Ga naar inhoud

Politievirus (498)


Aanbevolen berichten

ComboFix 12-08-04.02 - jaleesa jaggoo 05-08-2012 16:39:59.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1982.1124 [GMT 2:00]

Gestart vanuit: c:\documents and settings\jaleesa jaggoo\Mijn documenten\Downloads\ComboFix.exe

AV: ESET NOD32 Antivirus 3.0 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

* Aanwezig AV is actief

.

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\idczkqis.exe

c:\documents and settings\All Users\Application Data\kisyliofvvqhkdl

c:\documents and settings\All Users\Application Data\QuestDns

c:\documents and settings\All Users\Application Data\sysReserve.ini

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\All Users\Application Data\wpfrqykh.exe

c:\documents and settings\Default User\WINDOWS

c:\documents and settings\jaleesa jaggoo\Application Data\AntiVirus System 2011

c:\documents and settings\jaleesa jaggoo\Application Data\AntiVirus System 2011\IcoActivate.ico

c:\documents and settings\jaleesa jaggoo\Application Data\AntiVirus System 2011\IcoHelp.ico

c:\documents and settings\jaleesa jaggoo\Application Data\AntiVirus System 2011\IcoUninstall.ico

c:\documents and settings\jaleesa jaggoo\Menu Start\Programma's\AntiVirus System 2011

c:\documents and settings\jaleesa jaggoo\Menu Start\Programma's\AntiVirus System 2011\Help AntiVirus System 2011.lnk

c:\documents and settings\jaleesa jaggoo\Menu Start\Programma's\AntiVirus System 2011\How to Activate AntiVirus System 2011.lnk

c:\documents and settings\jaleesa jaggoo\Mijn documenten\~WRL0003.tmp

c:\documents and settings\jaleesa jaggoo\ms.exe

c:\documents and settings\jaleesa jaggoo\WINDOWS

C:\msminer

c:\msminer\miner.exe

c:\msminer\msminer.exe

c:\program files\QuestDns

c:\program files\QuestDns\uninstall.exe

C:\Recycle.Bin

c:\windows\IsUn0413.exe

c:\windows\SET470.tmp

c:\windows\system32\_002983_.tmp.dll

c:\windows\system32\_002984_.tmp.dll

c:\windows\system32\_002985_.tmp.dll

c:\windows\system32\_002986_.tmp.dll

c:\windows\system32\_002993_.tmp.dll

c:\windows\system32\_002994_.tmp.dll

c:\windows\system32\_002995_.tmp.dll

c:\windows\system32\_002996_.tmp.dll

c:\windows\system32\_002998_.tmp.dll

c:\windows\system32\_002999_.tmp.dll

c:\windows\system32\_003002_.tmp.dll

c:\windows\system32\_003003_.tmp.dll

c:\windows\system32\_003005_.tmp.dll

c:\windows\system32\_003006_.tmp.dll

c:\windows\system32\_003007_.tmp.dll

c:\windows\system32\_003009_.tmp.dll

c:\windows\system32\_003012_.tmp.dll

c:\windows\system32\_003013_.tmp.dll

c:\windows\system32\_003017_.tmp.dll

c:\windows\system32\_003018_.tmp.dll

c:\windows\system32\_003020_.tmp.dll

c:\windows\system32\_003023_.tmp.dll

c:\windows\system32\_003025_.tmp.dll

c:\windows\system32\_003026_.tmp.dll

c:\windows\system32\_003027_.tmp.dll

c:\windows\system32\_003028_.tmp.dll

c:\windows\system32\_003029_.tmp.dll

c:\windows\system32\_003032_.tmp.dll

c:\windows\system32\_003033_.tmp.dll

c:\windows\system32\_003034_.tmp.dll

c:\windows\system32\_003035_.tmp.dll

c:\windows\system32\_003036_.tmp.dll

c:\windows\system32\_003041_.tmp.dll

c:\windows\system32\~GLH0001.TMP

c:\windows\system32\~GLH0002.TMP

c:\windows\system32\config\systemprofile\WINDOWS

c:\windows\system32\SET100C.tmp

c:\windows\system32\SET10F8.tmp

c:\windows\system32\SET1116.tmp

c:\windows\system32\SET1117.tmp

c:\windows\system32\SET1125.tmp

c:\windows\system32\SET1134.tmp

c:\windows\system32\SET1139.tmp

c:\windows\system32\SET115B.tmp

c:\windows\system32\SET17E.tmp

c:\windows\system32\SET17F.tmp

c:\windows\system32\SET180.tmp

c:\windows\system32\SET181.tmp

c:\windows\system32\SET183.tmp

c:\windows\system32\SET185.tmp

c:\windows\system32\SET18C.tmp

c:\windows\system32\SET18D.tmp

c:\windows\system32\SET190.tmp

c:\windows\system32\SET195.tmp

c:\windows\system32\SET196.tmp

c:\windows\system32\SET197.tmp

c:\windows\system32\SET199.tmp

c:\windows\system32\SET19A.tmp

c:\windows\system32\SET19B.tmp

c:\windows\system32\SET19C.tmp

c:\windows\system32\SET19D.tmp

c:\windows\system32\SET19F.tmp

c:\windows\system32\SET1A0.tmp

c:\windows\system32\SET1A1.tmp

c:\windows\system32\SET1A3.tmp

c:\windows\system32\SET1A4.tmp

c:\windows\system32\SET1AB.tmp

c:\windows\system32\SET1AC.tmp

c:\windows\system32\SET1AD.tmp

c:\windows\system32\SET1B0.tmp

c:\windows\system32\SET1B2.tmp

c:\windows\system32\SET1B4.tmp

c:\windows\system32\SET1B8.tmp

c:\windows\system32\SET1BB.tmp

c:\windows\system32\SET1BE.tmp

c:\windows\system32\SET1BF.tmp

c:\windows\system32\SET1C1.tmp

c:\windows\system32\SET1C7.tmp

c:\windows\system32\SET1C8.tmp

c:\windows\system32\SET1C9.tmp

c:\windows\system32\SET1CA.tmp

c:\windows\system32\SET1D0.tmp

c:\windows\system32\SET1D5.tmp

c:\windows\system32\SET1D6.tmp

c:\windows\system32\SET1D9.tmp

c:\windows\system32\SET1DC.tmp

c:\windows\system32\SET1DD.tmp

c:\windows\system32\SET1E4.tmp

c:\windows\system32\SET1E5.tmp

c:\windows\system32\SET1E7.tmp

c:\windows\system32\SET1EA.tmp

c:\windows\system32\SET1EB.tmp

c:\windows\system32\SET1F8.tmp

c:\windows\system32\SET1FA.tmp

c:\windows\system32\SET1FB.tmp

c:\windows\system32\SET1FC.tmp

c:\windows\system32\SET1FD.tmp

c:\windows\system32\SET1FE.tmp

c:\windows\system32\SET20E.tmp

c:\windows\system32\SET213.tmp

c:\windows\system32\SET215.tmp

c:\windows\system32\SET216.tmp

c:\windows\system32\SET217.tmp

c:\windows\system32\SET218.tmp

c:\windows\system32\SET219.tmp

c:\windows\system32\SET21C.tmp

c:\windows\system32\SET21D.tmp

c:\windows\system32\SET221.tmp

c:\windows\system32\SET222.tmp

c:\windows\system32\SET226.tmp

c:\windows\system32\SET227.tmp

c:\windows\system32\SET22D.tmp

c:\windows\system32\SET22E.tmp

c:\windows\system32\SET22F.tmp

c:\windows\system32\SET237.tmp

c:\windows\system32\SET23D.tmp

c:\windows\system32\SET23E.tmp

c:\windows\system32\SET23F.tmp

c:\windows\system32\SET240.tmp

c:\windows\system32\SET242.tmp

c:\windows\system32\SET248.tmp

c:\windows\system32\SET24E.tmp

c:\windows\system32\SET254.tmp

c:\windows\system32\SET256.tmp

c:\windows\system32\SET258.tmp

c:\windows\system32\SET259.tmp

c:\windows\system32\SET25A.tmp

c:\windows\system32\SET265.tmp

c:\windows\system32\SET267.tmp

c:\windows\system32\SET268.tmp

c:\windows\system32\SET26B.tmp

c:\windows\system32\SET26D.tmp

c:\windows\system32\SET270.tmp

c:\windows\system32\SET282.tmp

c:\windows\system32\SET283.tmp

c:\windows\system32\SET28A.tmp

c:\windows\system32\SET28B.tmp

c:\windows\system32\SET28E.tmp

c:\windows\system32\SET28F.tmp

c:\windows\system32\SET290.tmp

c:\windows\system32\SET291.tmp

c:\windows\system32\SET292.tmp

c:\windows\system32\SET294.tmp

c:\windows\system32\SET295.tmp

c:\windows\system32\SET296.tmp

c:\windows\system32\SET298.tmp

c:\windows\system32\SET299.tmp

c:\windows\system32\SET29A.tmp

c:\windows\system32\SET29C.tmp

c:\windows\system32\SET29F.tmp

c:\windows\system32\SET2A4.tmp

c:\windows\system32\SET2A5.tmp

c:\windows\system32\SET2A6.tmp

c:\windows\system32\SET2AB.tmp

c:\windows\system32\SET2AC.tmp

c:\windows\system32\SET2AD.tmp

c:\windows\system32\SET2AF.tmp

c:\windows\system32\SET2B2.tmp

c:\windows\system32\SET2B4.tmp

c:\windows\system32\SET2B5.tmp

c:\windows\system32\SET2B8.tmp

c:\windows\system32\SET2BC.tmp

c:\windows\system32\SET2BF.tmp

c:\windows\system32\SET2C0.tmp

c:\windows\system32\SET2C2.tmp

c:\windows\system32\SET2C7.tmp

c:\windows\system32\SET2D1.tmp

c:\windows\system32\SET2D2.tmp

c:\windows\system32\SET2D3.tmp

c:\windows\system32\SET2D5.tmp

c:\windows\system32\SET2D6.tmp

c:\windows\system32\SET2DC.tmp

c:\windows\system32\SET2DD.tmp

c:\windows\system32\SET2DF.tmp

c:\windows\system32\SET2E0.tmp

c:\windows\system32\SET2E5.tmp

c:\windows\system32\SET2E6.tmp

c:\windows\system32\SET2E7.tmp

c:\windows\system32\SET2E8.tmp

c:\windows\system32\SET2E9.tmp

c:\windows\system32\SET2EA.tmp

c:\windows\system32\SET2EC.tmp

c:\windows\system32\SET2EE.tmp

c:\windows\system32\SET2F1.tmp

c:\windows\system32\SET2FB.tmp

c:\windows\system32\SET2FD.tmp

c:\windows\system32\SET2FE.tmp

c:\windows\system32\SET2FF.tmp

c:\windows\system32\SET303.tmp

c:\windows\system32\SET308.tmp

c:\windows\system32\SET30A.tmp

c:\windows\system32\SET30B.tmp

c:\windows\system32\SET311.tmp

c:\windows\system32\SET31C.tmp

c:\windows\system32\SET31F.tmp

c:\windows\system32\SET320.tmp

c:\windows\system32\SET321.tmp

c:\windows\system32\SET324.tmp

c:\windows\system32\SET32C.tmp

c:\windows\system32\SET333.tmp

c:\windows\system32\SET335.tmp

c:\windows\system32\SET33E.tmp

c:\windows\system32\SET340.tmp

c:\windows\system32\SET343.tmp

c:\windows\system32\SET353.tmp

c:\windows\system32\SET357.tmp

c:\windows\system32\SET359.tmp

c:\windows\system32\SET35B.tmp

c:\windows\system32\SET361.tmp

c:\windows\system32\SET365.tmp

c:\windows\system32\SET373.tmp

c:\windows\system32\SET379.tmp

c:\windows\system32\SET37B.tmp

c:\windows\system32\SET37C.tmp

c:\windows\system32\SET382.tmp

c:\windows\system32\SET394.tmp

c:\windows\system32\SET396.tmp

c:\windows\system32\SET398.tmp

c:\windows\system32\SET3A0.tmp

c:\windows\system32\SET3A4.tmp

c:\windows\system32\SET3AF.tmp

c:\windows\system32\SET3BF.tmp

c:\windows\system32\SET3E1.tmp

c:\windows\system32\SET3E2.tmp

c:\windows\system32\SET3E5.tmp

c:\windows\system32\SET3EA.tmp

c:\windows\system32\SET3EC.tmp

c:\windows\system32\SET3F3.tmp

c:\windows\system32\SET3F4.tmp

c:\windows\system32\SET3F5.tmp

c:\windows\system32\SET3F7.tmp

c:\windows\system32\SET3F8.tmp

c:\windows\system32\SET3F9.tmp

c:\windows\system32\SET3FA.tmp

c:\windows\system32\SET3FC.tmp

c:\windows\system32\SET3FE.tmp

c:\windows\system32\SET3FF.tmp

c:\windows\system32\SET401.tmp

c:\windows\system32\SET404.tmp

c:\windows\system32\SET406.tmp

c:\windows\system32\SET40B.tmp

c:\windows\system32\SET40C.tmp

c:\windows\system32\SET414.tmp

c:\windows\system32\SET41A.tmp

c:\windows\system32\SET41F.tmp

c:\windows\system32\SET422.tmp

c:\windows\system32\SET425.tmp

c:\windows\system32\SET427.tmp

c:\windows\system32\SET42B.tmp

c:\windows\system32\SET42D.tmp

c:\windows\system32\SET42E.tmp

c:\windows\system32\SET42F.tmp

c:\windows\system32\SET432.tmp

c:\windows\system32\SET433.tmp

c:\windows\system32\SET437.tmp

c:\windows\system32\SET438.tmp

c:\windows\system32\SET43D.tmp

c:\windows\system32\SET442.tmp

c:\windows\system32\SET445.tmp

c:\windows\system32\SET449.tmp

c:\windows\system32\SET44B.tmp

c:\windows\system32\SET44D.tmp

c:\windows\system32\SET64.tmp

c:\windows\system32\SET66.tmp

c:\windows\system32\SET72.tmp

c:\windows\system32\SET7B.tmp

c:\windows\system32\SET7C.tmp

c:\windows\system32\SET7D.tmp

c:\windows\system32\SET7F.tmp

c:\windows\system32\SET80.tmp

c:\windows\system32\SETAF.tmp

c:\windows\system32\SETFC8.tmp

c:\windows\system32\SETFCB.tmp

c:\windows\system32\SETFD0.tmp

c:\windows\system32\SETFD5.tmp

c:\windows\system32\SETFE3.tmp

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscoree.dll.local

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\system32\URTTemp\regtlib.exe

c:\windows\WINDOWS

c:\windows\WINDOWS\Fonts\Dungeon.TTF

c:\windows\WINDOWS\Resources\Themes\Genesis\Genesis.msstyles

c:\windows\WINDOWS\Resources\Themes\Genesis\Shell\NormalColor\Background.BMP

c:\windows\WINDOWS\Resources\Themes\Genesis\Shell\NormalColor\Logo.BMP

c:\windows\WINDOWS\Resources\Themes\Genesis\Shell\NormalColor\Shellstyle.dll

c:\windows\windows\Resources\Themes\Genesis\Wallpaper\Genesis.jpg

c:\windows\XSxS

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-05 to 2012-08-05 ))))))))))))))))))))))))))))))

.

.

2012-08-04 14:43 . 2012-08-04 14:43 -------- d--h--r- c:\documents and settings\jaleesa jaggoo\Onlangs geopend

2012-08-01 21:47 . 2012-08-01 21:47 -------- d-----w- c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd

2012-07-31 13:11 . 2012-07-31 13:11 -------- d-----w- c:\program files\PC Unleashed Online

2012-07-15 13:56 . 2012-07-15 13:56 1409 ----a-w- c:\windows\system32\tmpD10FB.FOT

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-03 10:25 . 2012-03-31 14:41 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-03 10:25 . 2011-08-09 11:32 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-13 13:55 . 2005-12-13 09:46 1866240 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:49 . 2008-04-14 17:02 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 15:49 . 2005-12-13 09:46 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32 . 2005-12-13 09:46 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 13:19 . 2007-07-30 17:18 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 13:19 . 2005-12-13 09:58 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 13:19 . 2005-12-13 09:58 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 13:19 . 2005-12-13 09:58 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 13:19 . 2007-07-30 17:19 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 13:19 . 2005-12-13 09:58 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 13:19 . 2005-12-13 09:58 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 13:19 . 2005-12-13 09:46 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 13:19 . 2005-12-13 09:58 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 13:19 . 2007-07-30 17:19 24088 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 13:19 . 2005-12-13 09:58 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 13:19 . 2008-05-02 17:47 18160 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-06-02 13:18 . 2008-05-02 17:47 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 13:18 . 2008-05-02 17:47 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-05-31 13:22 . 2005-12-13 09:46 602624 ----a-w- c:\windows\system32\crypt32.dll

2012-05-16 15:09 . 2005-12-13 09:46 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:44 . 2005-12-13 09:46 43520 ------w- c:\windows\system32\licmgr10.dll

2012-05-11 14:44 . 2005-12-13 09:46 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:39 . 2005-12-13 09:46 385024 ------w- c:\windows\system32\html.iec

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys

[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys

.

[7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys

[7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys

.

.

.

[7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys

.

.

[7] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

.

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

.

[7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll

[7] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll

[7] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

.

[7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe

[7] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe

[7] 2004-08-04 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

.

[7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll

[7] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll

[-] 2005-08-22 . F32049792BCBF64954FF964508E47AFB . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll

.

[7] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll

[7] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll

.

[7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll

[7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll

[7] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll

.

[7] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll

[7] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll

.

[7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe

[7] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe

[7] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe

[7] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe

[7] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

.

[7] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe

[7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe

[7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe

[7] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe

[7] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe

[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe

.

[7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe

[7] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[7] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

.

[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\system32\wuauclt.exe

[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\system32\dllcache\wuauclt.exe

[7] 2008-04-14 . FCACAD9819D9A698AC93A7188D97F355 . 112128 . . [5.4.3790.5512] . . c:\windows\ServicePackFiles\i386\wuauclt.exe

.

[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys

[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys

.

[7] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll

[7] 2010-08-23 . 7826282032F459694DE7BCE330FF31FC . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

[7] 2010-08-23 . 01D982636AFC3A79537B81D9C3DA897A . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

[7] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll

[7] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll

[7] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\WinSxS\InstallTemp\1243012\comctl32.dll

[7] 2008-04-14 . 1EAA8CD46BFB33307ACAF10EFF80E8BD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

[-] 2006-08-25 . F567148940C1F5D93070822C0F3C0C34 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

[7] 2004-08-04 . 8A473F553E9E45DB4EF6FF11AB54E4E1 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll

[7] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

[7] 2004-08-04 . FBCF5EF8A261632D1CB45B20ACEDE4B1 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

.

[7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll

[7] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll

[7] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

.

[7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll

[7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll

[7] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll

[7] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll

[7] 2008-07-07 20:23 . B3A4422CBD8DAA6710431F67C679DA24 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll

[7] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll

[7] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll

[-] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll

[-] 2005-03-09 17:20 . 3360ADB192E4CABA8C39756D2FB8D00C . 243200 . . [2001.12.4414.301] . . c:\windows\$NtUninstallKB902400$\es.dll

[7] 2004-08-04 11:00 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB895200$\es.dll

.

[7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll

[7] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll

[7] 2004-08-04 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

.

[7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll

[7] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll

[7] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll

[7] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll

[7] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll

[-] 2007-04-16 . 68757F5935D6D76DD10975B7B7A9751D . 1027072 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll

[7] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB935839$\kernel32.dll

.

[7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll

[7] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll

[-] 2005-09-01 . BDF49EB509B446650A752F751634AA1C . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll

[-] 2005-09-01 . 74B59D2B62583D3932FCE6CBB6EB5F77 . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll

[7] 2004-08-04 . 5B42639BE48C8E84FD52C66958A44427 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

.

[7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll

[7] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll

.

[7] 2012-05-11 . 13D1764BA6AEDF0E8846428CAF915738 . 6007808 . . [8.00.6001.19258] . . c:\windows\system32\mshtml.dll

[7] 2012-05-11 . 13D1764BA6AEDF0E8846428CAF915738 . 6007808 . . [8.00.6001.19258] . . c:\windows\system32\dllcache\mshtml.dll

[7] 2012-05-11 . F45E5701FF03719D2AC7FE1B426FCABA . 6009344 . . [8.00.6001.23345] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll

[7] 2012-03-01 . 6E0E7C508B5060F81992D5ED0B1A5556 . 5978624 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\mshtml.dll

[7] 2012-03-01 . 467D9D5FB15DD88E82768C6F31A7A5D4 . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll

[7] 2011-12-17 . 5C55673322584D9F5A32D0971D83858B . 5979136 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\mshtml.dll

[7] 2011-12-17 . 46FE106946083872716147AD223F20C1 . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll

[7] 2011-11-04 . 958ECE072DA2D840BD3658A3AB708F58 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll

[7] 2011-11-04 . E43D37858B634BDE1E099E92F0202458 . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll

[7] 2011-10-03 . 2ECD546FB8594A4C5D807E489045627F . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll

[7] 2011-10-03 . 5AF7AC6924E7CB72D76A796262B1C25E . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll

[7] 2011-07-25 . 39ADF0F29F47896DD726833735AB825C . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll

[7] 2011-07-25 . 03B085EEE1DB5F2E32721CF5C72F7A26 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll

[7] 2011-04-25 . 55CB61829589F57C1F082E5826979A45 . 3610624 . . [7.00.6000.21300] . . c:\windows\$hf_mig$\KB2530548-IE7\SP3QFE\mshtml.dll

[7] 2010-11-06 . F22C3F322F5291FECDCC13371E3909A4 . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll

[7] 2010-09-10 . 90215AE398050E9510A5B71CD222A6FD . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll

[7] 2010-06-24 . 4866ECEEFB5964BB1CB081FB3A2A370D . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll

[7] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll

[7] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll

[7] 2010-02-25 . 2399C13AE076A84037794AA0E9BF152A . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll

[7] 2009-12-21 . 585A8B2FD6373FC06D6893867754CF74 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll

[7] 2009-10-29 . 6D626567986D37E021F44EE66446D515 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll

.

[7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll

[7] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll

[7] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll

[7] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll

[7] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll

[7] 2004-08-04 . 40AC9CE966A05B05C9A4DB5B306A26C3 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll

.

[7] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll

[7] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll

[7] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll

[7] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll

[7] 2008-06-20 . FF59588E31F864FED9D0258969559A4B . 247296 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll

[7] 2008-06-20 . 71AB52C70B9436C0A0B704FDE9D1A7CD . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll

[7] 2008-06-20 . 4522CBE00A9E9EEE36AA82ED4B319148 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll

[7] 2008-06-20 . 4522CBE00A9E9EEE36AA82ED4B319148 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll

[7] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll

[7] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll

[7] 2004-08-04 . 0C53DB0671AB5A93D169DAFFC8DA11CF . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

.

[7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll

[7] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll

[7] 2004-08-04 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

.

[7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll

[7] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll

[7] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

.

[7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll

[7] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll

[7] 2004-08-04 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

.

[7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll

[7] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll

[7] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

.

[7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe

[7] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe

[7] 2004-08-04 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

.

[7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll

[7] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll

[-] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll

[-] 2005-07-08 . C2A4E29888F45E7FC1FD64C83D5EA669 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll

[7] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

.

[7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll

[7] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll

[-] 2007-03-08 . FA35431E333943F4B2A6D33FA4EE3CE9 . 579584 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll

[-] 2007-03-08 . CB18F701A5D55A6308FAB8D18322C060 . 579072 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll

[-] 2005-03-02 . 0B62745CE93E8C6F56547F70269DBABC . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll

[-] 2005-03-02 . A9F2EBFC6EF9C1FB38CEDCF747162B6C . 578560 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll

[7] 2004-08-04 . 8E5D344FD717D35EE7ED1C8E0AD0CBE6 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll

.

[7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe

[7] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe

.

[7] 2012-05-16 . C1466A8E803261BB11FC25EF096E4E3D . 916992 . . [8.00.6001.19272] . . c:\windows\system32\wininet.dll

[7] 2012-05-16 . C1466A8E803261BB11FC25EF096E4E3D . 916992 . . [8.00.6001.19272] . . c:\windows\system32\dllcache\wininet.dll

[7] 2012-05-16 . 7FC207568D4D9AAFC266FC84F716FEC1 . 920064 . . [8.00.6001.23359] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll

[7] 2012-03-01 . CFF17B16BFF8179FBBA29075245E8BE1 . 916992 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\wininet.dll

[7] 2012-03-01 . B2E54BC4C5B399547EE3C8188DBBA509 . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll

[7] 2011-12-17 . 03CB14FB6B75EC8AC2FDEC54E904C30B . 916992 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll

[7] 2011-12-17 . 38C3CDBC40464D40C7B716C8E154B86C . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll

[7] 2011-11-04 . D47FE623B45DF066647469DB73AE3215 . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll

[7] 2011-11-04 . A484703720C95391777DF05F2458FEF8 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll

[7] 2011-08-22 . 381FDBF8A25C7629696E5EE2B213F8CC . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll

[7] 2011-08-22 . EDD945F6C0630DB8453673DF9E7B009E . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll

[7] 2011-06-23 . 14FB4665EFBDCE6931A55752A44F7DE2 . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll

[7] 2011-06-23 . 3BC2081CD791584B4ED373F3B4959CC8 . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll

[7] 2011-04-25 . 387A6A6E92F29F9E69C5F9EF6CEDFC3E . 841216 . . [7.00.6000.21300] . . c:\windows\$hf_mig$\KB2530548-IE7\SP3QFE\wininet.dll

[7] 2010-11-06 . 51964C721E751FD4E798252CC0E4FFB9 . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll

[7] 2010-09-10 . 5D081F5E3E46966C4F63D32231C93511 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll

[7] 2010-06-24 . 8168F7D81CD04C83D7E04F3981A7D0F5 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll

[7] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll

[7] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll

[7] 2010-02-25 . BB424C9406140FEAFB4732025BEBB69B . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll

[7] 2009-12-21 . 4C145AB616871611FCE38F053C75807C . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll

[7] 2009-10-29 . D906535CAB4BB8A60AC060351EDE159F . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll

[7] 2009-08-29 . 977886782C8F7ACA874BE770C48FF75C . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll

[7] 2009-08-29 . 5CD5640AC15325CE54E0E8E69A9F1C59 . 832512 . . [7.00.6000.16915] . . c:\windows\ie8\wininet.dll

[7] 2009-08-29 . A40687088B5F953DC71BC152F11AFC4A . 840704 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll

[7] 2009-06-29 . 6D1BBF88D2A5B945E3400FFBBDE02BEC . 828928 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll

[7] 2009-06-29 . EDC6957F57E68F6450D961CFDE4FD1F5 . 827392 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB974455-IE7\wininet.dll

[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll

[7] 2009-03-03 . 78B519AC87AD7256C24EF44279EFD694 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll

[7] 2009-03-03 . C2A37E9F4096B019694A7519C5FFB2A0 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB972260-IE7\wininet.dll

[7] 2008-12-20 . 6A77C48E137A73FFD1408F1A71C5184C . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll

[7] 2008-12-20 . DB4777DBC853EAC790E3DBDB68FFB1A1 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll

[7] 2008-10-16 . FE082C9C1190051D8DA700C65A49C649 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll

[7] 2008-10-16 . C5C71C8265D07F52E304EE906332BEEE . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll

[7] 2008-08-26 . 8B421DDF376F3D042EC616994E6E7896 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll

[7] 2008-08-26 . 5A1BB22BDFE98B2639A6D29E8CFB3BA4 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll

[7] 2008-08-20 . 11BA6F1984705DDC1DD9FF6BDD4DAECE . 662528 . . [6.00.2900.3429] . . c:\windows\ie7\wininet.dll

[7] 2008-08-20 . 8946330281D6C1C6C9DAC56AE64D8A4D . 670720 . . [6.00.2900.3429] . . c:\windows\$hf_mig$\KB956390\SP2QFE\wininet.dll

[7] 2008-08-20 . BC9059433D2F0889A71E3CDFF5AB2F71 . 669184 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll

[7] 2008-08-20 . F77FD23458C5C4C16C37667FDDDCECBA . 669696 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll

[7] 2008-06-23 . 745795941F497E1CB3918A4AD3BEDEEE . 670208 . . [6.00.2900.3395] . . c:\windows\$hf_mig$\KB953838\SP2QFE\wininet.dll

[7] 2008-06-23 . B6BF5FB5CCAFD118EDEBDF38E82DEE41 . 662528 . . [6.00.2900.3395] . . c:\windows\$NtUninstallKB956390$\wininet.dll

[7] 2008-06-23 . 8ADFF2F029A90FED04A322CBF084F3EA . 669184 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll

[7] 2008-06-23 . AE1A6AEA7F65F452C0916FB1399D832E . 669696 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll

[7] 2008-04-21 . B3E4295CA4A5B3639DE3DA1F95E78F29 . 662528 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838$\wininet.dll

[7] 2008-04-21 . 20238850AFE4A19A885CD5658433D60D . 669696 . . [6.00.2900.3354] . . c:\windows\$hf_mig$\KB950759\SP2QFE\wininet.dll

[7] 2008-04-21 . 0E4C070B2D83D7D76CF2A0384FA50750 . 669184 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll

[7] 2008-04-21 . 438F668DDACCAD59F934772EE894A704 . 669696 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll

[7] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll

[-] 2008-02-16 . C683F6CF71EDFCB8708BDF2C5DD1BA13 . 669184 . . [6.00.2900.3314] . . c:\windows\$hf_mig$\KB947864\SP2QFE\wininet.dll

[-] 2008-02-16 . 1D77F302BBFE2D407DD67C5CB098EA95 . 662528 . . [6.00.2900.3314] . . c:\windows\$NtUninstallKB950759$\wininet.dll

[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll

[-] 2005-09-02 . 632629B24EB816FE354F66B48513E104 . 663552 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll

[-] 2005-09-02 . FBC6550971ED432F77E35DD376D573B0 . 661504 . . [6.00.2900.2753] . . c:\windows\$NtUninstallKB947864$\wininet.dll

[7] 2004-08-04 . 6C7E1322898378C30BCD9F779A2621EE . 659456 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB896688$\wininet.dll

.

[7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll

[7] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll

[7] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

.

[7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll

[7] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll

[7] 2004-08-04 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll

.

[7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe

[7] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe

[-] 2007-06-13 . 147E95A42A58CE99E403F7F57656BBEB . 1036800 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[-] 2007-06-13 . 1D6245AFBD3FAABC16A885116BE1874D . 1036800 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe

[7] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe

.

[7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\regedit.exe

[7] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe

.

[7] 2011-11-01 . DB355CEF2B35481C21DD213C28560E86 . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll

[7] 2011-11-01 . DB355CEF2B35481C21DD213C28560E86 . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll

[7] 2011-11-01 . 02AF8E4C7B851A213AC70BF6DD6E3537 . 1288704 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll

[7] 2010-07-16 . AD2B41BEAB5BB7A258F6A2CCDCA09B82 . 1287680 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll

[7] 2010-07-16 . 57F12B548695C680421CD1EB8169A1C8 . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll

[7] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll

[7] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll

[-] 2005-07-26 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll

[-] 2005-04-28 . 48629EDCD92AA071554304F9F9E96E38 . 1284608 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB894391$\ole32.dll

[-] 2005-04-28 . 5C3B15C45ADF30B024927F1A0823BD16 . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll

[-] 2005-04-28 . 5C3B15C45ADF30B024927F1A0823BD16 . 1286144 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll

[-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll

[-] 2005-01-13 . D1F139783F28A79EF37825E3951E05F3 . 1284608 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391_0$\ole32.dll

[7] 2004-08-04 . 602969286376832E3F49F54E4F0F051A . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll

.

[7] 2010-04-16 . 36BA0AAABD0AA4798403CB3FF08D5DDD . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll

[7] 2010-04-16 . 36BA0AAABD0AA4798403CB3FF08D5DDD . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll

[7] 2010-04-16 . 7BB3922CB9973877D2BF4C7222EA8E70 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll

[7] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll

[7] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll

.

[7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll

[7] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll

.

[7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe

[7] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe

[7] 2004-08-04 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

.

[7] 2009-07-27 . 2D5D4156292150FE571872C1B88E9299 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll

[7] 2009-07-27 . 2D5D4156292150FE571872C1B88E9299 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll

[7] 2009-07-27 . C28A9E9D28ACDAF8097BE4578C49559B . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll

[7] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll

[7] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll

[-] 2006-12-19 . D6F2B8963663F2014FAFCD8E15E4E778 . 135168 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

[-] 2006-12-19 . 20A1DFA416579DACEE28E15E331C3930 . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll

[7] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

.

[7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll

[7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll

[7] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

.

[7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe

[7] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe

.

[7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll

[7] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll

.

[7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll

[7] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll

[7] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

.

[7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll

[7] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

.

[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys

[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys

.

[7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll

[7] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll

.

[7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll

[7] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll

[7] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

.

[7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll

[7] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll

.

[7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll

[7] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll

[7] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

.

[7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll

[7] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll

[7] 2004-08-04 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll

.

[7] 2004-08-04 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

.

[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys

[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys

[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys

[7] 2004-08-03 21:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys

.

[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys

[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys

.

[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys

[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys

.

[7] 2010-09-18 07:18 . C7F383764824117AEE9C3ED0FCA78044 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll

[7] 2010-09-18 06:53 . 7892005CE5CDC809783F452B21FAF58F . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll

[7] 2010-09-18 06:53 . 7892005CE5CDC809783F452B21FAF58F . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll

[7] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll

[7] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll

[-] 2004-08-04 11:00 . 8EED1D71C14C356684E586B0A7DB6BCE . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

.

[7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll

[7] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll

.

[7] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll

[7] 2004-08-10 23:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll

[7] 2004-08-10 23:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll

[7] 2004-08-04 11:00 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

.

[7] 2012-05-05 . 1361DB701DCD157A8109CDCB63FDD918 . 2073472 . . [5.1.2600.6223] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe

[7] 2012-05-05 . 1361DB701DCD157A8109CDCB63FDD918 . 2073472 . . [5.1.2600.6223] . . c:\windows\system32\ntkrnlpa.exe

[7] 2012-05-05 . 1361DB701DCD157A8109CDCB63FDD918 . 2073472 . . [5.1.2600.6223] . . c:\windows\system32\dllcache\ntkrnlpa.exe

[7] 2012-05-05 . 94951D0E8759219CBBE0E602A3C9396C . 2073472 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe

[7] 2012-04-11 . E7A9D6E071F8ABDAED0D8610FEA3F828 . 2073472 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe

[7] 2012-04-11 . 44F045B4BE9D99929DDD48C045480237 . 2073472 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe

[7] 2011-10-26 . 2820129F67352B99B032DE2CF328C767 . 2073728 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe

[7] 2011-10-26 . 769A1C9E9641DCED4D0AC50968ADDA4E . 2073728 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe

[7] 2010-12-09 . BAD22963CD6046C0B2834D2BFFAB56B5 . 2073728 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe

[7] 2010-12-09 . 63905B20972EFB06169008F6F4BC8697 . 2073728 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe

[7] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe

[7] 2010-04-28 . F98305BD47DC7A0B2A978000E3C31FAB . 2071168 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe

[7] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe

[7] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe

[7] 2009-12-09 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe

[7] 2009-12-09 . F63B0CC3CE1E6E8EA39B4933B595C73A . 2070400 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe

[7] 2009-08-04 . AB21A63A3B15653043E71126E5BBE3DE . 2070528 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe

[7] 2009-08-04 . BF6965EA17CC1E48DA287783AEEF3CDB . 2070400 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe

[7] 2009-02-10 . 6A94A7317E28B6543D94174F9016BB68 . 2070400 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe

[7] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe

[7] 2008-08-14 . DE961B54D30C7DD6AA6C3BD27D584E30 . 2070400 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe

[7] 2008-08-14 . 3D9893723A1AEBF96A11E7E7514FF021 . 2067328 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe

[7] 2008-08-14 . C92E65CBB38161373319BB11340DE919 . 2070400 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe

[7] 2008-08-14 . C92E65CBB38161373319BB11340DE919 . 2070400 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe

[7] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe

[7] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe

[-] 2007-02-28 . F51B8D8B0703518349096604E788B83E . 2063744 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe

[-] 2007-02-28 . 57B09AD681C1D8DB77CCC3E92D8F5D14 . 2061952 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841_0$\ntkrnlpa.exe

[-] 2005-03-02 . C6CF1974ACDB8329DAF9D001C0937CB0 . 2061184 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe

[-] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe

[7] 2004-08-04 . E0399688D466B7C3AFDFFB5A2ED9F351 . 2061184 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe

.

[7] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll

[7] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll

.

[7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll

[7] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll

[-] 2007-02-05 . 063B30C37E3902760919D3E5D98CC7C9 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll

[7] 2004-08-04 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll

.

[7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll

[7] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll

.

[7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll

[7] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll

.

[7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll

[7] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll

[7] 2004-08-04 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll

.

[7] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll

[7] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll

.

[7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll

[7] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll

.

[7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll

[7] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll

[7] 2004-08-04 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll

.

[7] 2011-04-21 . 3E23DBEBE1020D52C63235E4189FAC03 . 634648 . . [7.00.6000.21300] . . c:\windows\$hf_mig$\KB2530548-IE7\SP3QFE\iexplore.exe

[7] 2009-08-27 . F232BA9F39BC0F722672C7E79E68EBEA . 634648 . . [7.00.6000.16915] . . c:\windows\ie8\iexplore.exe

[7] 2009-08-27 . 332EC7562F3AA7364F2D4231C56DA986 . 634648 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\iexplore.exe

[7] 2009-06-29 . 3CFC56F73D494FC1AA2B6E981DF15ACD . 634632 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB974455-IE7\iexplore.exe

[7] 2009-06-29 . 02E2754D3E566C11A4934825920C47DD . 634632 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\iexplore.exe

[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe

[7] 2009-02-28 . BCD8E48709BE4A79606F0B6E8E9A6162 . 636088 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\iexplore.exe

[7] 2009-02-28 . A251068640DDB69FD7805B57D89D7FF7 . 636072 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB972260-IE7\iexplore.exe

[7] 2008-12-19 . 15E8A89499741D5CF59A9CF6463A4339 . 634024 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe

[7] 2008-12-19 . 030D78FE84A086ED376EFCBD2D72C522 . 634024 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\iexplore.exe

[7] 2008-10-15 . 9D3DB9ADFABD2F0BC778EC03250A3ABB . 633632 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\iexplore.exe

[7] 2008-10-15 . 056C927CF7207857E8B34F7A8FFD9B9E . 633632 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe

[7] 2008-08-23 . E8305C30D35E85D6657ED3E9934CB302 . 635848 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe

[7] 2008-08-23 . 1F03216084447F990AE797317D0A6E70 . 635848 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\iexplore.exe

[7] 2008-04-14 . 164B6F619C579FAD4E548ACC654FF710 . 93184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe

[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . c:\windows\ie7updates\KB956390-IE7\iexplore.exe

[7] 2004-08-04 . 78D969F35CD64BF0761F731FCA5FC99D . 93184 . . [6.00.2900.2180] . . c:\windows\ie7\iexplore.exe

.

[7] 2012-05-05 . ED172F03B8180DE03D9876F480B489CF . 2196992 . . [5.1.2600.6223] . . c:\windows\Driver Cache\i386\ntoskrnl.exe

[7] 2012-05-05 . ED172F03B8180DE03D9876F480B489CF . 2196992 . . [5.1.2600.6223] . . c:\windows\system32\ntoskrnl.exe

[7] 2012-05-05 . ED172F03B8180DE03D9876F480B489CF . 2196992 . . [5.1.2600.6223] . . c:\windows\system32\dllcache\ntoskrnl.exe

[7] 2012-05-05 . 7F34C836C2F3C0A89DBCF0100929CD2B . 2196992 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe

[7] 2012-04-11 . 8E5DFDF86DF4B5E66CFA794C92C4606C . 2196992 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe

[7] 2012-04-11 . 46190EF7B8A978A3B677248A377F43D3 . 2196992 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe

[7] 2011-10-26 . 8E305C5AC846388E99C1204D619AE77A . 2197120 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe

[7] 2011-10-26 . CA76947F97276D52D4731EA2364ECBD8 . 2197120 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe

[7] 2010-12-09 . 431D614A7395BADB939FE552DBDD8723 . 2197120 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe

[7] 2010-12-09 . EA2A3B68CCF886B76403C37954F2E6EE . 2197120 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe

[7] 2010-04-28 . 548AED38DF451C1783037390194A04DC . 2194304 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe

[7] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe

[7] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe

[7] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe

[7] 2009-12-09 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe

[7] 2009-12-09 . 13C15BFF7E82D3F9FD215ADD54A3929D . 2193536 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe

[7] 2009-08-04 . 270DE336026B0815F064BB8BD4CFD336 . 2193536 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe

[7] 2009-08-04 . 2F1443AB72A64182FD8258BBAE801EA7 . 2193664 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe

[7] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe

[7] 2009-02-09 . 27380B877348030B0662A39C47AAEC11 . 2193408 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe

[7] 2008-08-14 . E332B6DE826D4222A758E3264AD8D520 . 2193536 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe

[7] 2008-08-14 . ACA664BEAF80F85C4BB4A4D86F3DF519 . 2190336 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe

[7] 2008-08-14 . 3E5E63D926C5E9F81045F3646815D2A1 . 2193536 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe

[7] 2008-08-14 . 3E5E63D926C5E9F81045F3646815D2A1 . 2193536 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe

[7] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe

[7] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe

[-] 2007-02-28 . 59DCA97DC201792C1CCF9FE621EE5ED7 . 2186496 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe

[-] 2007-02-28 . CAAA8FD3C034A227691A43B60873F097 . 2184704 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841_0$\ntoskrnl.exe

[-] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe

[-] 2005-03-02 . 281A1E82F5F8FC0B2F4B57EF296A4240 . 2183680 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe

[7] 2004-08-04 . 87AAEA3908E069FB1BE37380C895DFB8 . 2185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe

.

[7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll

[7] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll

[7] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

.

[7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll

[7] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll

[7] 2004-08-04 . EF361E7A6319C445C21C81A131CF1F99 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll

.

[7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll

[7] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll

[-] 2006-12-19 . 1689AC8BD2FC31B377D5D23CC7D872A8 . 334336 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll

[-] 2006-12-19 . 0BF8DE5896D9A02C99C4A4EF896E917E . 334336 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll

[7] 2004-08-04 . A52AA02DDB663FEF22C18C693B0EE891 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll

.

[7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll

[7] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll

[7] 2004-08-04 . E291F42AE2793304990C6EA77C482979 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll

.

[7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll

[7] 2008-04-14 . 3D5CC4BFF926A0ABD4F5A117825629A3 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll

[-] 2006-06-26 . 5F1240D4B842F0122042FDA8540432FC . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll

[-] 2006-06-26 . 91282911237187F11BD3AD8F834CB5E6 . 8192 . . [5.1.2600.2938] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll

[7] 2004-08-04 . 9C38671C922A2C86802A7FA3F5834634 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll

.

[7] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll

[7] 2008-04-14 . 514490ECBBA4CCC950ED5CBBFE327CF4 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll

[7] 2004-08-04 . 70220C6EF8447A1BD5A921D77D502822 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]

"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-05-19 3561720]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-08-03 4777856]

"Akamai NetSession Interface"="c:\documents and settings\jaleesa jaggoo\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-05-26 4327744]

"Spotify"="c:\documents and settings\jaleesa jaggoo\Application Data\Spotify\Spotify.exe" [2012-07-30 7601880]

"Spotify Web Helper"="c:\documents and settings\jaleesa jaggoo\Application Data\Spotify\Data\SpotifyWebHelper.exe" [2012-07-30 1193176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CFSServ.exe"="CFSServ.exe -NoClient" [X]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]

"RTHDCPL"="RTHDCPL.EXE" [2005-11-10 15473664]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-14 98394]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-14 688218]

"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 88203]

"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2005-12-08 352256]

"Tvs"="c:\program files\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 73728]

"TPSMain"="TPSMain.exe" [2005-08-03 266240]

"NDSTray.exe"="NDSTray.exe" [bU]

"SmoothView"="c:\program files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe" [2005-05-12 118784]

"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2005-08-30 1077327]

"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-08-01 122940]

"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214]

"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2008-05-01 20480]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-10-24 1451264]

"DRPU PC Management - Basic"="c:\program files\DRPU PC Management - Basic\Basic Manage.exe" [2011-05-06 2738624]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-01-07 429392]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]

.

c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\

IconPackager.lnk - c:\program files\Stardock\MyColors\IconPackager.exe [N/A]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockPlus2\ODMenu.dll" [2010-03-24 511344]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=

"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Documents and Settings\\jaleesa jaggoo\\Application Data\\Spotify\\spotify.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"86:TCP"= 86:TCP:BroadCam Video Streaming Server Web Server

"1935:TCP"= 1935:TCP:BroadCam Video Streaming Server Flash Video Server

"1192:TCP"= 1192:TCP:Akamai NetSession Interface

"5000:UDP"= 5000:UDP:Akamai NetSession Interface

.

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [24-10-2008 20:53 34824]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22-7-2011 18:27 12880]

R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [12-7-2011 23:55 67664]

R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12-8-2011 1:38 116608]

R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [13-12-2005 11:46 14336]

R2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [4-1-2012 14:22 822624]

R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [24-10-2008 20:51 468224]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [28-9-2009 12:08 236368]

R2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [1-10-2011 8:30 508776]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [28-9-2009 12:08 19160]

R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfsxp.sys [2-12-2009 22:23 584680]

R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplayxp.sys [2-12-2009 22:23 209512]

R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [2-12-2009 22:23 20584]

R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolxp.sys [2-12-2009 22:23 18280]

R3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [1-10-2011 8:30 219496]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15-10-2010 19:06 135664]

S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [13-12-2005 11:46 3584]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31-3-2012 16:41 250056]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [22-10-2009 20:15 1527900]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [15-10-2010 19:06 135664]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [18-6-2011 18:27 18432]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9-1-2010 21:37 4640000]

S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [1-5-2008 19:30 152576]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-05 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 10:25]

.

2012-07-31 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:57]

.

2012-06-22 c:\windows\Tasks\Easy Onderhoud.job

- c:\program files\TuneUp Utilities 2008\OneClick.exe [2008-02-04 08:39]

.

2012-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-15 17:06]

.

2012-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-15 17:06]

.

2012-08-04 c:\windows\Tasks\Norton Security Scan for jaleesa jaggoo.job

- c:\progra~1\NORTON~2\Engine\372~1.5\Nss.exe [2012-06-07 09:45]

.

2012-07-31 c:\windows\Tasks\PC Unleashed Online Registration3.job

- c:\program files\Common Files\PC Unleashed Online\UUS3\UUS3.dll [2012-06-25 20:52]

.

2012-07-31 c:\windows\Tasks\PC Unleashed Online Update3.job

- c:\program files\Common Files\PC Unleashed Online\UUS3\Update3.exe [2012-06-25 20:52]

.

2012-07-31 c:\windows\Tasks\PC Unleashed.job

- c:\program files\PC Unleashed Online\PC Unleashed\pcu.exe [2012-07-19 21:57]

.

2012-07-30 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 1d33ac69-ade7-45cc-a014-084812ce1cf7.job

- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]

.

2012-08-05 c:\windows\Tasks\User_Feed_Synchronization-{F34884A8-E52E-42EB-86C4-5FB00637C3D7}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

.

.

------- Bijkomende Scan -------

.

uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

uStart Page = hxxp://bb.rocmn.nl/webapps/portal/frameset.jsp

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKCU-Run-msminer.exe - c:\msminer\msminer.exe

HKLM_ActiveSetup-{8A3A543A-DFC9-2873-6BCC-821E7B259570} - c:\program files\Windows Sheild\svchost.exe

AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe

AddRemove-PC Diagnoseprogramma - c:\windows\IsUn0413.exe

AddRemove-Power Saver - c:\windows\IsUn0413.exe

AddRemove-QuestDns - c:\program files\QuestDns\uninstall.exe

AddRemove-Weet wat je eet - c:\windows\IsUn0413.exe

AddRemove-AntiVirus System 2011 - c:\documents and settings\jaleesa jaggoo\Application Data\AntiVirus System 2011\securityhelper.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-08-05 17:04

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]

"ServiceDll"="c:\program files\common files\akamai/netsession_win_4f7fccd.dll"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-823361176-16431640-2854894277-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]

@Denied: (Full) (LocalSystem)

@SACL=

.

[HKEY_USERS\S-1-5-21-823361176-16431640-2854894277-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7FF0298D-423F-D083-8975-7D434F250BA7}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"lanckdpkbammamegomkkodin"=hex:64,62,67,61,61,6c,6a,65,6b,6f,6a,64,67,64,61,6f,

6d,6b,6f,6e,62,6a,6a,64,69,62,6d,6b,66,69,65,6f,61,69,67,63,66,66,66,6e,00,\

"lapbpikenaifcbgpbffeceea"=hex:62,62,67,61,6c,6b,61,68,64,68,6f,69,70,66,64,61,

69,6d,62,6b,70,65,66,70,67,63,70,61,66,6d,65,65,61,70,63,66,00,02

.

[HKEY_USERS\S-1-5-21-823361176-16431640-2854894277-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B183F520-3874-22F2-48F9-6B6B43D5921D}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"jaepdhlelcmkikekmifc"=hex:62,61,69,6e,00,00

"jaepdhlelcmkikekmijc"=hex:62,61,62,6d,00,00

"iaeeignooakpedjbcf"=hex:6b,61,6a,6e,6e,70,6b,62,6e,6f,6b,65,6d,6d,68,61,6e,6a,

61,61,6e,69,00,00

"hacpokaickhmbghb"=hex:6b,61,6a,6e,6e,70,69,62,62,62,65,64,67,6a,6e,6e,66,61,

68,67,63,6e,00,00

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(588)

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\Ati2evxx.dll

.

- - - - - - - > 'explorer.exe'(1692)

c:\program files\Stardock\ObjectDockPlus2\ODMenu.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\windows\system32\TPwrCfg.DLL

c:\windows\system32\TPwrReg.dll

c:\windows\system32\TPSTrace.DLL

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\Google\Update\1.3.21.115\GoogleCrashHandler.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe

c:\windows\RTHDCPL.EXE

c:\windows\AGRSMMSG.exe

c:\program files\TOSHIBA\ConfigFree\NDSTray.exe

c:\program files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

c:\windows\system32\TPSBattM.exe

c:\program files\iPod\bin\iPodService.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Voltooingstijd: 2012-08-05 17:35:30 - machine werd herstart

ComboFix-quarantined-files.txt 2012-08-05 15:35

.

Pre-Run: 11.715.633.152 bytes beschikbaar

Post-Run: 12.862.279.680 bytes beschikbaar

.

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

.

- - End Of File - - CA47EC2A63C2E2B5A070030D7120F3CE

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd

c:\windows\system32\tmpD10FB.FOT

File::

c:\windows\system32\tmpD10FB.FOT

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

  • 2 weken later...

Sorry dat het zolang duurde maar ik heb het;)

ComboFix 12-08-04.02 - jaleesa jaggoo 16-08-2012 1:47.2.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1982.1061 [GMT 2:00]

Gestart vanuit: c:\documents and settings\jaleesa jaggoo\Mijn documenten\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\jaleesa jaggoo\Bureaublad\CFScript.txt

AV: ESET NOD32 Antivirus 3.0 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

* Aanwezig AV is actief

.

.

FILE ::

"c:\windows\system32\tmpD10FB.FOT"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\btn-green.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\corners-btn.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\corners1.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\corners2.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\corners3.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\corners4.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\ie6-7.css

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\jquery.main.js

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\main.html

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\McAfee.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\nl-flag.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\nl-image.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\pay7.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\pay8.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\pay9.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\steps-en.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\steps-nl.png

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\style.css

c:\documents and settings\All Users\Application Data\dqwhsdqadelgpgd\tabs.png

c:\windows\system32\SET5CD.tmp

c:\windows\system32\SET5CE.tmp

c:\windows\system32\SET5CF.tmp

c:\windows\system32\SET5D3.tmp

c:\windows\system32\SET5D4.tmp

c:\windows\system32\SET5D5.tmp

c:\windows\system32\SET5D9.tmp

c:\windows\system32\SET5DB.tmp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-16 to 2012-08-16 ))))))))))))))))))))))))))))))

.

.

2012-08-15 23:27 . 2012-08-15 23:49 -------- d-----w- c:\windows\LastGood

2012-08-04 14:43 . 2012-08-15 23:35 -------- d--h--r- c:\documents and settings\jaleesa jaggoo\Onlangs geopend

2012-07-31 13:11 . 2012-07-31 13:11 -------- d-----w- c:\program files\PC Unleashed Online

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-15 23:25 . 2012-03-31 14:41 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-15 23:25 . 2011-08-09 11:32 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-15 13:56 . 2012-07-15 13:56 1409 ----a-w- c:\windows\system32\tmpD10FB.FOT

2012-07-02 17:38 . 2005-12-13 09:46 43520 ------w- c:\windows\system32\licmgr10.dll

2012-07-02 17:38 . 2005-12-13 09:46 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-07-02 12:05 . 2005-12-13 09:46 385024 ------w- c:\windows\system32\html.iec

2012-06-13 13:55 . 2005-12-13 09:46 1866240 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:49 . 2008-04-14 17:02 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 15:49 . 2005-12-13 09:46 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32 . 2005-12-13 09:46 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 13:19 . 2007-07-30 17:18 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 13:19 . 2005-12-13 09:58 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 13:19 . 2005-12-13 09:58 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 13:19 . 2005-12-13 09:58 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 13:19 . 2007-07-30 17:19 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 13:19 . 2005-12-13 09:58 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 13:19 . 2005-12-13 09:58 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 13:19 . 2005-12-13 09:46 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 13:19 . 2007-07-30 17:20 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 13:19 . 2005-12-13 09:58 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 13:19 . 2007-07-30 17:19 24088 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 13:19 . 2005-12-13 09:58 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 13:19 . 2008-05-02 17:47 18160 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-06-02 13:18 . 2008-05-02 17:47 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 13:18 . 2008-05-02 17:47 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-05-31 13:22 . 2005-12-13 09:46 602624 ----a-w- c:\windows\system32\crypt32.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-05_15.03.41 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-08-15 22:59 . 2012-08-15 22:59 16384 c:\windows\Temp\Perflib_Perfdata_5b4.dat

- 2005-12-13 09:46 . 2012-06-14 14:34 79160 c:\windows\system32\perfc009.dat

+ 2005-12-13 09:46 . 2012-08-05 15:11 79160 c:\windows\system32\perfc009.dat

- 2005-12-13 09:46 . 2012-05-11 14:44 67072 c:\windows\system32\mshtmled.dll

+ 2005-12-13 09:46 . 2012-07-02 17:38 67072 c:\windows\system32\mshtmled.dll

+ 2005-12-13 09:46 . 2012-07-02 17:38 25600 c:\windows\system32\jsproxy.dll

- 2005-12-13 09:46 . 2012-05-11 14:44 25600 c:\windows\system32\jsproxy.dll

- 2009-11-10 20:00 . 2012-05-11 14:44 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2009-11-10 20:00 . 2012-07-02 17:38 12800 c:\windows\system32\dllcache\xpshims.dll

- 2008-02-16 09:05 . 2012-05-11 14:44 67072 c:\windows\system32\dllcache\mshtmled.dll

+ 2008-02-16 09:05 . 2012-07-02 17:38 67072 c:\windows\system32\dllcache\mshtmled.dll

- 2008-11-03 07:50 . 2012-05-11 14:44 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2008-11-03 07:50 . 2012-07-02 17:38 55296 c:\windows\system32\dllcache\msfeedsbs.dll

- 2007-08-13 17:44 . 2012-05-11 14:44 43520 c:\windows\system32\dllcache\licmgr10.dll

+ 2007-08-13 17:44 . 2012-07-02 17:38 43520 c:\windows\system32\dllcache\licmgr10.dll

+ 2008-02-16 09:05 . 2012-07-02 17:38 25600 c:\windows\system32\dllcache\jsproxy.dll

- 2008-02-16 09:05 . 2012-05-11 14:44 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 12800 c:\windows\ie8updates\KB2722913-IE8\xpshims.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 67072 c:\windows\ie8updates\KB2722913-IE8\mshtmled.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 55296 c:\windows\ie8updates\KB2722913-IE8\msfeedsbs.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 43520 c:\windows\ie8updates\KB2722913-IE8\licmgr10.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 25600 c:\windows\ie8updates\KB2722913-IE8\jsproxy.dll

- 2005-12-13 09:46 . 2012-06-14 14:34 530888 c:\windows\system32\perfh013.dat

+ 2005-12-13 09:46 . 2012-08-05 15:11 530888 c:\windows\system32\perfh013.dat

+ 2005-12-13 09:46 . 2012-08-05 15:11 460412 c:\windows\system32\perfh009.dat

- 2005-12-13 09:46 . 2012-06-14 14:34 460412 c:\windows\system32\perfh009.dat

+ 2005-12-13 09:46 . 2012-08-05 15:11 100950 c:\windows\system32\perfc013.dat

- 2005-12-13 09:46 . 2012-06-14 14:34 100950 c:\windows\system32\perfc013.dat

- 2005-12-13 09:46 . 2012-05-11 14:44 206848 c:\windows\system32\occache.dll

+ 2005-12-13 09:46 . 2012-07-02 17:38 206848 c:\windows\system32\occache.dll

+ 2005-12-13 09:46 . 2012-07-02 17:38 611840 c:\windows\system32\mstime.dll

- 2005-12-13 09:46 . 2012-05-11 14:44 611840 c:\windows\system32\mstime.dll

+ 2012-08-15 23:25 . 2012-08-15 23:25 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe

+ 2012-08-15 23:25 . 2012-08-15 23:25 466632 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.dll

- 2012-03-31 14:41 . 2012-08-03 10:25 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

+ 2012-03-31 14:41 . 2012-08-15 23:25 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

- 2005-12-13 09:46 . 2012-05-11 14:44 184320 c:\windows\system32\iepeers.dll

+ 2005-12-13 09:46 . 2012-07-02 17:38 184320 c:\windows\system32\iepeers.dll

- 2005-12-13 09:46 . 2012-05-11 14:44 387584 c:\windows\system32\iedkcs32.dll

+ 2005-12-13 09:46 . 2012-07-02 17:38 387584 c:\windows\system32\iedkcs32.dll

- 2005-12-13 09:46 . 2012-05-11 11:38 174080 c:\windows\system32\ie4uinit.exe

+ 2005-12-13 09:46 . 2012-07-02 12:05 174080 c:\windows\system32\ie4uinit.exe

- 2008-02-16 09:05 . 2012-05-16 15:09 916992 c:\windows\system32\dllcache\wininet.dll

+ 2008-02-16 09:05 . 2012-07-02 17:38 916992 c:\windows\system32\dllcache\wininet.dll

+ 2007-08-13 17:44 . 2012-07-02 17:38 105984 c:\windows\system32\dllcache\url.dll

- 2007-08-13 17:44 . 2012-05-11 14:44 105984 c:\windows\system32\dllcache\url.dll

- 2007-08-13 17:44 . 2012-05-11 14:44 206848 c:\windows\system32\dllcache\occache.dll

+ 2007-08-13 17:44 . 2012-07-02 17:38 206848 c:\windows\system32\dllcache\occache.dll

+ 2008-02-16 09:05 . 2012-07-02 17:38 611840 c:\windows\system32\dllcache\mstime.dll

- 2008-02-16 09:05 . 2012-05-11 14:44 611840 c:\windows\system32\dllcache\mstime.dll

- 2008-11-03 07:50 . 2012-05-11 14:44 629760 c:\windows\system32\dllcache\msfeeds.dll

+ 2008-11-03 07:50 . 2012-07-02 17:38 629760 c:\windows\system32\dllcache\msfeeds.dll

- 2012-06-13 21:46 . 2012-05-11 14:44 521728 c:\windows\system32\dllcache\jsdbgui.dll

+ 2012-06-13 21:46 . 2012-07-02 17:38 521728 c:\windows\system32\dllcache\jsdbgui.dll

+ 2009-11-10 20:00 . 2012-07-02 17:38 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2009-11-10 20:00 . 2012-05-11 14:44 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2008-02-16 09:05 . 2012-05-11 14:44 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2008-02-16 09:05 . 2012-07-02 17:38 184320 c:\windows\system32\dllcache\iepeers.dll

- 2010-06-08 21:11 . 2012-05-11 14:44 743424 c:\windows\system32\dllcache\iedvtool.dll

+ 2010-06-08 21:11 . 2012-07-02 17:38 743424 c:\windows\system32\dllcache\iedvtool.dll

+ 2007-08-13 17:39 . 2012-07-02 17:38 387584 c:\windows\system32\dllcache\iedkcs32.dll

- 2007-08-13 17:39 . 2012-05-11 14:44 387584 c:\windows\system32\dllcache\iedkcs32.dll

- 2007-08-13 17:39 . 2012-05-11 11:38 174080 c:\windows\system32\dllcache\ie4uinit.exe

+ 2007-08-13 17:39 . 2012-07-02 12:05 174080 c:\windows\system32\dllcache\ie4uinit.exe

+ 2012-08-15 23:51 . 2012-05-16 15:09 916992 c:\windows\ie8updates\KB2722913-IE8\wininet.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 105984 c:\windows\ie8updates\KB2722913-IE8\url.dll

+ 2012-08-15 23:51 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2722913-IE8\spuninst\updspapi.dll

+ 2012-08-15 23:51 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2722913-IE8\spuninst\spuninst.exe

+ 2012-08-15 23:51 . 2012-05-11 14:44 206848 c:\windows\ie8updates\KB2722913-IE8\occache.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 611840 c:\windows\ie8updates\KB2722913-IE8\mstime.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 629760 c:\windows\ie8updates\KB2722913-IE8\msfeeds.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 521728 c:\windows\ie8updates\KB2722913-IE8\jsdbgui.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 247808 c:\windows\ie8updates\KB2722913-IE8\ieproxy.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 184320 c:\windows\ie8updates\KB2722913-IE8\iepeers.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 743424 c:\windows\ie8updates\KB2722913-IE8\iedvtool.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 387584 c:\windows\ie8updates\KB2722913-IE8\iedkcs32.dll

+ 2012-08-15 23:51 . 2012-05-11 11:38 174080 c:\windows\ie8updates\KB2722913-IE8\ie4uinit.exe

- 2008-02-16 09:05 . 2012-05-11 14:44 1212416 c:\windows\system32\dllcache\urlmon.dll

+ 2008-02-16 09:05 . 2012-07-02 17:38 1212416 c:\windows\system32\dllcache\urlmon.dll

+ 2008-02-16 22:35 . 2012-07-02 17:38 6008320 c:\windows\system32\dllcache\mshtml.dll

+ 2008-11-03 07:50 . 2012-07-02 17:38 2000384 c:\windows\system32\dllcache\iertutil.dll

- 2008-11-03 07:50 . 2012-05-11 14:44 2000384 c:\windows\system32\dllcache\iertutil.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 1212416 c:\windows\ie8updates\KB2722913-IE8\urlmon.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 6007808 c:\windows\ie8updates\KB2722913-IE8\mshtml.dll

+ 2012-08-15 23:51 . 2012-05-11 14:44 2000384 c:\windows\ie8updates\KB2722913-IE8\iertutil.dll

+ 2008-11-03 07:50 . 2012-07-02 21:08 11111424 c:\windows\system32\dllcache\ieframe.dll

- 2008-11-03 07:50 . 2012-05-11 18:14 11111424 c:\windows\system32\dllcache\ieframe.dll

+ 2012-08-15 23:51 . 2012-05-11 18:14 11111424 c:\windows\ie8updates\KB2722913-IE8\ieframe.dll

.

-- Snapshot teruggezet naar huidige datum --

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]

"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-05-19 3561720]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-08-03 4777856]

"Akamai NetSession Interface"="c:\documents and settings\jaleesa jaggoo\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-05-26 4327744]

"Spotify"="c:\documents and settings\jaleesa jaggoo\Application Data\Spotify\Spotify.exe" [2012-07-30 7601880]

"Spotify Web Helper"="c:\documents and settings\jaleesa jaggoo\Application Data\Spotify\Data\SpotifyWebHelper.exe" [2012-07-30 1193176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CFSServ.exe"="CFSServ.exe -NoClient" [X]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]

"RTHDCPL"="RTHDCPL.EXE" [2005-11-10 15473664]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-14 98394]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-14 688218]

"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 88203]

"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2005-12-08 352256]

"Tvs"="c:\program files\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 73728]

"TPSMain"="TPSMain.exe" [2005-08-03 266240]

"NDSTray.exe"="NDSTray.exe" [bU]

"SmoothView"="c:\program files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe" [2005-05-12 118784]

"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2005-08-30 1077327]

"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-08-01 122940]

"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214]

"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2008-05-01 20480]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-10-24 1451264]

"DRPU PC Management - Basic"="c:\program files\DRPU PC Management - Basic\Basic Manage.exe" [2011-05-06 2738624]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-01-07 429392]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]

.

c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\

IconPackager.lnk - c:\program files\Stardock\MyColors\IconPackager.exe [N/A]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockPlus2\ODMenu.dll" [2010-03-24 511344]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=

"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Documents and Settings\\jaleesa jaggoo\\Application Data\\Spotify\\spotify.exe"=

"c:\\Documents and Settings\\jaleesa jaggoo\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"86:TCP"= 86:TCP:BroadCam Video Streaming Server Web Server

"1935:TCP"= 1935:TCP:BroadCam Video Streaming Server Flash Video Server

"2059:TCP"= 2059:TCP:Akamai NetSession Interface

"5000:UDP"= 5000:UDP:Akamai NetSession Interface

.

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [24-10-2008 20:53 34824]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22-7-2011 18:27 12880]

R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [12-7-2011 23:55 67664]

R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12-8-2011 1:38 116608]

R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [13-12-2005 11:46 14336]

R2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [4-1-2012 14:22 822624]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [28-9-2009 12:08 19160]

R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfsxp.sys [2-12-2009 22:23 584680]

R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplayxp.sys [2-12-2009 22:23 209512]

R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [2-12-2009 22:23 20584]

R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolxp.sys [2-12-2009 22:23 18280]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31-3-2012 16:41 250056]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [18-6-2011 18:27 18432]

S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [1-5-2008 19:30 152576]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 23:25]

.

2012-07-31 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:57]

.

2012-06-22 c:\windows\Tasks\Easy Onderhoud.job

- c:\program files\TuneUp Utilities 2008\OneClick.exe [2008-02-04 08:39]

.

2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-15 17:06]

.

2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-15 17:06]

.

2012-08-04 c:\windows\Tasks\Norton Security Scan for jaleesa jaggoo.job

- c:\progra~1\NORTON~2\Engine\372~1.5\Nss.exe [2012-06-07 09:45]

.

2012-08-05 c:\windows\Tasks\PC Unleashed Online Registration3.job

- c:\program files\Common Files\PC Unleashed Online\UUS3\UUS3.dll [2012-06-25 20:52]

.

2012-07-31 c:\windows\Tasks\PC Unleashed Online Update3.job

- c:\program files\Common Files\PC Unleashed Online\UUS3\Update3.exe [2012-06-25 20:52]

.

2012-07-31 c:\windows\Tasks\PC Unleashed.job

- c:\program files\PC Unleashed Online\PC Unleashed\pcu.exe [2012-07-19 21:57]

.

2012-08-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 1d33ac69-ade7-45cc-a014-084812ce1cf7.job

- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]

.

2012-08-15 c:\windows\Tasks\User_Feed_Synchronization-{F34884A8-E52E-42EB-86C4-5FB00637C3D7}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

.

.

------- Bijkomende Scan -------

.

uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

uStart Page = hxxp://bb.rocmn.nl/webapps/portal/frameset.jsp

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-08-16 02:19

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]

"ServiceDll"="c:\program files\common files\akamai/netsession_win_4f7fccd.dll"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-823361176-16431640-2854894277-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]

@Denied: (Full) (LocalSystem)

@SACL=

.

[HKEY_USERS\S-1-5-21-823361176-16431640-2854894277-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7FF0298D-423F-D083-8975-7D434F250BA7}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"lanckdpkbammamegomkkodin"=hex:64,62,67,61,61,6c,6a,65,6b,6f,6a,64,67,64,61,6f,

6d,6b,6f,6e,62,6a,6a,64,69,62,6d,6b,66,69,65,6f,61,69,67,63,66,66,66,6e,00,\

"lapbpikenaifcbgpbffeceea"=hex:62,62,67,61,6c,6b,61,68,64,68,6f,69,70,66,64,61,

69,6d,62,6b,70,65,66,70,67,63,70,61,66,6d,65,65,61,70,63,66,00,02

.

[HKEY_USERS\S-1-5-21-823361176-16431640-2854894277-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B183F520-3874-22F2-48F9-6B6B43D5921D}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"jaepdhlelcmkikekmifc"=hex:62,61,69,6e,00,00

"jaepdhlelcmkikekmijc"=hex:62,61,62,6d,00,00

"iaeeignooakpedjbcf"=hex:6b,61,6a,6e,6e,70,6b,62,6e,6f,6b,65,6d,6d,68,61,6e,6a,

61,61,6e,69,00,00

"hacpokaickhmbghb"=hex:6b,61,6a,6e,6e,70,69,62,62,62,65,64,67,6a,6e,6e,66,61,

68,67,63,6e,00,00

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(596)

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\Ati2evxx.dll

.

Voltooingstijd: 2012-08-16 02:25:42

ComboFix-quarantined-files.txt 2012-08-16 00:25

ComboFix2.txt 2012-08-05 15:35

.

Pre-Run: 12.407.316.480 bytes beschikbaar

Post-Run: 12.287.586.304 bytes beschikbaar

.

- - End Of File - - 4B94CA7C001A2ED933037CC41BD516AB

Link naar reactie
Delen op andere sites

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.