Ga naar inhoud

bluewhite85

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    27

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door bluewhite85

  1. bluewhite85
    Aangezien ik de bestanden op een andere schijf wil zetten, was het dus niet nodig om ze zelf te decomprimeren maar het is nu zo en sowieso is het opgelost. Alleszinds bedankt voor de reacties!
  2. bluewhite85
    Meerdere mappen decomprimeren ging niet omdat bv. wanneer er bepaalde bestanden in 1 van de submappen niet waren gecomprimeerd, aanzag de pc al de mappen die ik geselecteerd had als niet gecomprimeerd. Ik heb dan maar zelf iets geïmproviseerd: Ik heb bij eigenschappen van station C het comprimeren aangevinkt hierdoor begon de pc uiteraard station C te comprimeren. Ik zag wel dat het veel te lang ging duren en daardoor had ik het comprimeren beëindigd. Na dit proces kon ik wel het vakje bij station C uitvinken doordat de pc dacht dat alles was gecomprimeerd. Door het uitvinken, denk ik wel dat alles terug gedecomprimeerd is want ik heb nog geen blauwe letters bij bestanden gezien. Dus hiermee is mijn probleem wsl opgelost. Misschien nog 2 vraagjes. 1) Wanneer gecomprimeerde bestanden op een andere schijf worden gezet, (dus eigenlijke andere bron) worden ze eigenlijk niet automatisch terug gedecomprimeerd? 2) Bij het per ongeluk comprimeren van de bestanden bij de schijfopruiming, blokkeerde dit proces na ongeveer een kwartiertje. Hierdoor zal niet alles gecomprimeerd geweest zijn. Kunnen bestanden hierdoor beschadigd geraken? Alvast bedankt voor de reactie!
  3. bluewhite85
    Hallo, Een tijdje geleden heb ik eens een schijfopruiming gedaan van station C op mijn pc. Ik was vergeten om de compressie uit te vinken en hierdoor zijn veel bestanden gecomprimeerd. Nu ben ik begonnen met eens een back-up te maken van mijn belangrijke bestanden en wanneer ik hier met klaar ben zou ik station C willen formateren. Het probleem is dat ik de compressie van al de bestanden ongedaan wil maken. Ik weet hoe dit te doen voor een bepaalde map, maar is dit mogelijk om in 1 keer heel station C te decomprimeren? Op internet las ik door gewoon de rechtermuisknop te klikken bij een bepaald station maar het vakje bij station C is uitgevinkt. Op zich weet ik dat het comprimeren van bestanden niet zo erg is, maar ik weet wel dat dit de pc kan vertragen en dat is 1 van de redenen waarom ik de bestanden weer wil decomprimeren. Alvast Bedankt!
  4. bluewhite85
    Ok, is inmiddels gedaan. Nogmaals bedankt voor de hulp!
  5. bluewhite85
    Hallo, Nee, buiten het feit dat de computer al een tijdje traag is, is er geen enkel probleem maar dit probleem zal opgelost zijn eenmaal ik de computer eens formatteer. Ik vermoed dat ik nu gewoon op de knop "markeer als OPGELOST" moet drukken? Alleszinds heel erg bedankt voor uw hulp!!!
  6. bluewhite85
    Hallo, Ik heb het 2 keer gescand aangezien ik de eerste keer dacht dat het niet volledig gedaan was (het stopte gewoon zonder vermelding). mbar-log Malwarebytes Anti-Rootkit BETA 1.06.0.1004 www.malwarebytes.org Database version: v2013.06.27.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Ecommit :: COMPUTER [administrator] 27/06/2013 18:14:22 -log-2013-06-27 (18-14-22).txt Scan type: Quick scan Scan options enabled: PUM | P2P Scan options disabled: Anti-Rootkit | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP Objects scanned: 0 Time elapsed: Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) system-log.txt --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.06.0.1004 © Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 8.0.6001.18702 Java version: 1.6.0_21 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.327000 GHz Memory total: 3217293312, free: 2433933312 Downloaded database version: v2013.06.26.04 Initializing... ------------ Kernel report ------------ 06/26/2013 19:25:41 ------------ Loaded modules ----------- \WINDOWS\system32\ntkrnlpa.exe \WINDOWS\system32\hal.dll \WINDOWS\system32\KDCOM.DLL \WINDOWS\system32\BOOTVID.dll spim.sys \WINDOWS\System32\Drivers\WMILIB.SYS \WINDOWS\System32\Drivers\SCSIPORT.SYS ACPI.sys pci.sys ohci1394.sys \WINDOWS\system32\DRIVERS\1394BUS.SYS isapnp.sys pciide.sys \WINDOWS\system32\DRIVERS\PCIIDEX.SYS MountMgr.sys ftdisk.sys PartMgr.sys VolSnap.sys atapi.sys disk.sys \WINDOWS\system32\DRIVERS\CLASSPNP.SYS fltMgr.sys sr.sys KSecDD.sys WudfPf.sys Ntfs.sys NDIS.sys Mup.sys avgrkx86.sys avglogx.sys avgmfx86.sys avgidshx.sys \SystemRoot\system32\DRIVERS\nv4_mini.sys \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS \SystemRoot\system32\DRIVERS\e1y5132.sys \SystemRoot\system32\DRIVERS\usbuhci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\nic1394.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\serial.sys \SystemRoot\system32\DRIVERS\serenum.sys \SystemRoot\system32\DRIVERS\imapi.sys \SystemRoot\system32\drivers\Afc.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\system32\DRIVERS\redbook.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\System32\Drivers\aneh3xjz.SYS \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\avgfwdx.sys \SystemRoot\system32\DRIVERS\audstub.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\DRIVERS\psched.sys \SystemRoot\system32\DRIVERS\msgpc.sys \SystemRoot\system32\DRIVERS\ptilink.sys \SystemRoot\system32\DRIVERS\raspti.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\update.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\drivers\libusb0.sys \SystemRoot\system32\drivers\RtkHDAud.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\System32\Drivers\Fs_Rec.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \??\C:\WINDOWS\system32\drivers\avgtpx86.sys \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\Drivers\mnmdd.SYS \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\rasacd.sys \SystemRoot\system32\DRIVERS\ipsec.sys \SystemRoot\system32\DRIVERS\tcpip.sys \SystemRoot\system32\DRIVERS\ipnat.sys \SystemRoot\system32\DRIVERS\avgtdix.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\netbt.sys \SystemRoot\system32\DRIVERS\arp1394.sys \SystemRoot\System32\drivers\afd.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\System32\Drivers\Fips.SYS \SystemRoot\system32\DRIVERS\avgldx86.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\avgidsshimx.sys \SystemRoot\system32\DRIVERS\avgidsdriverx.sys \SystemRoot\System32\Drivers\Cdfs.SYS \SystemRoot\System32\Drivers\dump_atapi.sys \SystemRoot\System32\Drivers\dump_WMILIB.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\watchdog.sys \SystemRoot\System32\drivers\dxg.sys \SystemRoot\System32\drivers\dxgthk.sys \SystemRoot\System32\nv4_disp.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\wdmaud.sys \SystemRoot\system32\drivers\sysaudio.sys \SystemRoot\system32\DRIVERS\srv.sys \SystemRoot\system32\drivers\npf.sys \SystemRoot\System32\Drivers\HTTP.sys \SystemRoot\system32\drivers\kmixer.sys \SystemRoot\System32\Drivers\Fastfat.SYS \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys \WINDOWS\system32\ntdll.dll \Program Files\Alcohol Soft\Alcohol 120\alcoholx.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff8b0f2ab8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP3T1L0-9\ Lower Device Object: 0xffffffff8b0c9d98 Lower Device Driver Name: \Driver\atapi\ IRP handler 0 of \Driver\atapi is hooked IRP handler 2 of \Driver\atapi is hooked IRP handler 14 of \Driver\atapi is hooked IRP handler 15 of \Driver\atapi is hooked IRP handler 22 of \Driver\atapi is hooked IRP handler 23 of \Driver\atapi is hooked IRP handler 27 of \Driver\atapi is hooked Unhooking enabled. <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff8b0f2ab8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP3T1L0-9\ Lower Device Object: 0xffffffff8b0c9d98 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi Initialization returned 0x0 Load Function returned 0x0 <<<2>>> Device number: 0, partition: 1 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff8b0f2ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8b187288, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff8b0f2ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff8b0c9d98, DeviceName: \Device\Ide\IdeDeviceP3T1L0-9\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xffffffffe3f34bc8, 0xffffffff8b0f2ab8, 0xffffffff89f56718 Lower DeviceData: 0xffffffffe431c9d0, 0xffffffff8b0c9d98, 0xffffffff89e8ea68 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> Device number: 0, partition: 1 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\system32\drivers... <<<2>>> Device number: 0, partition: 1 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes File user open failed: C:\WINDOWS\system32\drivers\sptd.sys (0x00000020) Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: EE47EE47 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 521823267 Partition file system is NTFS Partition is bootable Partition 1 type is Extended with LBA (0xf) Partition is NOT ACTIVE. Partition starts at LBA: 521823330 Numsec = 1431680670 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 1000204886016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)... Done! Read File: File "c:\documents and settings\all users\application data\avg2013\chjw\1220e8b020e89bcb.dat:52e53017-1c9e-485a-849b-3d7d6d69b460" is sparse (flags = 32768) Read File: File "c:\documents and settings\all users\application data\avg2013\chjw\1220e8b020e89bcb.dat:70c7593a-b49c-4807-95fa-3e54fe9a5006" is sparse (flags = 32768) ======================================= Removal queue found; removal started Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_i.mbam... Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam... Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_r.mbam... Removal finished --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.06.0.1004 © Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 8.0.6001.18702 Java version: 1.6.0_21 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.327000 GHz Memory total: 3217293312, free: 2652008448 ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.06.0.1004 © Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 8.0.6001.18702 Java version: 1.6.0_21 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.327000 GHz Memory total: 3217293312, free: 2488426496 Downloaded database version: v2013.06.26.05 Downloaded database version: v2013.06.26.06 Downloaded database version: v2013.06.26.07 Downloaded database version: v2013.06.27.01 Downloaded database version: v2013.06.27.02 Downloaded database version: v2013.06.27.03 Downloaded database version: v2013.06.27.04 Downloaded database version: v2013.06.27.05 Downloaded database version: v2013.06.27.06 Downloaded database version: v2013.06.27.07 Initializing... ------------ Kernel report ------------ 06/27/2013 18:14:16 ------------ Loaded modules ----------- \WINDOWS\system32\ntkrnlpa.exe \WINDOWS\system32\hal.dll \WINDOWS\system32\KDCOM.DLL \WINDOWS\system32\BOOTVID.dll spsf.sys \WINDOWS\System32\Drivers\WMILIB.SYS \WINDOWS\System32\Drivers\SCSIPORT.SYS ACPI.sys pci.sys ohci1394.sys \WINDOWS\system32\DRIVERS\1394BUS.SYS isapnp.sys pciide.sys \WINDOWS\system32\DRIVERS\PCIIDEX.SYS MountMgr.sys ftdisk.sys PartMgr.sys VolSnap.sys atapi.sys disk.sys \WINDOWS\system32\DRIVERS\CLASSPNP.SYS fltMgr.sys sr.sys KSecDD.sys WudfPf.sys Ntfs.sys NDIS.sys Mup.sys avgrkx86.sys avglogx.sys avgmfx86.sys avgidshx.sys \SystemRoot\system32\DRIVERS\nv4_mini.sys \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS \SystemRoot\system32\DRIVERS\e1y5132.sys \SystemRoot\system32\DRIVERS\usbuhci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\nic1394.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\serial.sys \SystemRoot\system32\DRIVERS\serenum.sys \SystemRoot\system32\DRIVERS\imapi.sys \SystemRoot\system32\drivers\Afc.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\system32\DRIVERS\redbook.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\System32\Drivers\awntsk3q.SYS \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\avgfwdx.sys \SystemRoot\system32\DRIVERS\audstub.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\DRIVERS\psched.sys \SystemRoot\system32\DRIVERS\msgpc.sys \SystemRoot\system32\DRIVERS\ptilink.sys \SystemRoot\system32\DRIVERS\raspti.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\update.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\drivers\libusb0.sys \SystemRoot\system32\drivers\RtkHDAud.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\System32\Drivers\Fs_Rec.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \??\C:\WINDOWS\system32\drivers\avgtpx86.sys \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\Drivers\mnmdd.SYS \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\rasacd.sys \SystemRoot\system32\DRIVERS\ipsec.sys \SystemRoot\system32\DRIVERS\tcpip.sys \SystemRoot\system32\DRIVERS\avgtdix.sys \SystemRoot\system32\DRIVERS\ipnat.sys \SystemRoot\system32\DRIVERS\netbt.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\System32\drivers\afd.sys \SystemRoot\system32\DRIVERS\arp1394.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\System32\Drivers\Fips.SYS \SystemRoot\system32\DRIVERS\avgldx86.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\avgidsshimx.sys \SystemRoot\system32\DRIVERS\avgidsdriverx.sys \SystemRoot\System32\Drivers\Cdfs.SYS \SystemRoot\System32\Drivers\dump_atapi.sys \SystemRoot\System32\Drivers\dump_WMILIB.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\watchdog.sys \SystemRoot\System32\drivers\dxg.sys \SystemRoot\System32\drivers\dxgthk.sys \SystemRoot\System32\nv4_disp.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\wdmaud.sys \SystemRoot\system32\drivers\sysaudio.sys \SystemRoot\system32\DRIVERS\srv.sys \SystemRoot\system32\drivers\npf.sys \SystemRoot\System32\Drivers\HTTP.sys \SystemRoot\system32\drivers\kmixer.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\System32\Drivers\Fastfat.SYS \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys \WINDOWS\system32\ntdll.dll \Program Files\Alcohol Soft\Alcohol 120\alcoholx.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk1\DR3 Upper Device Object: 0xffffffff8a081030 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000083\ Lower Device Object: 0xffffffff89ecd698 Lower Device Driver Name: \Driver\USBSTOR\ IRP handler 0 of \Driver\USBSTOR points to an unknown module Unhooking enabled. <<<1>>> Upper Device Name: \Device\Harddisk1\DR3 Upper Device Object: 0xffffffff8a081030 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000083\ Lower Device Object: 0xffffffff89ecd698 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR Initialization returned 0x0 Load Function returned 0x0 <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff8b0c6ab8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP3T1L0-9\ Lower Device Object: 0xffffffff8b0ded98 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi Initialization returned 0x0 Load Function returned 0x0 <<<2>>> Device number: 0, partition: 1 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff8b0c6ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8b0f6c60, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff8b0c6ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff8b0ded98, DeviceName: \Device\Ide\IdeDeviceP3T1L0-9\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xffffffffe3da98a8, 0xffffffff8b0c6ab8, 0xffffffff89f2fab8 Lower DeviceData: 0xffffffffe11bfc30, 0xffffffff8b0ded98, 0xffffffff89ffe040 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> Device number: 0, partition: 1 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\system32\drivers... <<<2>>> Device number: 0, partition: 1 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes File user open failed: C:\WINDOWS\system32\drivers\sptd.sys (0x00000020) Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: EE47EE47 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 521823267 Partition file system is NTFS Partition is bootable Partition 1 type is Extended with LBA (0xf) Partition is NOT ACTIVE. Partition starts at LBA: 521823330 Numsec = 1431680670 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 1000204886016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)... Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xffffffff8a081030, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8a20ec50, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff8a081030, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff89ecd698, DeviceName: \Device\00000083\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\ Upper DeviceData: 0xffffffffe4046848, 0xffffffff8a081030, 0xffffffff89eed280 Lower DeviceData: 0xffffffffe3b475d0, 0xffffffff89ecd698, 0xffffffff89ef6c38 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: 0 Partition information: Partition 0 type is Other (0xc) Partition is NOT ACTIVE. Partition starts at LBA: 52 Numsec = 31283858 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 16026435072 bytes Sector size: 512 bytes Done! Read File: File "c:\documents and settings\all users\application data\avg2013\chjw\1220e8b020e89bcb.dat:514e7d66-98fb-4903-b2d5-9c31fac8a957" is sparse (flags = 32768) ======================================= Removal queue found; removal started Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_i.mbam... Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam... Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_r.mbam... Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_1_i.mbam... Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_1_r.mbam... Removal finished --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.06.0.1004 © Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 8.0.6001.18702 Java version: 1.6.0_21 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.327000 GHz Memory total: 3217293312, free: 2655621120 =======================================
  7. bluewhite85
    HitmanPro 3.7.6.201 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : COMPUTER Windows . . . . . . . : 5.1.3.2600.X86/4 User name . . . . . . : Ecommit License . . . . . . . : Free Scan date . . . . . . : 2013-06-25 18:37:09 Scan mode . . . . . . : Normal Scan duration . . . . : 9m 33s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 30 Traces . . . . . . . : 3970 Objects scanned . . . : 848.782 Files scanned . . . . : 83.652 Remnants scanned . . : 147.599 files / 617.531 keys Miniport ____________________________________________________________________ Primary DriverObject . . . : 8B0E70C8 DriverName . . . . : \Driver\atapi DriverPath . . . . : atapi.sys StartIo . . . . . : B9E1E864 atapi.sys+30820 IRP_MJ_SCSI . . . : B9E20B40 atapi.sys+39744 Solution DriverObject . . . : 8B0E70C8 DriverName . . . . : \Driver\atapi DriverPath . . . . : atapi.sys StartIo . . . . . : B9E1E864 atapi.sys+30820 IRP_MJ_SCSI . . . : B9E1D852 atapi.sys+26706 Malware _____________________________________________________________________ C:\WINDOWS\system32\expand.exe Size . . . . . . . : 16.896 bytes Age . . . . . . . : 1544.3 days (2009-04-03 11:24:44) Entropy . . . . . : 5.6 SHA-256 . . . . . : 4722709BD2B0EAAA240C6850AE6BA05EA4F52CA95AF20A7A700C94817691D90C Product . . . . . : Besturingssysteem Microsoft® Windows® Publisher . . . . : Microsoft Corporation Description . . . : Hulpprogramma LZ Expansion Version . . . . . : 5.1.2600.0 Copyright . . . . : © Microsoft Corporation. Alle rechten voorbehouden. > Ikarus . . . . . . : Virus.Win32.Virut!IK Fuzzy . . . . . . : 110.0 C:\WINDOWS\system32\netsetup.exe Size . . . . . . . : 351.744 bytes Age . . . . . . . : 1544.3 days (2009-04-03 11:25:08) Entropy . . . . . : 7.8 SHA-256 . . . . . : AFDA0E70A2A38A2B45CBB59F82EECF93803F7C37BECE56EBC04BFAB2D2CC8689 Product . . . . . : Besturingssysteem Microsoft® Windows® Publisher . . . . : Microsoft Corporation Description . . . : Win32 Cabinet Self-Extractor Version . . . . . : 6.00.3000.0000 Copyright . . . . : © Microsoft Corporation. Alle rechten voorbehouden. > G Data . . . . . . : Gen:Malware.Heur.vm0@bCpZfSlO (Engine A) > Ikarus . . . . . . : Gen.Malware.Heur!IK Fuzzy . . . . . . : 117.0 C:\WINDOWS\system32\spnpinst.exe Size . . . . . . . : 27.136 bytes Age . . . . . . . : 1544.3 days (2009-04-03 11:25:18) Entropy . . . . . : 7.4 SHA-256 . . . . . : A492B951FB08B3F712E485813340EF7AFA6FE5D58C7DB83497FF5792255ADB11 Product . . . . . : Microsoft® Windows® Operating System Publisher . . . . : Microsoft Corporation Description . . . : Peer-to-Peer Custom Setup Version . . . . . : 5.1.2600.5512 Copyright . . . . : © Microsoft Corporation. All rights reserved. > G Data . . . . . . : Gen:Malware.Heur.bm0@bun5ROgi (Engine A) > Ikarus . . . . . . : Gen.Malware.Heur!IK Fuzzy . . . . . . : 112.0 Potential Unwanted Programs _________________________________________________ C:\Documents and Settings\All Users\Application Data\Babylon\ (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\BabAll.dat (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\ (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\64696AU7MP_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\6PR5580MEE_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\6RHZSDV3KE_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\7BZ95AEQPT_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\7BZ95AEQPT_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\8Y3ADBYMTJ_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\8Y3ADBYMTJ_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\9MNN3FNCUA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\9MNN3FNCUA_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\AVKMVPKAU6_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\AVKMVPKAU6_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\B3UREHM8F6_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\BEXGNJURCA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\BJKS8ZN2QJ_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\BJKS8ZN2QJ_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\BTMJWKZGYE_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\CDWYSD0KQA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\CDWYSD0KQA_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\D35ZVSJUGA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\D35ZVSJUGA_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\GXD7K8XNM6_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\HCZ7J3Q8UA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\KVG0R4N8AE_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\KVG0R4N8AE_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\M534MSC3GP_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\QGDUSRR4JA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\RHFWM3WFXJ_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\RYVU9J4Z0A_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\RYVU9J4Z0A_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\UJAN48NM5P_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\UJAN48NM5P_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\UWXWZCZR2A_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\UWXWZCZR2A_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\WHBVH86TJX_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\WZQV2X3J6E_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\YC9EPB7CF2_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\YC9EPB7CF2_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\YPSR537K76_glossary_icon.ico (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\ (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\Content\icons\ (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\Content\icons\6RHZSDV3KE_glossary_icon.ico (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\Content\icons\BTMJWKZGYE_glossary_icon.ico (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\Content\icons\HCZ7J3Q8UA_glossary_icon.ico (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\FLStat.dat (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\log_file.txt (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\MyList.dat (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\ocr_cache (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\ocr_data (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\updates\ (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\updates\convert.dat (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\updates\rates.dat (Babylon) C:\Documents and Settings\Ecommit\Local Settings\Application Data\Babylon\ (Babylon) C:\Program Files\Babylon\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\BabylonAgent.exe (Babylon) Size . . . . . . . : 458.056 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:21) Entropy . . . . . : 7.8 SHA-256 . . . . . : 072B7F9A020CCF1639FAF4E53A9FA842B361EA00460732B73B6D643F77B53729 RSA Key Size . . . : 2048 Authenticode . . . : Self-signed Fuzzy . . . . . . : 9.0 C:\Program Files\Babylon\Babylon-Pro\Agent\BDesktopAgent.dll (Babylon) Size . . . . . . . : 221.584 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:21) Entropy . . . . . : 6.4 SHA-256 . . . . . : C7E0B23980034A28577BFC5AAFBC0463E26ABF74B198D1EB59B338E2B359675C Product . . . . . : Babylon Desktop Agent Publisher . . . . : Babylon Ltd. Description . . . : Babylon Desktop Agent Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 RSA Key Size . . . : 2048 Authenticode . . . : Self-signed Fuzzy . . . . . . : -5.0 C:\Program Files\Babylon\Babylon-Pro\Agent\ExcludeSelect.xml (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\notes.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\notes_off.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\purchase.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\purchase_off.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\spelling.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\spelling_off.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\translate.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\translate_off.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\units.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\units_off.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\BabyServices.dll (Babylon) Size . . . . . . . : 1.015.296 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 5.5 SHA-256 . . . . . : A59D368D74365CBCF0A01885D7AC9861B1036009B5FFB45EE511D29004DB6B29 Product . . . . . : Babylon Client Publisher . . . . : Babylon Ltd. Description . . . : Babylon Services Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\BContentServer.dll (Babylon) Size . . . . . . . : 2.562.048 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.0 SHA-256 . . . . . : 9C2E5E099D139B8F0E9BE522171B1C5DE8C4D8C4DCCB90F72F7A5A722A9880D4 Product . . . . . : Babylon Client Publisher . . . . : Babylon Ltd. Description . . . : Babylon Content Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\BContentServerExt.dll (Babylon) Size . . . . . . . : 440.832 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.2 SHA-256 . . . . . : 5E5EC7C17DB1F710AE4D8CC0ED47A158EB0C8EC78A94647DE2D689CD299E803C Product . . . . . : Babylon Client Publisher . . . . : Babylon Ltd. Description . . . : Babylon Document Provider Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\BException.dll (Babylon) Size . . . . . . . : 112.128 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.2 SHA-256 . . . . . : 7FBB387FC08328859490A82E47D7D8B17B74D4CCFB2BE7ED0E96A57AA2E2CDD2 Product . . . . . : Babylon Client Publisher . . . . : Babylon Ltd. Description . . . : Babylon EXception Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\captlib.dll (Babylon) Size . . . . . . . : 208.896 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.3 SHA-256 . . . . . : 20C49651CCDEF9DBBB5C8267C00E1412B4353C624243D146BE1408302E52C6C5 Product . . . . . : Babylon Client Publisher . . . . : Babylon Ltd. Description . . . : Babylon Information Tool Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\Data\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\Babylon.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BaseList.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Chinese_S__English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Chinese_T__English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Dutch_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Chinese_S__sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Chinese_T__sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Dutch_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_French_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_German_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Hebrew_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Italian_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Japanese_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Korean_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Portuguese_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Russian_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Spanish_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Swedish_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_French_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_German_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Hebrew_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Hebrew_Thesaurus_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Italian_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Japanese_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Portuguese_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Russian_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Spanish_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\CSConfig.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\Features.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Arabic.iso8859_6.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Arabic.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Arabic.windows1256.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Bulgarian.iso8859_5.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Bulgarian.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Chinese (S).gb2312.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Chinese (T).big5.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Czech.iso8859_2.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Czech.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Danish.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Dutch.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\English.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\English.shlomi.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\French.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\German.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Greek.iso8859_7.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Greek.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Hebrew.iso8859_8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Hebrew.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Hindi.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Hindi.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Hungarian.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Italian.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Japanese.euc_jp.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Japanese.shift_jis.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Japanese.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Korean.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Korean.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Norwegian.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Polish.iso8859_2.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Polish.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Portuguese.brazil.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Portuguese.europe.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Romanian.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Russian.iso8859_5.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Russian.koi8_r.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Russian.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Russian.windows1251.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Serbian.ascii.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Serbian.cyrillic-utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Spanish.basque.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Spanish.catalan.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Spanish.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Swedish.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Thai.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Thai.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Turkish.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Turkish.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Ukrainian.koi8_u.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Ukrainian.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\Metaphone.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\Strings.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Gloss\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Gloss\bab_hlp_static.bdc (Babylon) C:\Program Files\Babylon\Babylon-Pro\Gloss\bdcmpers.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Gloss\cslock.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Updates\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Updates\Convert.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Updates\Rates.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Utils\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon) Size . . . . . . . : 252.304 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.3 SHA-256 . . . . . : 21142376F2B4D82CA2981BFE8287783B91805510AC8DF5CD525CE7DB7B3CA295 Product . . . . . : Babylon IE Addin Publisher . . . . : Babylon Ltd. Description . . . : Babylon Internet Explorer Addin Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 RSA Key Size . . . : 2048 Authenticode . . . : Self-signed Fuzzy . . . . . . : -5.0 C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonOfficePI.dll (Babylon) Size . . . . . . . : 286.720 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.3 SHA-256 . . . . . : D5BE1BEC5C5E11DD2FF3E819E35D1EE1285A8FC5C5419293DEE6B6667AB9BE60 Product . . . . . : Babylon Office Addin Publisher . . . . : Babylon Ltd. Description . . . : Babylon Office Addin Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonRPI.api (Babylon) Size . . . . . . . : 161.280 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:21) Entropy . . . . . : 6.4 SHA-256 . . . . . : A6E7E609EE7C008427806FA97D203DB25E37DD2441D33A3936C0D4D3FC8AFC86 Product . . . . . : Babylon BabylonRPI Publisher . . . . : Babylon Description . . . : Babylon Plug in for Acrobat Reader Version . . . . . : 1.0.1.0 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -4.0 C:\Program Files\Babylon\Babylon-Pro\Utils\MyBabylonIE.exe (Babylon) Size . . . . . . . : 1.497.872 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:21) Entropy . . . . . : 8.0 SHA-256 . . . . . : 02CBA23F13BFD7B1CA740589E64FA82F34B36AD963BBA18B4E1BA4CC05E6666E Publisher Description . . . : myBabylon_English Toolbar Version . . . . . : 4.5.192.5 Copyright . . . . : Conduit Ltd. RSA Key Size . . . : 1024 Authenticode . . . : Valid Fuzzy . . . . . . : -6.0 C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe (Babylon) Size . . . . . . . : 435.600 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.2 SHA-256 . . . . . : 0A30BA1D17B44F3B586E80EE9913FE060D50C2D7807A94862DAF9C8E74DA203C RSA Key Size . . . : 2048 Authenticode . . . : Self-signed Fuzzy . . . . . . : -3.0 HKLM\SOFTWARE\babylon\ (Babylon) HKLM\SOFTWARE\Classes\AppID\babyloniepi.dll\ (Babylon) HKLM\SOFTWARE\Classes\AppID\{b16632f1-24e0-4d99-a68d-70bfb6447c48}\ (Babylon) HKLM\SOFTWARE\Classes\babydict\ (Babylon) HKLM\SOFTWARE\Classes\babygloss\ (Babylon) HKLM\SOFTWARE\Classes\babyloniepi.babyloniebho.1\ (Babylon) HKLM\SOFTWARE\Classes\babyloniepi.babyloniebho\ (Babylon) HKLM\SOFTWARE\Classes\babylonofficeaddin.officeaddin.1\ (Babylon) HKLM\SOFTWARE\Classes\babylonofficeaddin.officeaddin\ (Babylon) HKLM\SOFTWARE\Classes\babyoptfile\ (Babylon) HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45e2-857D-2A368FE749E5}\ (Babylon) HKLM\SOFTWARE\Classes\CLSID\{9cfaccb6-2f3f-4177-94ea-0d2b72d384c1}\ (Babylon) HKLM\SOFTWARE\Classes\Interface\{5f339f0b-716f-408f-a627-deeb5deb4020}\ (Babylon) HKLM\SOFTWARE\Classes\Interface\{b7ea2226-f876-4be4-b478-76ebae2a668a}\ (Babylon) HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bdc\ (Babylon) HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bgl\ (Babylon) HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bof\ (Babylon) HKLM\SOFTWARE\Classes\prod.cap\ (Claro) HKLM\SOFTWARE\Classes\s\ (Softonic) HKLM\SOFTWARE\Classes\TypeLib\{5c9a2304-70a5-11d5-afb0-0050dac67890}\ (Babylon) HKLM\SOFTWARE\Classes\TypeLib\{a1489c85-4f6f-48c4-ac9e-18b63af4703e}\ (Babylon) HKLM\SOFTWARE\Classes\TypeLib\{f310f027-15cb-4a7f-b10d-3a4afb5013a5}\ (Babylon) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\babylon.exe\ (Babylon) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\babylon\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\babylon\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Internet Explorer\MenuExt\translate this web page with babylon\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Internet Explorer\MenuExt\translate with babylon\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Office\powerpoint\addins\babylonofficeaddin.officeaddin\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cfaccb6-2f3f-4177-94ea-0d2b72d384c1}\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f72841f0-4ef1-4df5-bce5-b3ac8acf5478}\ (Babylon) Cookies _____________________________________________________________________ C:\Documents and Settings\Ecommit\Cookies\002JU9VV.txt C:\Documents and Settings\Ecommit\Cookies\0477FQ7K.txt C:\Documents and Settings\Ecommit\Cookies\08AZ6IBF.txt C:\Documents and Settings\Ecommit\Cookies\09OFXU9V.txt C:\Documents and Settings\Ecommit\Cookies\0EUFLIIW.txt C:\Documents and Settings\Ecommit\Cookies\0GN096SZ.txt C:\Documents and Settings\Ecommit\Cookies\0OHDWRU7.txt C:\Documents and Settings\Ecommit\Cookies\0P9UQ0CZ.txt C:\Documents and Settings\Ecommit\Cookies\0PF5YRH2.txt C:\Documents and Settings\Ecommit\Cookies\0PTCTDBE.txt C:\Documents and Settings\Ecommit\Cookies\0QE2OY59.txt C:\Documents and Settings\Ecommit\Cookies\0S58R4RS.txt C:\Documents and Settings\Ecommit\Cookies\0S87YJU4.txt C:\Documents and Settings\Ecommit\Cookies\0V1IMX0C.txt C:\Documents and Settings\Ecommit\Cookies\15B2VSKR.txt C:\Documents and Settings\Ecommit\Cookies\17YR7HLW.txt C:\Documents and Settings\Ecommit\Cookies\1B4H5KDP.txt C:\Documents and Settings\Ecommit\Cookies\1JA96FT8.txt C:\Documents and Settings\Ecommit\Cookies\1RFH4MWH.txt C:\Documents and Settings\Ecommit\Cookies\1TM28S3Z.txt C:\Documents and Settings\Ecommit\Cookies\28HF1QZX.txt C:\Documents and Settings\Ecommit\Cookies\2IN3R5TM.txt C:\Documents and Settings\Ecommit\Cookies\2K1AJQLX.txt C:\Documents and Settings\Ecommit\Cookies\2OY32CKR.txt C:\Documents and Settings\Ecommit\Cookies\2W7IKLW3.txt C:\Documents and Settings\Ecommit\Cookies\2WA7O8D3.txt C:\Documents and Settings\Ecommit\Cookies\336QMZGN.txt C:\Documents and Settings\Ecommit\Cookies\38IYLU74.txt C:\Documents and Settings\Ecommit\Cookies\3ESD9TU7.txt C:\Documents and Settings\Ecommit\Cookies\3G0TRNXY.txt C:\Documents and Settings\Ecommit\Cookies\3GJANP5X.txt C:\Documents and Settings\Ecommit\Cookies\3NL5C2HE.txt C:\Documents and Settings\Ecommit\Cookies\3W8LL6LB.txt C:\Documents and Settings\Ecommit\Cookies\3Z7F2M5U.txt C:\Documents and Settings\Ecommit\Cookies\42XGDSGX.txt C:\Documents and Settings\Ecommit\Cookies\4FCUSY49.txt C:\Documents and Settings\Ecommit\Cookies\4FKRJ5ZM.txt C:\Documents and Settings\Ecommit\Cookies\4KPHQ3E1.txt C:\Documents and Settings\Ecommit\Cookies\4TZTGMZA.txt C:\Documents and Settings\Ecommit\Cookies\4ZB536ZX.txt C:\Documents and Settings\Ecommit\Cookies\509XU2HX.txt C:\Documents and Settings\Ecommit\Cookies\5317SB2Z.txt C:\Documents and Settings\Ecommit\Cookies\5E8W770I.txt C:\Documents and Settings\Ecommit\Cookies\5JF7HTZI.txt C:\Documents and Settings\Ecommit\Cookies\5L2POJM3.txt C:\Documents and Settings\Ecommit\Cookies\5M39U1ZY.txt C:\Documents and Settings\Ecommit\Cookies\5PSMQL9H.txt C:\Documents and Settings\Ecommit\Cookies\5S8SCMD1.txt C:\Documents and Settings\Ecommit\Cookies\62012853.txt C:\Documents and Settings\Ecommit\Cookies\66N3E0WF.txt C:\Documents and Settings\Ecommit\Cookies\6AH1G64O.txt C:\Documents and Settings\Ecommit\Cookies\6S2HGJV2.txt C:\Documents and Settings\Ecommit\Cookies\6V292QWP.txt C:\Documents and Settings\Ecommit\Cookies\783LECTS.txt C:\Documents and Settings\Ecommit\Cookies\79YDLKXB.txt C:\Documents and Settings\Ecommit\Cookies\7GBK3RL0.txt C:\Documents and Settings\Ecommit\Cookies\7SEW28I9.txt C:\Documents and Settings\Ecommit\Cookies\7WCNKZX5.txt C:\Documents and Settings\Ecommit\Cookies\84TV586Q.txt C:\Documents and Settings\Ecommit\Cookies\893V58BM.txt C:\Documents and Settings\Ecommit\Cookies\8GTD5ME9.txt C:\Documents and Settings\Ecommit\Cookies\8QIKB410.txt C:\Documents and Settings\Ecommit\Cookies\8S03ATQ6.txt C:\Documents and Settings\Ecommit\Cookies\8VGJZ3MO.txt C:\Documents and Settings\Ecommit\Cookies\8VKVCT2P.txt C:\Documents and Settings\Ecommit\Cookies\91NLNTAJ.txt C:\Documents and Settings\Ecommit\Cookies\9FB3YZ5J.txt C:\Documents and Settings\Ecommit\Cookies\9I9JU60L.txt C:\Documents and Settings\Ecommit\Cookies\9RLBBLPO.txt C:\Documents and Settings\Ecommit\Cookies\A09X3EIP.txt C:\Documents and Settings\Ecommit\Cookies\A0D984MO.txt C:\Documents and Settings\Ecommit\Cookies\A3M9S45A.txt C:\Documents and Settings\Ecommit\Cookies\ABWTK2K9.txt C:\Documents and Settings\Ecommit\Cookies\APHQLC54.txt C:\Documents and Settings\Ecommit\Cookies\AVC320TG.txt C:\Documents and Settings\Ecommit\Cookies\AZPHUE0F.txt C:\Documents and Settings\Ecommit\Cookies\B6CNLLX3.txt C:\Documents and Settings\Ecommit\Cookies\B6HSZAUX.txt C:\Documents and Settings\Ecommit\Cookies\BBRC1N7U.txt C:\Documents and Settings\Ecommit\Cookies\BUPDKSSH.txt C:\Documents and Settings\Ecommit\Cookies\BWCNW08U.txt C:\Documents and Settings\Ecommit\Cookies\BZR0XQB4.txt C:\Documents and Settings\Ecommit\Cookies\C121OATN.txt C:\Documents and Settings\Ecommit\Cookies\C19PIPCD.txt C:\Documents and Settings\Ecommit\Cookies\C2QY7Y2Z.txt C:\Documents and Settings\Ecommit\Cookies\C771U97I.txt C:\Documents and Settings\Ecommit\Cookies\CE7PB6T5.txt C:\Documents and Settings\Ecommit\Cookies\CE8035KQ.txt C:\Documents and Settings\Ecommit\Cookies\CTCQA34Y.txt C:\Documents and Settings\Ecommit\Cookies\D9MZQ5V9.txt C:\Documents and Settings\Ecommit\Cookies\DFJOQB28.txt C:\Documents and Settings\Ecommit\Cookies\DZGWT07Q.txt C:\Documents and Settings\Ecommit\Cookies\ECSFQZF6.txt C:\Documents and Settings\Ecommit\Cookies\ECU533JU.txt C:\Documents and Settings\Ecommit\Cookies\EPBQ6S7R.txt C:\Documents and Settings\Ecommit\Cookies\ET7Y03OX.txt C:\Documents and Settings\Ecommit\Cookies\EWNG21XP.txt C:\Documents and Settings\Ecommit\Cookies\FIWK9F3Y.txt C:\Documents and Settings\Ecommit\Cookies\G6G5552S.txt C:\Documents and Settings\Ecommit\Cookies\G8P6BB3P.txt C:\Documents and Settings\Ecommit\Cookies\GCZ5GP8R.txt C:\Documents and Settings\Ecommit\Cookies\GDTSKTE8.txt C:\Documents and Settings\Ecommit\Cookies\GJZDD0QE.txt C:\Documents and Settings\Ecommit\Cookies\GQ60IK4N.txt C:\Documents and Settings\Ecommit\Cookies\GZY91V7R.txt C:\Documents and Settings\Ecommit\Cookies\H0CGOV0X.txt C:\Documents and Settings\Ecommit\Cookies\HAHWQ52B.txt C:\Documents and Settings\Ecommit\Cookies\HQPX5SYW.txt C:\Documents and Settings\Ecommit\Cookies\HUL3BIS3.txt C:\Documents and Settings\Ecommit\Cookies\HZZ6L25V.txt C:\Documents and Settings\Ecommit\Cookies\I3NHWZU0.txt C:\Documents and Settings\Ecommit\Cookies\IBX5XJFT.txt C:\Documents and Settings\Ecommit\Cookies\ITD2QWSF.txt C:\Documents and Settings\Ecommit\Cookies\IY9UW02N.txt C:\Documents and Settings\Ecommit\Cookies\IZDI3DYB.txt C:\Documents and Settings\Ecommit\Cookies\J1VYECY8.txt C:\Documents and Settings\Ecommit\Cookies\J2TAWW5V.txt C:\Documents and Settings\Ecommit\Cookies\J37BCEFC.txt C:\Documents and Settings\Ecommit\Cookies\J6KG7FAP.txt C:\Documents and Settings\Ecommit\Cookies\JIFKNED9.txt C:\Documents and Settings\Ecommit\Cookies\KC4P4QU1.txt C:\Documents and Settings\Ecommit\Cookies\KRUL87G6.txt C:\Documents and Settings\Ecommit\Cookies\L183S0EX.txt C:\Documents and Settings\Ecommit\Cookies\L9IPSK36.txt C:\Documents and Settings\Ecommit\Cookies\LA3XAYLH.txt C:\Documents and Settings\Ecommit\Cookies\LAMJVNWN.txt C:\Documents and Settings\Ecommit\Cookies\LLETRKQC.txt C:\Documents and Settings\Ecommit\Cookies\LS4UJU0D.txt C:\Documents and Settings\Ecommit\Cookies\LU3VA3K8.txt C:\Documents and Settings\Ecommit\Cookies\M0KVWA26.txt C:\Documents and Settings\Ecommit\Cookies\MHR9468R.txt C:\Documents and Settings\Ecommit\Cookies\MZSTQHIC.txt C:\Documents and Settings\Ecommit\Cookies\NFB90QL3.txt C:\Documents and Settings\Ecommit\Cookies\NNM8FDUL.txt C:\Documents and Settings\Ecommit\Cookies\NUTP0317.txt C:\Documents and Settings\Ecommit\Cookies\O2M6DDUQ.txt C:\Documents and Settings\Ecommit\Cookies\OL51655P.txt C:\Documents and Settings\Ecommit\Cookies\OSNQ3JJF.txt C:\Documents and Settings\Ecommit\Cookies\P1S6CZ5F.txt C:\Documents and Settings\Ecommit\Cookies\PIX7G96A.txt C:\Documents and Settings\Ecommit\Cookies\PU94NYHM.txt C:\Documents and Settings\Ecommit\Cookies\Q22XFPBC.txt C:\Documents and Settings\Ecommit\Cookies\Q3TR9CWQ.txt C:\Documents and Settings\Ecommit\Cookies\Q6QDBDJ2.txt C:\Documents and Settings\Ecommit\Cookies\Q7YADDJ1.txt C:\Documents and Settings\Ecommit\Cookies\QAMJPY54.txt C:\Documents and Settings\Ecommit\Cookies\QETS0WHP.txt C:\Documents and Settings\Ecommit\Cookies\QG9U1Z6L.txt C:\Documents and Settings\Ecommit\Cookies\QLXKVPU4.txt C:\Documents and Settings\Ecommit\Cookies\QTJTREHK.txt C:\Documents and Settings\Ecommit\Cookies\QUA1UJXM.txt C:\Documents and Settings\Ecommit\Cookies\R09EZ5VR.txt C:\Documents and Settings\Ecommit\Cookies\R6GJH4LT.txt C:\Documents and Settings\Ecommit\Cookies\RHEX3Y2C.txt C:\Documents and Settings\Ecommit\Cookies\RTAX2O9S.txt C:\Documents and Settings\Ecommit\Cookies\RXXYFRTW.txt C:\Documents and Settings\Ecommit\Cookies\S0EGNGPZ.txt C:\Documents and Settings\Ecommit\Cookies\SFOBBW5T.txt C:\Documents and Settings\Ecommit\Cookies\STXJENBQ.txt C:\Documents and Settings\Ecommit\Cookies\SV1HREUX.txt C:\Documents and Settings\Ecommit\Cookies\SZ0JTZAE.txt C:\Documents and Settings\Ecommit\Cookies\TGY1ICBK.txt C:\Documents and Settings\Ecommit\Cookies\TLXDY1AD.txt C:\Documents and Settings\Ecommit\Cookies\TPF7AHKE.txt C:\Documents and Settings\Ecommit\Cookies\TV2IEDJ8.txt C:\Documents and Settings\Ecommit\Cookies\TVM4C56N.txt C:\Documents and Settings\Ecommit\Cookies\TXB51ANS.txt C:\Documents and Settings\Ecommit\Cookies\TXHWAWPP.txt C:\Documents and Settings\Ecommit\Cookies\U1WG5DI8.txt C:\Documents and Settings\Ecommit\Cookies\U964CT90.txt C:\Documents and Settings\Ecommit\Cookies\UQ2QXVC3.txt C:\Documents and Settings\Ecommit\Cookies\UZ3580EG.txt C:\Documents and Settings\Ecommit\Cookies\V4WX3K5U.txt C:\Documents and Settings\Ecommit\Cookies\V9U2PNZQ.txt C:\Documents and Settings\Ecommit\Cookies\VEXTBEFJ.txt C:\Documents and Settings\Ecommit\Cookies\VKI705VY.txt C:\Documents and Settings\Ecommit\Cookies\VULYSH21.txt C:\Documents and Settings\Ecommit\Cookies\VW5PTFBX.txt C:\Documents and Settings\Ecommit\Cookies\VW8PG39W.txt C:\Documents and Settings\Ecommit\Cookies\VYLTNSY2.txt C:\Documents and Settings\Ecommit\Cookies\WCX3A49K.txt C:\Documents and Settings\Ecommit\Cookies\WH2CFGGV.txt C:\Documents and Settings\Ecommit\Cookies\WKRG8SF3.txt C:\Documents and Settings\Ecommit\Cookies\WMQOQY4X.txt C:\Documents and Settings\Ecommit\Cookies\WTIQ3RJL.txt C:\Documents and Settings\Ecommit\Cookies\WWP8Y2XX.txt C:\Documents and Settings\Ecommit\Cookies\X0R86EYO.txt C:\Documents and Settings\Ecommit\Cookies\XB62JEHE.txt C:\Documents and Settings\Ecommit\Cookies\XKFXER17.txt C:\Documents and Settings\Ecommit\Cookies\XMMAKY2M.txt C:\Documents and Settings\Ecommit\Cookies\XN999PG4.txt C:\Documents and Settings\Ecommit\Cookies\XOYEL0IZ.txt C:\Documents and Settings\Ecommit\Cookies\XTJDFZJF.txt C:\Documents and Settings\Ecommit\Cookies\Y3GFV4IA.txt C:\Documents and Settings\Ecommit\Cookies\Y3JWZ8MR.txt C:\Documents and Settings\Ecommit\Cookies\YA501FHH.txt C:\Documents and Settings\Ecommit\Cookies\YE68N7YX.txt C:\Documents and Settings\Ecommit\Cookies\YOP5XWCC.txt C:\Documents and Settings\Ecommit\Cookies\YRAZZRBU.txt C:\Documents and Settings\Ecommit\Cookies\YSIE1ULF.txt C:\Documents and Settings\Ecommit\Cookies\YTS5OTNC.txt C:\Documents and Settings\Ecommit\Cookies\Z1TIXTK6.txt C:\Documents and Settings\Ecommit\Cookies\Z5PH119P.txt C:\Documents and Settings\Ecommit\Cookies\ZBKFE9VJ.txt C:\Documents and Settings\Ecommit\Cookies\ZLN5N525.txt C:\Documents and Settings\Ecommit\Cookies\ZOE6LZ1K.txt C:\Documents and Settings\Ecommit\Cookies\ZW1SYDGJ.txt C:\Documents and Settings\Ecommit\Cookies\ZYTNX9XM.txt C:\Documents and Settings\Ecommit\Cookies\ZZPULLY9.txt
  8. bluewhite85
    Dit is het volledig logje. De vorige keer had ik gewoon de eerste 4 lijnen niet gekopieerd. Zoek.exe Version 4.0.0.2 Updated 22-June-2013 Tool run by Ecommit on ma 24/06/2013 at 14:08:26,31. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Suspicious Entries Found ====================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007" "2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008" "139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004" "445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005" "137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001" "138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002" "3389:TCP"="3389:TCP:*:Disabled:@xpsp2res.dll,-22009" ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\Ecommit\LOCALS~1\Temp ==== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Documents and Settings\Ecommit\Application Data ====== 2013-06-01 16:29:57 -------- d-----w- C:\Documents and Settings\Ecommit\Application Data\ArcSoft ====== C:\Documents and Settings\Ecommit ====== ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount" "Foco"="C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="regsvr32 /s /n /i:u shell32" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" "NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "vProt"="C:\Program Files\AVG Secure Search\vprot.exe" "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime" "AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount" "Foco"="C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^PHOTOfunSTUDIO -viewer-.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\PHOTOfunSTUDIO -viewer-.lnk" "backup"="C:\\WINDOWS\\pss\\PHOTOfunSTUDIO -viewer-.lnkCommon Startup" "command"="C:\\PROGRA~1\\PANASO~1\\PHOTOF~1\\PHAUTO~1.EXE " "item"="PHOTOfunSTUDIO -viewer-" ==== Startup Folders ====================== 2009-04-05 12:45:22 1734 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job --a------ C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\Apple Software Update\SoftwareUpdate.exe [01/06/2011 17:57] C:\WINDOWS\tasks\debutShakeIcon.job --a------ C:\Program Files\NCH Software\Debut\debut.exe [07/04/2012 23:55] ==== EOF on ma 24/06/2013 at 14:14:12,57 ======================
  9. bluewhite85
    ==== Suspicious Entries Found ====================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007" "2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008" "139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004" "445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005" "137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001" "138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002" "3389:TCP"="3389:TCP:*:Disabled:@xpsp2res.dll,-22009" ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\Ecommit\LOCALS~1\Temp ==== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Documents and Settings\Ecommit\Application Data ====== 2013-06-01 16:29:57 -------- d-----w- C:\Documents and Settings\Ecommit\Application Data\ArcSoft ====== C:\Documents and Settings\Ecommit ====== ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount" "Foco"="C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="regsvr32 /s /n /i:u shell32" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" "NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "vProt"="C:\Program Files\AVG Secure Search\vprot.exe" "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime" "AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount" "Foco"="C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^PHOTOfunSTUDIO -viewer-.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\PHOTOfunSTUDIO -viewer-.lnk" "backup"="C:\\WINDOWS\\pss\\PHOTOfunSTUDIO -viewer-.lnkCommon Startup" "command"="C:\\PROGRA~1\\PANASO~1\\PHOTOF~1\\PHAUTO~1.EXE " "item"="PHOTOfunSTUDIO -viewer-" ==== Startup Folders ====================== 2009-04-05 12:45:22 1734 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job --a------ C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\Apple Software Update\SoftwareUpdate.exe [01/06/2011 17:57] C:\WINDOWS\tasks\debutShakeIcon.job --a------ C:\Program Files\NCH Software\Debut\debut.exe [07/04/2012 23:55] ==== EOF on za 22/06/2013 at 14:09:36,76 ======================
  10. bluewhite85
    Ik heb wel vergeten te vermelden dat HijackThis versie 2.0.2. is, aangezien ik dit een tijdje geleden al eens had gedownload. HijackThis: Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2013\avgfws.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\libusbd-nt.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\AVG\AVG2013\avgnsx.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Genuine Microsoft Software R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [Foco] "C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe" O4 - HKUS\S-1-5-20\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: download with &shareaza - res://C:\Program Files\Shareaza\RazaWebHook32.dll/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: translate this web page with babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: translate with babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [java_sun] Java (Sun) O17 - HKLM\System\CCS\Services\Tcpip\..\{ACFC7C4D-5A75-4C65-846E-6D6DF9AD3880}: NameServer = 195.130.131.5,195.130.130.133 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service (avg security toolbar service) - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\WINDOWS\system32\libusbd-nt.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: vToolbarUpdater15.2.0 - AVG Secure Search - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe Malwarebytes: Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 268181 Verstreken tijd: 13 minuut/minuten, Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 7 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F334C7B0-8774-4D5B-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F334C7B0-8774-4D5B-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\SkyMedia (Adware.SkyMedia) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Documents and Settings\Ecommit\Application Data\skype.dat (Trojan.Agent.rf) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Ecommit\Local Settings\Temp\jztUg5W.exe (Trojan.Agent.rf) -> Succesvol in quarantaine geplaatst en verwijderd.
  11. bluewhite85
    Dit is reeds gebeurd. Is dit alles wat moet gedaan worden? Alleszinds bedankt!
  12. bluewhite85
    Hallo, Ik ben ook slachtoffer geworden van het Ukash virus. Ik heb het probleem opgelost via systeemherstel maar ik heb op dit forum gelezen dat de pc toch nog kan besmet zijn. Ik was eerst niet van plan om dit probleem aan te pakken omdat ik sowieso binnen nu en een maand mijn pc eens zou formateren maar wil het toch voor de zekerheid doen. Ik heb HijackThis zijn werk eens laten doen en hier is het logbestand: Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2013\avgfws.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\libusbd-nt.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\AVG\AVG2013\avgnsx.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Genuine Microsoft Software R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) R3 - URLSearchHook: (no name) - {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - (no file) O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [conhost] C:\Documents and Settings\Ecommit\Application Data\Microsoft\conhost.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [Foco] "C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe" O4 - HKUS\S-1-5-20\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: download with &shareaza - res://C:\Program Files\Shareaza\RazaWebHook32.dll/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: translate this web page with babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: translate with babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [java_sun] Java (Sun) O17 - HKLM\System\CCS\Services\Tcpip\..\{ACFC7C4D-5A75-4C65-846E-6D6DF9AD3880}: NameServer = 195.130.131.5,195.130.130.133 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service (avg security toolbar service) - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\WINDOWS\system32\libusbd-nt.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: vToolbarUpdater15.2.0 - AVG Secure Search - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe Nu ik hier toch ben nog een klein vraagje. Ik werk nog altijd met Windows XP service pack 3. Is het aan te raden om eens over te schakelen naar een nieuwe versie? Alvast Bedankt!
  13. bluewhite85
    Ik zal het proberen met de foto die ik nu heb opgeslaan. Dit topic mag dan gesloten worden. Ik neem aan dat ik gewoon op "markeer als OPGELOST" moet drukken? Alleszinds bedankt voor de antwoorden!
  14. bluewhite85
    Ja, dat weet ik maar het probleem is dat ik niet kan vergelijken met een foto die opgeslaan is via de andere manier (download full size). Dus mijn vraag is wanneer je het zou opslaan via die andere manier, de foto's nog van een betere kwaliteit zouden kunnen zijn?
  15. bluewhite85
    Bedankt voor het antwoord maar het is net opgelost. Als ik heel vlug achter mekaar de linker- en rechtermuisknop indruk komt het normale venstertje tevoorschijn om een afbeelding op te slaan. Met de gewone rechtermuisknop lukte het mij nooit maar blijkbaar gaat het wel met de combinatie van de 2. Mss nog 1 vraagje. Zou dit op dezelfde grootte worden opgeslaan (dus dezelfde kwaliteit) als wanneer het via options (download full size) wordt opgeslaan? De bedoeling is om deze foto op een groot doek te zetten om iemand te verrassen en ik wil deze foto in een zo goed mogelijke kwaliteit naar de fotograaf brengen.
  16. bluewhite85
    Bedankt maar het lukt mij niet om options tevoorschijn laten komen. Dit is mijn werkwijze: 1) In een album zie je alle foto's in het klein. 2) Ik klik op de foto die ik wil hebben. 3) De foto komt in het groot tevoorschijn. (Links de foto, rechts een kader waar je een opmerking kan plaatsen. 4) Rechts vanonder op de foto is er een klein kadertje met een schuin pijltje. 5) Als ik daar op klik verdwijnt de kader waar je een opmerking kan plaatsen en wordt de foto centraal gezet. 6) Ik zie vanonder nergens iets van options staan en als ik op de foto klik, verdwijnt de foto en komt de volgende foto van het album er op. Wat ik er wel moet bijzeggen (mss in het begin te weinig info gegeven) is dat het wel niet mijn google plus account is. Is het sowieso wel mogelijk om een foto op te slaan als het niet je eigen account is?
  17. bluewhite85
    Hallo, Het lukt mij niet om een foto op te slaan van google+. Via de rechtermuisknop gaat het alleszinds niet. Ik weet nog dat er een trucje was om bv. een beveiligde foto op te slaan via de "bron" en daar te kijken naar een link waar img in voorkomt of zoiets maar dit lukt mij nu niet. Iemand een oplossing? Alvast Bedankt!
  18. bluewhite85
    Dit had ik al eens geprobeerd en zo werkt het wel. In principe is het geen ramp om het op die manier telkens te doen dus zo zal ik het dan ook blijven doen. Toch bedankt.
  19. bluewhite85
    Op mijn car mp3 player heb ik geen RANDOM-functie. In feite kan ik met de player niet veel doen. Alleen maar de gewone dingen zoals pauzeren, doorspoelen,.... Doordat er geen opties op de player zitten vrees ik dat ik niet anders kan dan de artiestennaam te veranderen.
  20. bluewhite85
    Hallo, Wanneer ik de muziek van een cd op bv mijn "car mp3 player" overzet speelt de muziek niet mooi op volgorde af. Het is te zeggen, er wordt afgespeeld volgens artiest en niet volgens nummer. Ik kan dit oplossen door op de pc de artiest te vervangen door een cijfer of door een cijfer te plaatsen juist voor de artiestennaam. Kan dit ook opgelost worden zonder iets te veranderen aan de artiestennaam? Alvast bedankt!
  21. bluewhite85
    Ok, in orde dus dit betekent dat alles is opgelost?
  22. bluewhite85
    Ik heb eens het bestand geopend en er wordt dan gevraagd om het toe te voegen aan het register maar hiermee zie ik niet de geschiedenis van de bestanden die gewist zijn. Bestaan er bij gewone bestanden zoals foto's geen bestanden die eigenlijk bij een foto horen zoals bij een geopende internetpagina een cookie hoort en hierdoor onbelangrijke bestanden verwijderd zijn?
  23. bluewhite85
    Ik heb alleen maar gedaan wat je me gezegd hebt dus ik heb er vertrouwen in dat ik niks kwijt zal zijn. Ik heb wel nog eens gekeken in het programma of er daar geen geschiedenis van bestaat van de bestanden die verwijderd zijn maar blijkbaar niet. Nogmaals bedankt voor de hulp
  24. bluewhite85
    Ok, is inmiddels gebeurd. Er stonden wel dingen bij zoals een kladblokbestand en een foto maar ik neem aan dat ik hierdoor geen persoonlijke dingen verlies?
  25. bluewhite85
    Ik ging juist terug reageren want blijkbaar is het al opgelost . Alvast bedankt voor je hulp .
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.