Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

mywebsearch

Abraham54
33 antwoorden
  • hallo,



    ik heb sinds kort een probleem als ik een naam intik in mijn adresbalk van Firefox dan word ik doorgezonden naar MYwebsearch ik heb al gescanned met Spybot, Adware, and Malwarebytes en heb hitman pro ook nog gebruikt maar het is nog steeds aanwezig wat moet ik nog meer doen om deze ellende van mijn pc te krijgen!


    mvg Ruurd
  • Doe het volgende: [b:8574198457]Download en installeer HijackThis Versie 2.04[/b:8574198457] (klik)
    [list:8574198457]• Installeer HijackThis op de aangegeven lokatie - alleen dan kan HijackThis back-ups maken!
    • N.B.: Gebruikers/sters van Windows Vista en Windows 7 gaan naar de installatielokatie van HijackThis, klikken hijackthis.exe met rechts aan, kiezen Eigenschappen, klikken op de tab Comptabiliteit en zetten dan een vinkje bij Als Administrator uitvoeren.
    • Sluit nu alle openstaande vensters en start vervolgens [b:8574198457]HijackThis[/b:8574198457] en kies voor [b:8574198457]Do a system scan and save a logfile[/b:8574198457]
    • Kopieer en plak de inhoud van de logfile in je aansluitende bericht.[/list:u:8574198457]
  • hier de logfile



    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVG\AVG9\avgwdsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Soluto\SolutoService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AVG\AVG9\avgnsx.exe
    C:\Program Files\AVG\AVG9\avgemc.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\PROGRA~1\AVG\AVG9\avgtray.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\slserv.exe
    C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin
    edirect/?country=NL&range=AD&phase=6&key=SEARCH
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\USERINIT.EXE,C:\Program Files\Soluto\soluto.exe /userinit,
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32
    wprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline
    l.htm
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1267356124218
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1267356717312
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • Hoi ruurd, doe het volgende:

    Sluit alle openstaande vensters (dus kopieer eerst deze pagina naar kladblok) en start dan HijackThis en klik op de knop [b:8401336aa6]Do a Scan only,

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com[/b:8401336aa6]
    [list:8401336aa6][*:8401336aa6] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen
    [*:8401336aa6] vervolgens klik je daarna op de knop [b:8401336aa6]Fix checked[/b:8401336aa6]
    [*:8401336aa6] Klik hierna HijackThis op uit.[/list:u:8401336aa6]

    MBAM reeds ge-installeerd:

    [b:8401336aa6]Stap •3•[/b:8401336aa6][/color:8401336aa6]
    [b:8401336aa6]Herstart MBAM.[/b:8401336aa6]
    [list:8401336aa6][*:8401336aa6] Klik eerst op de tab [b:8401336aa6]Update.[/b:8401336aa6].
    [*:8401336aa6] Klik vervolgens op de knop [b:8401336aa6]Controleer op updates.[/b:8401336aa6]
    [*:8401336aa6] Indien een nieuwe versie van MBAM wordt aangeboden - ga hiermee akkoord.
    [*:8401336aa6] Nadat MBAM vernieuwd is eerst weer de updatecyclus opstarten.
    [*:8401336aa6] Daarna kies je voor [b:8401336aa6]Snelle Scan[/b:8401336aa6]
    [*:8401336aa6] [*:8401336aa6] Indien de scan voltooid is, klik dan op de knop [b:8401336aa6]OK[/b:8401336aa6].
    [*:8401336aa6] Klik daarna op de knop [b:8401336aa6]Bekijk Resultaten[/b:8401336aa6] om de resultaten te zien.
    [*:8401336aa6] Zorg ervoor, dat alles aangevinkt is.
    [*:8401336aa6] Vervolgens klik je op: [b:8401336aa6]Verwijder geselecteerde[/b:8401336aa6].
    [*:8401336aa6] Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    [*:8401336aa6] Het log wordt automatisch bewaard door [b:8401336aa6]MBAM[/b:8401336aa6] en dat kan je terugvinden door op de tab [b:8401336aa6]Logs[/b:8401336aa6] te klikken in [b:8401336aa6]MBAM[/b:8401336aa6] .

    [*:8401336aa6] Indien [b:8401336aa6]MBAM[/b:8401336aa6] moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op [b:8401336aa6]OK[/b:8401336aa6] klikken!
    [*:8401336aa6] Daarna zal [b:8401336aa6]MBAM[/b:8401336aa6] vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:8401336aa6]
    [b:8401336aa6]Hierna post je de inhoud van het MBAM-log[/b:8401336aa6]
  • Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Databaseversie: 4524

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    1-9-2010 20:42:23
    mbam-log-2010-09-01 (20-42-23).txt

    Scantype: Snelle scan
    Objecten gescand: 132585
    Verstreken tijd: 8 minuut/minuten, 40 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)



    maar het is nog steeds aanwezig
  • Hallo Ruurd, oe het volgende: download ComboFix van één van deze locaties:
    [b:e6a7f72e68]Link 1[/b:e6a7f72e68]

    [b:e6a7f72e68]Link 2[/b:e6a7f72e68]

    [b:e6a7f72e68]* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op[/b:e6a7f72e68][/color:e6a7f72e68][list:e6a7f72e68][*:e6a7f72e68]Schakel alle antivirus- en antispywareprogramma's uit, want anders

    kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

    [b:e6a7f72e68]Klik hier[/b:e6a7f72e68]
    Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.[*:e6a7f72e68]Dubbeklik op ComboFix.exe en volg de meldingen op het scherm.[*:e6a7f72e68]ComboFix

    zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

    **Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch

    verder gaan met het scannen naar malware.[/color:e6a7f72e68][*:e6a7f72e68]Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en

    installeren.[/list:u:e6a7f72e68][img:e6a7f72e68]http://www.bleepstatic.com/combofix/nl/cf-rc-auto.jpg[/img:e6a7f72e68]


    Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:
    [img:e6a7f72e68]http://www.bleepstatic.com/combofix/nl
    c-auto-done.jpg[/img:e6a7f72e68]


    Klik op Ja om verder te gaan met het scannen naar malware.

    NOTE: Wanneer ComboFix start, kan het zijn dat je een Error melding krijgt dat de “contents of the ComboFix package has been compromised”
    Ga niet verder met de instructies, maar download ComboFix opnieuw. Deze melding kan verschijnen wanneer een file-infector (Virut) actief is op de computer.


    [img:e6a7f72e68]http://www.imgdumper.nl/uploads2/4ac516149f83c/4ac516149830d-ComboFix_Virut.jpg[/img:e6a7f72e68]
    Blijf je die melding krijgen dan meld je dit.


    Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als [b:e6a7f72e68]C:\ComboFix.txt[/b:e6a7f72e68]) in je volgende

    bericht.


    Extra nota… Zorg ervoor dat je Security software uitschakeld is (Antivirus, Firewall, AntiSpyware) tijdens het gebruik van Combofix. Dit omdat deze scanners

    bepaalde componenten die Combofix gebruikt onterecht zullen zien als geïnfecteerd (bijvoorbeeld Prep.com) en Combofix zullen blokkeren.

    [u:e6a7f72e68]Klik deze link[/u:e6a7f72e68] indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner

    moet uitschakelen.
  • ComboFix 10-09-04.06 - Ruurd en Marianne 06-09-2010 8:31.1.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.418 [GMT 2:00]
    Gestart vanuit: c:\documents and settings\Ruurd en Marianne\Bureaublad\ComboFix.exe
    AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\Ruurd en Marianne\Myrthe in de wind .jpg
    c:\windows\system32\Thumbs.db

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    ——-\Legacy_NPF


    (((((((((((((((((((( Bestanden Gemaakt van 2010-08-06 to 2010-09-06 ))))))))))))))))))))))))))))))
    .

    2010-09-05 11:47 . 2010-09-06 06:17 ——– d–h–r- c:\documents and settings\Ruurd en Marianne\Onlangs geopend
    2010-08-31 20:52 . 2010-08-31 20:52 ——– d—–w- c:\program files\Trend Micro
    2010-08-30 11:34 . 2010-08-30 11:34 12872 —-a-w- c:\windows\system32\bootdelete.exe
    2010-08-30 11:22 . 2010-08-30 11:22 16968 —-a-w- c:\windows\system32\drivers\hitmanpro35.sys
    2010-08-30 11:21 . 2010-08-30 11:34 ——– d—–w- c:\documents and settings\All Users\Application Data\Hitman Pro
    2010-08-30 11:21 . 2010-08-30 11:21 ——– d—–w- c:\program files\Hitman Pro 3.5
    2010-08-25 19:23 . 2010-08-25 19:23 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\Malwarebytes
    2010-08-25 19:23 . 2010-04-29 13:39 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-08-25 19:23 . 2010-08-25 19:23 ——– d—–w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2010-08-25 19:23 . 2010-08-25 19:23 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2010-08-25 19:23 . 2010-04-29 13:39 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
    2010-08-25 19:14 . 2010-08-25 19:14 161296 —-a-w- c:\windows\system32\drivers\tmcomm.sys
    2010-08-24 19:36 . 2010-09-06 06:38 662416 —-a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2010-08-23 13:45 . 2010-08-23 13:46 ——– d—–w- c:\program files\QuickTime
    2010-08-23 13:45 . 2010-08-23 13:45 ——– d—–w- c:\documents and settings\All Users\Application Data\Apple Computer
    2010-08-23 13:43 . 2010-08-23 13:43 ——– d—–w- c:\program files\Common Files\Apple
    2010-08-23 09:45 . 2010-06-30 12:35 179144 —-a-w- c:\windows\system32\drivers\PCGenFAM.sys
    2010-08-23 09:45 . 2010-08-23 09:45 ——– d—–w- c:\program files\Soluto
    2010-08-23 09:44 . 2010-08-23 09:57 ——– d—–w- c:\documents and settings\All Users\Application Data\Soluto

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-09-06 06:38 . 2010-09-06 06:39 2830336 —-a-w- c:\windows\Internet Logs\xDB6F.tmp
    2010-09-06 06:38 . 2010-09-06 06:39 253440 —-a-w- c:\windows\Internet Logs\xDB6E.tmp
    2010-09-06 06:37 . 2010-09-06 06:39 2830336 —-a-w- c:\windows\Internet Logs\xDB70.tmp
    2010-09-06 05:25 . 2010-04-29 18:27 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\GrabIt
    2010-09-05 11:48 . 2010-07-15 20:13 ——– d—–w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2010-09-03 07:36 . 2010-03-07 17:34 14259757 —-a-w- c:\windows\Internet Logs\tvDebug.Zip
    2010-08-31 21:11 . 2010-09-01 06:24 2748928 —-a-w- c:\windows\Internet Logs\xDB6D.tmp
    2010-08-31 21:11 . 2010-09-01 06:24 57856 —-a-w- c:\windows\Internet Logs\xDB6C.tmp
    2010-08-31 20:52 . 2010-08-31 20:52 388096 —-a-r- c:\documents and settings\Ruurd en Marianne\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2010-08-30 07:56 . 2010-07-15 21:20 ——– d—–w- c:\documents and settings\All Users\Application Data\Lavasoft
    2010-08-30 07:53 . 2010-07-15 20:13 ——– d—–w- c:\program files\Spybot - Search & Destroy
    2010-08-28 08:19 . 2010-08-29 10:36 8704 —-a-w- c:\windows\Internet Logs\xDB6B.tmp
    2010-08-28 07:11 . 2010-08-28 08:19 60416 —-a-w- c:\windows\Internet Logs\xDB6A.tmp
    2010-08-24 19:36 . 2010-08-25 11:45 2713088 —-a-w- c:\windows\Internet Logs\xDB69.tmp
    2010-08-24 19:36 . 2010-08-25 11:45 48640 —-a-w- c:\windows\Internet Logs\xDB68.tmp
    2010-08-23 11:52 . 2010-05-19 19:21 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\HPAppData
    2010-08-23 11:10 . 2010-08-23 11:11 26112 —-a-w- c:\windows\Internet Logs\xDB67.tmp
    2010-08-23 10:58 . 2010-08-23 10:59 107008 —-a-w- c:\windows\Internet Logs\xDB66.tmp
    2010-08-23 10:21 . 2010-02-28 18:36 ——– d–h–w- c:\program files\InstallShield Installation Information
    2010-08-23 09:46 . 2010-02-28 12:20 433064 —-a-w- c:\documents and settings\Ruurd en Marianne\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-08-23 09:44 . 2010-08-23 09:44 892680 —-a-w- c:\documents and settings\All Users\Application Data\Soluto\Installer\SolutoInstaller.exe
    2010-08-23 07:41 . 2010-08-23 07:41 499712 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-35d77b07-n\jmc.dll
    2010-08-23 07:41 . 2010-08-23 07:41 131072 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-35d77b07-n\msvcp71.dll
    2010-08-23 07:41 . 2010-08-23 07:41 12800 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-544e0c7c-n\decora-d3d.dll
    2010-08-23 07:41 . 2010-08-23 07:41 61440 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-544e0c7c-n\decora-sse.dll
    2010-08-23 07:41 . 2010-08-23 07:41 348160 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-35d77b07-n\msvcr71.dll
    2010-08-23 07:39 . 2010-02-28 18:36 ——– d—–w- c:\program files\Java
    2010-08-23 07:26 . 2010-08-23 07:26 79488 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\jre1.6.0_21\gtapi.dll
    2010-08-15 13:44 . 2010-08-16 14:59 8704 —-a-w- c:\windows\Internet Logs\xDB65.tmp
    2010-08-15 13:42 . 2010-08-15 13:44 27648 —-a-w- c:\windows\Internet Logs\xDB64.tmp
    2010-08-13 08:33 . 2003-06-27 22:31 533928 —-a-w- c:\windows\system32\perfh013.dat
    2010-08-13 08:33 . 2003-06-27 22:31 100060 —-a-w- c:\windows\system32\perfc013.dat
    2010-08-12 21:55 . 2010-08-13 07:42 46592 —-a-w- c:\windows\Internet Logs\xDB62.tmp
    2010-08-12 21:55 . 2010-08-13 07:42 2630656 —-a-w- c:\windows\Internet Logs\xDB63.tmp
    2010-08-08 10:58 . 2010-08-08 10:59 32256 —-a-w- c:\windows\Internet Logs\xDB61.tmp
    2010-08-06 13:18 . 2010-08-07 11:37 8704 —-a-w- c:\windows\Internet Logs\xDB60.tmp
    2010-07-30 07:44 . 2010-08-06 13:18 37888 —-a-w- c:\windows\Internet Logs\xDB5F.tmp
    2010-07-29 12:09 . 2010-07-29 12:10 142336 —-a-w- c:\windows\Internet Logs\xDB5E.tmp
    2010-07-22 20:53 . 2010-07-22 20:53 ——– d—–w- c:\program files\VIA
    2010-07-22 19:33 . 2010-07-22 19:33 ——– d—–w- c:\program files\Driver-Soft
    2010-07-18 21:35 . 2010-07-18 21:35 95024 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-07-17 12:10 . 2010-02-28 17:15 243024 —-a-w- c:\windows\system32\drivers\avgtdix.sys
    2010-07-17 12:10 . 2010-07-17 12:10 12536 —-a-w- c:\windows\system32\avgrsstx.dll
    2010-07-17 12:07 . 2010-02-28 17:15 216400 —-a-w- c:\windows\system32\drivers\avgldx86.sys
    2010-07-17 03:00 . 2010-05-19 18:22 423656 —-a-w- c:\windows\system32\deployJava1.dll
    2010-07-16 19:37 . 2010-06-19 18:47 ——– d—–w- c:\program files\a-squared Free
    2010-07-15 21:27 . 2010-07-15 21:28 40960 —-a-w- c:\windows\Internet Logs\xDB5C.tmp
    2010-07-15 21:27 . 2010-07-15 21:28 2552832 —-a-w- c:\windows\Internet Logs\xDB5D.tmp
    2010-07-15 19:55 . 2010-04-20 18:30 ——– d—–w- c:\program files\MSECache
    2010-07-15 19:55 . 2010-06-01 19:47 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\GHISLER
    2010-07-15 19:50 . 2010-07-12 19:39 ——– d—–w- c:\documents and settings\All Users\Application Data\Norton
    2010-07-14 21:04 . 2010-07-15 06:40 84992 —-a-w- c:\windows\Internet Logs\xDB5A.tmp
    2010-07-14 21:04 . 2010-07-15 06:40 2493952 —-a-w- c:\windows\Internet Logs\xDB5B.tmp
    2010-07-12 19:39 . 2010-07-12 19:39 ——– d—–w- c:\documents and settings\All Users\Application Data\Symantec
    2010-07-12 19:39 . 2010-07-12 19:39 ——– d—–w- c:\documents and settings\All Users\Application Data\NortonInstaller
    2010-07-12 18:03 . 2010-07-12 18:03 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\CheckPoint
    2010-06-21 20:11 . 2010-06-22 07:00 35328 —-a-w- c:\windows\Internet Logs\xDB53.tmp
    2010-06-21 12:10 . 2010-06-21 17:25 2131968 —-a-w- c:\windows\Internet Logs\xDB52.tmp
    2010-06-21 11:43 . 2010-06-21 11:48 30720 —-a-w- c:\windows\Internet Logs\xDB50.tmp
    2010-06-21 11:43 . 2010-06-21 11:48 2131968 —-a-w- c:\windows\Internet Logs\xDB51.tmp
    2010-06-19 19:31 . 2010-06-19 19:43 30720 —-a-w- c:\windows\Internet Logs\xDB4F.tmp
    2010-06-19 17:21 . 2010-06-19 17:30 15360 —-a-w- c:\windows\Internet Logs\xDB4E.tmp
    2010-06-19 17:18 . 2010-06-19 17:20 143872 —-a-w- c:\windows\Internet Logs\xDB4D.tmp
    2010-06-19 16:54 . 2010-06-19 17:09 2118144 —-a-w- c:\windows\Internet Logs\xDB4C.tmp
    2010-06-17 05:24 . 2010-06-17 08:13 2117120 —-a-w- c:\windows\Internet Logs\xDB4B.tmp
    2010-06-15 14:51 . 2010-06-15 14:56 2148352 —-a-w- c:\windows\Internet Logs\xDB4A.tmp
    2010-06-14 14:31 . 2003-06-27 22:42 744448 —-a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
    2010-06-12 19:31 . 2010-06-13 08:47 2112512 —-a-w- c:\windows\Internet Logs\xDB49.tmp
    2010-06-10 09:01 . 2010-06-10 09:02 2106368 —-a-w- c:\windows\Internet Logs\xDB48.tmp
    2010-06-08 20:05 . 2010-06-09 07:28 2091520 —-a-w- c:\windows\Internet Logs\xDB47.tmp
    2010-06-08 20:05 . 2010-06-09 07:28 32768 —-a-w- c:\windows\Internet Logs\xDB46.tmp
    .

    ——- Sigcheck ——-

    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

    [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
    [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys

    [-] 2003-04-08 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

    [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
    [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys

    [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    dis.sys
    [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers
    dis.sys

    [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    tfs.sys
    [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers
    tfs.sys
    [-] 2003-04-08 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\i386\NTFS.SYS

    [-] 2003-04-08 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers
    ull.sys

    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
    [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
    [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys

    [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
    [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll

    [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
    [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe

    [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    etman.dll
    [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32
    etman.dll
    [-] 2005-08-22 . 269182FF03F1FDD0EF803AEB63C01080 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE
    etman.dll

    [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
    [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
    [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll

    [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
    [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
    [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
    [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
    [-] 2005-07-26 . B52BD9DB0BD6D01BDB01B0DBFBB804CD . 397824 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2gdr\rpcss.dll
    [-] 2005-07-26 . B9A5A38A11C1D1BC2B5889F2900E6CDB . 276992 . . [5.1.2600.1720] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp1qfe\rpcss.dll
    [-] 2005-07-26 . 23B465FD2354D83218AC091D0EE6D91B . 398336 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2qfe\rpcss.dll
    [-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll

    [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
    [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
    [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
    [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

    [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
    [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
    [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

    [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
    [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

    [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
    [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
    [-] 2003-04-08 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\i386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL

    [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
    [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll

    [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
    [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
    [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
    [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
    [-] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2gdr\es.dll
    [-] 2005-07-26 04:39 . 81E7A36AEE80E677A34394BE62B7B658 . 227328 . . [2001.12.4414.62] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp1qfe\es.dll
    [-] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2qfe\es.dll

    [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
    [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll

    [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
    [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
    [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
    [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
    [-] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

    [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
    [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
    [-] 2005-09-01 . BDF49EB509B446650A752F751634AA1C . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll

    [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
    [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll

    [-] 2010-06-24 . 4866ECEEFB5964BB1CB081FB3A2A370D . 5954560 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\mshtml.dll
    [-] 2010-06-24 . 1048BF4C23101A0404252A19A9151C16 . 5951488 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\mshtml.dll
    [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll
    [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll
    [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
    [-] 2010-02-25 . A38971E011619C2CF1B87ADE965F5DD4 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
    [-] 2010-02-25 . 2399C13AE076A84037794AA0E9BF152A . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
    [-] 2010-01-05 . 0719BB9695A3B029689F5F322A98EAF9 . 3599360 . . [7.00.6000.16981] . . c:\windows\ie8\mshtml.dll
    [-] 2010-01-05 . 0719BB9695A3B029689F5F322A98EAF9 . 3599360 . . [7.00.6000.16981] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3GDR\mshtml.dll
    [-] 2010-01-05 . 247E251C82853166DFD161871534F0FB . 3602944 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
    [-] 2010-01-05 . 247E251C82853166DFD161871534F0FB . 3602944 . . [7.00.6000.21183] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3QFE\mshtml.dll
    [-] 2009-12-22 . E9536E13EDDB2B72B33CB20182A80086 . 3092480 . . [6.00.2900.5921] . . c:\windows\ie7\mshtml.dll
    [-] 2009-12-22 . AB8AB19C3EC6FA71152C50E6C5F452C9 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
    [-] 2009-12-21 . 0C92E8AAD0E68E0A5358813353F31CE3 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
    [-] 2009-12-21 . 585A8B2FD6373FC06D6893867754CF74 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
    [-] 2009-10-29 . 457643CEFC939B88A86AD10B5861960C . 3598336 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\mshtml.dll
    [-] 2009-10-29 . 457643CEFC939B88A86AD10B5861960C . 3598336 . . [7.00.6000.16945] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3GDR\mshtml.dll
    [-] 2009-10-29 . A66CEDA2AA6FA052D3F7A46CE7553D21 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
    [-] 2009-10-29 . 6D626567986D37E021F44EE66446D515 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
    [-] 2009-10-29 . 460BD186C5F245B99846E0F9EE10CD0B . 3602432 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll
    [-] 2009-10-29 . 460BD186C5F245B99846E0F9EE10CD0B . 3602432 . . [7.00.6000.21148] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3QFE\mshtml.dll
    [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
    [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
    [-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB976325-IE7\mshtml.dll
    [-] 2006-06-30 17:39 . 2F7B1453EB7BF5218BCAE10586D712AD . 2710528 . . [6.00.2800.1562] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\RTMQFE\mshtml.dll
    [-] 2006-06-30 09:53 . 0B64312439A98F4991A7FE3D676252F3 . 2703872 . . [6.00.2800.1561] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\rtmgdr\mshtml.dll

    [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
    [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
    [-] 2003-04-08 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\i386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL

    [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
    [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
    [-] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
    [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll

    [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    etlogon.dll
    [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32
    etlogon.dll

    [-] 2010-04-28 . 548AED38DF451C1783037390194A04DC . 2194304 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR
    toskrnl.exe
    [-] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE
    toskrnl.exe
    [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386
    toskrnl.exe
    [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32
    toskrnl.exe
    [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32\dllcache
    toskrnl.exe
    [-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE
    toskrnl.exe
    [-] 2009-12-10 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE
    toskrnl.exe
    [-] 2009-12-09 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3QFE
    toskrnl.exe
    [-] 2009-12-09 . 9FCCE3EF6E062C55FDA6E67C7EE7BAF4 . 2184704 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2GDR
    toskrnl.exe
    [-] 2009-12-09 . F96B89E41B78F5B3050A1003FD143732 . 2190336 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2QFE
    toskrnl.exe
    [-] 2009-12-09 . 13C15BFF7E82D3F9FD215ADD54A3929D . 2193536 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3GDR
    toskrnl.exe
    [-] 2009-08-04 . 2F1443AB72A64182FD8258BBAE801EA7 . 2193664 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE
    toskrnl.exe
    [-] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE
    toskrnl.exe
    [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    toskrnl.exe
    [-] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE
    toskrnl.exe

    [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
    [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll

    [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
    [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll

    [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
    [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll

    [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
    [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe

    [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
    [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
    [-] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll

    [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
    [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
    [-] 2005-03-02 . 0B62745CE93E8C6F56547F70269DBABC . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll

    [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
    [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe

    [-] 2010-06-24 . 8168F7D81CD04C83D7E04F3981A7D0F5 . 919040 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\wininet.dll
    [-] 2010-06-24 . A3D63C0EF4D32F1F04D9E9596AEA0FFE . 916480 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\wininet.dll
    [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll
    [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll
    [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
    [-] 2010-02-25 . 2A850B8F7B435ACFB9DCD0A566FD720C . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
    [-] 2010-02-25 . BB424C9406140FEAFB4732025BEBB69B . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
    [-] 2010-01-05 . F802C66238A60FC9A2D86B6D89B0F3ED . 832512 . . [7.00.6000.16981] . . c:\windows\ie8\wininet.dll
    [-] 2010-01-05 . F802C66238A60FC9A2D86B6D89B0F3ED . 832512 . . [7.00.6000.16981] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3GDR\wininet.dll
    [-] 2010-01-05 . C7B2FE1B42DB42B2E01679845D417408 . 841216 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
    [-] 2010-01-05 . C7B2FE1B42DB42B2E01679845D417408 . 841216 . . [7.00.6000.21183] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3QFE\wininet.dll
    [-] 2009-12-22 . A21DF8A5A088A16563B30B7F3E70FEF2 . 670208 . . [6.00.2900.5921] . . c:\windows\ie7\wininet.dll
    [-] 2009-12-22 . 2ABF21F7978482AF7CFA4DABF8C5B4E6 . 671744 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
    [-] 2009-12-21 . FA2B753F8FE84904A6940589A43F30B4 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
    [-] 2009-12-21 . 4C145AB616871611FCE38F053C75807C . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
    [-] 2009-10-29 . 7F558D6F7949C4AF6FF91EEE3933C744 . 832512 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\wininet.dll
    [-] 2009-10-29 . 7F558D6F7949C4AF6FF91EEE3933C744 . 832512 . . [7.00.6000.16945] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3GDR\wininet.dll
    [-] 2009-10-29 . 765E049E1F6E2EF9265B85E02DE487B5 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
    [-] 2009-10-29 . D906535CAB4BB8A60AC060351EDE159F . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
    [-] 2009-10-29 . 271E70C5784986E0B76902C70CE5FD9C . 841216 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
    [-] 2009-10-29 . 271E70C5784986E0B76902C70CE5FD9C . 841216 . . [7.00.6000.21148] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3QFE\wininet.dll
    [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
    [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
    [-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB976325-IE7\wininet.dll
    [-] 2006-06-23 19:47 . 56C66D692B3912C2C044755F569D94E3 . 592384 . . [6.00.2800.1560] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\RTMQFE\wininet.dll
    [-] 2006-06-23 12:29 . 9EEB94127EBAEB8F37A047E8843A3F7B . 580096 . . [6.00.2800.1559] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\rtmgdr\wininet.dll

    [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
    [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll

    [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
    [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll

    [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe
    [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe

    [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
    [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\system32\ole32.dll
    [-] 2005-07-26 . 588443247F2EE6A61B5864B64A7E270E . 1284608 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2gdr\ole32.dll
    [-] 2005-07-26 . F9B85885A133EEFF68B3C524EB94D0F7 . 1190400 . . [5.1.2600.1720] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp1qfe\ole32.dll
    [-] 2005-07-26 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2qfe\ole32.dll
    [-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll

    [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
    [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll

    [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
    [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe

    [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
    [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll

    [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
    [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll

    [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
    [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

    [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
    [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe

    [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
    [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll

    [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
    [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll

    [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
    [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll

    [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
    [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll

    [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
    [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll

    [-] 2003-04-08 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

    [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
    [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys

    [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
    [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys

    [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
    [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys

    [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
    [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll

    [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
    [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll

    [-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
    [-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
    [-] 2004-08-04 08:03 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll

    [-] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE
    tkrnlpa.exe
    [-] 2010-04-28 . F98305BD47DC7A0B2A978000E3C31FAB . 2071168 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR
    tkrnlpa.exe
    [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386
    tkrnlpa.exe
    [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32
    tkrnlpa.exe
    [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32\dllcache
    tkrnlpa.exe
    [-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE
    tkrnlpa.exe
    [-] 2009-12-10 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE
    tkrnlpa.exe
    [-] 2009-12-09 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3QFE
    tkrnlpa.exe
    [-] 2009-12-09 . 50DAB657F208AD98B531378D38A2E8B8 . 2062080 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2GDR
    tkrnlpa.exe
    [-] 2009-12-09 . 1FFE3E2414D6FE99CF78FCBFC569F5D0 . 2067456 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2QFE
    tkrnlpa.exe
    [-] 2009-12-09 . F63B0CC3CE1E6E8EA39B4933B595C73A . 2070400 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3GDR
    tkrnlpa.exe
    [-] 2009-08-04 . AB21A63A3B15653043E71126E5BBE3DE . 2070528 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE
    tkrnlpa.exe
    [-] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE
    tkrnlpa.exe
    [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    tkrnlpa.exe
    [-] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE
    tkrnlpa.exe

    [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386
    tmssvc.dll
    [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32
    tmssvc.dll

    [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
    [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll

    [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
    [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
    [-] 2002-12-11 22:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll

    [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
    [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll

    [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
    [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
    [-] 2002-12-11 22:14 . 61CC64C43BEC193100E3722F6CF4B1E1 . 284160 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll

    [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
    [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll

    [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
    [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-17 2065760]
    "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]
    "HitmanPro35"="c:\program files\Hitman Pro 3.5\HitmanPro35.exe" [2010-09-03 6300480]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\avgrsstarter]
    2010-07-17 12:10 12536 —-a-w- c:\windows\system32\avgrsstx.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk
    backup=c:\windows\pss\Windows Search.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTIVBOARD]
    2003-05-02 09:31 24576 —-a-w- c:\apps\ABOARD\ABOARD.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2009-07-26 15:44 3883856 —-a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
    2004-06-25 14:20 81920 —-a-w- c:\apps\Powercinema\PCMService.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2010-08-10 03:15 421888 —-a-w- c:\program files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    2004-02-26 14:53 65024 —-a-w- c:\windows\SOUNDMAN.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
    2010-03-09 02:52 15872 —-a-w- c:\program files\Unlocker\UnlockerAssistant.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
    2004-03-26 12:07 49152 —-a-w- c:\windows\system32\VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
    "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
    "c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
    "c:\\Program Files\\Soluto\\Soluto.exe"=
    "c:\\Program Files\\Soluto\\SolutoService.exe"=
    "c:\\Program Files\\Soluto\\SolutoConsole.exe"=
    "c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=

    R0 PCGenFAM;PCGenFAM;c:\windows\system32\drivers\PCGenFAM.sys [23-8-2010 11:45 179144]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [28-2-2010 19:15 216400]
    R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [28-2-2010 19:15 243024]
    R1 Ext2fs;Ext2fs;c:\windows\system32\drivers\ext2fs.sys [8-3-2010 10:12 181120]
    R1 IfsMount;IfsMount;c:\windows\system32\drivers\ifsmount.sys [8-3-2010 10:12 51072]
    R1 vcsmpdrv;vcsmpdrv;c:\windows\system32\drivers\vcsmpdrv.sys [6-9-2004 13:29 49024]
    R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [17-7-2010 14:07 921952]
    R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [17-7-2010 14:10 308136]
    R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [30-6-2010 16:08 336728]
    S3 Camdrv30;Philips ToUcam XS;c:\windows\system32\drivers\camdrv30.sys [6-3-2010 21:56 171264]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys –> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
    S3 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1-3-2010 21:03 1047880]
    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14-10-2009 7:24 10064]
    S3 VCSSecS;Virtual CD v4 Security service (SDK - Version);c:\program files\Virtual CD v4 SDK\System\vcssecs.exe [6-9-2004 13:29 139264]
    S3 ZD1211BU(Atheros);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(Atheros);c:\windows\system32\drivers\ZD1211BU.sys [20-4-2010 21:25 500736]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    Inhoud van de 'Gedeelde Taken' map

    2010-08-17 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

    2010-03-07 c:\windows\Tasks\Herinnering voor registratie 2.job
    - c:\windows\System32\OOBE\oobebaln.exe [2003-06-27 17:03]
    .
    .
    ——- Bijkomende Scan ——-
    .
    FF - ProfilePath - c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=9516
    FF - prefs.js: browser.search.selectedEngine - MyWebSearch
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
    FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRfox000&ptb=RZUA2ThDr5YGBAOOzQcmew&psa=&ind=2010061313&ptnrS=GRfox000&si=&st=kwd&n=77cf1a01&searchfor=
    FF - component: c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
    FF - plugin: c:\program files\Java\jre6\bin
    ew_plugin
    pdeployJava1.dll
    FF - plugin: c:\program files\Microsoft\Office Live
    pOLW.dll
    FF - plugin: c:\program files\QuickTime\Plugins
    pqtplugin8.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    —- FIREFOX POLICIES —-
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn–mgbaam7a8h", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn–mgberp4a5d4ar", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
    .
    - - - - ORPHANS VERWIJDERD - - - -

    MSConfigStartUp-Family Tree Builder Update - c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe
    MSConfigStartUp-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-09-06 08:41
    Windows 5.1.2600 Service Pack 3 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    - - - - - - - > 'winlogon.exe'(480)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'explorer.exe'(3876)
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    c:\program files\AVG\AVG9\avgchsvx.exe
    c:\program files\AVG\AVG9\avgrsx.exe
    c:\program files\AVG\AVG9\avgcsrvx.exe
    c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    c:\program files\AVG\AVG9\avgnsx.exe
    c:\windows\system32\SearchIndexer.exe
    c:\windows\system32\wscntfy.exe
    c:\program files\AVG\AVG9\avgcsrvx.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2010-09-06 08:47:52 - machine werd herstart
    ComboFix-quarantined-files.txt 2010-09-06 06:47

    Pre-Run: 11.933.708.288 bytes beschikbaar
    Post-Run: 11.877.408.768 bytes beschikbaar

    - - End Of File - - 246D76D73E54F081ABC8AC4C44DCF1F5
  • Hallo Ruurd, ik zie dat je Hitman Pro 3.5 in je Windows hebt zitten.

    Graag de-installeren, je PC herstarten en dan opnieuw ComboFix een scan laten doen!
  • Bij dezen een procedure om alles van Mywebsearch te verwijderen.

    http://www.pchell.com/support/mywebsearch.shtml
  • [quote:4fc2e86640="WindowsNL"]Bij dezen een procedure om alles van Mywebsearch te verwijderen.

    http://www.pchell.com/support/mywebsearch.shtml[/quote:4fc2e86640]


    My Websearch zit in FF en is niet via HijackThis te verwijderen!
  • oke maar wat is FF en welke methode moet ik nu aan houden? die van windows of van abraham
  • FF is Firefox.

    Heb je inmiddels HitmanPro verwijdert op de wijze zoals ik eerder gevraagd hebt?

    Zoniet alsnog doen en dan ComboFix opnieuw opstarten.
    Wil het tool eerst updaten - sta dit dan toe.
  • hier de logfile,

    .

    2010-09-08 18:15 . 2010-09-08 18:16 ——– d—–w- c:\documents and settings\All Users\Application Data\NOS
    2010-09-08 18:15 . 2010-09-08 18:15 ——– d—–w- c:\program files\NOS
    2010-09-08 18:15 . 2010-09-08 18:15 35136 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins
    p_gp.dll
    2010-09-08 18:15 . 2010-08-13 07:13 32032 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
    2010-09-08 06:12 . 2010-09-08 06:12 ——– d—–w- c:\windows\LastGood
    2010-09-06 21:05 . 2010-09-08 08:22 ——– d–h–r- c:\documents and settings\Ruurd en Marianne\Onlangs geopend
    2010-08-31 20:52 . 2010-08-31 20:52 388096 —-a-r- c:\documents and settings\Ruurd en Marianne\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2010-08-31 20:52 . 2010-08-31 20:52 ——– d—–w- c:\program files\Trend Micro
    2010-08-30 11:34 . 2010-08-30 11:34 12872 —-a-w- c:\windows\system32\bootdelete.exe
    2010-08-30 11:22 . 2010-09-06 07:40 16968 —-a-w- c:\windows\system32\drivers\hitmanpro35.sys
    2010-08-30 11:21 . 2010-08-30 11:34 ——– d—–w- c:\documents and settings\All Users\Application Data\Hitman Pro
    2010-08-25 19:23 . 2010-08-25 19:23 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\Malwarebytes
    2010-08-25 19:23 . 2010-04-29 13:39 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-08-25 19:23 . 2010-08-25 19:23 ——– d—–w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2010-08-25 19:23 . 2010-08-25 19:23 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2010-08-25 19:23 . 2010-04-29 13:39 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
    2010-08-25 19:14 . 2010-08-25 19:14 161296 —-a-w- c:\windows\system32\drivers\tmcomm.sys
    2010-08-24 19:36 . 2010-09-07 20:59 662416 —-a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2010-08-23 13:45 . 2010-08-23 13:46 ——– d—–w- c:\program files\QuickTime
    2010-08-23 13:45 . 2010-08-23 13:45 ——– d—–w- c:\documents and settings\All Users\Application Data\Apple Computer
    2010-08-23 13:43 . 2010-08-23 13:43 ——– d—–w- c:\program files\Common Files\Apple
    2010-08-23 09:45 . 2010-06-30 12:35 179144 —-a-w- c:\windows\system32\drivers\PCGenFAM.sys
    2010-08-23 09:45 . 2010-08-23 09:45 ——– d—–w- c:\program files\Soluto
    2010-08-23 09:44 . 2010-08-23 09:44 892680 —-a-w- c:\documents and settings\All Users\Application Data\Soluto\Installer\SolutoInstaller.exe
    2010-08-23 09:44 . 2010-08-23 09:57 ——– d—–w- c:\documents and settings\All Users\Application Data\Soluto
    2010-08-23 07:41 . 2010-08-23 07:41 499712 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-35d77b07-n\jmc.dll
    2010-08-23 07:41 . 2010-08-23 07:41 131072 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-35d77b07-n\msvcp71.dll
    2010-08-23 07:41 . 2010-08-23 07:41 12800 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-544e0c7c-n\decora-d3d.dll
    2010-08-23 07:41 . 2010-08-23 07:41 61440 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-544e0c7c-n\decora-sse.dll
    2010-08-23 07:41 . 2010-08-23 07:41 348160 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-35d77b07-n\msvcr71.dll
    2010-08-23 07:26 . 2010-08-23 07:26 79488 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\jre1.6.0_21\gtapi.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-09-07 20:59 . 2010-09-08 06:07 50688 —-a-w- c:\windows\Internet Logs\xDB71.tmp
    2010-09-06 12:11 . 2010-07-15 20:13 ——– d—–w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2010-09-06 06:38 . 2010-09-06 06:39 2830336 —-a-w- c:\windows\Internet Logs\xDB6F.tmp
    2010-09-06 06:38 . 2010-09-06 06:39 253440 —-a-w- c:\windows\Internet Logs\xDB6E.tmp
    2010-09-06 06:37 . 2010-09-06 06:39 2830336 —-a-w- c:\windows\Internet Logs\xDB70.tmp
    2010-09-06 05:25 . 2010-04-29 18:27 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\GrabIt
    2010-09-03 07:36 . 2010-03-07 17:34 14259757 —-a-w- c:\windows\Internet Logs\tvDebug.Zip
    2010-08-31 21:11 . 2010-09-01 06:24 2748928 —-a-w- c:\windows\Internet Logs\xDB6D.tmp
    2010-08-31 21:11 . 2010-09-01 06:24 57856 —-a-w- c:\windows\Internet Logs\xDB6C.tmp
    2010-08-30 07:56 . 2010-07-15 21:20 ——– d—–w- c:\documents and settings\All Users\Application Data\Lavasoft
    2010-08-30 07:53 . 2010-07-15 20:13 ——– d—–w- c:\program files\Spybot - Search & Destroy
    2010-08-28 08:19 . 2010-08-29 10:36 8704 —-a-w- c:\windows\Internet Logs\xDB6B.tmp
    2010-08-28 07:11 . 2010-08-28 08:19 60416 —-a-w- c:\windows\Internet Logs\xDB6A.tmp
    2010-08-24 19:36 . 2010-08-25 11:45 2713088 —-a-w- c:\windows\Internet Logs\xDB69.tmp
    2010-08-24 19:36 . 2010-08-25 11:45 48640 —-a-w- c:\windows\Internet Logs\xDB68.tmp
    2010-08-23 11:52 . 2010-05-19 19:21 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\HPAppData
    2010-08-23 11:10 . 2010-08-23 11:11 26112 —-a-w- c:\windows\Internet Logs\xDB67.tmp
    2010-08-23 10:58 . 2010-08-23 10:59 107008 —-a-w- c:\windows\Internet Logs\xDB66.tmp
    2010-08-23 10:21 . 2010-02-28 18:36 ——– d–h–w- c:\program files\InstallShield Installation Information
    2010-08-23 09:46 . 2010-02-28 12:20 433064 —-a-w- c:\documents and settings\Ruurd en Marianne\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-08-23 07:39 . 2010-02-28 18:36 ——– d—–w- c:\program files\Java
    2010-08-15 13:44 . 2010-08-16 14:59 8704 —-a-w- c:\windows\Internet Logs\xDB65.tmp
    2010-08-15 13:42 . 2010-08-15 13:44 27648 —-a-w- c:\windows\Internet Logs\xDB64.tmp
    2010-08-13 08:33 . 2003-06-27 22:31 533928 —-a-w- c:\windows\system32\perfh013.dat
    2010-08-13 08:33 . 2003-06-27 22:31 100060 —-a-w- c:\windows\system32\perfc013.dat
    2010-08-12 21:55 . 2010-08-13 07:42 46592 —-a-w- c:\windows\Internet Logs\xDB62.tmp
    2010-08-12 21:55 . 2010-08-13 07:42 2630656 —-a-w- c:\windows\Internet Logs\xDB63.tmp
    2010-08-08 10:58 . 2010-08-08 10:59 32256 —-a-w- c:\windows\Internet Logs\xDB61.tmp
    2010-08-06 13:18 . 2010-08-07 11:37 8704 —-a-w- c:\windows\Internet Logs\xDB60.tmp
    2010-07-30 07:44 . 2010-08-06 13:18 37888 —-a-w- c:\windows\Internet Logs\xDB5F.tmp
    2010-07-29 12:09 . 2010-07-29 12:10 142336 —-a-w- c:\windows\Internet Logs\xDB5E.tmp
    2010-07-22 20:53 . 2010-07-22 20:53 ——– d—–w- c:\program files\VIA
    2010-07-22 19:33 . 2010-07-22 19:33 ——– d—–w- c:\program files\Driver-Soft
    2010-07-18 21:35 . 2010-07-18 21:35 95024 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-07-17 12:10 . 2010-02-28 17:15 243024 —-a-w- c:\windows\system32\drivers\avgtdix.sys
    2010-07-17 12:10 . 2010-07-17 12:10 12536 —-a-w- c:\windows\system32\avgrsstx.dll
    2010-07-17 12:07 . 2010-02-28 17:15 216400 —-a-w- c:\windows\system32\drivers\avgldx86.sys
    2010-07-17 03:00 . 2010-05-19 18:22 423656 —-a-w- c:\windows\system32\deployJava1.dll
    2010-07-16 19:37 . 2010-06-19 18:47 ——– d—–w- c:\program files\a-squared Free
    2010-07-15 21:27 . 2010-07-15 21:28 40960 —-a-w- c:\windows\Internet Logs\xDB5C.tmp
    2010-07-15 21:27 . 2010-07-15 21:28 2552832 —-a-w- c:\windows\Internet Logs\xDB5D.tmp
    2010-07-15 19:55 . 2010-04-20 18:30 ——– d—–w- c:\program files\MSECache
    2010-07-15 19:55 . 2010-06-01 19:47 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\GHISLER
    2010-07-15 19:50 . 2010-07-12 19:39 ——– d—–w- c:\documents and settings\All Users\Application Data\Norton
    2010-07-14 21:04 . 2010-07-15 06:40 84992 —-a-w- c:\windows\Internet Logs\xDB5A.tmp
    2010-07-14 21:04 . 2010-07-15 06:40 2493952 —-a-w- c:\windows\Internet Logs\xDB5B.tmp
    2010-07-12 19:39 . 2010-07-12 19:39 ——– d—–w- c:\documents and settings\All Users\Application Data\Symantec
    2010-07-12 19:39 . 2010-07-12 19:39 ——– d—–w- c:\documents and settings\All Users\Application Data\NortonInstaller
    2010-07-12 18:03 . 2010-07-12 18:03 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\CheckPoint
    2010-06-21 20:11 . 2010-06-22 07:00 35328 —-a-w- c:\windows\Internet Logs\xDB53.tmp
    2010-06-21 12:10 . 2010-06-21 17:25 2131968 —-a-w- c:\windows\Internet Logs\xDB52.tmp
    2010-06-21 11:43 . 2010-06-21 11:48 30720 —-a-w- c:\windows\Internet Logs\xDB50.tmp
    2010-06-21 11:43 . 2010-06-21 11:48 2131968 —-a-w- c:\windows\Internet Logs\xDB51.tmp
    2010-06-19 19:31 . 2010-06-19 19:43 30720 —-a-w- c:\windows\Internet Logs\xDB4F.tmp
    2010-06-19 17:21 . 2010-06-19 17:30 15360 —-a-w- c:\windows\Internet Logs\xDB4E.tmp
    2010-06-19 17:18 . 2010-06-19 17:20 143872 —-a-w- c:\windows\Internet Logs\xDB4D.tmp
    2010-06-19 16:54 . 2010-06-19 17:09 2118144 —-a-w- c:\windows\Internet Logs\xDB4C.tmp
    2010-06-17 05:24 . 2010-06-17 08:13 2117120 —-a-w- c:\windows\Internet Logs\xDB4B.tmp
    2010-06-15 14:51 . 2010-06-15 14:56 2148352 —-a-w- c:\windows\Internet Logs\xDB4A.tmp
    2010-06-14 14:31 . 2003-06-27 22:42 744448 —-a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
    2010-06-12 19:31 . 2010-06-13 08:47 2112512 —-a-w- c:\windows\Internet Logs\xDB49.tmp
    .

    ——- Sigcheck ——-

    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

    [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
    [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys

    [-] 2003-04-08 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

    [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
    [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys

    [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    dis.sys
    [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers
    dis.sys

    [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    tfs.sys
    [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers
    tfs.sys
    [-] 2003-04-08 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\i386\NTFS.SYS

    [-] 2003-04-08 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers
    ull.sys

    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
    [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
    [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys

    [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
    [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll

    [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
    [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe

    [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    etman.dll
    [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32
    etman.dll
    [-] 2005-08-22 . 269182FF03F1FDD0EF803AEB63C01080 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE
    etman.dll

    [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
    [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
    [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll

    [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
    [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
    [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
    [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
    [-] 2005-07-26 . B52BD9DB0BD6D01BDB01B0DBFBB804CD . 397824 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2gdr\rpcss.dll
    [-] 2005-07-26 . B9A5A38A11C1D1BC2B5889F2900E6CDB . 276992 . . [5.1.2600.1720] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp1qfe\rpcss.dll
    [-] 2005-07-26 . 23B465FD2354D83218AC091D0EE6D91B . 398336 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2qfe\rpcss.dll
    [-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll

    [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
    [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
    [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
    [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

    [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
    [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
    [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

    [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
    [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

    [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
    [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
    [-] 2003-04-08 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\i386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL

    [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
    [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll

    [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
    [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
    [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
    [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
    [-] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2gdr\es.dll
    [-] 2005-07-26 04:39 . 81E7A36AEE80E677A34394BE62B7B658 . 227328 . . [2001.12.4414.62] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp1qfe\es.dll
    [-] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2qfe\es.dll

    [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
    [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll

    [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
    [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
    [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
    [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
    [-] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

    [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
    [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
    [-] 2005-09-01 . BDF49EB509B446650A752F751634AA1C . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll

    [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
    [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll

    [-] 2010-06-24 . 4866ECEEFB5964BB1CB081FB3A2A370D . 5954560 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\mshtml.dll
    [-] 2010-06-24 . 1048BF4C23101A0404252A19A9151C16 . 5951488 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\mshtml.dll
    [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll
    [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll
    [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
    [-] 2010-02-25 . A38971E011619C2CF1B87ADE965F5DD4 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
    [-] 2010-02-25 . 2399C13AE076A84037794AA0E9BF152A . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
    [-] 2010-01-05 . 0719BB9695A3B029689F5F322A98EAF9 . 3599360 . . [7.00.6000.16981] . . c:\windows\ie8\mshtml.dll
    [-] 2010-01-05 . 0719BB9695A3B029689F5F322A98EAF9 . 3599360 . . [7.00.6000.16981] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3GDR\mshtml.dll
    [-] 2010-01-05 . 247E251C82853166DFD161871534F0FB . 3602944 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
    [-] 2010-01-05 . 247E251C82853166DFD161871534F0FB . 3602944 . . [7.00.6000.21183] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3QFE\mshtml.dll
    [-] 2009-12-22 . E9536E13EDDB2B72B33CB20182A80086 . 3092480 . . [6.00.2900.5921] . . c:\windows\ie7\mshtml.dll
    [-] 2009-12-22 . AB8AB19C3EC6FA71152C50E6C5F452C9 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
    [-] 2009-12-21 . 0C92E8AAD0E68E0A5358813353F31CE3 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
    [-] 2009-12-21 . 585A8B2FD6373FC06D6893867754CF74 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
    [-] 2009-10-29 . 457643CEFC939B88A86AD10B5861960C . 3598336 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\mshtml.dll
    [-] 2009-10-29 . 457643CEFC939B88A86AD10B5861960C . 3598336 . . [7.00.6000.16945] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3GDR\mshtml.dll
    [-] 2009-10-29 . A66CEDA2AA6FA052D3F7A46CE7553D21 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
    [-] 2009-10-29 . 6D626567986D37E021F44EE66446D515 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
    [-] 2009-10-29 . 460BD186C5F245B99846E0F9EE10CD0B . 3602432 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll
    [-] 2009-10-29 . 460BD186C5F245B99846E0F9EE10CD0B . 3602432 . . [7.00.6000.21148] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3QFE\mshtml.dll
    [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
    [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
    [-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB976325-IE7\mshtml.dll
    [-] 2006-06-30 17:39 . 2F7B1453EB7BF5218BCAE10586D712AD . 2710528 . . [6.00.2800.1562] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\RTMQFE\mshtml.dll
    [-] 2006-06-30 09:53 . 0B64312439A98F4991A7FE3D676252F3 . 2703872 . . [6.00.2800.1561] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\rtmgdr\mshtml.dll

    [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
    [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
    [-] 2003-04-08 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\i386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL

    [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
    [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
    [-] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
    [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll

    [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    etlogon.dll
    [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32
    etlogon.dll

    [-] 2010-04-28 . 548AED38DF451C1783037390194A04DC . 2194304 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR
    toskrnl.exe
    [-] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE
    toskrnl.exe
    [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386
    toskrnl.exe
    [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32
    toskrnl.exe
    [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32\dllcache
    toskrnl.exe
    [-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE
    toskrnl.exe
    [-] 2009-12-10 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE
    toskrnl.exe
    [-] 2009-12-09 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3QFE
    toskrnl.exe
    [-] 2009-12-09 . 9FCCE3EF6E062C55FDA6E67C7EE7BAF4 . 2184704 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2GDR
    toskrnl.exe
    [-] 2009-12-09 . F96B89E41B78F5B3050A1003FD143732 . 2190336 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2QFE
    toskrnl.exe
    [-] 2009-12-09 . 13C15BFF7E82D3F9FD215ADD54A3929D . 2193536 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3GDR
    toskrnl.exe
    [-] 2009-08-04 . 2F1443AB72A64182FD8258BBAE801EA7 . 2193664 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE
    toskrnl.exe
    [-] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE
    toskrnl.exe
    [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    toskrnl.exe
    [-] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE
    toskrnl.exe

    [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
    [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll

    [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
    [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll

    [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
    [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll

    [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
    [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe

    [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
    [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
    [-] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll

    [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
    [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
    [-] 2005-03-02 . 0B62745CE93E8C6F56547F70269DBABC . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll

    [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
    [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe

    [-] 2010-06-24 . 8168F7D81CD04C83D7E04F3981A7D0F5 . 919040 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\wininet.dll
    [-] 2010-06-24 . A3D63C0EF4D32F1F04D9E9596AEA0FFE . 916480 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\wininet.dll
    [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll
    [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll
    [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
    [-] 2010-02-25 . 2A850B8F7B435ACFB9DCD0A566FD720C . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
    [-] 2010-02-25 . BB424C9406140FEAFB4732025BEBB69B . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
    [-] 2010-01-05 . F802C66238A60FC9A2D86B6D89B0F3ED . 832512 . . [7.00.6000.16981] . . c:\windows\ie8\wininet.dll
    [-] 2010-01-05 . F802C66238A60FC9A2D86B6D89B0F3ED . 832512 . . [7.00.6000.16981] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3GDR\wininet.dll
    [-] 2010-01-05 . C7B2FE1B42DB42B2E01679845D417408 . 841216 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
    [-] 2010-01-05 . C7B2FE1B42DB42B2E01679845D417408 . 841216 . . [7.00.6000.21183] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3QFE\wininet.dll
    [-] 2009-12-22 . A21DF8A5A088A16563B30B7F3E70FEF2 . 670208 . . [6.00.2900.5921] . . c:\windows\ie7\wininet.dll
    [-] 2009-12-22 . 2ABF21F7978482AF7CFA4DABF8C5B4E6 . 671744 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
    [-] 2009-12-21 . FA2B753F8FE84904A6940589A43F30B4 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
    [-] 2009-12-21 . 4C145AB616871611FCE38F053C75807C . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
    [-] 2009-10-29 . 7F558D6F7949C4AF6FF91EEE3933C744 . 832512 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\wininet.dll
    [-] 2009-10-29 . 7F558D6F7949C4AF6FF91EEE3933C744 . 832512 . . [7.00.6000.16945] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3GDR\wininet.dll
    [-] 2009-10-29 . 765E049E1F6E2EF9265B85E02DE487B5 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
    [-] 2009-10-29 . D906535CAB4BB8A60AC060351EDE159F . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
    [-] 2009-10-29 . 271E70C5784986E0B76902C70CE5FD9C . 841216 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
    [-] 2009-10-29 . 271E70C5784986E0B76902C70CE5FD9C . 841216 . . [7.00.6000.21148] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3QFE\wininet.dll
    [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
    [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
    [-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB976325-IE7\wininet.dll
    [-] 2006-06-23 19:47 . 56C66D692B3912C2C044755F569D94E3 . 592384 . . [6.00.2800.1560] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\RTMQFE\wininet.dll
    [-] 2006-06-23 12:29 . 9EEB94127EBAEB8F37A047E8843A3F7B . 580096 . . [6.00.2800.1559] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\rtmgdr\wininet.dll

    [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
    [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll

    [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
    [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll

    [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe
    [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe

    [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
    [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\system32\ole32.dll
    [-] 2005-07-26 . 588443247F2EE6A61B5864B64A7E270E . 1284608 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2gdr\ole32.dll
    [-] 2005-07-26 . F9B85885A133EEFF68B3C524EB94D0F7 . 1190400 . . [5.1.2600.1720] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp1qfe\ole32.dll
    [-] 2005-07-26 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2qfe\ole32.dll
    [-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll

    [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
    [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll

    [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
    [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe

    [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
    [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll

    [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
    [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll

    [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
    [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

    [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
    [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe

    [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
    [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll

    [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
    [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll

    [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
    [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll

    [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
    [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll

    [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
    [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll

    [-] 2003-04-08 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

    [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
    [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys

    [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
    [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys

    [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
    [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys

    [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
    [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll

    [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
    [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll

    [-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
    [-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
    [-] 2004-08-04 08:03 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll

    [-] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE
    tkrnlpa.exe
    [-] 2010-04-28 . F98305BD47DC7A0B2A978000E3C31FAB . 2071168 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR
    tkrnlpa.exe
    [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386
    tkrnlpa.exe
    [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32
    tkrnlpa.exe
    [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32\dllcache
    tkrnlpa.exe
    [-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE
    tkrnlpa.exe
    [-] 2009-12-10 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE
    tkrnlpa.exe
    [-] 2009-12-09 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3QFE
    tkrnlpa.exe
    [-] 2009-12-09 . 50DAB657F208AD98B531378D38A2E8B8 . 2062080 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2GDR
    tkrnlpa.exe
    [-] 2009-12-09 . 1FFE3E2414D6FE99CF78FCBFC569F5D0 . 2067456 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2QFE
    tkrnlpa.exe
    [-] 2009-12-09 . F63B0CC3CE1E6E8EA39B4933B595C73A . 2070400 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3GDR
    tkrnlpa.exe
    [-] 2009-08-04 . AB21A63A3B15653043E71126E5BBE3DE . 2070528 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE
    tkrnlpa.exe
    [-] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE
    tkrnlpa.exe
    [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    tkrnlpa.exe
    [-] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE
    tkrnlpa.exe

    [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386
    tmssvc.dll
    [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32
    tmssvc.dll

    [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
    [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll

    [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
    [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
    [-] 2002-12-11 22:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll

    [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
    [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll

    [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
    [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
    [-] 2002-12-11 22:14 . 61CC64C43BEC193100E3722F6CF4B1E1 . 284160 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll

    [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
    [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll

    [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
    [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll

    [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
    [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
    .
    ((((((((((((((((((((((((((((( SnapShot@2010-09-06_12.19.04 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2004-09-06 11:19 . 2010-09-08 16:46 2266112 c:\windows\Installer\13037.msi
    - 2004-09-06 11:19 . 2010-09-03 13:21 2266112 c:\windows\Installer\13037.msi
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-17 2065760]
    "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\avgrsstarter]
    2010-07-17 12:10 12536 —-a-w- c:\windows\system32\avgrsstx.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk
    backup=c:\windows\pss\Windows Search.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTIVBOARD]
    2003-05-02 09:31 24576 —-a-w- c:\apps\ABOARD\ABOARD.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2009-07-26 15:44 3883856 —-a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
    2004-06-25 14:20 81920 —-a-w- c:\apps\Powercinema\PCMService.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2010-08-10 03:15 421888 —-a-w- c:\program files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    2004-02-26 14:53 65024 —-a-w- c:\windows\SOUNDMAN.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
    2010-03-09 02:52 15872 —-a-w- c:\program files\Unlocker\UnlockerAssistant.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
    2004-03-26 12:07 49152 —-a-w- c:\windows\system32\VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
    "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
    "c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
    "c:\\Program Files\\Soluto\\Soluto.exe"=
    "c:\\Program Files\\Soluto\\SolutoService.exe"=
    "c:\\Program Files\\Soluto\\SolutoConsole.exe"=
    "c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=

    R0 PCGenFAM;PCGenFAM;c:\windows\system32\drivers\PCGenFAM.sys [23-8-2010 11:45 179144]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [28-2-2010 19:15 216400]
    R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [28-2-2010 19:15 243024]
    R1 Ext2fs;Ext2fs;c:\windows\system32\drivers\ext2fs.sys [8-3-2010 10:12 181120]
    R1 IfsMount;IfsMount;c:\windows\system32\drivers\ifsmount.sys [8-3-2010 10:12 51072]
    R1 vcsmpdrv;vcsmpdrv;c:\windows\system32\drivers\vcsmpdrv.sys [6-9-2004 13:29 49024]
    R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [17-7-2010 14:07 921952]
    R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [17-7-2010 14:10 308136]
    R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [30-6-2010 16:08 336728]
    R3 VCSSecS;Virtual CD v4 Security service (SDK - Version);c:\program files\Virtual CD v4 SDK\System\vcssecs.exe [6-9-2004 13:29 139264]
    S3 Camdrv30;Philips ToUcam XS;c:\windows\system32\drivers\camdrv30.sys [6-3-2010 21:56 171264]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys –> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
    S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [28-6-2003 0:31 14336]
    S3 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1-3-2010 21:03 1047880]
    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14-10-2009 7:24 10064]
    S3 ZD1211BU(Atheros);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(Atheros);c:\windows\system32\drivers\ZD1211BU.sys [20-4-2010 21:25 500736]

    — Andere Services/Drivers In Geheugen —

    *NewlyCreated* - NOSGETPLUSHELPER

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    Inhoud van de 'Gedeelde Taken' map

    2010-08-17 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

    2010-03-07 c:\windows\Tasks\Herinnering voor registratie 2.job
    - c:\windows\System32\OOBE\oobebaln.exe [2003-06-27 17:03]
    .
    .
    ——- Bijkomende Scan ——-
    .
    FF - ProfilePath - c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=9516
    FF - prefs.js: browser.search.selectedEngine - MyWebSearch
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
    FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRfox000&ptb=RZUA2ThDr5YGBAOOzQcmew&psa=&ind=2010061313&ptnrS=GRfox000&si=&st=kwd&n=77cf1a01&searchfor=
    FF - component: c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
    FF - plugin: c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins
    p_gp.dll
    FF - plugin: c:\program files\Java\jre6\bin
    ew_plugin
    pdeployJava1.dll
    FF - plugin: c:\program files\Microsoft\Office Live
    pOLW.dll
    FF - plugin: c:\program files\QuickTime\Plugins
    pqtplugin8.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    —- FIREFOX POLICIES —-
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn–mgbaam7a8h", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn–mgberp4a5d4ar", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-09-08 20:30
    Windows 5.1.2600 Service Pack 3 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    - - - - - - - > 'winlogon.exe'(476)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'explorer.exe'(2620)
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Voltooingstijd: 2010-09-08 20:35:44
    ComboFix-quarantined-files.txt 2010-09-08 18:35
    ComboFix2.txt 2010-09-06 06:47

    Pre-Run: 16.296.423.424 bytes beschikbaar
    Post-Run: 16.279.490.560 bytes beschikbaar

    - - End Of File - - 545CBE604A6031E71928FAE73ED01D20
  • Hallo ruurd78, er mist het eerste deel van het log!

    Wil je het log nogmaals posten, maar dan compleet?

    Je vindt een en ander terug in C:\combofix.txt.
  • hier het complete logfile


    ComboFix 10-09-07.03 - Ruurd en Marianne 08-09-2010 20:24:35.3.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.420 [GMT 2:00]
    Gestart vanuit: c:\documents and settings\Ruurd en Marianne\Bureaublad\ComboFix.exe
    AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
    .

    (((((((((((((((((((( Bestanden Gemaakt van 2010-08-08 to 2010-09-08 ))))))))))))))))))))))))))))))
    .

    2010-09-08 18:15 . 2010-09-08 18:16 ——– d—–w- c:\documents and settings\All Users\Application Data\NOS
    2010-09-08 18:15 . 2010-09-08 18:15 ——– d—–w- c:\program files\NOS
    2010-09-08 18:15 . 2010-09-08 18:15 35136 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins
    p_gp.dll
    2010-09-08 18:15 . 2010-08-13 07:13 32032 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
    2010-09-08 06:12 . 2010-09-08 06:12 ——– d—–w- c:\windows\LastGood
    2010-09-06 21:05 . 2010-09-08 08:22 ——– d–h–r- c:\documents and settings\Ruurd en Marianne\Onlangs geopend
    2010-08-31 20:52 . 2010-08-31 20:52 388096 —-a-r- c:\documents and settings\Ruurd en Marianne\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2010-08-31 20:52 . 2010-08-31 20:52 ——– d—–w- c:\program files\Trend Micro
    2010-08-30 11:34 . 2010-08-30 11:34 12872 —-a-w- c:\windows\system32\bootdelete.exe
    2010-08-30 11:22 . 2010-09-06 07:40 16968 —-a-w- c:\windows\system32\drivers\hitmanpro35.sys
    2010-08-30 11:21 . 2010-08-30 11:34 ——– d—–w- c:\documents and settings\All Users\Application Data\Hitman Pro
    2010-08-25 19:23 . 2010-08-25 19:23 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\Malwarebytes
    2010-08-25 19:23 . 2010-04-29 13:39 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-08-25 19:23 . 2010-08-25 19:23 ——– d—–w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2010-08-25 19:23 . 2010-08-25 19:23 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2010-08-25 19:23 . 2010-04-29 13:39 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
    2010-08-25 19:14 . 2010-08-25 19:14 161296 —-a-w- c:\windows\system32\drivers\tmcomm.sys
    2010-08-24 19:36 . 2010-09-07 20:59 662416 —-a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2010-08-23 13:45 . 2010-08-23 13:46 ——– d—–w- c:\program files\QuickTime
    2010-08-23 13:45 . 2010-08-23 13:45 ——– d—–w- c:\documents and settings\All Users\Application Data\Apple Computer
    2010-08-23 13:43 . 2010-08-23 13:43 ——– d—–w- c:\program files\Common Files\Apple
    2010-08-23 09:45 . 2010-06-30 12:35 179144 —-a-w- c:\windows\system32\drivers\PCGenFAM.sys
    2010-08-23 09:45 . 2010-08-23 09:45 ——– d—–w- c:\program files\Soluto
    2010-08-23 09:44 . 2010-08-23 09:44 892680 —-a-w- c:\documents and settings\All Users\Application Data\Soluto\Installer\SolutoInstaller.exe
    2010-08-23 09:44 . 2010-08-23 09:57 ——– d—–w- c:\documents and settings\All Users\Application Data\Soluto
    2010-08-23 07:41 . 2010-08-23 07:41 499712 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-35d77b07-n\jmc.dll
    2010-08-23 07:41 . 2010-08-23 07:41 131072 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-35d77b07-n\msvcp71.dll
    2010-08-23 07:41 . 2010-08-23 07:41 12800 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-544e0c7c-n\decora-d3d.dll
    2010-08-23 07:41 . 2010-08-23 07:41 61440 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-544e0c7c-n\decora-sse.dll
    2010-08-23 07:41 . 2010-08-23 07:41 348160 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-35d77b07-n\msvcr71.dll
    2010-08-23 07:26 . 2010-08-23 07:26 79488 —-a-w- c:\documents and settings\Ruurd en Marianne\Application Data\Sun\Java\jre1.6.0_21\gtapi.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-09-07 20:59 . 2010-09-08 06:07 50688 —-a-w- c:\windows\Internet Logs\xDB71.tmp
    2010-09-06 12:11 . 2010-07-15 20:13 ——– d—–w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2010-09-06 06:38 . 2010-09-06 06:39 2830336 —-a-w- c:\windows\Internet Logs\xDB6F.tmp
    2010-09-06 06:38 . 2010-09-06 06:39 253440 —-a-w- c:\windows\Internet Logs\xDB6E.tmp
    2010-09-06 06:37 . 2010-09-06 06:39 2830336 —-a-w- c:\windows\Internet Logs\xDB70.tmp
    2010-09-06 05:25 . 2010-04-29 18:27 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\GrabIt
    2010-09-03 07:36 . 2010-03-07 17:34 14259757 —-a-w- c:\windows\Internet Logs\tvDebug.Zip
    2010-08-31 21:11 . 2010-09-01 06:24 2748928 —-a-w- c:\windows\Internet Logs\xDB6D.tmp
    2010-08-31 21:11 . 2010-09-01 06:24 57856 —-a-w- c:\windows\Internet Logs\xDB6C.tmp
    2010-08-30 07:56 . 2010-07-15 21:20 ——– d—–w- c:\documents and settings\All Users\Application Data\Lavasoft
    2010-08-30 07:53 . 2010-07-15 20:13 ——– d—–w- c:\program files\Spybot - Search & Destroy
    2010-08-28 08:19 . 2010-08-29 10:36 8704 —-a-w- c:\windows\Internet Logs\xDB6B.tmp
    2010-08-28 07:11 . 2010-08-28 08:19 60416 —-a-w- c:\windows\Internet Logs\xDB6A.tmp
    2010-08-24 19:36 . 2010-08-25 11:45 2713088 —-a-w- c:\windows\Internet Logs\xDB69.tmp
    2010-08-24 19:36 . 2010-08-25 11:45 48640 —-a-w- c:\windows\Internet Logs\xDB68.tmp
    2010-08-23 11:52 . 2010-05-19 19:21 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\HPAppData
    2010-08-23 11:10 . 2010-08-23 11:11 26112 —-a-w- c:\windows\Internet Logs\xDB67.tmp
    2010-08-23 10:58 . 2010-08-23 10:59 107008 —-a-w- c:\windows\Internet Logs\xDB66.tmp
    2010-08-23 10:21 . 2010-02-28 18:36 ——– d–h–w- c:\program files\InstallShield Installation Information
    2010-08-23 09:46 . 2010-02-28 12:20 433064 —-a-w- c:\documents and settings\Ruurd en Marianne\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-08-23 07:39 . 2010-02-28 18:36 ——– d—–w- c:\program files\Java
    2010-08-15 13:44 . 2010-08-16 14:59 8704 —-a-w- c:\windows\Internet Logs\xDB65.tmp
    2010-08-15 13:42 . 2010-08-15 13:44 27648 —-a-w- c:\windows\Internet Logs\xDB64.tmp
    2010-08-13 08:33 . 2003-06-27 22:31 533928 —-a-w- c:\windows\system32\perfh013.dat
    2010-08-13 08:33 . 2003-06-27 22:31 100060 —-a-w- c:\windows\system32\perfc013.dat
    2010-08-12 21:55 . 2010-08-13 07:42 46592 —-a-w- c:\windows\Internet Logs\xDB62.tmp
    2010-08-12 21:55 . 2010-08-13 07:42 2630656 —-a-w- c:\windows\Internet Logs\xDB63.tmp
    2010-08-08 10:58 . 2010-08-08 10:59 32256 —-a-w- c:\windows\Internet Logs\xDB61.tmp
    2010-08-06 13:18 . 2010-08-07 11:37 8704 —-a-w- c:\windows\Internet Logs\xDB60.tmp
    2010-07-30 07:44 . 2010-08-06 13:18 37888 —-a-w- c:\windows\Internet Logs\xDB5F.tmp
    2010-07-29 12:09 . 2010-07-29 12:10 142336 —-a-w- c:\windows\Internet Logs\xDB5E.tmp
    2010-07-22 20:53 . 2010-07-22 20:53 ——– d—–w- c:\program files\VIA
    2010-07-22 19:33 . 2010-07-22 19:33 ——– d—–w- c:\program files\Driver-Soft
    2010-07-18 21:35 . 2010-07-18 21:35 95024 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-07-17 12:10 . 2010-02-28 17:15 243024 —-a-w- c:\windows\system32\drivers\avgtdix.sys
    2010-07-17 12:10 . 2010-07-17 12:10 12536 —-a-w- c:\windows\system32\avgrsstx.dll
    2010-07-17 12:07 . 2010-02-28 17:15 216400 —-a-w- c:\windows\system32\drivers\avgldx86.sys
    2010-07-17 03:00 . 2010-05-19 18:22 423656 —-a-w- c:\windows\system32\deployJava1.dll
    2010-07-16 19:37 . 2010-06-19 18:47 ——– d—–w- c:\program files\a-squared Free
    2010-07-15 21:27 . 2010-07-15 21:28 40960 —-a-w- c:\windows\Internet Logs\xDB5C.tmp
    2010-07-15 21:27 . 2010-07-15 21:28 2552832 —-a-w- c:\windows\Internet Logs\xDB5D.tmp
    2010-07-15 19:55 . 2010-04-20 18:30 ——– d—–w- c:\program files\MSECache
    2010-07-15 19:55 . 2010-06-01 19:47 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\GHISLER
    2010-07-15 19:50 . 2010-07-12 19:39 ——– d—–w- c:\documents and settings\All Users\Application Data\Norton
    2010-07-14 21:04 . 2010-07-15 06:40 84992 —-a-w- c:\windows\Internet Logs\xDB5A.tmp
    2010-07-14 21:04 . 2010-07-15 06:40 2493952 —-a-w- c:\windows\Internet Logs\xDB5B.tmp
    2010-07-12 19:39 . 2010-07-12 19:39 ——– d—–w- c:\documents and settings\All Users\Application Data\Symantec
    2010-07-12 19:39 . 2010-07-12 19:39 ——– d—–w- c:\documents and settings\All Users\Application Data\NortonInstaller
    2010-07-12 18:03 . 2010-07-12 18:03 ——– d—–w- c:\documents and settings\Ruurd en Marianne\Application Data\CheckPoint
    2010-06-21 20:11 . 2010-06-22 07:00 35328 —-a-w- c:\windows\Internet Logs\xDB53.tmp
    2010-06-21 12:10 . 2010-06-21 17:25 2131968 —-a-w- c:\windows\Internet Logs\xDB52.tmp
    2010-06-21 11:43 . 2010-06-21 11:48 30720 —-a-w- c:\windows\Internet Logs\xDB50.tmp
    2010-06-21 11:43 . 2010-06-21 11:48 2131968 —-a-w- c:\windows\Internet Logs\xDB51.tmp
    2010-06-19 19:31 . 2010-06-19 19:43 30720 —-a-w- c:\windows\Internet Logs\xDB4F.tmp
    2010-06-19 17:21 . 2010-06-19 17:30 15360 —-a-w- c:\windows\Internet Logs\xDB4E.tmp
    2010-06-19 17:18 . 2010-06-19 17:20 143872 —-a-w- c:\windows\Internet Logs\xDB4D.tmp
    2010-06-19 16:54 . 2010-06-19 17:09 2118144 —-a-w- c:\windows\Internet Logs\xDB4C.tmp
    2010-06-17 05:24 . 2010-06-17 08:13 2117120 —-a-w- c:\windows\Internet Logs\xDB4B.tmp
    2010-06-15 14:51 . 2010-06-15 14:56 2148352 —-a-w- c:\windows\Internet Logs\xDB4A.tmp
    2010-06-14 14:31 . 2003-06-27 22:42 744448 —-a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
    2010-06-12 19:31 . 2010-06-13 08:47 2112512 —-a-w- c:\windows\Internet Logs\xDB49.tmp
    .

    ——- Sigcheck ——-

    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
    [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

    [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
    [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys

    [-] 2003-04-08 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

    [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
    [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys

    [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    dis.sys
    [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers
    dis.sys

    [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    tfs.sys
    [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers
    tfs.sys
    [-] 2003-04-08 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\i386\NTFS.SYS

    [-] 2003-04-08 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers
    ull.sys

    [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
    [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
    [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
    [-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys

    [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
    [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll

    [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
    [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe

    [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    etman.dll
    [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32
    etman.dll
    [-] 2005-08-22 . 269182FF03F1FDD0EF803AEB63C01080 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE
    etman.dll

    [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
    [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
    [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll

    [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
    [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
    [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
    [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
    [-] 2005-07-26 . B52BD9DB0BD6D01BDB01B0DBFBB804CD . 397824 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2gdr\rpcss.dll
    [-] 2005-07-26 . B9A5A38A11C1D1BC2B5889F2900E6CDB . 276992 . . [5.1.2600.1720] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp1qfe\rpcss.dll
    [-] 2005-07-26 . 23B465FD2354D83218AC091D0EE6D91B . 398336 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2qfe\rpcss.dll
    [-] 2005-01-14 . FE787AF1556421C60DC427C2CC12CD9C . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll

    [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
    [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
    [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
    [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

    [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
    [-] 2008-04-14 . DB454135DE1A09FE7FEDA7B554B5CCA2 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
    [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

    [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
    [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

    [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
    [-] 2008-04-14 . EFD9660AF9177D90018AC9A9AA42310F . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
    [-] 2003-04-08 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\i386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL

    [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
    [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll

    [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
    [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
    [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
    [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
    [-] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2gdr\es.dll
    [-] 2005-07-26 04:39 . 81E7A36AEE80E677A34394BE62B7B658 . 227328 . . [2001.12.4414.62] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp1qfe\es.dll
    [-] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2qfe\es.dll

    [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
    [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll

    [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
    [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
    [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
    [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
    [-] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

    [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
    [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
    [-] 2005-09-01 . BDF49EB509B446650A752F751634AA1C . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll

    [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
    [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll

    [-] 2010-06-24 . 4866ECEEFB5964BB1CB081FB3A2A370D . 5954560 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\mshtml.dll
    [-] 2010-06-24 . 1048BF4C23101A0404252A19A9151C16 . 5951488 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\mshtml.dll
    [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll
    [-] 2010-05-06 . E7CD22F3A8247FC3BFD283D30B4674D2 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll
    [-] 2010-05-06 . 47A7DDF5DF0F323F877EEFC75338C4A3 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
    [-] 2010-02-25 . A38971E011619C2CF1B87ADE965F5DD4 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
    [-] 2010-02-25 . 2399C13AE076A84037794AA0E9BF152A . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
    [-] 2010-01-05 . 0719BB9695A3B029689F5F322A98EAF9 . 3599360 . . [7.00.6000.16981] . . c:\windows\ie8\mshtml.dll
    [-] 2010-01-05 . 0719BB9695A3B029689F5F322A98EAF9 . 3599360 . . [7.00.6000.16981] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3GDR\mshtml.dll
    [-] 2010-01-05 . 247E251C82853166DFD161871534F0FB . 3602944 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
    [-] 2010-01-05 . 247E251C82853166DFD161871534F0FB . 3602944 . . [7.00.6000.21183] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3QFE\mshtml.dll
    [-] 2009-12-22 . E9536E13EDDB2B72B33CB20182A80086 . 3092480 . . [6.00.2900.5921] . . c:\windows\ie7\mshtml.dll
    [-] 2009-12-22 . AB8AB19C3EC6FA71152C50E6C5F452C9 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
    [-] 2009-12-21 . 0C92E8AAD0E68E0A5358813353F31CE3 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
    [-] 2009-12-21 . 585A8B2FD6373FC06D6893867754CF74 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
    [-] 2009-10-29 . 457643CEFC939B88A86AD10B5861960C . 3598336 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\mshtml.dll
    [-] 2009-10-29 . 457643CEFC939B88A86AD10B5861960C . 3598336 . . [7.00.6000.16945] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3GDR\mshtml.dll
    [-] 2009-10-29 . A66CEDA2AA6FA052D3F7A46CE7553D21 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
    [-] 2009-10-29 . 6D626567986D37E021F44EE66446D515 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
    [-] 2009-10-29 . 460BD186C5F245B99846E0F9EE10CD0B . 3602432 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll
    [-] 2009-10-29 . 460BD186C5F245B99846E0F9EE10CD0B . 3602432 . . [7.00.6000.21148] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3QFE\mshtml.dll
    [-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
    [-] 2008-04-14 . B937B964B164A7B588D09BF419F90875 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
    [-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB976325-IE7\mshtml.dll
    [-] 2006-06-30 17:39 . 2F7B1453EB7BF5218BCAE10586D712AD . 2710528 . . [6.00.2800.1562] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\RTMQFE\mshtml.dll
    [-] 2006-06-30 09:53 . 0B64312439A98F4991A7FE3D676252F3 . 2703872 . . [6.00.2800.1561] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\rtmgdr\mshtml.dll

    [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
    [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
    [-] 2003-04-08 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\i386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL

    [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
    [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
    [-] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
    [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll

    [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    etlogon.dll
    [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32
    etlogon.dll

    [-] 2010-04-28 . 548AED38DF451C1783037390194A04DC . 2194304 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR
    toskrnl.exe
    [-] 2010-04-28 . 59582F46CAAAA049DB613B4005AF57B5 . 2194432 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE
    toskrnl.exe
    [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386
    toskrnl.exe
    [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32
    toskrnl.exe
    [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\system32\dllcache
    toskrnl.exe
    [-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE
    toskrnl.exe
    [-] 2009-12-10 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE
    toskrnl.exe
    [-] 2009-12-09 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3QFE
    toskrnl.exe
    [-] 2009-12-09 . 9FCCE3EF6E062C55FDA6E67C7EE7BAF4 . 2184704 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2GDR
    toskrnl.exe
    [-] 2009-12-09 . F96B89E41B78F5B3050A1003FD143732 . 2190336 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2QFE
    toskrnl.exe
    [-] 2009-12-09 . 13C15BFF7E82D3F9FD215ADD54A3929D . 2193536 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3GDR
    toskrnl.exe
    [-] 2009-08-04 . 2F1443AB72A64182FD8258BBAE801EA7 . 2193664 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE
    toskrnl.exe
    [-] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE
    toskrnl.exe
    [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    toskrnl.exe
    [-] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE
    toskrnl.exe

    [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
    [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll

    [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
    [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll

    [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
    [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll

    [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
    [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe

    [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
    [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
    [-] 2005-07-08 . 5A145DBF2916F583921BB27B91B2DC0B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll

    [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
    [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
    [-] 2005-03-02 . 0B62745CE93E8C6F56547F70269DBABC . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll

    [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
    [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe

    [-] 2010-06-24 . 8168F7D81CD04C83D7E04F3981A7D0F5 . 919040 . . [8.00.6001.23037] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3QFE\wininet.dll
    [-] 2010-06-24 . A3D63C0EF4D32F1F04D9E9596AEA0FFE . 916480 . . [8.00.6001.18939] . . c:\windows\SoftwareDistribution\Download\90092672af08a8cb7ca15c890e5041aa\SP3GDR\wininet.dll
    [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll
    [-] 2010-05-06 . 109D1EFA1C0BC4EC65EBA39707F31A19 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll
    [-] 2010-05-06 . A319118B77A91EB08AB2BF098D91900E . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
    [-] 2010-02-25 . 2A850B8F7B435ACFB9DCD0A566FD720C . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
    [-] 2010-02-25 . BB424C9406140FEAFB4732025BEBB69B . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
    [-] 2010-01-05 . F802C66238A60FC9A2D86B6D89B0F3ED . 832512 . . [7.00.6000.16981] . . c:\windows\ie8\wininet.dll
    [-] 2010-01-05 . F802C66238A60FC9A2D86B6D89B0F3ED . 832512 . . [7.00.6000.16981] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3GDR\wininet.dll
    [-] 2010-01-05 . C7B2FE1B42DB42B2E01679845D417408 . 841216 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
    [-] 2010-01-05 . C7B2FE1B42DB42B2E01679845D417408 . 841216 . . [7.00.6000.21183] . . c:\windows\SoftwareDistribution\Download\7a98fe28f6c06dd449604c662aac0a64\SP3QFE\wininet.dll
    [-] 2009-12-22 . A21DF8A5A088A16563B30B7F3E70FEF2 . 670208 . . [6.00.2900.5921] . . c:\windows\ie7\wininet.dll
    [-] 2009-12-22 . 2ABF21F7978482AF7CFA4DABF8C5B4E6 . 671744 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
    [-] 2009-12-21 . FA2B753F8FE84904A6940589A43F30B4 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
    [-] 2009-12-21 . 4C145AB616871611FCE38F053C75807C . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
    [-] 2009-10-29 . 7F558D6F7949C4AF6FF91EEE3933C744 . 832512 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\wininet.dll
    [-] 2009-10-29 . 7F558D6F7949C4AF6FF91EEE3933C744 . 832512 . . [7.00.6000.16945] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3GDR\wininet.dll
    [-] 2009-10-29 . 765E049E1F6E2EF9265B85E02DE487B5 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
    [-] 2009-10-29 . D906535CAB4BB8A60AC060351EDE159F . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
    [-] 2009-10-29 . 271E70C5784986E0B76902C70CE5FD9C . 841216 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
    [-] 2009-10-29 . 271E70C5784986E0B76902C70CE5FD9C . 841216 . . [7.00.6000.21148] . . c:\windows\SoftwareDistribution\Download\1f838d40e36b62be49a5c22f01ef64d5\SP3QFE\wininet.dll
    [-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
    [-] 2008-04-14 . 80CA4DCDD3DAD65CB8800508076712E7 . 669184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
    [-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB976325-IE7\wininet.dll
    [-] 2006-06-23 19:47 . 56C66D692B3912C2C044755F569D94E3 . 592384 . . [6.00.2800.1560] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\RTMQFE\wininet.dll
    [-] 2006-06-23 12:29 . 9EEB94127EBAEB8F37A047E8843A3F7B . 580096 . . [6.00.2800.1559] . . c:\windows\SoftwareDistribution\Download\2aa2219e5660d14659d1544181b51a24\rtmgdr\wininet.dll

    [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
    [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll

    [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
    [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll

    [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe
    [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe

    [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
    [-] 2008-04-14 . B2EE0E38A8025D6D7A7F3EEC8CA2829E . 1287168 . . [5.1.2600.5512] . . c:\windows\system32\ole32.dll
    [-] 2005-07-26 . 588443247F2EE6A61B5864B64A7E270E . 1284608 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2gdr\ole32.dll
    [-] 2005-07-26 . F9B85885A133EEFF68B3C524EB94D0F7 . 1190400 . . [5.1.2600.1720] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp1qfe\ole32.dll
    [-] 2005-07-26 . 0F0E95779DB45EB8D09EAA8827D740CC . 1285632 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\83eb5ee3d89be4fbd46f39abf6e6cf99\sp2qfe\ole32.dll
    [-] 2005-01-14 . 75555C8E6657A2AA9101DD56F8D30DAA . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll

    [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
    [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll

    [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
    [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe

    [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
    [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll

    [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
    [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll

    [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
    [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

    [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
    [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe

    [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
    [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll

    [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
    [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll

    [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
    [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll

    [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
    [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll

    [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
    [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll

    [-] 2003-04-08 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

    [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
    [-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys

    [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
    [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys

    [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
    [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys

    [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
    [-] 2008-04-14 17:02 . 2407EADA5E2E146AB51E925F151DDAA5 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll

    [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
    [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll

    [-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
    [-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
    [-] 2004-08-04 08:03 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll

    [-] 2010-04-28 . 75EA98BC36C13E976653400F8183D356 . 2071296 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3QFE
    tkrnlpa.exe
    [-] 2010-04-28 . F98305BD47DC7A0B2A978000E3C31FAB . 2071168 . . [5.1.2600.5973] . . c:\windows\SoftwareDistribution\Download\7b226a48181af3717554ca9ee24a9184\SP3GDR
    tkrnlpa.exe
    [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386
    tkrnlpa.exe
    [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32
    tkrnlpa.exe
    [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\system32\dllcache
    tkrnlpa.exe
    [-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE
    tkrnlpa.exe
    [-] 2009-12-10 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE
    tkrnlpa.exe
    [-] 2009-12-09 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3QFE
    tkrnlpa.exe
    [-] 2009-12-09 . 50DAB657F208AD98B531378D38A2E8B8 . 2062080 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2GDR
    tkrnlpa.exe
    [-] 2009-12-09 . 1FFE3E2414D6FE99CF78FCBFC569F5D0 . 2067456 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP2QFE
    tkrnlpa.exe
    [-] 2009-12-09 . F63B0CC3CE1E6E8EA39B4933B595C73A . 2070400 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\a1f079786e6d2a92d254c97eaea6680a\SP3GDR
    tkrnlpa.exe
    [-] 2009-08-04 . AB21A63A3B15653043E71126E5BBE3DE . 2070528 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE
    tkrnlpa.exe
    [-] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE
    tkrnlpa.exe
    [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
    tkrnlpa.exe
    [-] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE
    tkrnlpa.exe

    [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386
    tmssvc.dll
    [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32
    tmssvc.dll

    [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
    [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll

    [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
    [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
    [-] 2002-12-11 22:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll

    [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
    [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll

    [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
    [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
    [-] 2002-12-11 22:14 . 61CC64C43BEC193100E3722F6CF4B1E1 . 284160 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll

    [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
    [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll

    [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
    [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll

    [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
    [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
    .
    ((((((((((((((((((((((((((((( SnapShot@2010-09-06_12.19.04 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2004-09-06 11:19 . 2010-09-08 16:46 2266112 c:\windows\Installer\13037.msi
    - 2004-09-06 11:19 . 2010-09-03 13:21 2266112 c:\windows\Installer\13037.msi
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-17 2065760]
    "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\avgrsstarter]
    2010-07-17 12:10 12536 —-a-w- c:\windows\system32\avgrsstx.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]
    path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk
    backup=c:\windows\pss\Windows Search.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTIVBOARD]
    2003-05-02 09:31 24576 —-a-w- c:\apps\ABOARD\ABOARD.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2009-07-26 15:44 3883856 —-a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
    2004-06-25 14:20 81920 —-a-w- c:\apps\Powercinema\PCMService.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2010-08-10 03:15 421888 —-a-w- c:\program files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    2004-02-26 14:53 65024 —-a-w- c:\windows\SOUNDMAN.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
    2010-03-09 02:52 15872 —-a-w- c:\program files\Unlocker\UnlockerAssistant.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
    2004-03-26 12:07 49152 —-a-w- c:\windows\system32\VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
    "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
    "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
    "c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
    "c:\\Program Files\\Soluto\\Soluto.exe"=
    "c:\\Program Files\\Soluto\\SolutoService.exe"=
    "c:\\Program Files\\Soluto\\SolutoConsole.exe"=
    "c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=

    R0 PCGenFAM;PCGenFAM;c:\windows\system32\drivers\PCGenFAM.sys [23-8-2010 11:45 179144]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [28-2-2010 19:15 216400]
    R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [28-2-2010 19:15 243024]
    R1 Ext2fs;Ext2fs;c:\windows\system32\drivers\ext2fs.sys [8-3-2010 10:12 181120]
    R1 IfsMount;IfsMount;c:\windows\system32\drivers\ifsmount.sys [8-3-2010 10:12 51072]
    R1 vcsmpdrv;vcsmpdrv;c:\windows\system32\drivers\vcsmpdrv.sys [6-9-2004 13:29 49024]
    R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [17-7-2010 14:07 921952]
    R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [17-7-2010 14:10 308136]
    R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [30-6-2010 16:08 336728]
    R3 VCSSecS;Virtual CD v4 Security service (SDK - Version);c:\program files\Virtual CD v4 SDK\System\vcssecs.exe [6-9-2004 13:29 139264]
    S3 Camdrv30;Philips ToUcam XS;c:\windows\system32\drivers\camdrv30.sys [6-3-2010 21:56 171264]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys –> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
    S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [28-6-2003 0:31 14336]
    S3 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1-3-2010 21:03 1047880]
    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14-10-2009 7:24 10064]
    S3 ZD1211BU(Atheros);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(Atheros);c:\windows\system32\drivers\ZD1211BU.sys [20-4-2010 21:25 500736]

    — Andere Services/Drivers In Geheugen —

    *NewlyCreated* - NOSGETPLUSHELPER

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    Inhoud van de 'Gedeelde Taken' map

    2010-08-17 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

    2010-03-07 c:\windows\Tasks\Herinnering voor registratie 2.job
    - c:\windows\System32\OOBE\oobebaln.exe [2003-06-27 17:03]
    .
    .
    ——- Bijkomende Scan ——-
    .
    FF - ProfilePath - c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=9516
    FF - prefs.js: browser.search.selectedEngine - MyWebSearch
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
    FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRfox000&ptb=RZUA2ThDr5YGBAOOzQcmew&psa=&ind=2010061313&ptnrS=GRfox000&si=&st=kwd&n=77cf1a01&searchfor=
    FF - component: c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
    FF - plugin: c:\documents and settings\Ruurd en Marianne\Application Data\Mozilla\Firefox\Profiles\gn87tmqx.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins
    p_gp.dll
    FF - plugin: c:\program files\Java\jre6\bin
    ew_plugin
    pdeployJava1.dll
    FF - plugin: c:\program files\Microsoft\Office Live
    pOLW.dll
    FF - plugin: c:\program files\QuickTime\Plugins
    pqtplugin8.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    —- FIREFOX POLICIES —-
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn–mgbaam7a8h", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn–mgberp4a5d4ar", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-09-08 20:30
    Windows 5.1.2600 Service Pack 3 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    - - - - - - - > 'winlogon.exe'(476)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'explorer.exe'(2620)
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Voltooingstijd: 2010-09-08 20:35:44
    ComboFix-quarantined-files.txt 2010-09-08 18:35
    ComboFix2.txt 2010-09-06 06:47

    Pre-Run: 16.296.423.424 bytes beschikbaar
    Post-Run: 16.279.490.560 bytes beschikbaar

    - - End Of File - - 545CBE604A6031E71928FAE73ED01D20
  • Hallo ruurd, doe het volgene:


    [b:609bef2c19]Herstart MBAM.[/b:609bef2c19]
    [list:609bef2c19][*:609bef2c19] Klik eerst op de tab 'Update'.
    [*:609bef2c19] Klik vervolgens op de knop 'Controleer op updates'.
    [*:609bef2c19] Indien een nieuwe versie van MBAM wordt aangeboden - ga hiermee akkoord.
    [*:609bef2c19] Nadat MBAM vernieuwd is eerst weer de updatecyclus opstarten.
    [*:609bef2c19] Daarna kies je voor 'Snelle Scan'[/list:u:609bef2c19]
    [list:609bef2c19][*:609bef2c19] Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:609bef2c19] Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.
    [*:609bef2c19] Zorg ervoor, dat alles aangevinkt is.
    [*:609bef2c19] Vervolgens klik je op: 'Verwijder geselecteerde'.
    [*:609bef2c19] Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.[/list:u:609bef2c19]

    [list:609bef2c19][*:609bef2c19] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door op de tab 'Logs' te klikken in 'MBAM'.[/list:u:609bef2c19]

    [list:609bef2c19][*:609bef2c19] Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:609bef2c19] Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:609bef2c19]
    Hierna post je de inhoud van het MBAM-log


    En ik wil graag ook het volgende van je:

    tevens een Uninstall-lijst posten:
    [list:609bef2c19][*:609bef2c19] start HijackThis,
    [*:609bef2c19] klik op de knop Open the Misc Tools section,
    [*:609bef2c19] klik op de knop Open Uninstall Manager,
    [*:609bef2c19] Klik op de knop Save.[/list:u:609bef2c19]
  • hjer de MBAM logfile heeft niets gevonden



    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Databaseversie: 4590

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    10-9-2010 18:25:26
    mbam-log-2010-09-10 (18-25-26).txt

    Scantype: Snelle scan
    Objecten gescand: 133824
    Verstreken tijd: 9 minuut/minuten, 20 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)


    en de HijackThis logfile



    32 Bit HP CIO Components Installer
    Adobe Download Manager
    Adobe Flash Player 10 Plugin
    Adobe Reader 6.0 - Nederlands
    Adobe Shockwave Player 11.5
    Apple Application Support
    Apple Software Update
    Ashampoo Burning Studio 5
    ATI - Software Uninstall Utility
    ATI Catalyst Control Center
    ATI Display Driver
    AVG Free 9.0
    Beveiligingsupdate voor Windows Internet Explorer 7 (KB976325)
    Beveiligingsupdate voor Windows Internet Explorer 7 (KB978207)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332)
    Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)
    CCleaner (remove only)
    Driver Genius Professional Edition
    Ext2 IFS 1.11a for Windows XP
    Foxit Reader
    GEAR 32bit Driver Installer
    GrabIt 1.7.2 Beta 4 (build 997)
    Hidden Utilities XP
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Customer Participation Program 10.0
    HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
    HP Imaging Device Functions 10.0
    HP Photosmart Essential 2.5
    HP Smart Web Printing 4.60
    HP Solution Center 13.0
    HP Update
    Huur- en zorgtoeslag 2010
    Java 2 Runtime Environment, SE v1.4.2_04
    Java(TM) 6 Update 21
    Junk Mail filter update
    Kinderopvangtoeslag 2010
    K-Lite Codec Pack 5.7.0 (Full)
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Dutch Language Pack
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Choice Guard
    Microsoft Office Live Add-in 1.4
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Word 2002
    Microsoft Works 7.0
    Mozilla Firefox (3.6.9)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NewsLeecher v3.9 Final
    QuickPar 0.9
    QuickTime
    S3 S3Display
    S3 S3Gamma2
    S3 S3Info2
    S3 S3Overlay
    Segoe UI
    Shop for HP Supplies
    Soluto
    Sonic MyDVD
    Sonic RecordNow!
    Spybot - Search & Destroy
    TuneUp Utilities
    UniChrome Series Driver and Utilities
    Unlocker 1.8.9
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update voor Windows Internet Explorer 8 (KB976662)
    Update voor Windows Internet Explorer 8 (KB978506)
    Update voor Windows Internet Explorer 8 (KB980182)
    VC 9.0 Runtime
    VIA Platform apparaatbeheer
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WBFS Manager 3.0
    Windows Internet Explorer 8
    Windows Live - Hulpprogramma voor uploaden
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Mail
    Windows Live Messenger
    Windows Media Format 11 runtime
    Windows Media Player 11
    WinRAR
    ZoneAlarm
  • Hoi ruurd, je hebt een volkomen antieke Java runtime in jouw Windows!

    [b:d11c8604f3]Java 2 Runtime Environment, SE v1.4.2_04[/b:d11c8604f3]

    Dat betekent dus dat je een enorm veiligheidslek hebt in jouw Windows!
    Malware houdt daarvan, om daar in te hoeken!


    Pronto deïnstalleren en daarna je PC opnieuw opstarten!
  • oke niet goed dus maar nu moet ik een nieuwe downloaden waar vind ik die heb je een link voor me? alvast bedankt voor alle hulp die je me hebt gegeven! :D
  • Java 21 is nog steeds de aktueelste, dus een nieuwe versie downloaen hoeft niet.

    Tenzij je Java 6 update 21 ook verwijderd hebt!

    http://www.java.com/nl/download/manual.jsp

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.