bluewhite85
-
Items
27 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door bluewhite85
-
-
Meerdere mappen decomprimeren ging niet omdat bv. wanneer er bepaalde bestanden in 1 van de submappen niet waren gecomprimeerd, aanzag de pc al de mappen die ik geselecteerd had als niet gecomprimeerd.
Ik heb dan maar zelf iets geïmproviseerd:
Ik heb bij eigenschappen van station C het comprimeren aangevinkt hierdoor begon de pc uiteraard station C te comprimeren.
Ik zag wel dat het veel te lang ging duren en daardoor had ik het comprimeren beëindigd.
Na dit proces kon ik wel het vakje bij station C uitvinken doordat de pc dacht dat alles was gecomprimeerd.
Door het uitvinken, denk ik wel dat alles terug gedecomprimeerd is want ik heb nog geen blauwe letters bij bestanden gezien.
Dus hiermee is mijn probleem wsl opgelost.
Misschien nog 2 vraagjes.
1) Wanneer gecomprimeerde bestanden op een andere schijf worden gezet, (dus eigenlijke andere bron) worden ze eigenlijk niet automatisch terug gedecomprimeerd?
2) Bij het per ongeluk comprimeren van de bestanden bij de schijfopruiming, blokkeerde dit proces na ongeveer een kwartiertje. Hierdoor zal niet alles gecomprimeerd geweest zijn. Kunnen bestanden hierdoor beschadigd geraken?
Alvast bedankt voor de reactie!
-
Hallo,
Een tijdje geleden heb ik eens een schijfopruiming gedaan van station C op mijn pc.
Ik was vergeten om de compressie uit te vinken en hierdoor zijn veel bestanden gecomprimeerd.
Nu ben ik begonnen met eens een back-up te maken van mijn belangrijke bestanden en wanneer ik hier met klaar ben zou ik station C willen formateren.
Het probleem is dat ik de compressie van al de bestanden ongedaan wil maken.
Ik weet hoe dit te doen voor een bepaalde map, maar is dit mogelijk om in 1 keer heel station C te decomprimeren?
Op internet las ik door gewoon de rechtermuisknop te klikken bij een bepaald station maar het vakje bij station C is uitgevinkt.
Op zich weet ik dat het comprimeren van bestanden niet zo erg is, maar ik weet wel dat dit de pc kan vertragen en dat is 1 van de redenen waarom ik de bestanden weer wil decomprimeren.
Alvast Bedankt!
-
Ok, is inmiddels gedaan.
Nogmaals bedankt voor de hulp!
-
Hallo,
Nee, buiten het feit dat de computer al een tijdje traag is, is er geen enkel probleem maar dit probleem zal opgelost zijn eenmaal ik de computer eens formatteer.
Ik vermoed dat ik nu gewoon op de knop "markeer als OPGELOST" moet drukken?
Alleszinds heel erg bedankt voor uw hulp!!!
-
Hallo,
Ik heb het 2 keer gescand aangezien ik de eerste keer dacht dat het niet volledig gedaan was (het stopte gewoon zonder vermelding).
mbar-log
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
Database version: v2013.06.27.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Ecommit :: COMPUTER [administrator]
27/06/2013 18:14:22
-log-2013-06-27 (18-14-22).txt
Scan type: Quick scan
Scan options enabled: PUM | P2P
Scan options disabled: Anti-Rootkit | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP
Objects scanned: 0
Time elapsed:
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
system-log.txt
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
© Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
Java version: 1.6.0_21
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.327000 GHz
Memory total: 3217293312, free: 2433933312
Downloaded database version: v2013.06.26.04
Initializing...
------------ Kernel report ------------
06/26/2013 19:25:41
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
spim.sys
\WINDOWS\System32\Drivers\WMILIB.SYS
\WINDOWS\System32\Drivers\SCSIPORT.SYS
ACPI.sys
pci.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
Mup.sys
avgrkx86.sys
avglogx.sys
avgmfx86.sys
avgidshx.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\e1y5132.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\Afc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\System32\Drivers\aneh3xjz.SYS
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\avgfwdx.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\libusb0.sys
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\WINDOWS\system32\drivers\avgtpx86.sys
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
\Program Files\Alcohol Soft\Alcohol 120\alcoholx.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8b0f2ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T1L0-9\
Lower Device Object: 0xffffffff8b0c9d98
Lower Device Driver Name: \Driver\atapi\
IRP handler 0 of \Driver\atapi is hooked
IRP handler 2 of \Driver\atapi is hooked
IRP handler 14 of \Driver\atapi is hooked
IRP handler 15 of \Driver\atapi is hooked
IRP handler 22 of \Driver\atapi is hooked
IRP handler 23 of \Driver\atapi is hooked
IRP handler 27 of \Driver\atapi is hooked
Unhooking enabled.
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8b0f2ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T1L0-9\
Lower Device Object: 0xffffffff8b0c9d98
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8b0f2ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8b187288, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8b0f2ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8b0c9d98, DeviceName: \Device\Ide\IdeDeviceP3T1L0-9\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffe3f34bc8, 0xffffffff8b0f2ab8, 0xffffffff89f56718
Lower DeviceData: 0xffffffffe431c9d0, 0xffffffff8b0c9d98, 0xffffffff89e8ea68
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File user open failed: C:\WINDOWS\system32\drivers\sptd.sys (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: EE47EE47
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 521823267
Partition file system is NTFS
Partition is bootable
Partition 1 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 521823330 Numsec = 1431680670
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)...
Done!
Read File: File "c:\documents and settings\all users\application data\avg2013\chjw\1220e8b020e89bcb.dat:52e53017-1c9e-485a-849b-3d7d6d69b460" is sparse (flags = 32768)
Read File: File "c:\documents and settings\all users\application data\avg2013\chjw\1220e8b020e89bcb.dat:70c7593a-b49c-4807-95fa-3e54fe9a5006" is sparse (flags = 32768)
=======================================
Removal queue found; removal started
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam...
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
© Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
Java version: 1.6.0_21
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.327000 GHz
Memory total: 3217293312, free: 2652008448
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
© Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
Java version: 1.6.0_21
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.327000 GHz
Memory total: 3217293312, free: 2488426496
Downloaded database version: v2013.06.26.05
Downloaded database version: v2013.06.26.06
Downloaded database version: v2013.06.26.07
Downloaded database version: v2013.06.27.01
Downloaded database version: v2013.06.27.02
Downloaded database version: v2013.06.27.03
Downloaded database version: v2013.06.27.04
Downloaded database version: v2013.06.27.05
Downloaded database version: v2013.06.27.06
Downloaded database version: v2013.06.27.07
Initializing...
------------ Kernel report ------------
06/27/2013 18:14:16
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
spsf.sys
\WINDOWS\System32\Drivers\WMILIB.SYS
\WINDOWS\System32\Drivers\SCSIPORT.SYS
ACPI.sys
pci.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
Mup.sys
avgrkx86.sys
avglogx.sys
avgmfx86.sys
avgidshx.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\e1y5132.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\Afc.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\System32\Drivers\awntsk3q.SYS
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\avgfwdx.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\libusb0.sys
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\WINDOWS\system32\drivers\avgtpx86.sys
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\Fastfat.SYS
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
\Program Files\Alcohol Soft\Alcohol 120\alcoholx.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR3
Upper Device Object: 0xffffffff8a081030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000083\
Lower Device Object: 0xffffffff89ecd698
Lower Device Driver Name: \Driver\USBSTOR\
IRP handler 0 of \Driver\USBSTOR points to an unknown module
Unhooking enabled.
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR3
Upper Device Object: 0xffffffff8a081030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000083\
Lower Device Object: 0xffffffff89ecd698
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8b0c6ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T1L0-9\
Lower Device Object: 0xffffffff8b0ded98
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8b0c6ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8b0f6c60, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8b0c6ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8b0ded98, DeviceName: \Device\Ide\IdeDeviceP3T1L0-9\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffe3da98a8, 0xffffffff8b0c6ab8, 0xffffffff89f2fab8
Lower DeviceData: 0xffffffffe11bfc30, 0xffffffff8b0ded98, 0xffffffff89ffe040
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File user open failed: C:\WINDOWS\system32\drivers\sptd.sys (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: EE47EE47
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 521823267
Partition file system is NTFS
Partition is bootable
Partition 1 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 521823330 Numsec = 1431680670
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8a081030, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8a20ec50, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8a081030, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff89ecd698, DeviceName: \Device\00000083\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffe4046848, 0xffffffff8a081030, 0xffffffff89eed280
Lower DeviceData: 0xffffffffe3b475d0, 0xffffffff89ecd698, 0xffffffff89ef6c38
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 0
Partition information:
Partition 0 type is Other (0xc)
Partition is NOT ACTIVE.
Partition starts at LBA: 52 Numsec = 31283858
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 16026435072 bytes
Sector size: 512 bytes
Done!
Read File: File "c:\documents and settings\all users\application data\avg2013\chjw\1220e8b020e89bcb.dat:514e7d66-98fb-4903-b2d5-9c31fac8a957" is sparse (flags = 32768)
=======================================
Removal queue found; removal started
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam...
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_1_i.mbam...
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_1_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
© Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
Java version: 1.6.0_21
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.327000 GHz
Memory total: 3217293312, free: 2655621120
=======================================
-
HitmanPro 3.7.6.201 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : COMPUTER Windows . . . . . . . : 5.1.3.2600.X86/4 User name . . . . . . : Ecommit License . . . . . . . : Free Scan date . . . . . . : 2013-06-25 18:37:09 Scan mode . . . . . . : Normal Scan duration . . . . : 9m 33s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 30 Traces . . . . . . . : 3970 Objects scanned . . . : 848.782 Files scanned . . . . : 83.652 Remnants scanned . . : 147.599 files / 617.531 keys Miniport ____________________________________________________________________ Primary DriverObject . . . : 8B0E70C8 DriverName . . . . : \Driver\atapi DriverPath . . . . : atapi.sys StartIo . . . . . : B9E1E864 atapi.sys+30820 IRP_MJ_SCSI . . . : B9E20B40 atapi.sys+39744 Solution DriverObject . . . : 8B0E70C8 DriverName . . . . : \Driver\atapi DriverPath . . . . : atapi.sys StartIo . . . . . : B9E1E864 atapi.sys+30820 IRP_MJ_SCSI . . . : B9E1D852 atapi.sys+26706 Malware _____________________________________________________________________ C:\WINDOWS\system32\expand.exe Size . . . . . . . : 16.896 bytes Age . . . . . . . : 1544.3 days (2009-04-03 11:24:44) Entropy . . . . . : 5.6 SHA-256 . . . . . : 4722709BD2B0EAAA240C6850AE6BA05EA4F52CA95AF20A7A700C94817691D90C Product . . . . . : Besturingssysteem Microsoft® Windows® Publisher . . . . : Microsoft Corporation Description . . . : Hulpprogramma LZ Expansion Version . . . . . : 5.1.2600.0 Copyright . . . . : © Microsoft Corporation. Alle rechten voorbehouden. > Ikarus . . . . . . : Virus.Win32.Virut!IK Fuzzy . . . . . . : 110.0 C:\WINDOWS\system32\netsetup.exe Size . . . . . . . : 351.744 bytes Age . . . . . . . : 1544.3 days (2009-04-03 11:25:08) Entropy . . . . . : 7.8 SHA-256 . . . . . : AFDA0E70A2A38A2B45CBB59F82EECF93803F7C37BECE56EBC04BFAB2D2CC8689 Product . . . . . : Besturingssysteem Microsoft® Windows® Publisher . . . . : Microsoft Corporation Description . . . : Win32 Cabinet Self-Extractor Version . . . . . : 6.00.3000.0000 Copyright . . . . : © Microsoft Corporation. Alle rechten voorbehouden. > G Data . . . . . . : Gen:Malware.Heur.vm0@bCpZfSlO (Engine A) > Ikarus . . . . . . : Gen.Malware.Heur!IK Fuzzy . . . . . . : 117.0 C:\WINDOWS\system32\spnpinst.exe Size . . . . . . . : 27.136 bytes Age . . . . . . . : 1544.3 days (2009-04-03 11:25:18) Entropy . . . . . : 7.4 SHA-256 . . . . . : A492B951FB08B3F712E485813340EF7AFA6FE5D58C7DB83497FF5792255ADB11 Product . . . . . : Microsoft® Windows® Operating System Publisher . . . . : Microsoft Corporation Description . . . : Peer-to-Peer Custom Setup Version . . . . . : 5.1.2600.5512 Copyright . . . . : © Microsoft Corporation. All rights reserved. > G Data . . . . . . : Gen:Malware.Heur.bm0@bun5ROgi (Engine A) > Ikarus . . . . . . : Gen.Malware.Heur!IK Fuzzy . . . . . . : 112.0 Potential Unwanted Programs _________________________________________________ C:\Documents and Settings\All Users\Application Data\Babylon\ (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\BabAll.dat (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\ (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\64696AU7MP_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\6PR5580MEE_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\6RHZSDV3KE_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\7BZ95AEQPT_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\7BZ95AEQPT_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\8Y3ADBYMTJ_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\8Y3ADBYMTJ_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\9MNN3FNCUA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\9MNN3FNCUA_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\AVKMVPKAU6_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\AVKMVPKAU6_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\B3UREHM8F6_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\BEXGNJURCA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\BJKS8ZN2QJ_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\BJKS8ZN2QJ_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\BTMJWKZGYE_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\CDWYSD0KQA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\CDWYSD0KQA_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\D35ZVSJUGA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\D35ZVSJUGA_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\GXD7K8XNM6_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\HCZ7J3Q8UA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\KVG0R4N8AE_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\KVG0R4N8AE_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\M534MSC3GP_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\QGDUSRR4JA_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\RHFWM3WFXJ_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\RYVU9J4Z0A_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\RYVU9J4Z0A_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\UJAN48NM5P_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\UJAN48NM5P_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\UWXWZCZR2A_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\UWXWZCZR2A_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\WHBVH86TJX_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\WZQV2X3J6E_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\YC9EPB7CF2_glossary_icon.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\YC9EPB7CF2_glossary_icon2.ico (Babylon) C:\Documents and Settings\All Users\Application Data\Babylon\Content\icons\YPSR537K76_glossary_icon.ico (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\ (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\Content\icons\ (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\Content\icons\6RHZSDV3KE_glossary_icon.ico (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\Content\icons\BTMJWKZGYE_glossary_icon.ico (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\Content\icons\HCZ7J3Q8UA_glossary_icon.ico (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\FLStat.dat (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\log_file.txt (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\MyList.dat (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\ocr_cache (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\ocr_data (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\updates\ (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\updates\convert.dat (Babylon) C:\Documents and Settings\Ecommit\Application Data\Babylon\updates\rates.dat (Babylon) C:\Documents and Settings\Ecommit\Local Settings\Application Data\Babylon\ (Babylon) C:\Program Files\Babylon\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\BabylonAgent.exe (Babylon) Size . . . . . . . : 458.056 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:21) Entropy . . . . . : 7.8 SHA-256 . . . . . : 072B7F9A020CCF1639FAF4E53A9FA842B361EA00460732B73B6D643F77B53729 RSA Key Size . . . : 2048 Authenticode . . . : Self-signed Fuzzy . . . . . . : 9.0 C:\Program Files\Babylon\Babylon-Pro\Agent\BDesktopAgent.dll (Babylon) Size . . . . . . . : 221.584 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:21) Entropy . . . . . : 6.4 SHA-256 . . . . . : C7E0B23980034A28577BFC5AAFBC0463E26ABF74B198D1EB59B338E2B359675C Product . . . . . : Babylon Desktop Agent Publisher . . . . : Babylon Ltd. Description . . . : Babylon Desktop Agent Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 RSA Key Size . . . : 2048 Authenticode . . . : Self-signed Fuzzy . . . . . . : -5.0 C:\Program Files\Babylon\Babylon-Pro\Agent\ExcludeSelect.xml (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\notes.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\notes_off.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\purchase.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\purchase_off.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\spelling.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\spelling_off.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\translate.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\translate_off.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\units.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\Agent\Graphics\units_off.png (Babylon) C:\Program Files\Babylon\Babylon-Pro\BabyServices.dll (Babylon) Size . . . . . . . : 1.015.296 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 5.5 SHA-256 . . . . . : A59D368D74365CBCF0A01885D7AC9861B1036009B5FFB45EE511D29004DB6B29 Product . . . . . : Babylon Client Publisher . . . . : Babylon Ltd. Description . . . : Babylon Services Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\BContentServer.dll (Babylon) Size . . . . . . . : 2.562.048 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.0 SHA-256 . . . . . : 9C2E5E099D139B8F0E9BE522171B1C5DE8C4D8C4DCCB90F72F7A5A722A9880D4 Product . . . . . : Babylon Client Publisher . . . . : Babylon Ltd. Description . . . : Babylon Content Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\BContentServerExt.dll (Babylon) Size . . . . . . . : 440.832 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.2 SHA-256 . . . . . : 5E5EC7C17DB1F710AE4D8CC0ED47A158EB0C8EC78A94647DE2D689CD299E803C Product . . . . . : Babylon Client Publisher . . . . : Babylon Ltd. Description . . . : Babylon Document Provider Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\BException.dll (Babylon) Size . . . . . . . : 112.128 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.2 SHA-256 . . . . . : 7FBB387FC08328859490A82E47D7D8B17B74D4CCFB2BE7ED0E96A57AA2E2CDD2 Product . . . . . : Babylon Client Publisher . . . . : Babylon Ltd. Description . . . : Babylon EXception Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\captlib.dll (Babylon) Size . . . . . . . : 208.896 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.3 SHA-256 . . . . . : 20C49651CCDEF9DBBB5C8267C00E1412B4353C624243D146BE1408302E52C6C5 Product . . . . . : Babylon Client Publisher . . . . : Babylon Ltd. Description . . . : Babylon Information Tool Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\Data\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\Babylon.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BaseList.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Chinese_S__English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Chinese_T__English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Dutch_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Chinese_S__sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Chinese_T__sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Dutch_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_French_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_German_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Hebrew_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Italian_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Japanese_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Korean_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Portuguese_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Russian_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Spanish_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_English_Swedish_sub.bgl (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_French_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_German_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Hebrew_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Hebrew_Thesaurus_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Italian_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Japanese_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Portuguese_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Russian_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\BGLs\Babylon_Spanish_English_sub.BGL (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\CSConfig.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\Features.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Arabic.iso8859_6.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Arabic.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Arabic.windows1256.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Bulgarian.iso8859_5.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Bulgarian.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Chinese (S).gb2312.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Chinese (T).big5.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Czech.iso8859_2.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Czech.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Danish.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Dutch.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\English.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\English.shlomi.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\French.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\German.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Greek.iso8859_7.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Greek.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Hebrew.iso8859_8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Hebrew.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Hindi.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Hindi.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Hungarian.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Italian.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Japanese.euc_jp.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Japanese.shift_jis.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Japanese.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Korean.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Korean.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Norwegian.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Polish.iso8859_2.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Polish.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Portuguese.brazil.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Portuguese.europe.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Romanian.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Russian.iso8859_5.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Russian.koi8_r.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Russian.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Russian.windows1251.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Serbian.ascii.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Serbian.cyrillic-utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Spanish.basque.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Spanish.catalan.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Spanish.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Swedish.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Thai.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Thai.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Turkish.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Turkish.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Ukrainian.koi8_u.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\LDTs\Ukrainian.utf8.ldt (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\Metaphone.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Data\Strings.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Gloss\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Gloss\bab_hlp_static.bdc (Babylon) C:\Program Files\Babylon\Babylon-Pro\Gloss\bdcmpers.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Gloss\cslock.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Updates\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Updates\Convert.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Updates\Rates.dat (Babylon) C:\Program Files\Babylon\Babylon-Pro\Utils\ (Babylon) C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon) Size . . . . . . . : 252.304 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.3 SHA-256 . . . . . : 21142376F2B4D82CA2981BFE8287783B91805510AC8DF5CD525CE7DB7B3CA295 Product . . . . . : Babylon IE Addin Publisher . . . . : Babylon Ltd. Description . . . : Babylon Internet Explorer Addin Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 RSA Key Size . . . : 2048 Authenticode . . . : Self-signed Fuzzy . . . . . . : -5.0 C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonOfficePI.dll (Babylon) Size . . . . . . . : 286.720 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.3 SHA-256 . . . . . : D5BE1BEC5C5E11DD2FF3E819E35D1EE1285A8FC5C5419293DEE6B6667AB9BE60 Product . . . . . : Babylon Office Addin Publisher . . . . : Babylon Ltd. Description . . . : Babylon Office Addin Version . . . . . : 8.0.0.22 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -8.0 C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonRPI.api (Babylon) Size . . . . . . . : 161.280 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:21) Entropy . . . . . : 6.4 SHA-256 . . . . . : A6E7E609EE7C008427806FA97D203DB25E37DD2441D33A3936C0D4D3FC8AFC86 Product . . . . . : Babylon BabylonRPI Publisher . . . . : Babylon Description . . . : Babylon Plug in for Acrobat Reader Version . . . . . : 1.0.1.0 Copyright . . . . : Copyright © Babylon Ltd. 1997-2009 Fuzzy . . . . . . : -4.0 C:\Program Files\Babylon\Babylon-Pro\Utils\MyBabylonIE.exe (Babylon) Size . . . . . . . : 1.497.872 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:21) Entropy . . . . . : 8.0 SHA-256 . . . . . : 02CBA23F13BFD7B1CA740589E64FA82F34B36AD963BBA18B4E1BA4CC05E6666E Publisher Description . . . : myBabylon_English Toolbar Version . . . . . : 4.5.192.5 Copyright . . . . : Conduit Ltd. RSA Key Size . . . : 1024 Authenticode . . . : Valid Fuzzy . . . . . . : -6.0 C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe (Babylon) Size . . . . . . . : 435.600 bytes Age . . . . . . . : 1087.0 days (2010-07-04 18:03:20) Entropy . . . . . : 6.2 SHA-256 . . . . . : 0A30BA1D17B44F3B586E80EE9913FE060D50C2D7807A94862DAF9C8E74DA203C RSA Key Size . . . : 2048 Authenticode . . . : Self-signed Fuzzy . . . . . . : -3.0 HKLM\SOFTWARE\babylon\ (Babylon) HKLM\SOFTWARE\Classes\AppID\babyloniepi.dll\ (Babylon) HKLM\SOFTWARE\Classes\AppID\{b16632f1-24e0-4d99-a68d-70bfb6447c48}\ (Babylon) HKLM\SOFTWARE\Classes\babydict\ (Babylon) HKLM\SOFTWARE\Classes\babygloss\ (Babylon) HKLM\SOFTWARE\Classes\babyloniepi.babyloniebho.1\ (Babylon) HKLM\SOFTWARE\Classes\babyloniepi.babyloniebho\ (Babylon) HKLM\SOFTWARE\Classes\babylonofficeaddin.officeaddin.1\ (Babylon) HKLM\SOFTWARE\Classes\babylonofficeaddin.officeaddin\ (Babylon) HKLM\SOFTWARE\Classes\babyoptfile\ (Babylon) HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45e2-857D-2A368FE749E5}\ (Babylon) HKLM\SOFTWARE\Classes\CLSID\{9cfaccb6-2f3f-4177-94ea-0d2b72d384c1}\ (Babylon) HKLM\SOFTWARE\Classes\Interface\{5f339f0b-716f-408f-a627-deeb5deb4020}\ (Babylon) HKLM\SOFTWARE\Classes\Interface\{b7ea2226-f876-4be4-b478-76ebae2a668a}\ (Babylon) HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bdc\ (Babylon) HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bgl\ (Babylon) HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bof\ (Babylon) HKLM\SOFTWARE\Classes\prod.cap\ (Claro) HKLM\SOFTWARE\Classes\s\ (Softonic) HKLM\SOFTWARE\Classes\TypeLib\{5c9a2304-70a5-11d5-afb0-0050dac67890}\ (Babylon) HKLM\SOFTWARE\Classes\TypeLib\{a1489c85-4f6f-48c4-ac9e-18b63af4703e}\ (Babylon) HKLM\SOFTWARE\Classes\TypeLib\{f310f027-15cb-4a7f-b10d-3a4afb5013a5}\ (Babylon) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\babylon.exe\ (Babylon) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\babylon\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\babylon\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Internet Explorer\MenuExt\translate this web page with babylon\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Internet Explorer\MenuExt\translate with babylon\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Office\powerpoint\addins\babylonofficeaddin.officeaddin\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cfaccb6-2f3f-4177-94ea-0d2b72d384c1}\ (Babylon) HKU\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f72841f0-4ef1-4df5-bce5-b3ac8acf5478}\ (Babylon) Cookies _____________________________________________________________________ C:\Documents and Settings\Ecommit\Cookies\002JU9VV.txt C:\Documents and Settings\Ecommit\Cookies\0477FQ7K.txt C:\Documents and Settings\Ecommit\Cookies\08AZ6IBF.txt C:\Documents and Settings\Ecommit\Cookies\09OFXU9V.txt C:\Documents and Settings\Ecommit\Cookies\0EUFLIIW.txt C:\Documents and Settings\Ecommit\Cookies\0GN096SZ.txt C:\Documents and Settings\Ecommit\Cookies\0OHDWRU7.txt C:\Documents and Settings\Ecommit\Cookies\0P9UQ0CZ.txt C:\Documents and Settings\Ecommit\Cookies\0PF5YRH2.txt C:\Documents and Settings\Ecommit\Cookies\0PTCTDBE.txt C:\Documents and Settings\Ecommit\Cookies\0QE2OY59.txt C:\Documents and Settings\Ecommit\Cookies\0S58R4RS.txt C:\Documents and Settings\Ecommit\Cookies\0S87YJU4.txt C:\Documents and Settings\Ecommit\Cookies\0V1IMX0C.txt C:\Documents and Settings\Ecommit\Cookies\15B2VSKR.txt C:\Documents and Settings\Ecommit\Cookies\17YR7HLW.txt C:\Documents and Settings\Ecommit\Cookies\1B4H5KDP.txt C:\Documents and Settings\Ecommit\Cookies\1JA96FT8.txt C:\Documents and Settings\Ecommit\Cookies\1RFH4MWH.txt C:\Documents and Settings\Ecommit\Cookies\1TM28S3Z.txt C:\Documents and Settings\Ecommit\Cookies\28HF1QZX.txt C:\Documents and Settings\Ecommit\Cookies\2IN3R5TM.txt C:\Documents and Settings\Ecommit\Cookies\2K1AJQLX.txt C:\Documents and Settings\Ecommit\Cookies\2OY32CKR.txt C:\Documents and Settings\Ecommit\Cookies\2W7IKLW3.txt C:\Documents and Settings\Ecommit\Cookies\2WA7O8D3.txt C:\Documents and Settings\Ecommit\Cookies\336QMZGN.txt C:\Documents and Settings\Ecommit\Cookies\38IYLU74.txt C:\Documents and Settings\Ecommit\Cookies\3ESD9TU7.txt C:\Documents and Settings\Ecommit\Cookies\3G0TRNXY.txt C:\Documents and Settings\Ecommit\Cookies\3GJANP5X.txt C:\Documents and Settings\Ecommit\Cookies\3NL5C2HE.txt C:\Documents and Settings\Ecommit\Cookies\3W8LL6LB.txt C:\Documents and Settings\Ecommit\Cookies\3Z7F2M5U.txt C:\Documents and Settings\Ecommit\Cookies\42XGDSGX.txt C:\Documents and Settings\Ecommit\Cookies\4FCUSY49.txt C:\Documents and Settings\Ecommit\Cookies\4FKRJ5ZM.txt C:\Documents and Settings\Ecommit\Cookies\4KPHQ3E1.txt C:\Documents and Settings\Ecommit\Cookies\4TZTGMZA.txt C:\Documents and Settings\Ecommit\Cookies\4ZB536ZX.txt C:\Documents and Settings\Ecommit\Cookies\509XU2HX.txt C:\Documents and Settings\Ecommit\Cookies\5317SB2Z.txt C:\Documents and Settings\Ecommit\Cookies\5E8W770I.txt C:\Documents and Settings\Ecommit\Cookies\5JF7HTZI.txt C:\Documents and Settings\Ecommit\Cookies\5L2POJM3.txt C:\Documents and Settings\Ecommit\Cookies\5M39U1ZY.txt C:\Documents and Settings\Ecommit\Cookies\5PSMQL9H.txt C:\Documents and Settings\Ecommit\Cookies\5S8SCMD1.txt C:\Documents and Settings\Ecommit\Cookies\62012853.txt C:\Documents and Settings\Ecommit\Cookies\66N3E0WF.txt C:\Documents and Settings\Ecommit\Cookies\6AH1G64O.txt C:\Documents and Settings\Ecommit\Cookies\6S2HGJV2.txt C:\Documents and Settings\Ecommit\Cookies\6V292QWP.txt C:\Documents and Settings\Ecommit\Cookies\783LECTS.txt C:\Documents and Settings\Ecommit\Cookies\79YDLKXB.txt C:\Documents and Settings\Ecommit\Cookies\7GBK3RL0.txt C:\Documents and Settings\Ecommit\Cookies\7SEW28I9.txt C:\Documents and Settings\Ecommit\Cookies\7WCNKZX5.txt C:\Documents and Settings\Ecommit\Cookies\84TV586Q.txt C:\Documents and Settings\Ecommit\Cookies\893V58BM.txt C:\Documents and Settings\Ecommit\Cookies\8GTD5ME9.txt C:\Documents and Settings\Ecommit\Cookies\8QIKB410.txt C:\Documents and Settings\Ecommit\Cookies\8S03ATQ6.txt C:\Documents and Settings\Ecommit\Cookies\8VGJZ3MO.txt C:\Documents and Settings\Ecommit\Cookies\8VKVCT2P.txt C:\Documents and Settings\Ecommit\Cookies\91NLNTAJ.txt C:\Documents and Settings\Ecommit\Cookies\9FB3YZ5J.txt C:\Documents and Settings\Ecommit\Cookies\9I9JU60L.txt C:\Documents and Settings\Ecommit\Cookies\9RLBBLPO.txt C:\Documents and Settings\Ecommit\Cookies\A09X3EIP.txt C:\Documents and Settings\Ecommit\Cookies\A0D984MO.txt C:\Documents and Settings\Ecommit\Cookies\A3M9S45A.txt C:\Documents and Settings\Ecommit\Cookies\ABWTK2K9.txt C:\Documents and Settings\Ecommit\Cookies\APHQLC54.txt C:\Documents and Settings\Ecommit\Cookies\AVC320TG.txt C:\Documents and Settings\Ecommit\Cookies\AZPHUE0F.txt C:\Documents and Settings\Ecommit\Cookies\B6CNLLX3.txt C:\Documents and Settings\Ecommit\Cookies\B6HSZAUX.txt C:\Documents and Settings\Ecommit\Cookies\BBRC1N7U.txt C:\Documents and Settings\Ecommit\Cookies\BUPDKSSH.txt C:\Documents and Settings\Ecommit\Cookies\BWCNW08U.txt C:\Documents and Settings\Ecommit\Cookies\BZR0XQB4.txt C:\Documents and Settings\Ecommit\Cookies\C121OATN.txt C:\Documents and Settings\Ecommit\Cookies\C19PIPCD.txt C:\Documents and Settings\Ecommit\Cookies\C2QY7Y2Z.txt C:\Documents and Settings\Ecommit\Cookies\C771U97I.txt C:\Documents and Settings\Ecommit\Cookies\CE7PB6T5.txt C:\Documents and Settings\Ecommit\Cookies\CE8035KQ.txt C:\Documents and Settings\Ecommit\Cookies\CTCQA34Y.txt C:\Documents and Settings\Ecommit\Cookies\D9MZQ5V9.txt C:\Documents and Settings\Ecommit\Cookies\DFJOQB28.txt C:\Documents and Settings\Ecommit\Cookies\DZGWT07Q.txt C:\Documents and Settings\Ecommit\Cookies\ECSFQZF6.txt C:\Documents and Settings\Ecommit\Cookies\ECU533JU.txt C:\Documents and Settings\Ecommit\Cookies\EPBQ6S7R.txt C:\Documents and Settings\Ecommit\Cookies\ET7Y03OX.txt C:\Documents and Settings\Ecommit\Cookies\EWNG21XP.txt C:\Documents and Settings\Ecommit\Cookies\FIWK9F3Y.txt C:\Documents and Settings\Ecommit\Cookies\G6G5552S.txt C:\Documents and Settings\Ecommit\Cookies\G8P6BB3P.txt C:\Documents and Settings\Ecommit\Cookies\GCZ5GP8R.txt C:\Documents and Settings\Ecommit\Cookies\GDTSKTE8.txt C:\Documents and Settings\Ecommit\Cookies\GJZDD0QE.txt C:\Documents and Settings\Ecommit\Cookies\GQ60IK4N.txt C:\Documents and Settings\Ecommit\Cookies\GZY91V7R.txt C:\Documents and Settings\Ecommit\Cookies\H0CGOV0X.txt C:\Documents and Settings\Ecommit\Cookies\HAHWQ52B.txt C:\Documents and Settings\Ecommit\Cookies\HQPX5SYW.txt C:\Documents and Settings\Ecommit\Cookies\HUL3BIS3.txt C:\Documents and Settings\Ecommit\Cookies\HZZ6L25V.txt C:\Documents and Settings\Ecommit\Cookies\I3NHWZU0.txt C:\Documents and Settings\Ecommit\Cookies\IBX5XJFT.txt C:\Documents and Settings\Ecommit\Cookies\ITD2QWSF.txt C:\Documents and Settings\Ecommit\Cookies\IY9UW02N.txt C:\Documents and Settings\Ecommit\Cookies\IZDI3DYB.txt C:\Documents and Settings\Ecommit\Cookies\J1VYECY8.txt C:\Documents and Settings\Ecommit\Cookies\J2TAWW5V.txt C:\Documents and Settings\Ecommit\Cookies\J37BCEFC.txt C:\Documents and Settings\Ecommit\Cookies\J6KG7FAP.txt C:\Documents and Settings\Ecommit\Cookies\JIFKNED9.txt C:\Documents and Settings\Ecommit\Cookies\KC4P4QU1.txt C:\Documents and Settings\Ecommit\Cookies\KRUL87G6.txt C:\Documents and Settings\Ecommit\Cookies\L183S0EX.txt C:\Documents and Settings\Ecommit\Cookies\L9IPSK36.txt C:\Documents and Settings\Ecommit\Cookies\LA3XAYLH.txt C:\Documents and Settings\Ecommit\Cookies\LAMJVNWN.txt C:\Documents and Settings\Ecommit\Cookies\LLETRKQC.txt C:\Documents and Settings\Ecommit\Cookies\LS4UJU0D.txt C:\Documents and Settings\Ecommit\Cookies\LU3VA3K8.txt C:\Documents and Settings\Ecommit\Cookies\M0KVWA26.txt C:\Documents and Settings\Ecommit\Cookies\MHR9468R.txt C:\Documents and Settings\Ecommit\Cookies\MZSTQHIC.txt C:\Documents and Settings\Ecommit\Cookies\NFB90QL3.txt C:\Documents and Settings\Ecommit\Cookies\NNM8FDUL.txt C:\Documents and Settings\Ecommit\Cookies\NUTP0317.txt C:\Documents and Settings\Ecommit\Cookies\O2M6DDUQ.txt C:\Documents and Settings\Ecommit\Cookies\OL51655P.txt C:\Documents and Settings\Ecommit\Cookies\OSNQ3JJF.txt C:\Documents and Settings\Ecommit\Cookies\P1S6CZ5F.txt C:\Documents and Settings\Ecommit\Cookies\PIX7G96A.txt C:\Documents and Settings\Ecommit\Cookies\PU94NYHM.txt C:\Documents and Settings\Ecommit\Cookies\Q22XFPBC.txt C:\Documents and Settings\Ecommit\Cookies\Q3TR9CWQ.txt C:\Documents and Settings\Ecommit\Cookies\Q6QDBDJ2.txt C:\Documents and Settings\Ecommit\Cookies\Q7YADDJ1.txt C:\Documents and Settings\Ecommit\Cookies\QAMJPY54.txt C:\Documents and Settings\Ecommit\Cookies\QETS0WHP.txt C:\Documents and Settings\Ecommit\Cookies\QG9U1Z6L.txt C:\Documents and Settings\Ecommit\Cookies\QLXKVPU4.txt C:\Documents and Settings\Ecommit\Cookies\QTJTREHK.txt C:\Documents and Settings\Ecommit\Cookies\QUA1UJXM.txt C:\Documents and Settings\Ecommit\Cookies\R09EZ5VR.txt C:\Documents and Settings\Ecommit\Cookies\R6GJH4LT.txt C:\Documents and Settings\Ecommit\Cookies\RHEX3Y2C.txt C:\Documents and Settings\Ecommit\Cookies\RTAX2O9S.txt C:\Documents and Settings\Ecommit\Cookies\RXXYFRTW.txt C:\Documents and Settings\Ecommit\Cookies\S0EGNGPZ.txt C:\Documents and Settings\Ecommit\Cookies\SFOBBW5T.txt C:\Documents and Settings\Ecommit\Cookies\STXJENBQ.txt C:\Documents and Settings\Ecommit\Cookies\SV1HREUX.txt C:\Documents and Settings\Ecommit\Cookies\SZ0JTZAE.txt C:\Documents and Settings\Ecommit\Cookies\TGY1ICBK.txt C:\Documents and Settings\Ecommit\Cookies\TLXDY1AD.txt C:\Documents and Settings\Ecommit\Cookies\TPF7AHKE.txt C:\Documents and Settings\Ecommit\Cookies\TV2IEDJ8.txt C:\Documents and Settings\Ecommit\Cookies\TVM4C56N.txt C:\Documents and Settings\Ecommit\Cookies\TXB51ANS.txt C:\Documents and Settings\Ecommit\Cookies\TXHWAWPP.txt C:\Documents and Settings\Ecommit\Cookies\U1WG5DI8.txt C:\Documents and Settings\Ecommit\Cookies\U964CT90.txt C:\Documents and Settings\Ecommit\Cookies\UQ2QXVC3.txt C:\Documents and Settings\Ecommit\Cookies\UZ3580EG.txt C:\Documents and Settings\Ecommit\Cookies\V4WX3K5U.txt C:\Documents and Settings\Ecommit\Cookies\V9U2PNZQ.txt C:\Documents and Settings\Ecommit\Cookies\VEXTBEFJ.txt C:\Documents and Settings\Ecommit\Cookies\VKI705VY.txt C:\Documents and Settings\Ecommit\Cookies\VULYSH21.txt C:\Documents and Settings\Ecommit\Cookies\VW5PTFBX.txt C:\Documents and Settings\Ecommit\Cookies\VW8PG39W.txt C:\Documents and Settings\Ecommit\Cookies\VYLTNSY2.txt C:\Documents and Settings\Ecommit\Cookies\WCX3A49K.txt C:\Documents and Settings\Ecommit\Cookies\WH2CFGGV.txt C:\Documents and Settings\Ecommit\Cookies\WKRG8SF3.txt C:\Documents and Settings\Ecommit\Cookies\WMQOQY4X.txt C:\Documents and Settings\Ecommit\Cookies\WTIQ3RJL.txt C:\Documents and Settings\Ecommit\Cookies\WWP8Y2XX.txt C:\Documents and Settings\Ecommit\Cookies\X0R86EYO.txt C:\Documents and Settings\Ecommit\Cookies\XB62JEHE.txt C:\Documents and Settings\Ecommit\Cookies\XKFXER17.txt C:\Documents and Settings\Ecommit\Cookies\XMMAKY2M.txt C:\Documents and Settings\Ecommit\Cookies\XN999PG4.txt C:\Documents and Settings\Ecommit\Cookies\XOYEL0IZ.txt C:\Documents and Settings\Ecommit\Cookies\XTJDFZJF.txt C:\Documents and Settings\Ecommit\Cookies\Y3GFV4IA.txt C:\Documents and Settings\Ecommit\Cookies\Y3JWZ8MR.txt C:\Documents and Settings\Ecommit\Cookies\YA501FHH.txt C:\Documents and Settings\Ecommit\Cookies\YE68N7YX.txt C:\Documents and Settings\Ecommit\Cookies\YOP5XWCC.txt C:\Documents and Settings\Ecommit\Cookies\YRAZZRBU.txt C:\Documents and Settings\Ecommit\Cookies\YSIE1ULF.txt C:\Documents and Settings\Ecommit\Cookies\YTS5OTNC.txt C:\Documents and Settings\Ecommit\Cookies\Z1TIXTK6.txt C:\Documents and Settings\Ecommit\Cookies\Z5PH119P.txt C:\Documents and Settings\Ecommit\Cookies\ZBKFE9VJ.txt C:\Documents and Settings\Ecommit\Cookies\ZLN5N525.txt C:\Documents and Settings\Ecommit\Cookies\ZOE6LZ1K.txt C:\Documents and Settings\Ecommit\Cookies\ZW1SYDGJ.txt C:\Documents and Settings\Ecommit\Cookies\ZYTNX9XM.txt C:\Documents and Settings\Ecommit\Cookies\ZZPULLY9.txt -
Dit is het volledig logje.
De vorige keer had ik gewoon de eerste 4 lijnen niet gekopieerd.
Zoek.exe Version 4.0.0.2 Updated 22-June-2013
Tool run by Ecommit on ma 24/06/2013 at 14:08:26,31.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
==== Suspicious Entries Found ======================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Disabled:@xpsp2res.dll,-22009"
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
====== C:\DOCUME~1\Ecommit\LOCALS~1\Temp ====
====== C:\WINDOWS\system32 =====
====== C:\WINDOWS\system32\drivers =====
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Documents and Settings\Ecommit\Application Data ======
2013-06-01 16:29:57 -------- d-----w- C:\Documents and Settings\Ecommit\Application Data\ArcSoft
====== C:\Documents and Settings\Ecommit ======
====== C: exe-files ==
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount"
"Foco"="C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"vProt"="C:\Program Files\AVG Secure Search\vprot.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"
"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount"
"Foco"="C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^PHOTOfunSTUDIO -viewer-.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\PHOTOfunSTUDIO -viewer-.lnk"
"backup"="C:\\WINDOWS\\pss\\PHOTOfunSTUDIO -viewer-.lnkCommon Startup"
"command"="C:\\PROGRA~1\\PANASO~1\\PHOTOF~1\\PHAUTO~1.EXE "
"item"="PHOTOfunSTUDIO -viewer-"
==== Startup Folders ======================
2009-04-05 12:45:22 1734 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job --a------ C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []
C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\Apple Software Update\SoftwareUpdate.exe [01/06/2011 17:57]
C:\WINDOWS\tasks\debutShakeIcon.job --a------ C:\Program Files\NCH Software\Debut\debut.exe [07/04/2012 23:55]
==== EOF on ma 24/06/2013 at 14:14:12,57 ======================
-
==== Suspicious Entries Found ======================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Disabled:@xpsp2res.dll,-22009"
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
====== C:\DOCUME~1\Ecommit\LOCALS~1\Temp ====
====== C:\WINDOWS\system32 =====
====== C:\WINDOWS\system32\drivers =====
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Documents and Settings\Ecommit\Application Data ======
2013-06-01 16:29:57 -------- d-----w- C:\Documents and Settings\Ecommit\Application Data\ArcSoft
====== C:\Documents and Settings\Ecommit ======
====== C: exe-files ==
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-1004336348-854245398-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount"
"Foco"="C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"vProt"="C:\Program Files\AVG Secure Search\vprot.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"
"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount"
"Foco"="C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^PHOTOfunSTUDIO -viewer-.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\PHOTOfunSTUDIO -viewer-.lnk"
"backup"="C:\\WINDOWS\\pss\\PHOTOfunSTUDIO -viewer-.lnkCommon Startup"
"command"="C:\\PROGRA~1\\PANASO~1\\PHOTOF~1\\PHAUTO~1.EXE "
"item"="PHOTOfunSTUDIO -viewer-"
==== Startup Folders ======================
2009-04-05 12:45:22 1734 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job --a------ C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []
C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\Apple Software Update\SoftwareUpdate.exe [01/06/2011 17:57]
C:\WINDOWS\tasks\debutShakeIcon.job --a------ C:\Program Files\NCH Software\Debut\debut.exe [07/04/2012 23:55]
==== EOF on za 22/06/2013 at 14:09:36,76 ======================
-
Ik heb wel vergeten te vermelden dat HijackThis versie 2.0.2. is, aangezien ik dit een tijdje geleden al eens had gedownload.
HijackThis:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Genuine Microsoft Software
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Foco] "C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe"
O4 - HKUS\S-1-5-20\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: download with &shareaza - res://C:\Program Files\Shareaza\RazaWebHook32.dll/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: translate this web page with babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: translate with babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACFC7C4D-5A75-4C65-846E-6D6DF9AD3880}: NameServer = 195.130.131.5,195.130.130.133
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service (avg security toolbar service) - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: vToolbarUpdater15.2.0 - AVG Secure Search - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
Malwarebytes:
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 268181
Verstreken tijd: 13 minuut/minuten,
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F334C7B0-8774-4D5B-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F334C7B0-8774-4D5B-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\SkyMedia (Adware.SkyMedia) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 2
C:\Documents and Settings\Ecommit\Application Data\skype.dat (Trojan.Agent.rf) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Ecommit\Local Settings\Temp\jztUg5W.exe (Trojan.Agent.rf) -> Succesvol in quarantaine geplaatst en verwijderd.
-
Dit is reeds gebeurd.
Is dit alles wat moet gedaan worden?
Alleszinds bedankt!
-
Hallo,
Ik ben ook slachtoffer geworden van het Ukash virus.
Ik heb het probleem opgelost via systeemherstel maar ik heb op dit forum gelezen dat de pc toch nog kan besmet zijn.
Ik was eerst niet van plan om dit probleem aan te pakken omdat ik sowieso binnen nu en een maand mijn pc eens zou formateren maar wil het toch voor de zekerheid doen.
Ik heb HijackThis zijn werk eens laten doen en hier is het logbestand:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Het Nieuwsblad
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Genuine Microsoft Software
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - (no file)
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [conhost] C:\Documents and Settings\Ecommit\Application Data\Microsoft\conhost.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Foco] "C:\Program Files\YoutubeDownloader.org\YoutubeDownloader\Foco.exe"
O4 - HKUS\S-1-5-20\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: download with &shareaza - res://C:\Program Files\Shareaza\RazaWebHook32.dll/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: translate this web page with babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: translate with babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACFC7C4D-5A75-4C65-846E-6D6DF9AD3880}: NameServer = 195.130.131.5,195.130.130.133
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service (avg security toolbar service) - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: vToolbarUpdater15.2.0 - AVG Secure Search - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
Nu ik hier toch ben nog een klein vraagje.
Ik werk nog altijd met Windows XP service pack 3. Is het aan te raden om eens over te schakelen naar een nieuwe versie?
Alvast Bedankt!
-
Ik zal het proberen met de foto die ik nu heb opgeslaan.
Dit topic mag dan gesloten worden. Ik neem aan dat ik gewoon op "markeer als OPGELOST" moet drukken?
Alleszinds bedankt voor de antwoorden!
-
Ja, dat weet ik maar het probleem is dat ik niet kan vergelijken met een foto die opgeslaan is via de andere manier (download full size). Dus mijn vraag is wanneer je het zou opslaan via die andere manier, de foto's nog van een betere kwaliteit zouden kunnen zijn?
-
Bedankt voor het antwoord maar het is net opgelost.
Als ik heel vlug achter mekaar de linker- en rechtermuisknop indruk komt het normale venstertje tevoorschijn om een afbeelding op te slaan. Met de gewone rechtermuisknop lukte het mij nooit maar blijkbaar gaat het wel met de combinatie van de 2.
Mss nog 1 vraagje. Zou dit op dezelfde grootte worden opgeslaan (dus dezelfde kwaliteit) als wanneer het via options (download full size) wordt opgeslaan? De bedoeling is om deze foto op een groot doek te zetten om iemand te verrassen en ik wil deze foto in een zo goed mogelijke kwaliteit naar de fotograaf brengen.
-
Bedankt maar het lukt mij niet om options tevoorschijn laten komen.
Dit is mijn werkwijze:
1) In een album zie je alle foto's in het klein.
2) Ik klik op de foto die ik wil hebben.
3) De foto komt in het groot tevoorschijn. (Links de foto, rechts een kader waar je een opmerking kan plaatsen.
4) Rechts vanonder op de foto is er een klein kadertje met een schuin pijltje.
5) Als ik daar op klik verdwijnt de kader waar je een opmerking kan plaatsen en wordt de foto centraal gezet.
6) Ik zie vanonder nergens iets van options staan en als ik op de foto klik, verdwijnt de foto en komt de volgende foto van het album er op.
Wat ik er wel moet bijzeggen (mss in het begin te weinig info gegeven) is dat het wel niet mijn google plus account is.
Is het sowieso wel mogelijk om een foto op te slaan als het niet je eigen account is?
-
Hallo,
Het lukt mij niet om een foto op te slaan van google+.
Via de rechtermuisknop gaat het alleszinds niet.
Ik weet nog dat er een trucje was om bv. een beveiligde foto op te slaan via de "bron" en daar te kijken naar een link waar img in voorkomt of zoiets maar dit lukt mij nu niet.
Iemand een oplossing?
Alvast Bedankt!
-
Dit had ik al eens geprobeerd en zo werkt het wel. In principe is het geen ramp om het op die manier telkens te doen dus zo zal ik het dan ook blijven doen.
Toch bedankt.
-
Op mijn car mp3 player heb ik geen RANDOM-functie. In feite kan ik met de player niet veel doen. Alleen maar de gewone dingen zoals pauzeren, doorspoelen,....
Doordat er geen opties op de player zitten vrees ik dat ik niet anders kan dan de artiestennaam te veranderen.
-
Hallo,
Wanneer ik de muziek van een cd op bv mijn "car mp3 player" overzet speelt de muziek niet mooi op volgorde af.
Het is te zeggen, er wordt afgespeeld volgens artiest en niet volgens nummer.
Ik kan dit oplossen door op de pc de artiest te vervangen door een cijfer of door een cijfer te plaatsen juist voor de artiestennaam.
Kan dit ook opgelost worden zonder iets te veranderen aan de artiestennaam?
Alvast bedankt!
-
Ok, in orde dus dit betekent dat alles is opgelost?
-
Ik heb eens het bestand geopend en er wordt dan gevraagd om het toe te voegen aan het register maar hiermee zie ik niet de geschiedenis van de bestanden die gewist zijn.
Bestaan er bij gewone bestanden zoals foto's geen bestanden die eigenlijk bij een foto horen zoals bij een geopende internetpagina een cookie hoort en hierdoor onbelangrijke bestanden verwijderd zijn?
-
Ik heb alleen maar gedaan wat je me gezegd hebt dus ik heb er vertrouwen in dat ik niks kwijt zal zijn. Ik heb wel nog eens gekeken in het programma of er daar geen geschiedenis van bestaat van de bestanden die verwijderd zijn maar blijkbaar niet.
Nogmaals bedankt voor de hulp
-
Ok, is inmiddels gebeurd.
Er stonden wel dingen bij zoals een kladblokbestand en een foto maar ik neem aan dat ik hierdoor geen persoonlijke dingen verlies?
-
Ik ging juist terug reageren want blijkbaar is het al opgelost
.Alvast bedankt voor je hulp
.
.
Comprimeren van bestanden => blauwe letters
in Archief Windows Algemeen
Geplaatst:
Aangezien ik de bestanden op een andere schijf wil zetten, was het dus niet nodig om ze zelf te decomprimeren maar het is nu zo en sowieso is het opgelost.
Alleszinds bedankt voor de reacties!