan mij of ik alles er af kon gooien en xp terug kon instaleren

maar ik zou toch graag eens hebben dat ik met jullie hulp kan kijken of er zo problemen te vinden zijn

ook zijn er geen drivers meer van de laptop dus ik denk dat het ook verstandig is om deze opnieuw op cd te zetten , maar aangezien ik zelf niks ken van hoe ik dit nakijk vraag ik jullie hulp

Link naar reactie
Delen op andere sites

  • Reacties 22
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Misschien best eens eerst kijken naar malware (of mogelijke besmettingen die de traagheid zouden kunnen veroorzaken).

Download HijackThis

Klik bij "HijackThis Downloads" op "Installer".

Dubbelklik op HijackThis.msi

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

HijackThis zal openen na het installeren.

Klik op "Do a systemscan and save a logfile".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “uitvoeren als administrator". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis.

Link naar reactie
Delen op andere sites

bij deze de logfile :

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:37:12, on 20/08/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe

C:\Program Files\Java\jre6\bin\jucheck.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe

O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [avp] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10d.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: McAfee Security Scan.lnk = ?

O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm

O9 - Extra button: Statistieken bescherming internetverkeer - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: &Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: URL Adviseur - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238313636515

O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--

End of file - 9922 bytes

Link naar reactie
Delen op andere sites

Dit ziet er al behoorlijk uit. Volgende stap dan :

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Lees hier meer over correct gebruik van Combofix.

  • Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: Klik hier Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.
  • Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.
  • ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd. Als deze Recovery Console al is geïnstalleerd zal ComboFix automatisch verder gaan met het scannen naar malware
  • Volg anders de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren. Wanneer de Recovery Console succesvol is geïnstalleerd, klik je op “JA” om verder te gaan met het scannen naar malware.

NOTA: Wanneer ComboFix start, kan het zijn dat je een foutmelding krijgt dat “De inhoud van het ComboFix pakket werd gewijzigd”. Ga dan niet verder met de instructies, maar download ComboFix opnieuw. Deze melding kan verschijnen wanneer een file-infector (Virut) actief is op de computer. Blijf je die melding krijgen dan meld je dit.

Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

hierbij de log

ComboFix 10-08-18.05 - maria 20/08/2010 13:12:30.1.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.894.518 [GMT 2:00]

Gestart vanuit: c:\documents and settings\maria\Bureaublad\ComboFix.exe

AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-07-20 to 2010-08-20 ))))))))))))))))))))))))))))))

.

2010-08-20 10:35 . 2010-08-20 10:35 388096 -c--a-r- c:\documents and settings\maria\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-08-20 10:35 . 2010-08-20 10:35 -------- dc----w- c:\program files\Trend Micro

2010-08-20 10:08 . 2010-08-20 10:07 -------- dc----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-08-20 11:21 . 2009-04-19 15:02 -------- dc----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab

2010-06-28 07:54 . 2010-06-28 07:54 503808 -c--a-w- c:\documents and settings\maria\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-7ec65d6c-n\msvcp71.dll

2010-06-28 07:54 . 2010-06-28 07:54 499712 -c--a-w- c:\documents and settings\maria\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-7ec65d6c-n\jmc.dll

2010-06-28 07:54 . 2010-06-28 07:54 348160 -c--a-w- c:\documents and settings\maria\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-7ec65d6c-n\msvcr71.dll

2010-06-28 07:50 . 2010-06-28 07:50 -------- dc----w- c:\documents and settings\maria\Application Data\Windows Search

2010-06-28 07:47 . 2009-03-29 07:38 -------- dc----w- c:\program files\Microsoft Silverlight

2010-06-27 18:30 . 2009-03-29 06:58 -------- dc----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2010-06-27 18:23 . 2006-03-02 12:00 537452 ----a-w- c:\windows\system32\perfh013.dat

2010-06-27 18:23 . 2006-03-02 12:00 101508 ----a-w- c:\windows\system32\perfc013.dat

2010-06-27 17:41 . 2009-05-28 18:17 -------- dc----w- c:\program files\Google

2010-01-16 00:37 . 2009-04-19 15:02 2064416 --sha-w- c:\windows\system32\drivers\fidbox.dat

2010-01-16 00:37 . 2009-04-19 15:02 507936 --sha-w- c:\windows\system32\drivers\fidbox2.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-28 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]

"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-07 761946]

"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2005-12-22 1077328]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-12-11 344064]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-16 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 36880]

R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18:02 26640]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 32272]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2/10/2009 19:39 19472]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [27/06/2010 19:41 135664]

.

Inhoud van de 'Gedeelde Taken' map

2010-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 17:41]

2010-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 17:41]

2010-06-27 c:\windows\Tasks\Norton Security Scan for maria.job

- c:\program files\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-08-12 15:45]

2010-01-23 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

2010-08-20 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.com/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: Toevoegen aan Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab

.

- - - - ORPHANS VERWIJDERD - - - -

HKLM-Run-NWEReboot - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-08-20 13:21

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(764)

c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3920)

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\PnkBstrA.exe

c:\windows\system32\PnkBstrB.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\windows\system32\SearchIndexer.exe

c:\windows\system32\wscntfy.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\RTHDCPL.EXE

.

**************************************************************************

.

Voltooingstijd: 2010-08-20 13:26:13 - machine werd herstart

ComboFix-quarantined-files.txt 2010-08-20 11:26

Pre-Run: 59.552.956.416 bytes beschikbaar

Post-Run: 59.449.868.288 bytes beschikbaar

- - End Of File - - E36B88F2450EF4F145116FC0A1C63B6C

Link naar reactie
Delen op andere sites

Op basis van dit logje stel ik vast dat er nog twee antivirusprogramma's aanwezig zijn (McAfee en Kaspersky). Ik neem aan dat Kaspersky de actieve scanner is en McAfee nog restbestanden heeft achtergelaten. Kan je even bevestigen of dit zo is, vóór we iets aan dit logje doen ?

Link naar reactie
Delen op andere sites

ComboFix 10-08-19.02 - maria 20/08/2010 19:46:13.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.894.393 [GMT 2:00]

Gestart vanuit: c:\documents and settings\maria\Bureaublad\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-07-20 to 2010-08-20 ))))))))))))))))))))))))))))))

.

2010-08-20 17:34 . 2010-08-20 17:34 12536 ----a-w- c:\windows\system32\avgrsstx.dll

2010-08-20 17:34 . 2010-08-20 17:34 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2010-08-20 17:34 . 2010-08-20 17:34 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2010-08-20 17:34 . 2010-08-20 17:34 -------- d-----w- c:\windows\system32\drivers\Avg

2010-08-20 17:33 . 2010-08-20 17:33 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2010-08-20 17:30 . 2010-08-20 17:30 -------- dc----w- c:\program files\AVG

2010-08-20 17:30 . 2010-08-20 17:30 -------- dc----w- c:\documents and settings\All Users\Application Data\avg9

2010-08-20 16:58 . 2010-08-20 16:58 -------- dc----w- c:\windows\LastGood

2010-08-20 16:46 . 2010-08-20 16:46 -------- dc----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp

2010-08-20 10:35 . 2010-08-20 10:35 388096 -c--a-r- c:\documents and settings\maria\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-08-20 10:35 . 2010-08-20 10:35 -------- dc----w- c:\program files\Trend Micro

2010-08-20 10:32 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

2010-08-20 10:08 . 2010-08-20 10:07 -------- dc----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-08-20 17:00 . 2009-04-19 15:02 -------- dc----w- c:\program files\Kaspersky Lab

2010-08-20 16:57 . 2009-08-12 20:22 -------- dc----w- c:\program files\NortonInstaller

2010-08-20 16:57 . 2009-08-12 20:22 -------- dc----w- c:\documents and settings\All Users\Application Data\Norton

2010-08-20 16:56 . 2009-08-12 20:23 -------- dc----w- c:\program files\Common Files\Symantec Shared

2010-08-20 12:35 . 2009-03-29 06:58 -------- dc----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2010-08-20 12:34 . 2006-03-02 12:00 537452 ----a-w- c:\windows\system32\perfh013.dat

2010-08-20 12:34 . 2006-03-02 12:00 101508 ----a-w- c:\windows\system32\perfc013.dat

2010-06-30 12:33 . 2006-03-02 12:00 149504 ----a-w- c:\windows\system32\schannel.dll

2010-06-28 07:54 . 2010-06-28 07:54 503808 -c--a-w- c:\documents and settings\maria\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-7ec65d6c-n\msvcp71.dll

2010-06-28 07:54 . 2010-06-28 07:54 499712 -c--a-w- c:\documents and settings\maria\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-7ec65d6c-n\jmc.dll

2010-06-28 07:54 . 2010-06-28 07:54 348160 -c--a-w- c:\documents and settings\maria\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-7ec65d6c-n\msvcr71.dll

2010-06-28 07:50 . 2010-06-28 07:50 -------- dc----w- c:\documents and settings\maria\Application Data\Windows Search

2010-06-28 07:47 . 2009-03-29 07:38 -------- dc----w- c:\program files\Microsoft Silverlight

2010-06-27 17:41 . 2009-05-28 18:17 -------- dc----w- c:\program files\Google

2010-06-24 12:27 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-06-24 09:02 . 2006-03-02 12:00 1852032 ----a-w- c:\windows\system32\win32k.sys

2010-06-21 15:27 . 2006-03-02 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys

2010-06-17 14:03 . 2006-03-02 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll

2010-06-14 14:31 . 2009-03-29 06:15 744448 -c--a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe

2010-06-14 07:43 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll

2010-01-16 00:37 . 2009-04-19 15:02 2064416 --sha-w- c:\windows\system32\drivers\fidbox.dat

2010-01-16 00:37 . 2009-04-19 15:02 507936 --sha-w- c:\windows\system32\drivers\fidbox2.dat

.

((((((((((((((((((((((((((((( SnapShot@2010-08-20_11.21.28 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-07-11 18:54 . 2009-07-11 18:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll

+ 2009-07-11 18:32 . 2009-07-11 18:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll

+ 2009-07-11 18:32 . 2009-07-11 18:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll

+ 2009-07-11 18:32 . 2009-07-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll

+ 2009-07-11 18:32 . 2009-07-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll

+ 2009-07-11 18:32 . 2009-07-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll

+ 2009-07-11 18:32 . 2009-07-11 18:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll

+ 2009-07-11 18:32 . 2009-07-11 18:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll

+ 2009-07-11 18:32 . 2009-07-11 18:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll

+ 2009-07-11 18:32 . 2009-07-11 18:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll

+ 2009-07-11 23:07 . 2009-07-11 23:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll

+ 2009-07-11 23:19 . 2009-07-11 23:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll

+ 2009-07-11 17:41 . 2009-07-11 17:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll

+ 2010-08-20 16:46 . 2010-08-20 16:46 16384 c:\windows\Temp\Perflib_Perfdata_80.dat

+ 2006-03-02 12:00 . 2010-08-20 12:34 72238 c:\windows\system32\perfc009.dat

- 2006-03-02 12:00 . 2010-06-27 18:23 72238 c:\windows\system32\perfc009.dat

+ 2007-08-13 16:54 . 2010-06-24 12:27 55296 c:\windows\system32\msfeedsbs.dll

- 2007-08-13 16:54 . 2010-05-06 10:36 55296 c:\windows\system32\msfeedsbs.dll

+ 2006-03-02 12:00 . 2010-06-24 12:27 25600 c:\windows\system32\jsproxy.dll

- 2006-03-02 12:00 . 2010-05-06 10:36 25600 c:\windows\system32\jsproxy.dll

- 2009-07-16 01:51 . 2010-05-06 10:37 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2009-07-16 01:51 . 2010-06-24 12:27 12800 c:\windows\system32\dllcache\xpshims.dll

- 2009-03-29 10:03 . 2010-05-06 10:36 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2009-03-29 10:03 . 2010-06-24 12:27 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2007-08-13 16:54 . 2010-06-24 12:27 25600 c:\windows\system32\dllcache\jsproxy.dll

- 2007-08-13 16:54 . 2010-05-06 10:36 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2010-08-20 16:58 . 2009-10-02 17:39 19472 c:\windows\LastGood\system32\DRIVERS\klmouflt.sys

- 2009-03-29 07:03 . 2010-06-27 18:30 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

- 2009-03-29 07:03 . 2010-06-27 18:30 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

- 2009-03-29 07:03 . 2010-06-27 18:30 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

+ 2010-08-20 12:30 . 2010-05-06 10:37 12800 c:\windows\ie8updates\KB2183461-IE8\xpshims.dll

+ 2010-08-20 12:30 . 2010-05-06 10:36 55296 c:\windows\ie8updates\KB2183461-IE8\msfeedsbs.dll

+ 2010-08-20 12:30 . 2010-05-06 10:36 25600 c:\windows\ie8updates\KB2183461-IE8\jsproxy.dll

+ 2010-08-20 16:47 . 2010-08-20 16:47 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll

+ 2010-08-20 17:36 . 2010-08-20 17:36 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\aada360296a42e0413579a19c771ec2d\System.Web.DynamicData.Design.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll

+ 2010-08-20 12:36 . 2010-08-20 12:36 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe

+ 2010-08-20 12:35 . 2010-08-20 12:35 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll

+ 2010-08-20 17:22 . 2010-08-20 17:22 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe

+ 2010-08-20 16:50 . 2010-08-20 16:50 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

- 2010-06-27 18:22 . 2010-06-27 18:22 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

- 2010-06-27 18:22 . 2010-06-27 18:22 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2009-07-11 23:12 . 2009-07-11 23:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll

+ 2009-07-11 23:09 . 2009-07-11 23:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll

+ 2009-07-11 23:08 . 2009-07-11 23:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll

+ 2006-03-02 12:00 . 2010-08-20 12:34 444362 c:\windows\system32\perfh009.dat

- 2006-03-02 12:00 . 2010-06-27 18:23 444362 c:\windows\system32\perfh009.dat

- 2006-03-02 12:00 . 2010-05-06 10:37 206848 c:\windows\system32\occache.dll

+ 2006-03-02 12:00 . 2010-06-24 12:27 206848 c:\windows\system32\occache.dll

+ 2006-03-02 12:00 . 2010-06-24 12:27 611840 c:\windows\system32\mstime.dll

- 2006-03-02 12:00 . 2010-05-06 10:37 611840 c:\windows\system32\mstime.dll

+ 2007-08-13 16:54 . 2010-06-24 12:27 599040 c:\windows\system32\msfeeds.dll

- 2007-08-13 16:54 . 2010-05-06 10:36 599040 c:\windows\system32\msfeeds.dll

- 2006-03-02 12:00 . 2010-05-06 10:36 184320 c:\windows\system32\iepeers.dll

+ 2006-03-02 12:00 . 2010-06-24 12:27 184320 c:\windows\system32\iepeers.dll

- 2006-03-02 12:00 . 2010-05-06 10:36 387584 c:\windows\system32\iedkcs32.dll

+ 2006-03-02 12:00 . 2010-06-24 12:27 387584 c:\windows\system32\iedkcs32.dll

+ 2006-03-02 12:00 . 2010-06-23 12:08 173056 c:\windows\system32\ie4uinit.exe

- 2006-03-02 12:00 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe

- 2009-03-28 19:20 . 2010-06-28 07:47 268600 c:\windows\system32\FNTCACHE.DAT

+ 2009-03-28 19:20 . 2010-08-20 16:45 268600 c:\windows\system32\FNTCACHE.DAT

+ 2009-03-29 07:29 . 2010-06-24 12:27 916480 c:\windows\system32\dllcache\wininet.dll

- 2009-03-29 07:29 . 2010-05-06 10:37 916480 c:\windows\system32\dllcache\wininet.dll

+ 2009-03-29 07:27 . 2010-06-21 15:27 354304 c:\windows\system32\dllcache\srv.sys

+ 2008-12-05 06:58 . 2010-06-30 12:33 149504 c:\windows\system32\dllcache\schannel.dll

+ 2007-08-13 16:44 . 2010-06-24 12:27 206848 c:\windows\system32\dllcache\occache.dll

- 2007-08-13 16:44 . 2010-05-06 10:37 206848 c:\windows\system32\dllcache\occache.dll

+ 2006-03-02 12:00 . 2010-06-24 12:27 611840 c:\windows\system32\dllcache\mstime.dll

- 2006-03-02 12:00 . 2010-05-06 10:37 611840 c:\windows\system32\dllcache\mstime.dll

- 2009-03-29 10:03 . 2010-05-06 10:36 599040 c:\windows\system32\dllcache\msfeeds.dll

+ 2009-03-29 10:03 . 2010-06-24 12:27 599040 c:\windows\system32\dllcache\msfeeds.dll

+ 2009-07-16 01:51 . 2010-06-24 12:27 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2009-07-16 01:51 . 2010-05-06 10:36 247808 c:\windows\system32\dllcache\ieproxy.dll

+ 2007-08-13 16:54 . 2010-06-24 12:27 184320 c:\windows\system32\dllcache\iepeers.dll

- 2007-08-13 16:54 . 2010-05-06 10:36 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2010-06-27 16:02 . 2010-06-24 12:27 743424 c:\windows\system32\dllcache\iedvtool.dll

- 2010-06-27 16:02 . 2010-05-06 10:36 743424 c:\windows\system32\dllcache\iedvtool.dll

+ 2007-08-13 16:39 . 2010-06-24 12:27 387584 c:\windows\system32\dllcache\iedkcs32.dll

- 2007-08-13 16:39 . 2010-05-06 10:36 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2007-08-13 16:39 . 2010-06-23 12:08 173056 c:\windows\system32\dllcache\ie4uinit.exe

- 2007-08-13 16:39 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe

+ 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll

- 2009-08-07 22:51 . 2009-08-07 22:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2010-08-20 17:30 . 2010-08-20 17:30 424448 c:\windows\Installer\296e85.msi

- 2009-03-29 07:03 . 2010-06-27 18:30 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

- 2009-03-29 07:03 . 2010-06-27 18:30 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

- 2009-03-29 07:03 . 2010-06-27 18:30 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

- 2009-03-29 07:03 . 2010-06-27 18:30 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

- 2009-03-29 07:03 . 2010-06-27 18:30 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe

- 2009-03-29 07:03 . 2010-06-27 18:30 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe

- 2009-03-29 07:03 . 2010-06-27 18:30 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe

+ 2009-03-06 01:37 . 2009-03-06 01:37 501640 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\SOA.DLL

+ 2008-10-26 05:26 . 2008-10-26 05:26 162680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ACCWIZ.DLL

+ 2010-08-20 12:30 . 2010-05-06 10:37 916480 c:\windows\ie8updates\KB2183461-IE8\wininet.dll

+ 2010-08-20 12:30 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB2183461-IE8\spuninst\updspapi.dll

+ 2010-08-20 12:30 . 2009-05-26 09:01 234872 c:\windows\ie8updates\KB2183461-IE8\spuninst\spuninst.exe

+ 2010-08-20 12:30 . 2010-05-06 10:37 206848 c:\windows\ie8updates\KB2183461-IE8\occache.dll

+ 2010-08-20 12:30 . 2010-05-06 10:37 611840 c:\windows\ie8updates\KB2183461-IE8\mstime.dll

+ 2010-08-20 12:30 . 2010-05-06 10:36 599040 c:\windows\ie8updates\KB2183461-IE8\msfeeds.dll

+ 2010-08-20 12:30 . 2010-05-06 10:36 247808 c:\windows\ie8updates\KB2183461-IE8\ieproxy.dll

+ 2010-08-20 12:30 . 2010-05-06 10:36 184320 c:\windows\ie8updates\KB2183461-IE8\iepeers.dll

+ 2010-08-20 12:30 . 2010-05-06 10:36 743424 c:\windows\ie8updates\KB2183461-IE8\iedvtool.dll

+ 2010-08-20 12:30 . 2010-05-06 10:36 387584 c:\windows\ie8updates\KB2183461-IE8\iedkcs32.dll

+ 2010-08-20 12:30 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2183461-IE8\ie4uinit.exe

+ 2010-08-20 17:23 . 2010-08-20 17:23 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe

+ 2010-08-20 16:47 . 2010-08-20 16:47 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll

+ 2010-08-20 16:47 . 2010-08-20 16:47 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll

+ 2010-08-20 16:46 . 2010-08-20 16:46 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll

+ 2010-08-20 17:36 . 2010-08-20 17:36 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\5e16c279496a553c988c6199f0cee8aa\System.Web.Routing.ni.dll

+ 2010-08-20 17:36 . 2010-08-20 17:36 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\720b28d81e987b889180b291ea19b821\System.Web.Extensions.Design.ni.dll

+ 2010-08-20 17:36 . 2010-08-20 17:36 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\da36fd678161cd3444ef547c894e3f35\System.Web.Entity.ni.dll

+ 2010-08-20 17:36 . 2010-08-20 17:36 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\49ae7c73fac8827123d5db1714c22599\System.Web.Entity.Design.ni.dll

+ 2010-08-20 17:36 . 2010-08-20 17:36 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ce3aa27d3c4c052845ac5abb1374defa\System.Web.DynamicData.ni.dll

+ 2010-08-20 17:36 . 2010-08-20 17:36 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\95fab896ef2af14876e3e1524379773b\System.Web.Abstractions.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll

+ 2010-08-20 16:50 . 2010-08-20 16:50 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll

+ 2010-08-20 16:50 . 2010-08-20 16:50 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll

+ 2010-08-20 12:38 . 2010-08-20 12:38 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll

+ 2010-08-20 17:24 . 2010-08-20 17:24 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\488c4017d45e861644a34fae557aa80f\System.Data.Entity.Design.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe

+ 2010-08-20 17:23 . 2010-08-20 17:23 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5aeb40ff7128df2881fb03c01d070b20\ServiceModelReg.ni.exe

+ 2010-08-20 12:37 . 2010-08-20 12:37 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll

+ 2010-08-20 12:37 . 2010-08-20 12:37 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll

+ 2010-08-20 12:37 . 2010-08-20 12:37 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll

+ 2010-08-20 12:37 . 2010-08-20 12:37 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe

+ 2010-08-20 17:23 . 2010-08-20 17:23 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll

+ 2010-08-20 17:22 . 2010-08-20 17:22 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe

+ 2010-08-20 16:50 . 2010-08-20 16:50 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\56aec0938ef1bbdeca65b07a5fe8cd39\AspNetMMCExt.ni.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2010-08-20 12:34 . 2010-08-20 12:34 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2010-08-20 12:34 . 2010-08-20 12:34 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2009-07-11 18:46 . 2009-07-11 18:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll

+ 2009-07-11 18:46 . 2009-07-11 18:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll

+ 2006-03-02 12:00 . 2010-06-24 12:27 1210368 c:\windows\system32\urlmon.dll

+ 2006-03-02 12:00 . 2010-07-27 06:30 8509440 c:\windows\system32\shell32.dll

- 2006-03-02 12:00 . 2010-02-16 19:09 2150912 c:\windows\system32\ntoskrnl.exe

+ 2006-03-02 12:00 . 2010-04-28 05:45 2150912 c:\windows\system32\ntoskrnl.exe

- 2004-08-04 00:58 . 2010-02-16 19:09 2029056 c:\windows\system32\ntkrnlpa.exe

+ 2004-08-04 00:58 . 2010-04-28 05:45 2029056 c:\windows\system32\ntkrnlpa.exe

+ 2006-03-02 12:00 . 2010-06-24 12:27 5951488 c:\windows\system32\mshtml.dll

+ 2007-08-13 16:34 . 2010-06-24 12:27 1986560 c:\windows\system32\iertutil.dll

+ 2009-02-09 14:08 . 2010-06-24 09:02 1852032 c:\windows\system32\dllcache\win32k.sys

+ 2009-03-29 07:29 . 2010-06-24 12:27 1210368 c:\windows\system32\dllcache\urlmon.dll

+ 2008-06-17 19:03 . 2010-07-27 06:30 8509440 c:\windows\system32\dllcache\shell32.dll

+ 2009-03-29 07:29 . 2010-04-28 18:15 2194304 c:\windows\system32\dllcache\ntoskrnl.exe

- 2009-03-29 07:29 . 2010-02-17 12:09 2194304 c:\windows\system32\dllcache\ntoskrnl.exe

- 2009-03-29 07:29 . 2010-02-16 19:09 2029056 c:\windows\system32\dllcache\ntkrpamp.exe

+ 2009-03-29 07:29 . 2010-04-28 05:45 2029056 c:\windows\system32\dllcache\ntkrpamp.exe

+ 2009-03-29 07:29 . 2010-04-28 05:45 2071168 c:\windows\system32\dllcache\ntkrnlpa.exe

- 2009-03-29 07:29 . 2010-02-16 19:09 2071168 c:\windows\system32\dllcache\ntkrnlpa.exe

- 2009-03-29 07:29 . 2010-02-16 19:09 2150912 c:\windows\system32\dllcache\ntkrnlmp.exe

+ 2009-03-29 07:29 . 2010-04-28 05:45 2150912 c:\windows\system32\dllcache\ntkrnlmp.exe

+ 2009-03-29 07:27 . 2010-06-14 07:43 1172480 c:\windows\system32\dllcache\msxml3.dll

- 2009-03-29 07:27 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll

+ 2009-03-29 07:29 . 2010-06-24 12:27 5951488 c:\windows\system32\dllcache\mshtml.dll

+ 2010-06-27 16:02 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe

- 2010-06-27 16:02 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe

+ 2009-03-29 10:03 . 2010-06-24 12:27 1986560 c:\windows\system32\dllcache\iertutil.dll

+ 2010-05-11 04:40 . 2010-05-11 04:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

- 2009-08-07 22:51 . 2009-08-07 22:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

+ 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

+ 2010-06-28 14:01 . 2010-06-28 14:01 7677952 c:\windows\Installer\3b51bb.msp

+ 2010-05-25 09:45 . 2010-05-25 09:45 8445440 c:\windows\Installer\3b51b7.msp

+ 2010-06-11 15:55 . 2010-06-11 15:55 1827328 c:\windows\Installer\3b51b2.msp

+ 2010-06-28 20:53 . 2010-06-28 20:53 6819840 c:\windows\Installer\3b51ae.msp

+ 2010-07-26 14:00 . 2010-07-26 14:00 5010944 c:\windows\Installer\3b51ac.msp

+ 2010-05-20 17:57 . 2010-05-20 17:57 4989952 c:\windows\Installer\3b518b.msp

+ 2010-05-20 17:57 . 2010-05-20 17:57 5907456 c:\windows\Installer\3b518a.msp

+ 2010-07-26 15:02 . 2010-07-26 15:02 5519360 c:\windows\Installer\3b5169.msp

+ 2010-07-10 18:14 . 2010-07-10 18:14 2850816 c:\windows\Installer\3b5167.msp

- 2009-03-29 07:03 . 2010-06-27 18:30 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

- 2009-03-29 07:03 . 2010-06-27 18:30 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

+ 2009-03-29 07:03 . 2010-08-20 12:35 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

+ 2010-08-20 12:30 . 2010-05-06 10:37 1209344 c:\windows\ie8updates\KB2183461-IE8\urlmon.dll

+ 2010-08-20 12:30 . 2010-05-06 10:37 5950976 c:\windows\ie8updates\KB2183461-IE8\mshtml.dll

+ 2010-08-20 12:30 . 2010-05-06 10:36 1985536 c:\windows\ie8updates\KB2183461-IE8\iertutil.dll

- 2009-03-29 07:29 . 2010-02-17 12:09 2194304 c:\windows\Driver Cache\i386\ntoskrnl.exe

+ 2009-03-29 07:29 . 2010-04-28 18:15 2194304 c:\windows\Driver Cache\i386\ntoskrnl.exe

- 2009-03-29 07:29 . 2010-02-16 19:09 2029056 c:\windows\Driver Cache\i386\ntkrpamp.exe

+ 2009-03-29 07:29 . 2010-04-28 05:45 2029056 c:\windows\Driver Cache\i386\ntkrpamp.exe

- 2009-03-29 07:29 . 2010-02-16 19:09 2071168 c:\windows\Driver Cache\i386\ntkrnlpa.exe

+ 2009-03-29 07:29 . 2010-04-28 05:45 2071168 c:\windows\Driver Cache\i386\ntkrnlpa.exe

+ 2009-03-29 07:29 . 2010-04-28 05:45 2150912 c:\windows\Driver Cache\i386\ntkrnlmp.exe

- 2009-03-29 07:29 . 2010-02-16 19:09 2150912 c:\windows\Driver Cache\i386\ntkrnlmp.exe

+ 2010-08-20 12:35 . 2010-08-20 12:35 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll

+ 2010-08-20 16:46 . 2010-08-20 16:46 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll

+ 2010-08-20 12:35 . 2010-08-20 12:35 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll

+ 2010-08-20 12:39 . 2010-08-20 12:39 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll

+ 2010-08-20 17:36 . 2010-08-20 17:36 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\49c7a1c78ed9502ba97c11e6bd993f63\System.Web.Extensions.ni.dll

+ 2010-08-20 12:38 . 2010-08-20 12:38 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\f5790a1b7b41e7b8d05f01b549c80f39\System.ServiceModel.Web.ni.dll

+ 2010-08-20 16:50 . 2010-08-20 16:50 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll

+ 2010-08-20 12:38 . 2010-08-20 12:38 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll

+ 2010-08-20 16:50 . 2010-08-20 16:50 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\0885f31c21b796465fde6297dba20981\System.IdentityModel.ni.dll

+ 2010-08-20 12:38 . 2010-08-20 12:38 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll

+ 2010-08-20 12:38 . 2010-08-20 12:38 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\23cf0498f2ebe4c8ffa5cc79efca2dc5\System.Data.Services.ni.dll

+ 2010-08-20 12:38 . 2010-08-20 12:38 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll

+ 2010-08-20 17:24 . 2010-08-20 17:24 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll

+ 2010-08-20 12:37 . 2010-08-20 12:37 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll

+ 2010-08-20 12:37 . 2010-08-20 12:37 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll

+ 2010-08-20 12:37 . 2010-08-20 12:37 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll

+ 2010-08-20 12:35 . 2010-08-20 12:35 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\9732a7c993055f82040642966db07ccf\Microsoft.VisualBasic.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll

+ 2010-08-20 17:25 . 2010-08-20 17:25 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2010-08-20 17:23 . 2010-08-20 17:23 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2010-08-20 12:34 . 2010-08-20 12:34 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

- 2010-06-27 18:22 . 2010-06-27 18:22 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2010-08-20 12:33 . 2010-08-20 12:33 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2009-03-29 08:59 . 2010-08-03 09:09 35962312 c:\windows\system32\MRT.exe

+ 2007-08-13 16:54 . 2010-06-24 15:57 11077120 c:\windows\system32\ieframe.dll

+ 2009-03-29 10:03 . 2010-06-24 15:57 11077120 c:\windows\system32\dllcache\ieframe.dll

+ 2010-06-11 15:52 . 2010-06-11 15:52 45542912 c:\windows\Installer\3b51b3.msp

+ 2010-05-19 11:08 . 2010-05-19 11:08 11408896 c:\windows\Installer\3b5196.msp

+ 2010-05-20 17:58 . 2010-05-20 17:58 12114432 c:\windows\Installer\3b5151.msp

+ 2010-07-10 18:06 . 2010-07-10 18:06 10120192 c:\windows\Installer\3b5133.msp

+ 2009-03-06 01:37 . 2009-03-06 01:37 10222432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSACCESS.EXE

+ 2010-08-20 12:30 . 2010-05-06 10:36 11076096 c:\windows\ie8updates\KB2183461-IE8\ieframe.dll

+ 2010-08-20 16:51 . 2010-08-20 16:51 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10.tmp\System.ServiceModel.dll

+ 2010-08-20 12:39 . 2010-08-20 12:39 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll

+ 2010-08-20 17:35 . 2010-08-20 17:35 11798016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\411a627d6f5cb83509332253406988e5\System.Web.ni.dll

+ 2010-08-20 17:22 . 2010-08-20 17:22 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f523a69e7c93ee4f245c996eac4b3a57\System.ServiceModel.ni.dll

+ 2010-08-20 12:38 . 2010-08-20 12:38 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\b307acf63075b997d02a97a7492d0d9c\System.Design.ni.dll

+ 2010-08-20 12:36 . 2010-08-20 12:37 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll

+ 2010-08-20 12:36 . 2010-08-20 12:36 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll

+ 2010-08-20 12:35 . 2010-08-20 12:35 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll

.

-- Snapshot teruggezet naar huidige datum --

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-28 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]

"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-07 761946]

"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2005-12-22 1077328]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-12-11 344064]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-16 149280]

"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-20 2065760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2010-08-20 17:34 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 17:29 36880]

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [20/08/2010 19:34 216400]

R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [20/08/2010 19:33 243024]

R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [20/08/2010 19:32 308136]

R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 18:02 26640]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 17:06 32272]

R4 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys --> c:\windows\system32\DRIVERS\klmouflt.sys [?]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [27/06/2010 19:41 135664]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - AVG9WD

*NewlyCreated* - AVGLDX86

*NewlyCreated* - AVGMFX86

*NewlyCreated* - AVGTDIX

.

Inhoud van de 'Gedeelde Taken' map

2010-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 17:41]

2010-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 17:41]

2010-01-23 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

2010-08-20 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.com/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-08-20 19:51

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(764)

c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(144)

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Voltooingstijd: 2010-08-20 19:54:22

ComboFix-quarantined-files.txt 2010-08-20 17:54

ComboFix2.txt 2010-08-20 11:26

Pre-Run: 58.916.065.280 bytes beschikbaar

Post-Run: 59.012.337.664 bytes beschikbaar

- - End Of File - - 36AF82402918FC2918D6AEA4184A1BD5

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\system32\drivers\klbg.sys

c:\windows\system32\drivers\klfltdev.sys

c:\windows\system32\drivers\klim5.sys

c:\windows\system32\DRIVERS\klmouflt.sys

Folder::

c:\program files\Kaspersky Lab

c:\program files\NortonInstaller

c:\documents and settings\All Users\Application Data\Norton

c:\program files\Common Files\Symantec Shared

Driver::

KLFLTDEV

klim5

klmouflt

klbg

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

Link naar reactie
Delen op andere sites


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.