mia
-
Items
63 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door mia
-
http://speccy.piriform.com/results/jucaMpXCLE1OQP0JRej2JVW
-
Hoi, Ik heb de chkdsk uitgevoerd. De chkntfs lukte niet. De chkdsk heeft ie uitgevoerd ik kreeg nadat het helemaal was uitgevoer de melding van dat er een of meer fouten zijn ofzoiets. En toen heb ik weer in re overy console de fixboot en fixmbr gedaan daarna gekozen voor normaal opstarten. En hij is weer vastgelopen bij het windows logo... Dus heb het weer niet kunnen opstarten.
-
Hoi, Ik heb de recovery console opgestart, en toen kreeg ik het volgende schermpje: daarna heb ik 1 gedrukt voor c:\ windows en toen fixboot enter, en kreeg het volgende schermpje Moet ik nu op ja drukken? of wat moet ik hier doen? ik hoop dat het te lezen is, er staat weet u zeker dat u een nieuwe opstartsector wilt schrijven op partitie c? Ik heb inmiddels j ingetoetst en enter gedrukt. en toen fixmbr enter, en nu krijg ik een waarschuwing namelijk: het lijkt erop dat deze computer een niet-standaard of ongeldige MBR heeft. FIXMBR kan de partitietabellen beshadigen als u doorgaat. hierdoor kunnen alle partities van de active vaste schijf ontoegankelijk worden. ga niet door als u geen problemen hebt met het verkrijgen van toegang tot het station. weet u zeker dat u een nieuwe MBR wilt schrijven? Ik heb inmiddels op j gedrukt, en daarna exit. Hij is afgesloten en is toen weer opgestart, maar weer bleef hij hangen bij het windows logo... Dus hij is weer niet normaal opgestart..
-
Hoii,, De memtest draait nu al bijna 27 uur. is dit nog steeds normaal? en er zijn ook geen errors te vinden tot nu toe. Hoe weet ik hoe lang hij nog moet? ik begrijp niks van de termen die op het scherm staan!
-
Hai, Aha nou ok dan. Nee ik heb nog geen ene foutmelding. No steeds het zelfde blauw schermpje en geen foutmelding.
-
Hoi, İk heb de memtest kunnen opstarten via cd. Maar hij is al 8 uurtjes bezig is dat normaal?
-
Hoi,, kan ik de memtest ook i stalleren in veilige modus en dan vanaf daar uitvoeren? Of is het de bedoeling dat het wordt uitgevoerd terwijl je opstart??
-
Ja dat begrijp ik, maar als ik bij het scherm "druk op een toets om op te starten via pc" op een toets druk kom ik gelijk in het blauwe schermpje met WINDOWS SETUP. En begint hij met het laden van bedtanden voor de installatie. Dus het scherm met welkom bij setup krijg ik niet waar ik R kan indrukken voor recoveryconsole.....
-
Ja ik lees het ook maar ik krijg niet het schermpje wat er staat en wil nirts verkeerds doen omdat ik er geen verstand van heb. Dus ja ik kan in windows recovery console komen maar niet zoals hierboven beschreven. İk weet niet of het een probleem is dat ik extra voorzichtig ben met het uitvoeren van opdrachten waar ik zelf geen verstand van heb.
-
Hoi, İk heb eerst op f12 gedrukt waarna hij vraagt druk op een toets als je wilt starten vanaf cd. İk heb de opgestart vanaf cd maar dan begint hij bestanden te laden voor setup. En krijg ik een blauw scherm metdruk op enter als u windows xp op de geselecteerde partitie wilt installeren Druk op c als u een partitie in niet-gepartitioneerse ruimte wilt maken Of drukk op d als u de geselecteerde partitie wilt verwijderen ---------- Post toegevoegd om 09:29 ---------- Vorige post was om 09:19 ---------- Ow jah nog iets, als ik opstart krijg ik na het beginscherm dus waar staat dat f8 kunt enz. Krijg altijd erna een zwart schermpje waar staat starten windows xp of herstelconsole. Dat kreeg ik de laatste tijd altijd bij het opstarten. En krijg het nu ook steeds. İs dat hetzelfde? Kan ik ook daarvoor kiezen? Klinkt misschien raar wat ik zeg maar... İk weet het niet dus vandaar....
-
Hoi, Ja die heb ik, maar ik wilde dus niet herinstalleren omdat ik anders al mijn bestanden kwijtraak. En btw na een aantal uur proberen is het me weer gelukt om op te starten in veilige modus.
-
Hoi, İk heb twee vinkjes heb gezet bij de verkenner, en toen op opnieuw opstarten. Maar hij start nu helemaal niet meer op ook niet in veilige modus. Het schermpje blijft zwart. Met een - streepje wat knippert. Hij maakt wel een geluid wat erop lijkt dat ie bezig is met iets. Maar schermpje blijft zwart. En als ik normaal wil opstarten dan begint hij wel met scannen maar loopt weer vast bij het aftellen van de 10 sec dat je hebt om de scan te annuleren. Wat kan ik doen?
-
hoi, uhm een vraagje.. waar open ik een verkenner??
-
Hoi, İk heb dat uitgevoerd. Allen heb nog steeds het zelfde probleem. Hij loopt weer vast bij het windows logo. Ook kan ik heb mapje niet handmatig verwijderen in veilige modus. Er staat dat ik geen toegang heb.
-
ComboFix 11-10-19.03 - Müjde Oruç 21-10-2011 9:15.4.2 - x86 NETWORK Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1983.1596 [GMT 2:00] Gestart vanuit: c:\documents and settings\Müjde Oruç\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Müjde Oruç\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Lavasoft Ad-Watch Live! Antivirus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} . FILE :: "c:\program files\Ask.com\UpdateTask.exe" "c:\program files\Microsoft\BingBar\BBSvc.EXE" "c:\windows\system32\drivers\eedcbqpm.sys" "c:\windows\Tasks\Scheduled Update for Ask Toolbar.job" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Ask.com c:\program files\Ask.com\assets\oobe\b.png c:\program files\Ask.com\assets\oobe\bl.png c:\program files\Ask.com\assets\oobe\br.png c:\program files\Ask.com\assets\oobe\l.png c:\program files\Ask.com\assets\oobe\pointer.png c:\program files\Ask.com\assets\oobe\r.png c:\program files\Ask.com\assets\oobe\t.png c:\program files\Ask.com\assets\oobe\tl.png c:\program files\Ask.com\assets\oobe\tr.png c:\program files\Ask.com\cobrand.ico c:\program files\Ask.com\config.xml c:\program files\Ask.com\favicon.ico c:\program files\Ask.com\fv_5e.ico c:\program files\Ask.com\GenericAskToolbar.dll c:\program files\Ask.com\mupcfg.xml c:\program files\Ask.com\SaUpdate.exe c:\program files\Ask.com\UpdateTask.exe c:\program files\Microsoft\BingBar\BBSvc.EXE c:\windows\system32\d3d9caps.dat c:\windows\system32\drivers\eedcbqpm.sys c:\windows\Tasks\Scheduled Update for Ask Toolbar.job . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_BBSvc -------\Service_BBSvc . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-21 to 2011-10-21 )))))))))))))))))))))))))))))) . . 2011-10-19 07:18 . 2011-10-19 07:18 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe 2011-10-16 12:43 . 2011-10-16 12:43 -------- d-----w- c:\windows\system32\wbem\Repository 2011-10-07 15:35 . 2011-10-07 15:35 -------- d-----w- c:\windows\system32\20-20 Technologies 2011-09-21 19:29 . 2011-09-21 19:29 -------- d-----w- c:\documents and settings\Müjde Oruç\.bitrock 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-17 07:15 . 2011-07-05 14:02 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41 . 2008-04-15 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 09:41 . 2008-04-15 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-12 20:16 . 2010-04-05 00:22 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-09-09 09:12 . 2008-04-15 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-06 14:09 . 2008-04-15 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-08-31 15:00 . 2010-11-08 18:43 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-22 23:41 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2011-08-22 23:41 . 2008-04-15 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-22 23:41 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-08-22 11:58 . 2008-04-15 12:00 385024 ----a-w- c:\windows\system32\html.iec 2011-08-17 13:49 . 2008-04-15 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys . . ((((((((((((((((((((((((((((( SnapShot_2011-10-19_12.32.00 ))))))))))))))))))))))))))))))))))))))))) . + 2011-10-21 07:26 . 2011-10-21 07:26 16384 c:\windows\temp\Perflib_Perfdata_5b8.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-04-18 17:25 122512 ------w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-22 39408] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MakeMarkerFile"="c:\windows\system32\Drivers\Marker.exe" [2006-12-22 24576] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536] "RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-02-16 87336] "PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2008-10-13 50472] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "Custom Skin Clock"="c:\program files\Custom Skin Clock\Clock.exe" [2008-01-30 712704] "iTunesHelper"="c:\documents and settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe" [2011-04-26 421160] "avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-04-18 3460784] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-09-12 273528] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . c:\documents and settings\Müjde Oruç\Menu Start\Programma's\Opstarten\ LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-30 503808] . c:\documents and settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\ Sitecom 150N USB Wireless LAN Utility.lnk - c:\program files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe [2010-11-1 966656] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\StubInstaller.exe"= "c:\\Documents and Settings\\Müjde Oruç\\Mijn documenten\\Voip wise\\voipwise.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\BitTornado\\btdownloadgui.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\SITECOM\\150N USB Wireless LAN Utility\\RtWLan.exe"= "c:\\Documents and Settings\\All Users\\Documenten\\Mijn muziek\\iTunes.exe"= "c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1542:TCP"= 1542:TCP:Realtek WPS TCP Prot "1542:UDP"= 1542:UDP:Realtek WPS UDP Prot "53:UDP"= 53:UDP:Realtek AP UDP Prot . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [31-8-2010 16:06 64288] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [20-3-2011 12:54 441176] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4-4-2010 20:59 307288] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4-4-2010 20:59 19544] R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [15-6-2011 17:33 249648] R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [4-4-2010 20:54 4300] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24-8-2010 11:38 92008] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8192su.sys [1-11-2010 16:19 594048] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1-2-2010 22:51 135664] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12-8-2010 14:15 2151128] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1-2-2010 22:51 135664] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [12-8-2010 14:15 15232] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [4-4-2010 21:59 47360] . Inhoud van de 'Gedeelde Taken' map . 2011-10-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 09:11] . 2011-10-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57] . 2011-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 20:51] . 2011-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 20:51] . 2011-10-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-2049760794-1177238915-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-08-11 13:22] . 2011-10-17 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-2049760794-1177238915-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-08-11 13:22] . 2011-10-21 c:\windows\Tasks\User_Feed_Synchronization-{C1F6B7C2-88D9-42AF-B5D1-22C5CFE273CA}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = local;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.0.1 DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-21 09:27 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(716) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(3272) c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\windows\SOUNDMAN.EXE c:\program files\Windows Media Player\WMPNetwk.exe c:\program files\iPod\bin\iPodService.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ************************************************************************** . Voltooingstijd: 2011-10-21 09:39:28 - machine werd herstart ComboFix-quarantined-files.txt 2011-10-21 07:39 ComboFix2.txt 2011-10-19 16:29 ComboFix3.txt 2011-10-19 12:34 ComboFix4.txt 2011-07-05 19:15 . Pre-Run: 85.240.311.808 bytes beschikbaar Post-Run: 85.234.466.816 bytes beschikbaar . - - End Of File - - FF975B6CE9ED5953348BBB3CA1517F13
-
ComboFix 11-10-19.03 - Müjde Oruç 19-10-2011 14:24:50.2.2 - x86 NETWORK Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1983.1689 [GMT 2:00] Gestart vanuit: c:\documents and settings\M³jde Oruþ\Bureaublad\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Lavasoft Ad-Watch Live! Antivirus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\d3d9caps.dat . . (((((((((((((((((((( Bestanden Gemaakt van 2011-09-19 to 2011-10-19 )))))))))))))))))))))))))))))) . . 2011-10-19 07:18 . 2011-10-19 07:18 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe 2011-10-17 15:40 . 2011-10-17 15:40 54016 ----a-w- c:\windows\system32\drivers\eedcbqpm.sys 2011-10-16 12:43 . 2011-10-16 12:43 -------- d-----w- c:\windows\system32\wbem\Repository 2011-10-07 15:35 . 2011-10-07 15:35 -------- d-----w- c:\windows\system32\20-20 Technologies 2011-09-21 19:29 . 2011-09-21 19:29 -------- d-----w- c:\documents and settings\Müjde Oruç\.bitrock 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2011-09-21 07:54 . 2011-09-21 07:54 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-17 07:15 . 2011-07-05 14:02 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41 . 2008-04-15 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 09:41 . 2008-04-15 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-12 20:16 . 2010-04-05 00:22 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-09-09 09:12 . 2008-04-15 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-06 14:09 . 2008-04-15 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-08-31 15:00 . 2010-11-08 18:43 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-22 23:41 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2011-08-22 23:41 . 2008-04-15 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-22 23:41 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-08-22 11:58 . 2008-04-15 12:00 385024 ----a-w- c:\windows\system32\html.iec 2011-08-17 13:49 . 2008-04-15 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys 2011-07-22 20:51 . 2011-07-22 20:51 94208 ----a-w- c:\windows\system32\dpl100.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-07-05_19.04.23 ))))))))))))))))))))))))))))))))))))))))) . - 2008-04-15 12:00 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe + 2008-04-15 12:00 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe - 2010-04-04 19:48 . 2009-01-07 16:21 26144 c:\windows\system32\spupdsvc.exe + 2010-04-04 19:48 . 2008-11-07 16:55 26144 c:\windows\system32\spupdsvc.exe + 2011-08-01 16:19 . 2008-11-07 16:55 16928 c:\windows\system32\spmsgXP_2k3.dll + 2011-08-01 16:19 . 2009-01-09 14:18 27136 c:\windows\system32\ReinstallBackups\0005\DriverFiles\RimSerial.sys + 2008-04-15 12:00 . 2011-10-16 13:16 93722 c:\windows\system32\perfc009.dat + 2008-04-15 12:00 . 2011-08-22 23:41 66560 c:\windows\system32\mshtmled.dll - 2008-04-15 12:00 . 2011-04-25 16:05 66560 c:\windows\system32\mshtmled.dll + 2009-03-08 02:31 . 2011-08-22 23:41 55296 c:\windows\system32\msfeedsbs.dll - 2009-03-08 02:31 . 2011-04-25 16:05 55296 c:\windows\system32\msfeedsbs.dll - 2008-04-15 12:00 . 2011-04-25 16:05 25600 c:\windows\system32\jsproxy.dll + 2008-04-15 12:00 . 2011-08-22 23:41 25600 c:\windows\system32\jsproxy.dll + 2009-07-14 08:35 . 2009-07-14 08:35 37608 c:\windows\system32\drivers\wdfldr.sys + 2011-02-16 16:56 . 2011-02-16 16:56 64000 c:\windows\system32\drivers\RimUsb.sys + 2008-04-15 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys - 2010-04-04 23:36 . 2011-04-25 16:05 12800 c:\windows\system32\dllcache\xpshims.dll + 2010-04-04 23:36 . 2011-08-22 23:41 12800 c:\windows\system32\dllcache\xpshims.dll + 2008-04-15 12:00 . 2011-09-26 09:41 23040 c:\windows\system32\dllcache\oleaccrc.dll + 2008-04-15 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys - 2008-04-15 12:00 . 2011-04-25 16:05 66560 c:\windows\system32\dllcache\mshtmled.dll + 2008-04-15 12:00 . 2011-08-22 23:41 66560 c:\windows\system32\dllcache\mshtmled.dll - 2010-04-04 23:36 . 2011-04-25 16:05 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2010-04-04 23:36 . 2011-08-22 23:41 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2008-04-15 12:00 . 2011-04-25 16:05 43520 c:\windows\system32\dllcache\licmgr10.dll + 2008-04-15 12:00 . 2011-08-22 23:41 43520 c:\windows\system32\dllcache\licmgr10.dll + 2008-04-15 12:00 . 2011-08-22 23:41 25600 c:\windows\system32\dllcache\jsproxy.dll - 2008-04-15 12:00 . 2011-04-25 16:05 25600 c:\windows\system32\dllcache\jsproxy.dll + 2008-04-15 12:00 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll - 2008-04-15 12:00 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll - 2008-04-15 12:00 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll + 2008-04-15 12:00 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll + 2011-09-12 20:18 . 2011-09-12 20:18 18944 c:\windows\Installer\93743b1.msi + 2011-09-12 20:16 . 2011-09-12 20:16 92672 c:\windows\Installer\93743a5.msi + 2011-09-10 08:27 . 2011-09-10 08:27 22016 c:\windows\Installer\14b1af.msi + 2010-04-05 22:41 . 2011-10-16 13:09 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2010-04-05 22:41 . 2011-07-05 14:21 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2010-04-05 22:41 . 2011-07-05 14:21 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2010-04-05 22:41 . 2011-10-16 13:09 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2010-04-05 22:41 . 2011-10-16 13:09 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - 2010-04-05 22:41 . 2011-07-05 14:21 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - 2010-06-05 01:01 . 2011-07-05 14:11 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2010-06-05 01:01 . 2011-10-16 13:18 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - 2010-04-07 11:14 . 2010-04-07 11:14 53248 c:\windows\Installer\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}\_EFD9081D7444_4E05_8D70_F72696432A51.exe + 2010-04-07 11:14 . 2011-09-30 14:58 53248 c:\windows\Installer\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}\_EFD9081D7444_4E05_8D70_F72696432A51.exe + 2011-09-21 07:43 . 2011-09-21 07:43 27136 c:\windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe + 2011-08-01 16:19 . 2011-08-01 16:19 69632 c:\windows\Installer\{75157F34-02C6-4831-BD66-3BC49E7A8394}\NewShortcut4_838BDC75346D4F49BD1D5328F986CD86.exe + 2011-10-16 13:08 . 2011-06-23 18:31 12800 c:\windows\ie8updates\KB2586448-IE8\xpshims.dll + 2011-10-16 13:08 . 2011-06-23 18:31 66560 c:\windows\ie8updates\KB2586448-IE8\mshtmled.dll + 2011-10-16 13:08 . 2011-06-23 18:31 55296 c:\windows\ie8updates\KB2586448-IE8\msfeedsbs.dll + 2011-10-16 13:08 . 2011-06-23 18:31 43520 c:\windows\ie8updates\KB2586448-IE8\licmgr10.dll + 2011-10-16 13:08 . 2011-06-23 18:31 25600 c:\windows\ie8updates\KB2586448-IE8\jsproxy.dll + 2011-08-09 23:06 . 2011-04-25 16:05 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll + 2011-08-09 23:06 . 2011-04-25 16:05 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll + 2011-08-09 23:06 . 2011-04-25 16:05 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll + 2011-08-09 23:06 . 2011-04-25 16:05 43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll + 2011-08-09 23:06 . 2011-04-25 16:05 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll + 2011-03-20 10:53 . 2011-07-04 11:43 40112 c:\windows\avastSS.scr - 2011-03-20 10:53 . 2011-04-18 17:25 40112 c:\windows\avastSS.scr + 2011-10-16 13:36 . 2011-10-16 13:36 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\1ee639a35730f580f0266d2466d3976d\WindowsLiveWriter.ni.exe + 2011-10-16 13:37 . 2011-10-16 13:37 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4490f2c7ba373caac054470763d7081d\WindowsLive.Writer.Api.ni.dll + 2011-10-16 13:21 . 2011-10-16 13:21 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\888b745ca99d39692c2e9af222e5eae8\UIAutomationProvider.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\6c334564da041df8fb75415f2d503224\System.Windows.Presentation.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a54a122f1070ab71931dd9679ddd8e90\System.Web.DynamicData.Design.ni.dll + 2011-10-16 13:38 . 2011-10-16 13:38 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac92806d5bd508eb25f1b4b73a36b101\System.ComponentModel.DataAnnotations.ni.dll + 2011-10-16 13:38 . 2011-10-16 13:38 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e6a9cd66d11a21776dbf425e8e28099c\System.AddIn.Contract.ni.dll + 2011-10-16 13:19 . 2011-10-16 13:19 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\66873b557d5c7013e4c630361473b0c2\PresentationFontCache.ni.exe + 2011-10-16 13:18 . 2011-10-16 13:18 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5b30652a7b802199984f93b5e414260f\PresentationCFFRasterizer.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\eaa8d72317e5b8047e413939cc71ffba\Microsoft.Vsa.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a140509b1342934fc5e58ae22ac9696c\Microsoft.VisualC.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe + 2011-10-16 13:35 . 2011-10-16 13:35 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll + 2011-10-16 13:15 . 2011-10-16 13:15 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2011-07-05 14:18 . 2011-07-05 14:18 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2011-07-05 14:18 . 2011-07-05 14:18 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2011-10-16 13:15 . 2011-10-16 13:15 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2011-10-16 13:16 . 2011-10-16 13:16 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2011-07-05 14:18 . 2011-07-05 14:18 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2011-07-05 14:18 . 2011-07-05 14:18 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2011-10-16 13:15 . 2011-10-16 13:15 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2011-10-16 13:15 . 2011-10-16 13:15 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2011-07-05 14:18 . 2011-07-05 14:18 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2011-07-05 14:18 . 2011-07-05 14:18 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2011-10-16 13:15 . 2011-10-16 13:15 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2011-10-16 13:15 . 2011-10-16 13:15 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2011-07-05 14:18 . 2011-07-05 14:18 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2011-10-16 13:15 . 2011-10-16 13:15 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2011-07-05 14:18 . 2011-07-05 14:18 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2011-10-16 13:15 . 2011-10-16 13:15 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2011-07-05 14:18 . 2011-07-05 14:18 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2011-10-16 13:15 . 2011-10-16 13:15 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2011-07-05 14:18 . 2011-07-05 14:18 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2011-07-05 14:18 . 2011-07-05 14:18 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2011-10-16 13:15 . 2011-10-16 13:15 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2011-10-16 13:15 . 2011-10-16 13:15 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2011-07-05 14:18 . 2011-07-05 14:18 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2011-07-05 14:18 . 2011-07-05 14:18 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2011-10-16 13:15 . 2011-10-16 13:15 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2011-08-01 16:19 . 2009-07-13 14:49 47104 c:\windows\$NtUninstallWdf01009$\spuninst\KmdfCustom.dll + 2011-08-24 23:14 . 2010-11-03 13:12 46080 c:\windows\$NtUninstallKB2570791$\tzchange.exe + 2011-08-24 23:14 . 2011-07-09 00:32 16896 c:\windows\$NtUninstallKB2570791$\spuninst\tzchange.dll + 2011-08-09 23:05 . 2008-04-15 12:00 10112 c:\windows\$NtUninstallKB2566454$\ndistapi.sys + 2011-07-13 20:48 . 2010-12-09 14:30 33280 c:\windows\$NtUninstallKB2507938$\csrsrv.dll + 2011-09-14 09:10 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2616676\update\spcustom.dll + 2011-09-14 09:10 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2616676\spmsg.dll + 2011-09-11 01:00 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2607712\update\spcustom.dll + 2011-09-11 01:00 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2607712\spmsg.dll + 2011-09-14 09:04 . 2010-02-22 14:29 26488 c:\windows\$hf_mig$\KB2570947\update\spcustom.dll + 2011-09-14 09:04 . 2010-02-22 14:29 18808 c:\windows\$hf_mig$\KB2570947\spmsg.dll + 2011-08-09 23:08 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2570222\update\spcustom.dll + 2011-08-09 23:08 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2570222\spmsg.dll + 2011-08-09 23:09 . 2010-02-22 14:29 26488 c:\windows\$hf_mig$\KB2567680\update\spcustom.dll + 2011-08-09 23:09 . 2010-02-22 14:29 18808 c:\windows\$hf_mig$\KB2567680\spmsg.dll + 2011-08-09 23:05 . 2010-02-22 14:29 26488 c:\windows\$hf_mig$\KB2566454\update\spcustom.dll + 2011-08-09 23:05 . 2010-02-22 14:29 18808 c:\windows\$hf_mig$\KB2566454\spmsg.dll + 2011-08-09 19:14 . 2011-07-08 13:51 10496 c:\windows\$hf_mig$\KB2566454\SP3QFE\ndistapi.sys + 2011-08-09 23:05 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2562937\update\spcustom.dll + 2011-08-09 23:05 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2562937\spmsg.dll + 2011-08-09 23:06 . 2010-02-22 14:29 26488 c:\windows\$hf_mig$\KB2559049-IE8\update\spcustom.dll + 2011-08-09 23:06 . 2010-02-22 14:29 18808 c:\windows\$hf_mig$\KB2559049-IE8\spmsg.dll + 2011-08-09 19:14 . 2011-06-23 18:29 12800 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\xpshims.dll + 2011-08-09 19:14 . 2011-06-23 18:29 66560 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtmled.dll + 2011-08-09 19:14 . 2011-06-23 18:29 55296 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeedsbs.dll + 2011-08-09 19:14 . 2011-06-23 18:29 43520 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\licmgr10.dll + 2011-08-09 19:14 . 2011-06-23 18:29 25600 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\jsproxy.dll + 2011-07-13 20:45 . 2010-07-05 13:21 26488 c:\windows\$hf_mig$\KB2555917\update\spcustom.dll + 2011-07-13 20:45 . 2010-07-05 13:21 18808 c:\windows\$hf_mig$\KB2555917\spmsg.dll + 2011-08-09 23:08 . 2010-02-22 14:29 26488 c:\windows\$hf_mig$\KB2536276-v2\update\spcustom.dll + 2011-08-09 23:08 . 2010-02-22 14:29 18808 c:\windows\$hf_mig$\KB2536276-v2\spmsg.dll + 2011-07-13 20:48 . 2010-02-22 14:29 26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll + 2011-07-13 20:48 . 2010-02-22 14:29 18808 c:\windows\$hf_mig$\KB2507938\spmsg.dll + 2011-04-26 11:02 . 2011-04-26 11:02 33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll - 2011-07-05 14:18 . 2011-07-05 14:18 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2011-10-16 13:15 . 2011-10-16 13:15 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2010-11-21 11:26 . 2011-09-12 20:17 5632 c:\windows\system32\pndx5032.dll - 2010-11-21 11:26 . 2010-11-21 11:26 5632 c:\windows\system32\pndx5032.dll + 2010-11-21 11:26 . 2011-09-12 20:17 6656 c:\windows\system32\pndx5016.dll - 2010-11-21 11:26 . 2010-11-21 11:26 6656 c:\windows\system32\pndx5016.dll - 2010-04-07 11:14 . 2010-04-07 11:14 4710 c:\windows\Installer\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}\Op.exe + 2010-04-07 11:14 . 2011-09-30 14:58 4710 c:\windows\Installer\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}\Op.exe + 2011-10-16 13:15 . 2011-10-16 13:15 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2011-07-05 14:18 . 2011-07-05 14:18 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2011-07-05 14:18 . 2011-07-05 14:18 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2011-10-16 13:16 . 2011-10-16 13:16 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2011-07-05 14:18 . 2011-07-05 14:18 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2011-10-16 13:15 . 2011-10-16 13:15 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2011-07-05 14:18 . 2011-07-05 14:18 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2011-10-16 13:15 . 2011-10-16 13:15 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2011-10-16 13:15 . 2011-10-16 13:15 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2011-07-05 14:18 . 2011-07-05 14:18 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2011-10-16 13:15 . 2011-10-16 13:15 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2011-07-05 14:18 . 2011-07-05 14:18 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2011-01-30 09:37 . 2011-05-30 13:42 240640 c:\windows\system32\xvidvfw.dll + 2011-01-30 09:37 . 2011-05-23 07:46 645632 c:\windows\system32\xvidcore.dll + 2008-04-15 12:00 . 2011-06-20 17:44 293888 c:\windows\system32\winsrv.dll - 2008-04-15 12:00 . 2010-06-18 17:47 293888 c:\windows\system32\winsrv.dll + 2008-04-15 12:00 . 2011-06-23 18:31 916480 c:\windows\system32\wininet(2).dll + 2008-04-15 12:00 . 2011-08-22 23:41 105984 c:\windows\system32\url.dll - 2008-04-15 12:00 . 2009-03-08 02:34 105984 c:\windows\system32\url.dll + 2008-04-15 12:00 . 2011-06-23 18:31 105984 c:\windows\system32\url(2).dll + 2010-11-21 11:27 . 2011-09-12 20:17 198832 c:\windows\system32\rmoc3260.dll - 2010-11-21 11:26 . 2010-11-21 11:26 272896 c:\windows\system32\pncrt.dll + 2010-11-21 11:26 . 2011-09-12 20:17 272896 c:\windows\system32\pncrt.dll + 2008-04-15 12:00 . 2011-10-16 13:16 572712 c:\windows\system32\perfh013.dat + 2008-04-15 12:00 . 2011-10-16 13:16 496466 c:\windows\system32\perfh009.dat + 2008-04-15 12:00 . 2011-10-16 13:16 120352 c:\windows\system32\perfc013.dat - 2008-04-15 12:00 . 2011-04-25 16:05 206848 c:\windows\system32\occache.dll + 2008-04-15 12:00 . 2011-08-22 23:41 206848 c:\windows\system32\occache.dll - 2008-04-15 12:00 . 2011-04-25 16:05 611840 c:\windows\system32\mstime.dll + 2008-04-15 12:00 . 2011-08-22 23:41 611840 c:\windows\system32\mstime.dll - 2009-03-08 02:32 . 2011-04-25 16:05 602112 c:\windows\system32\msfeeds.dll + 2009-03-08 02:32 . 2011-08-22 23:41 602112 c:\windows\system32\msfeeds.dll + 2011-10-17 07:15 . 2011-10-17 07:15 247968 c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe + 2011-10-17 07:15 . 2011-10-17 07:15 335520 c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.dll - 2008-04-15 12:00 . 2011-04-25 16:05 184320 c:\windows\system32\iepeers.dll + 2008-04-15 12:00 . 2011-08-22 23:41 184320 c:\windows\system32\iepeers.dll - 2008-04-15 12:00 . 2011-04-25 16:05 387584 c:\windows\system32\iedkcs32.dll + 2008-04-15 12:00 . 2011-08-22 23:41 387584 c:\windows\system32\iedkcs32.dll + 2008-04-15 12:00 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe + 2010-04-04 20:13 . 2011-10-16 13:24 267008 c:\windows\system32\FNTCACHE.DAT - 2010-04-04 20:13 . 2011-04-15 06:27 267008 c:\windows\system32\FNTCACHE.DAT + 2009-07-14 08:35 . 2009-07-14 08:35 444136 c:\windows\system32\drivers\wdf01000.sys - 2010-04-04 18:33 . 2008-04-15 12:00 139656 c:\windows\system32\drivers\rdpwd.sys + 2010-04-04 18:33 . 2011-06-24 14:10 139656 c:\windows\system32\drivers\rdpwd.sys + 2008-04-15 12:00 . 2011-07-15 13:29 456320 c:\windows\system32\drivers\mrxsmb.sys - 2008-04-15 12:00 . 2011-04-29 16:19 456320 c:\windows\system32\drivers\mrxsmb.sys + 2008-04-15 12:00 . 2011-06-20 17:44 293888 c:\windows\system32\dllcache\winsrv.dll - 2008-04-15 12:00 . 2010-06-18 17:47 293888 c:\windows\system32\dllcache\winsrv.dll - 2008-04-15 12:00 . 2011-04-25 16:05 916480 c:\windows\system32\dllcache\wininet.dll + 2008-04-15 12:00 . 2011-08-22 23:41 916480 c:\windows\system32\dllcache\wininet.dll + 2008-04-15 12:00 . 2011-08-22 23:41 105984 c:\windows\system32\dllcache\url.dll - 2008-04-15 12:00 . 2009-03-08 02:34 105984 c:\windows\system32\dllcache\url.dll + 2010-04-04 18:33 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys - 2010-04-04 18:33 . 2008-04-15 12:00 139656 c:\windows\system32\dllcache\rdpwd.sys + 2008-04-15 12:00 . 2011-09-26 09:41 220160 c:\windows\system32\dllcache\oleacc.dll - 2008-04-15 12:00 . 2011-04-25 16:05 206848 c:\windows\system32\dllcache\occache.dll + 2008-04-15 12:00 . 2011-08-22 23:41 206848 c:\windows\system32\dllcache\occache.dll + 2008-04-15 12:00 . 2011-08-22 23:41 611840 c:\windows\system32\dllcache\mstime.dll - 2008-04-15 12:00 . 2011-04-25 16:05 611840 c:\windows\system32\dllcache\mstime.dll - 2010-04-04 23:36 . 2011-04-25 16:05 602112 c:\windows\system32\dllcache\msfeeds.dll + 2010-04-04 23:36 . 2011-08-22 23:41 602112 c:\windows\system32\dllcache\msfeeds.dll - 2010-04-04 20:10 . 2011-04-29 16:19 456320 c:\windows\system32\dllcache\mrxsmb.sys + 2010-04-04 20:10 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys + 2010-04-04 23:36 . 2011-08-22 23:41 247808 c:\windows\system32\dllcache\ieproxy.dll - 2010-04-04 23:36 . 2011-04-25 16:05 247808 c:\windows\system32\dllcache\ieproxy.dll - 2008-04-15 12:00 . 2011-04-25 16:05 184320 c:\windows\system32\dllcache\iepeers.dll + 2008-04-15 12:00 . 2011-08-22 23:41 184320 c:\windows\system32\dllcache\iepeers.dll + 2010-06-11 14:07 . 2011-08-22 23:41 743424 c:\windows\system32\dllcache\iedvtool.dll - 2010-06-11 14:07 . 2011-04-25 16:05 743424 c:\windows\system32\dllcache\iedvtool.dll + 2008-04-15 12:00 . 2011-08-22 23:41 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2008-04-15 12:00 . 2011-04-25 16:05 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2008-04-15 12:00 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe - 2008-04-15 12:00 . 2008-04-15 12:00 602624 c:\windows\system32\dllcache\crypt32.dll + 2008-04-15 12:00 . 2011-09-09 09:12 602624 c:\windows\system32\dllcache\crypt32.dll - 2008-04-15 12:00 . 2011-02-16 13:22 138496 c:\windows\system32\dllcache\afd.sys + 2008-04-15 12:00 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys + 2010-04-04 18:59 . 2011-07-04 11:43 199304 c:\windows\system32\aswBoot.exe - 2010-04-04 18:59 . 2011-04-18 17:25 199304 c:\windows\system32\aswBoot.exe + 2011-07-07 03:18 . 2011-07-07 03:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll - 2011-03-25 04:15 . 2011-03-25 04:15 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll - 2011-03-25 04:15 . 2011-03-25 04:15 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2011-07-07 03:18 . 2011-07-07 03:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2011-10-17 06:48 . 2011-10-17 06:48 178688 c:\windows\Installer\65a8c.msi - 2010-04-05 22:41 . 2011-07-05 14:21 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2010-04-05 22:41 . 2011-10-16 13:09 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2010-04-05 22:41 . 2011-07-05 14:21 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2010-04-05 22:41 . 2011-10-16 13:09 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2010-04-05 22:41 . 2011-10-16 13:09 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2010-04-05 22:41 . 2011-07-05 14:21 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2010-04-05 22:41 . 2011-10-16 13:09 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2010-04-05 22:41 . 2011-07-05 14:21 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2010-04-05 22:41 . 2011-10-16 13:09 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2010-04-05 22:41 . 2011-07-05 14:21 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2010-04-05 22:41 . 2011-10-16 13:09 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2010-04-05 22:41 . 2011-07-05 14:21 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2010-04-05 22:41 . 2011-07-05 14:21 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2010-04-05 22:41 . 2011-10-16 13:09 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2011-08-01 16:19 . 2011-08-01 16:19 413696 c:\windows\Installer\{75157F34-02C6-4831-BD66-3BC49E7A8394}\NewShortcut2_5B2EDCAA303A43629DACC3FFFABD0901.exe + 2011-08-01 16:19 . 2011-08-01 16:19 413696 c:\windows\Installer\{75157F34-02C6-4831-BD66-3BC49E7A8394}\NewShortcut1_9F9ABBA94B874F449DBFBD7EB1332F16.exe + 2011-08-01 16:19 . 2011-08-01 16:19 413696 c:\windows\Installer\{75157F34-02C6-4831-BD66-3BC49E7A8394}\ARPPRODUCTICON.exe + 2011-01-14 05:10 . 2011-01-14 05:10 155520 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD6.DLL + 2011-01-14 05:10 . 2011-01-14 05:10 140160 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL2.DLL + 2011-10-16 13:08 . 2011-06-23 18:31 916480 c:\windows\ie8updates\KB2586448-IE8\wininet.dll + 2011-10-16 13:08 . 2011-06-23 18:31 105984 c:\windows\ie8updates\KB2586448-IE8\url.dll + 2011-10-16 13:08 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll + 2011-10-16 13:08 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe + 2011-10-16 13:08 . 2011-06-23 18:31 206848 c:\windows\ie8updates\KB2586448-IE8\occache.dll + 2011-10-16 13:08 . 2011-06-23 18:31 611840 c:\windows\ie8updates\KB2586448-IE8\mstime.dll + 2011-10-16 13:08 . 2011-06-23 18:31 602112 c:\windows\ie8updates\KB2586448-IE8\msfeeds.dll + 2011-10-16 13:08 . 2011-06-23 18:31 247808 c:\windows\ie8updates\KB2586448-IE8\ieproxy.dll + 2011-10-16 13:08 . 2011-06-23 18:31 184320 c:\windows\ie8updates\KB2586448-IE8\iepeers.dll + 2011-10-16 13:08 . 2011-06-23 18:31 743424 c:\windows\ie8updates\KB2586448-IE8\iedvtool.dll + 2011-10-16 13:08 . 2011-06-23 18:31 387584 c:\windows\ie8updates\KB2586448-IE8\iedkcs32.dll + 2011-10-16 13:08 . 2011-06-23 12:05 173568 c:\windows\ie8updates\KB2586448-IE8\ie4uinit.exe + 2011-08-09 23:06 . 2011-04-25 16:05 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll + 2011-08-09 23:06 . 2009-03-08 02:34 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll + 2011-08-09 23:06 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll + 2011-08-09 23:06 . 2010-02-22 14:29 234872 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe + 2011-08-09 23:06 . 2011-04-25 16:05 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll + 2011-08-09 23:06 . 2011-04-25 16:05 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll + 2011-08-09 23:06 . 2011-04-25 16:05 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll + 2011-08-09 23:06 . 2011-04-25 16:05 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll + 2011-08-09 23:06 . 2011-04-25 16:05 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll + 2011-08-09 23:06 . 2011-04-25 16:05 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll + 2011-08-09 23:06 . 2011-04-25 16:05 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll + 2011-08-09 23:06 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe + 2010-04-04 20:10 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys - 2010-04-04 20:10 . 2011-04-29 16:19 456320 c:\windows\Driver Cache\i386\mrxsmb.sys + 2011-10-16 13:37 . 2011-10-16 13:37 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe + 2011-10-16 13:37 . 2011-10-16 13:37 626688 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\8d9744364ead927be159ddaca5c73b6a\WindowsLiveLocal.WriterPlugin.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f3247ee4c8974dcb21978a283ca5dd37\WindowsLive.Writer.Interop.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\de41662d8b5a65327eb32e4601b29734\WindowsLive.Writer.Interop.Mshtml.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c3eeef28ef5d1fe19442fb127106e180\WindowsLive.Writer.HtmlEditor.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bb87acb24dd38a2a35c460e960909f26\WindowsLive.Writer.Passport.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b9c42f04581b04b23db07d4d29e47a1d\WindowsLive.Writer.SpellChecker.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\71caec3c513d97567d5196a72ee57ef0\WindowsLive.Writer.BrowserControl.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6adb0eaf9a145a2ba81619e49b1c4480\WindowsLive.Writer.Extensibility.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\599239bb43737ad8063b7e9620a4c16e\WindowsLive.Writer.FileDestinations.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\49ab3a63512d9d028cc4fa800c1c3d2f\WindowsLive.Writer.Localization.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3ae7eae306c355e1efb728fac33b3965\WindowsLive.Writer.Interop.SHDocVw.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1fbb3941992cd85018b7c64a68dce3f8\WindowsLive.Writer.BlogClient.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\14ddbf463c0b9b17f98d8f048777784a\WindowsLive.Writer.Instrumentation.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0c0afa682f30eb3e75011f1c92b04129\WindowsLive.Writer.Controls.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\097baf70e23eed55818deec43d26c44a\WindowsLive.Writer.Mshtml.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\04473507f11eea12b260ab8b2707d423\WindowsLive.Writer.HtmlParser.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\a295b8cfd7c63e29f4972592e2b7ef4b\WindowsLive.Client.ni.dll + 2011-10-16 13:21 . 2011-10-16 13:21 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a2c1bb3c5b1447b398e72c56091ca571\WindowsFormsIntegration.ni.dll + 2011-10-16 13:21 . 2011-10-16 13:21 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f102afdffdbe2565bcedb7fa0626b865\UIAutomationTypes.ni.dll + 2011-10-16 13:21 . 2011-10-16 13:21 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\ba55240b7753047f8d1b03ef473bf74e\UIAutomationClient.ni.dll + 2011-10-16 13:40 . 2011-10-16 13:40 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\566b2e11e7f3f6d973b17b86cf42f9bc\System.Xml.Linq.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3533d614ebecd4344efbee619dd11a74\System.Web.Routing.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d93514a764a83b18f6f3547b59cc8ae9\System.Web.Extensions.Design.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\93b5d1b77a74b76ac73cbf51ec871c01\System.Web.Entity.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d06a7d5872bbe85795f947f6c75d38c6\System.Web.Entity.Design.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ad0851438a18bf730d974c9b2f5f776a\System.Web.DynamicData.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\36bf3d5f05a40c9e3cadca5789c8a469\System.Runtime.Remoting.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\b2a84980f206431821d85d5155d5916f\System.Net.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\f36eded354122da9555a6c7cdbdb5431\System.Management.Instrumentation.ni.dll + 2011-10-16 13:35 . 2011-10-16 13:35 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll + 2011-10-16 13:35 . 2011-10-16 13:35 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll + 2011-10-16 13:37 . 2011-10-16 13:37 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll + 2011-10-16 13:20 . 2011-10-16 13:20 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca06e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\11cdd1c0d65428cd3505d3813d36638c\System.DirectoryServices.AccountManagement.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e5ada332a9bc3c982e6aede6ba354196\System.Data.Services.Client.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3f179f373f31817a914b639a56cc0497\System.Data.Services.Design.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\fee1a48b769a8c4beb335ee5ce006091\System.Data.Entity.Design.ni.dll + 2011-10-16 13:38 . 2011-10-16 13:38 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\b9d9ff5d03e90ede1116794f2c7dd6da\System.Data.DataSetExtensions.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll + 2011-10-16 13:38 . 2011-10-16 13:38 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\3048737e9e3bf5173121a084337256bc\System.AddIn.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe + 2011-10-16 13:37 . 2011-10-16 13:37 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe + 2011-10-16 13:19 . 2011-10-16 13:19 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c2ebcc8d60422f224b4088f3d7a2ac1f\PresentationFramework.Luna.ni.dll + 2011-10-16 13:19 . 2011-10-16 13:19 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94cfc00ad448575bfb0e67c53b514cd5\PresentationFramework.Aero.ni.dll + 2011-10-16 13:19 . 2011-10-16 13:19 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\478d57d96f3d8d5fc15c7ac635a4a6a1\PresentationFramework.Classic.ni.dll + 2011-10-16 13:19 . 2011-10-16 13:19 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\23c5852ff8ed973ff9b63ce9ba7f91f0\PresentationFramework.Royale.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe + 2011-10-16 13:37 . 2011-10-16 13:37 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\47ff0720cb80a0fc0bbd15ddc3d12adc\Microsoft.Build.Utilities.v3.5.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\dc278e1123086ae32fec8f7e9751db14\Microsoft.Build.Conversion.v3.5.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe + 2011-10-16 13:35 . 2011-10-16 13:35 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll - 2011-07-05 14:18 . 2011-07-05 14:18 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2011-10-16 13:15 . 2011-10-16 13:15 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2011-10-16 13:15 . 2011-10-16 13:15 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2011-07-05 14:18 . 2011-07-05 14:18 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2011-10-16 13:15 . 2011-10-16 13:15 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2011-07-05 14:18 . 2011-07-05 14:18 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2011-10-16 13:15 . 2011-10-16 13:15 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2011-07-05 14:18 . 2011-07-05 14:18 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2011-10-16 13:15 . 2011-10-16 13:15 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2011-07-05 14:18 . 2011-07-05 14:18 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2011-07-05 14:18 . 2011-07-05 14:18 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2011-10-16 13:15 . 2011-10-16 13:15 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2011-10-16 13:15 . 2011-10-16 13:15 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2011-07-05 14:18 . 2011-07-05 14:18 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2011-10-16 13:15 . 2011-10-16 13:15 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2011-07-05 14:18 . 2011-07-05 14:18 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2011-07-05 14:18 . 2011-07-05 14:18 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2011-10-16 13:15 . 2011-10-16 13:15 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2011-07-05 14:18 . 2011-07-05 14:18 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2011-10-16 13:15 . 2011-10-16 13:15 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2011-10-16 13:15 . 2011-10-16 13:15 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2011-07-05 14:18 . 2011-07-05 14:18 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2011-07-05 14:19 . 2011-07-05 14:19 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2011-10-16 13:16 . 2011-10-16 13:16 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2011-10-16 13:16 . 2011-10-16 13:16 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2011-07-05 14:19 . 2011-07-05 14:19 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2011-07-05 14:19 . 2011-07-05 14:19 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2011-10-16 13:16 . 2011-10-16 13:16 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2011-07-05 14:18 . 2011-07-05 14:18 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2011-10-16 13:16 . 2011-10-16 13:16 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2011-10-16 13:15 . 2011-10-16 13:15 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2011-07-05 14:18 . 2011-07-05 14:18 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2011-10-16 13:15 . 2011-10-16 13:15 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2011-07-05 14:18 . 2011-07-05 14:18 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2011-10-16 13:15 . 2011-10-16 13:15 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2011-07-05 14:18 . 2011-07-05 14:18 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2011-10-16 13:15 . 2011-10-16 13:15 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2011-07-05 14:18 . 2011-07-05 14:18 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2011-07-05 14:18 . 2011-07-05 14:18 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2011-10-16 13:15 . 2011-10-16 13:15 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2011-10-16 13:15 . 2011-10-16 13:15 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2011-07-05 14:18 . 2011-07-05 14:18 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2011-10-16 13:15 . 2011-10-16 13:15 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2011-07-05 14:18 . 2011-07-05 14:18 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2011-10-16 13:15 . 2011-10-16 13:15 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2011-07-05 14:18 . 2011-07-05 14:18 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2011-07-05 14:18 . 2011-07-05 14:18 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2011-10-16 13:15 . 2011-10-16 13:15 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2011-07-05 14:18 . 2011-07-05 14:18 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2011-10-16 13:15 . 2011-10-16 13:15 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2011-07-05 14:19 . 2011-07-05 14:19 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2011-10-16 13:16 . 2011-10-16 13:16 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2011-08-01 16:19 . 2008-11-07 16:55 382496 c:\windows\$NtUninstallWdf01009$\spuninst\updspapi.dll + 2011-08-01 16:19 . 2008-11-07 16:55 231456 c:\windows\$NtUninstallWdf01009$\spuninst\spuninst.exe + 2011-09-14 09:10 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2616676$\spuninst\updspapi.dll + 2011-09-14 09:10 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2616676$\spuninst\spuninst.exe + 2011-09-14 09:10 . 2011-09-03 10:17 602624 c:\windows\$NtUninstallKB2616676$\crypt32.dll + 2011-09-11 01:00 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2607712$\spuninst\updspapi.dll + 2011-09-11 01:00 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2607712$\spuninst\spuninst.exe + 2011-09-11 01:00 . 2008-04-15 12:00 602624 c:\windows\$NtUninstallKB2607712$\crypt32.dll + 2011-09-14 09:04 . 2010-02-22 14:29 401272 c:\windows\$NtUninstallKB2570947$\spuninst\updspapi.dll + 2011-09-14 09:04 . 2010-02-22 14:29 234872 c:\windows\$NtUninstallKB2570947$\spuninst\spuninst.exe + 2011-08-24 23:14 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2570791$\spuninst\updspapi.dll + 2011-08-24 23:14 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2570791$\spuninst\spuninst.exe + 2011-08-09 23:08 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2570222$\spuninst\updspapi.dll + 2011-08-09 23:08 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2570222$\spuninst\spuninst.exe + 2011-08-09 23:08 . 2008-04-15 12:00 139656 c:\windows\$NtUninstallKB2570222$\rdpwd.sys + 2011-08-09 23:09 . 2011-04-26 11:07 293888 c:\windows\$NtUninstallKB2567680$\winsrv.dll + 2011-08-09 23:09 . 2010-02-22 14:29 401272 c:\windows\$NtUninstallKB2567680$\spuninst\updspapi.dll + 2011-08-09 23:09 . 2010-02-22 14:29 234872 c:\windows\$NtUninstallKB2567680$\spuninst\spuninst.exe + 2011-08-09 23:05 . 2010-02-22 14:29 401272 c:\windows\$NtUninstallKB2566454$\spuninst\updspapi.dll + 2011-08-09 23:05 . 2010-02-22 14:29 234872 c:\windows\$NtUninstallKB2566454$\spuninst\spuninst.exe + 2011-08-09 23:05 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2562937$\spuninst\updspapi.dll + 2011-08-09 23:05 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2562937$\spuninst\spuninst.exe + 2011-07-13 20:45 . 2010-07-05 13:21 401272 c:\windows\$NtUninstallKB2555917$\spuninst\updspapi.dll + 2011-07-13 20:45 . 2010-07-05 13:21 234872 c:\windows\$NtUninstallKB2555917$\spuninst\spuninst.exe + 2011-08-09 23:08 . 2010-02-22 14:29 401272 c:\windows\$NtUninstallKB2536276-v2$\spuninst\updspapi.dll + 2011-08-09 23:08 . 2010-02-22 14:29 234872 c:\windows\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe + 2011-08-09 23:08 . 2011-04-29 16:19 456320 c:\windows\$NtUninstallKB2536276-v2$\mrxsmb.sys + 2011-07-13 20:48 . 2010-06-18 17:47 293888 c:\windows\$NtUninstallKB2507938$\winsrv.dll + 2011-07-13 20:48 . 2010-02-22 14:29 401272 c:\windows\$NtUninstallKB2507938$\spuninst\updspapi.dll + 2011-07-13 20:48 . 2010-02-22 14:29 234872 c:\windows\$NtUninstallKB2507938$\spuninst\spuninst.exe + 2011-09-14 09:10 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2616676\update\updspapi.dll + 2011-09-14 09:10 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2616676\update\update.exe + 2011-09-14 09:10 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2616676\spuninst.exe + 2011-09-09 09:11 . 2011-09-09 09:11 603136 c:\windows\$hf_mig$\KB2616676\SP3QFE\crypt32.dll + 2011-09-11 01:00 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2607712\update\updspapi.dll + 2011-09-11 01:00 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2607712\update\update.exe + 2011-09-11 01:00 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2607712\spuninst.exe + 2011-09-03 10:16 . 2011-09-03 10:16 603136 c:\windows\$hf_mig$\KB2607712\SP3QFE\crypt32.dll + 2011-09-14 09:04 . 2010-02-22 14:29 401272 c:\windows\$hf_mig$\KB2570947\update\updspapi.dll + 2011-09-14 09:04 . 2010-02-22 14:29 765304 c:\windows\$hf_mig$\KB2570947\update\update.exe + 2011-09-14 09:04 . 2010-02-22 14:29 234872 c:\windows\$hf_mig$\KB2570947\spuninst.exe + 2011-08-09 23:08 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2570222\update\updspapi.dll + 2011-08-09 23:08 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2570222\update\update.exe + 2011-08-09 23:08 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2570222\spuninst.exe + 2011-08-09 19:14 . 2011-06-24 14:09 139656 c:\windows\$hf_mig$\KB2570222\SP3QFE\rdpwd.sys + 2011-08-09 23:09 . 2010-02-22 14:29 401272 c:\windows\$hf_mig$\KB2567680\update\updspapi.dll + 2011-08-09 23:09 . 2010-02-22 14:29 765304 c:\windows\$hf_mig$\KB2567680\update\update.exe + 2011-08-09 23:09 . 2010-02-22 14:29 234872 c:\windows\$hf_mig$\KB2567680\spuninst.exe + 2011-06-20 17:43 . 2011-06-20 17:43 293888 c:\windows\$hf_mig$\KB2567680\SP3QFE\winsrv.dll + 2011-08-09 23:05 . 2010-02-22 14:29 401272 c:\windows\$hf_mig$\KB2566454\update\updspapi.dll + 2011-08-09 23:05 . 2010-02-22 14:29 765304 c:\windows\$hf_mig$\KB2566454\update\update.exe + 2011-08-09 23:05 . 2010-02-22 14:29 234872 c:\windows\$hf_mig$\KB2566454\spuninst.exe + 2011-08-09 23:05 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2562937\update\updspapi.dll + 2011-08-09 23:05 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2562937\update\update.exe + 2011-08-09 23:05 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2562937\spuninst.exe + 2011-08-09 23:06 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2559049-IE8\update\updspapi.dll + 2011-08-09 23:06 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2559049-IE8\update\update.exe + 2011-08-09 23:06 . 2010-02-22 14:29 234872 c:\windows\$hf_mig$\KB2559049-IE8\spuninst.exe + 2011-08-09 19:14 . 2011-06-23 18:29 919552 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll + 2011-08-09 19:14 . 2011-06-23 18:29 105984 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\url.dll + 2011-08-09 19:14 . 2011-06-23 18:29 206848 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\occache.dll + 2011-08-09 19:14 . 2011-06-23 18:29 611840 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mstime.dll + 2011-08-09 19:14 . 2011-06-23 18:29 602112 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeeds.dll + 2011-08-09 19:14 . 2011-06-23 18:29 247808 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieproxy.dll + 2011-08-09 19:14 . 2011-06-23 18:29 184320 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iepeers.dll + 2011-08-09 19:14 . 2011-06-23 18:29 743424 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedvtool.dll + 2011-08-09 19:14 . 2011-06-23 18:29 387584 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedkcs32.dll + 2011-08-09 19:14 . 2011-06-23 12:19 173568 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ie4uinit.exe + 2011-07-13 20:45 . 2010-07-05 13:21 401272 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll + 2011-07-13 20:45 . 2010-07-05 13:21 765304 c:\windows\$hf_mig$\KB2555917\update\update.exe + 2011-07-13 20:45 . 2010-07-05 13:21 234872 c:\windows\$hf_mig$\KB2555917\spuninst.exe + 2011-08-09 23:08 . 2010-02-22 14:29 401272 c:\windows\$hf_mig$\KB2536276-v2\update\updspapi.dll + 2011-08-09 23:08 . 2010-02-22 14:29 765304 c:\windows\$hf_mig$\KB2536276-v2\update\update.exe + 2011-08-09 23:08 . 2010-02-22 14:29 234872 c:\windows\$hf_mig$\KB2536276-v2\spuninst.exe + 2011-08-09 19:14 . 2011-07-15 13:29 457856 c:\windows\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys + 2011-07-13 20:48 . 2010-02-22 14:29 401272 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll + 2011-07-13 20:48 . 2010-02-22 14:29 765304 c:\windows\$hf_mig$\KB2507938\update\update.exe + 2011-07-13 20:48 . 2010-02-22 14:29 234872 c:\windows\$hf_mig$\KB2507938\spuninst.exe + 2011-04-26 11:02 . 2011-04-26 11:02 293888 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll + 2011-02-16 16:56 . 2011-02-16 16:56 1461992 c:\windows\system32\WdfCoInstaller01009.dll + 2008-04-15 12:00 . 2011-08-22 23:41 1212416 c:\windows\system32\urlmon.dll + 2008-04-15 12:00 . 2011-06-23 18:31 1212416 c:\windows\system32\urlmon(2).dll + 2010-04-07 11:00 . 2011-10-16 12:43 4430192 c:\windows\system32\Restore\rstrlog.dat + 2008-04-15 12:00 . 2011-10-03 08:31 5971456 c:\windows\system32\mshtml.dll + 2009-03-08 02:32 . 2011-08-22 23:41 2000384 c:\windows\system32\iertutil.dll + 2011-04-13 22:40 . 2011-04-13 22:40 4284416 c:\windows\system32\GPhotos.scr + 2008-04-15 12:00 . 2011-09-06 14:09 1859072 c:\windows\system32\dllcache\win32k.sys + 2008-04-15 12:00 . 2011-08-22 23:41 1212416 c:\windows\system32\dllcache\urlmon.dll + 2008-04-15 12:00 . 2011-10-03 08:31 5971456 c:\windows\system32\dllcache\mshtml.dll + 2010-04-04 23:36 . 2011-08-22 23:41 2000384 c:\windows\system32\dllcache\iertutil.dll + 2011-03-09 13:01 . 2011-03-09 13:01 1921440 c:\windows\system32\20-20 Technologies\3D Viewer\v5.0.7.0\2020Player_IKEA_5_0_7_0.dll + 2011-04-28 19:50 . 2011-04-28 19:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll - 2011-01-18 02:39 . 2011-01-18 02:39 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll - 2011-03-25 04:15 . 2011-03-25 04:15 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2011-07-07 03:18 . 2011-07-07 03:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - 2011-03-25 04:15 . 2011-03-25 04:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2011-07-07 03:18 . 2011-07-07 03:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2011-09-21 14:18 . 2011-09-21 14:18 4985856 c:\windows\Installer\5ff98.msp + 2011-09-07 23:36 . 2011-09-07 23:36 6069248 c:\windows\Installer\44567.msp + 2011-08-10 15:43 . 2011-08-10 15:43 3795968 c:\windows\Installer\3b794c.msp + 2011-09-06 19:46 . 2011-09-06 19:46 9006080 c:\windows\Installer\3b7936.msp + 2011-06-21 09:59 . 2011-06-21 09:59 1764352 c:\windows\Installer\3b7920.msp + 2011-08-24 04:37 . 2011-08-24 04:37 4985856 c:\windows\Installer\3b7909.msp + 2011-08-10 15:42 . 2011-08-10 15:42 7070208 c:\windows\Installer\3b78f3.msp + 2011-07-21 10:34 . 2011-07-21 10:34 3456000 c:\windows\Installer\3b78de.msp + 2011-09-06 19:48 . 2011-09-06 19:48 8181248 c:\windows\Installer\3b78d3.msp + 2011-07-27 05:39 . 2011-07-27 05:39 9892352 c:\windows\Installer\3b78a0.msp + 2011-06-21 10:01 . 2011-06-21 10:01 4991488 c:\windows\Installer\2ecafd5.msp + 2011-09-21 14:18 . 2011-09-21 14:18 4985856 c:\windows\Installer\2c75bad.msp + 2011-08-18 21:35 . 2011-08-18 21:35 1066496 c:\windows\Installer\296154b.msi + 2011-09-21 07:54 . 2011-09-21 07:54 9474048 c:\windows\Installer\195993.msi + 2011-09-21 07:45 . 2011-09-21 07:45 1485312 c:\windows\Installer\1956b4.msi + 2011-09-21 07:43 . 2011-09-21 07:43 1769984 c:\windows\Installer\19558a.msi + 2011-09-21 07:42 . 2011-09-21 07:42 1710592 c:\windows\Installer\195558.msi + 2011-05-01 22:06 . 2011-05-01 22:06 2705920 c:\windows\Installer\13dc0d5.msp + 2011-07-27 05:42 . 2011-07-27 05:42 4985856 c:\windows\Installer\13dc0ce.msp + 2011-07-12 18:49 . 2011-07-12 18:49 1094656 c:\windows\Installer\13a00f.msi + 2010-04-05 22:41 . 2011-10-16 13:09 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - 2010-04-05 22:41 . 2011-07-05 14:21 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2010-04-05 22:41 . 2011-10-16 13:09 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2010-04-05 22:41 . 2011-07-05 14:21 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2011-01-14 05:10 . 2011-01-14 05:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD.DLL + 2011-01-14 05:10 . 2011-01-14 05:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKPOWERPOINT.DLL + 2011-01-14 05:10 . 2011-01-14 05:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL.DLL + 2009-04-03 16:21 . 2009-04-03 16:21 8543096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OARTCONV.DLL + 2011-10-16 13:08 . 2011-06-23 18:31 1212416 c:\windows\ie8updates\KB2586448-IE8\urlmon.dll + 2011-10-16 13:08 . 2011-07-25 15:09 5969920 c:\windows\ie8updates\KB2586448-IE8\mshtml.dll + 2011-10-16 13:08 . 2011-06-23 18:31 1991680 c:\windows\ie8updates\KB2586448-IE8\iertutil.dll + 2011-08-09 23:06 . 2011-04-25 16:05 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll + 2011-08-09 23:06 . 2011-05-30 22:12 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll + 2011-08-09 23:06 . 2011-04-25 16:05 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll + 2011-10-16 13:36 . 2011-10-16 13:36 2018816 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dec788a098576594112a08bb0bf21d95\WindowsLive.Writer.CoreServices.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6ea9639305271fc22aa925a7356d7db6\WindowsLive.Writer.ApplicationFramework.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3203e91891cafbbb289bcde65e6a8389\WindowsLive.Writer.PostEditor.ni.dll + 2011-10-16 13:18 . 2011-10-16 13:18 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll + 2011-10-16 13:21 . 2011-10-16 13:21 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\55d4813580b1e5d268ff0564942cee9c\UIAutomationClientsideProviders.ni.dll + 2011-10-16 13:18 . 2011-10-16 13:18 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll + 2011-10-16 13:21 . 2011-10-16 13:21 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll + 2011-10-16 13:40 . 2011-10-16 13:40 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\17902fdb0e0d3bc8b49bce693415fe7e\System.WorkflowServices.ni.dll + 2011-10-16 13:40 . 2011-10-16 13:40 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\f72c5f649951b0403e62bfab6c453e6f\System.Workflow.Runtime.ni.dll + 2011-10-16 13:40 . 2011-10-16 13:40 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0aa4f4174204c93cc5181df4a6b2fb09\System.Workflow.ComponentModel.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\921629dc69a5a895101097c88ae67897\System.Workflow.Activities.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ccaf6bdd256a9b5079fedadcc8993327\System.Web.Extensions.ni.dll + 2011-10-16 13:20 . 2011-10-16 13:20 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\10d7daa3d1e62a0e40587cdc707be93f\System.Speech.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9ec7da53380a754b4ad97709df0dd7e7\System.ServiceModel.Web.ni.dll + 2011-10-16 13:35 . 2011-10-16 13:35 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll + 2011-10-16 13:20 . 2011-10-16 13:20 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\0f8e14bfdb27645fb1a92ce26f9bf521\System.Printing.ni.dll + 2011-10-16 13:35 . 2011-10-16 13:35 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll + 2011-10-16 13:20 . 2011-10-16 13:20 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll + 2011-10-16 13:20 . 2011-10-16 13:20 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\541142d8742e6e88f1e729fafee04e71\System.Data.Services.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\5d5aa4b926ae422607ea833d934665c2\System.Data.OracleClient.ni.dll + 2011-10-16 13:20 . 2011-10-16 13:20 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\d96a94076acb8e0c5a96a1b2de4b3a7a\System.Data.Linq.ni.dll + 2011-10-16 13:38 . 2011-10-16 13:38 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\a3ce22c2a84fdcb008d72d230ee0b2c0\System.Data.Entity.ni.dll + 2011-10-16 13:20 . 2011-10-16 13:20 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll + 2011-10-16 13:20 . 2011-10-16 13:20 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\714e9504255565bd9076fe13628e104a\ReachFramework.ni.dll + 2011-10-16 13:19 . 2011-10-16 13:19 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7dc6ee14234b0686182ced75f7dae990\PresentationUI.ni.dll + 2011-10-16 13:18 . 2011-10-16 13:18 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b42ad515bb20ec1f1250c040371c6730\PresentationBuildTasks.ni.dll + 2011-10-16 13:38 . 2011-10-16 13:38 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll + 2011-10-16 13:39 . 2011-10-16 13:39 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\8ad32b72258899177c07dc5912b5b748\Microsoft.JScript.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\415cef6abab5bb959f200f6c537bc289\Microsoft.Build.Tasks.v3.5.ni.dll + 2011-10-16 13:37 . 2011-10-16 13:37 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll + 2011-10-16 13:16 . 2011-10-16 13:16 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2011-07-05 14:19 . 2011-07-05 14:19 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2011-10-16 13:16 . 2011-10-16 13:16 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2011-07-05 14:18 . 2011-07-05 14:18 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2011-07-05 14:18 . 2011-07-05 14:18 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2011-10-16 13:15 . 2011-10-16 13:15 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2011-07-05 14:18 . 2011-07-05 14:18 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2011-10-16 13:15 . 2011-10-16 13:15 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2011-10-16 13:15 . 2011-10-16 13:15 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2011-07-05 14:18 . 2011-07-05 14:18 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2011-07-05 14:19 . 2011-07-05 14:19 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2011-10-16 13:16 . 2011-10-16 13:16 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2011-07-05 14:18 . 2011-07-05 14:18 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2011-10-16 13:16 . 2011-10-16 13:16 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2011-07-13 20:45 . 2011-03-03 13:53 1858048 c:\windows\$NtUninstallKB2555917$\win32k.sys + 2011-08-09 19:14 . 2011-06-23 18:29 1214464 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\urlmon.dll + 2011-08-09 19:14 . 2011-07-25 15:07 5971456 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll + 2011-08-09 19:14 . 2011-06-23 18:29 1992192 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iertutil.dll + 2011-06-06 11:36 . 2011-06-06 11:36 1868032 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys + 2010-04-04 23:36 . 2011-10-16 13:10 48324552 c:\windows\system32\MRT.exe - 2009-03-08 02:39 . 2011-04-26 08:05 11081728 c:\windows\system32\ieframe.dll + 2009-03-08 02:39 . 2011-08-23 15:41 11081728 c:\windows\system32\ieframe.dll + 2010-02-25 09:50 . 2011-08-23 15:41 11081728 c:\windows\system32\dllcache\ieframe.dll - 2010-02-25 09:50 . 2011-04-26 08:05 11081728 c:\windows\system32\dllcache\ieframe.dll + 2011-08-01 16:19 . 2011-08-01 16:19 21989888 c:\windows\Installer\9749c.msi + 2011-10-16 13:17 . 2011-10-16 13:17 20333568 c:\windows\Installer\5ffad.msp + 2011-07-11 18:43 . 2011-07-11 18:43 11641344 c:\windows\Installer\5ffa2.msp + 2011-07-27 05:37 . 2011-07-27 05:37 11592192 c:\windows\Installer\3b78bd.msp + 2011-10-12 20:41 . 2011-10-12 20:41 20333568 c:\windows\Installer\2c75bc2.msp + 2011-07-11 18:43 . 2011-07-11 18:43 11641344 c:\windows\Installer\2c75bb7.msp + 2009-04-03 16:21 . 2009-04-03 16:21 16037736 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OART.DLL + 2011-10-16 13:08 . 2011-06-23 18:31 11081728 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll + 2011-08-09 23:06 . 2011-04-26 08:05 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll + 2011-10-16 13:21 . 2011-10-16 13:21 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll + 2011-10-16 13:36 . 2011-10-16 13:36 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll + 2011-10-16 13:20 . 2011-10-16 13:20 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b7e3e46b32176f76558\System.Design.ni.dll + 2011-10-16 13:19 . 2011-10-16 13:19 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll + 2011-10-16 13:19 . 2011-10-16 13:19 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll + 2011-10-16 13:17 . 2011-10-16 13:17 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll + 2011-06-24 22:59 . 2011-06-24 22:59 11083776 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieframe.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-04-18 17:25 122512 ------w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-22 39408] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MakeMarkerFile"="c:\windows\system32\Drivers\Marker.exe" [2006-12-22 24576] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536] "RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-02-16 87336] "PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2008-10-13 50472] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "Custom Skin Clock"="c:\program files\Custom Skin Clock\Clock.exe" [2008-01-30 712704] "iTunesHelper"="c:\documents and settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe" [2011-04-26 421160] "avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-04-18 3460784] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-09-12 273528] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . c:\documents and settings\Müjde Oruç\Menu Start\Programma's\Opstarten\ LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-30 503808] . c:\documents and settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\ Sitecom 150N USB Wireless LAN Utility.lnk - c:\program files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe [2010-11-1 966656] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\StubInstaller.exe"= "c:\\Documents and Settings\\Müjde Oruç\\Mijn documenten\\Voip wise\\voipwise.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\BitTornado\\btdownloadgui.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\SITECOM\\150N USB Wireless LAN Utility\\RtWLan.exe"= "c:\\Documents and Settings\\All Users\\Documenten\\Mijn muziek\\iTunes.exe"= "c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1542:TCP"= 1542:TCP:Realtek WPS TCP Prot "1542:UDP"= 1542:UDP:Realtek WPS UDP Prot "53:UDP"= 53:UDP:Realtek AP UDP Prot . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [31-8-2010 16:06 64288] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8192su.sys [1-11-2010 16:19 594048] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [20-3-2011 12:54 441176] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4-4-2010 20:59 307288] S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4-4-2010 20:59 19544] S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [15-6-2011 17:33 249648] S2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [4-4-2010 20:54 4300] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1-2-2010 22:51 135664] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12-8-2010 14:15 2151128] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24-8-2010 11:38 92008] S3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [7-7-2011 19:31 195336] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1-2-2010 22:51 135664] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [12-8-2010 14:15 15232] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [4-4-2010 21:59 47360] . Inhoud van de 'Gedeelde Taken' map . 2011-10-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 09:11] . 2011-10-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57] . 2011-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 20:51] . 2011-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 20:51] . 2011-10-17 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-2049760794-1177238915-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-08-11 13:22] . 2011-10-17 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-2049760794-1177238915-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-08-11 13:22] . 2011-10-17 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2011-02-01 17:17] . 2011-10-17 c:\windows\Tasks\User_Feed_Synchronization-{C1F6B7C2-88D9-42AF-B5D1-22C5CFE273CA}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mStart Page = hxxp://home.sweetim.com uInternet Settings,ProxyOverride = local;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{D2F11D8B-3EB5-4B42-9511-370DBEC707FB} - (no file) WebBrowser-{65CA59EE-9920-4D7F-8C41-BFA12403261A} - (no file) AddRemove-conduitEngine - c:\program files\ConduitEngine\ConduitEngineUninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-10-19 14:31 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(612) c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2011-10-19 14:34:06 ComboFix-quarantined-files.txt 2011-10-19 12:33 ComboFix2.txt 2011-07-05 19:15 . Pre-Run: 82.921.619.456 bytes beschikbaar Post-Run: 85.372.895.232 bytes beschikbaar . - - End Of File - - 6B93052BA256656E78992218A327B8BD
-
Hoi, Ik heb combofix al op pc. En kan ik dit gewoon in veilige modus uitvoeren?
-
Hoi, hierbij het nieuwe logje. Ik moet er wel bij zeggen dat het weer niet gelukt is om op te starten via administrator. Ik heb gezocht naar het mapje in program files maar die was er niet. heb toen gezocht via start zoeken. en hij vond een mapje maar ook daar kon ik niet uitvoeren als administrator. dus heb ik het normaal uitgevoerd, en toen logje opgeslagen op usb, nu op forum gezet met mijn laptop. Ik heb ook nogmaals geprobeerd om "normaal" op te starten maar dat lukte weer niet want hij liep weer vast. en nog iets ik kan in veilige modus geen gebruik maken van internet is dit normaal? ook niet als ik veilige modus met netwerk.... kies. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:48:27, on 19-10-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [MakeMarkerFile] C:\WINDOWS\system32\Drivers\Marker.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Custom Skin Clock] C:\Program Files\Custom Skin Clock\Clock.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Müjde Oruç\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Sitecom 150N USB Wireless LAN Utility.lnk = C:\Program Files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 10190 bytes
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:17:21, on 17-10-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Custom Skin Clock\Clock.exe C:\Documents and Settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Documents and Settings\Müjde Oruç\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file) O2 - BHO: (no name) - {d2f11d8b-3eb5-4b42-9511-370dbec707fb} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [MakeMarkerFile] C:\WINDOWS\system32\Drivers\Marker.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Custom Skin Clock] C:\Program Files\Custom Skin Clock\Clock.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Müjde Oruç\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Sitecom 150N USB Wireless LAN Utility.lnk = C:\Program Files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Blaze Media Pro\NMSAccess32.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 12039 bytes ---------- Post toegevoegd om 17:19 ---------- Vorige post was om 17:18 ---------- hier laat ie ook zien dat ze verwijderd zijn, maar zodra ik opnieuw opstart en nog een keer de scan doet zijn ze er weer. en ik kan nog steeds niet normaal opstarten, dus eerst via veilige modus en dan opnieuw opstarten. En hij loopt na een tijdje weer vanzelf vast.
-
hoi kweezie, ik heb hjt uitgevoerd in veilige modus, en gechecked en ze waren vewijderd. en toen weer gechecked toen ik normaal had opgestart, en stonden ze er weer. en toen nog een keer gechecked en verwijderd, opnieuw opgestart en waren ze er weer. En ik kan niet uitvoeren als aministrator als ik op rechtermuisknop druk er staat alleen openen. dus wat kan ik het beste doen? ---------- Post toegevoegd om 12:21 ---------- Vorige post was om 12:16 ---------- deze heb ik nu weer gedaan, aangevinkt, fix checked, main menu, scan only en toen dit logje opgeslagen. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:20:20, on 17-10-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Custom Skin Clock\Clock.exe C:\Documents and Settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [MakeMarkerFile] C:\WINDOWS\system32\Drivers\Marker.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Custom Skin Clock] C:\Program Files\Custom Skin Clock\Clock.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Müjde Oruç\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Sitecom 150N USB Wireless LAN Utility.lnk = C:\Program Files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Blaze Media Pro\NMSAccess32.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 11756 bytes ---------- Post toegevoegd om 12:22 ---------- Vorige post was om 12:21 ---------- deze heb ik nu weer gedaan, aangevinkt, fix checked, main menu, scan only en toen dit logje opgeslagen. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:20:20, on 17-10-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Custom Skin Clock\Clock.exe C:\Documents and Settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [MakeMarkerFile] C:\WINDOWS\system32\Drivers\Marker.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Custom Skin Clock] C:\Program Files\Custom Skin Clock\Clock.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Müjde Oruç\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Sitecom 150N USB Wireless LAN Utility.lnk = C:\Program Files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Blaze Media Pro\NMSAccess32.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 11756 bytes
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:43:57, on 17-10-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Custom Skin Clock\Clock.exe C:\Documents and Settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Documents and Settings\Müjde Oruç\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Alwil Software\Avast5\setup\avast.setup R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {258C9770-1713-4021-8D7E-1F184A2BD754} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) O2 - BHO: (no name) - {326E768D-4182-46FD-9C16-1449A49795F4} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - (no file) O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: (no name) - {d2f11d8b-3eb5-4b42-9511-370dbec707fb} - (no file) O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [MakeMarkerFile] C:\WINDOWS\system32\Drivers\Marker.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Custom Skin Clock] C:\Program Files\Custom Skin Clock\Clock.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Müjde Oruç\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Sitecom 150N USB Wireless LAN Utility.lnk = C:\Program Files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Blaze Media Pro\NMSAccess32.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 13210 bytes Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 5075 Windows 5.1.2600 Service Pack 3 (Safe Mode) Internet Explorer 8.0.6001.18702 17-10-2011 8:39:11 mbam-log-2011-10-17 (08-39-11).txt Scantype: Snelle scan Objecten gescand: 199120 Verstreken tijd: 22 minuut/minuten, 20 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 31 Registerwaarden geïnfecteerd: 2 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 6 Bestanden geïnfecteerd: 7 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\shoppingreport2.hbax (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport2.hbax.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport2.hbinfoband (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport2.hbinfoband.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport2.iebutton (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport2.iebutton.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport2.iebuttona (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport2.iebuttona.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport2.rprtctrl (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\shoppingreport2.rprtctrl.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{030c9927-10fc-4169-97a2-55becd5d88d8} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{0eb3f101-224a-4b2b-9e5b-df720857529c} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{a1f1ecd3-4806-44c6-a869-f0dadf11c57c} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3e2dfd6a-4e20-4d4c-aa8b-e1f9dbef3c80} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{714e0876-fcee-49ce-a429-b9ad8aefcb56} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bdea95cf-f0e6-41e0-bd3d-b00f39a4e939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{dd15bcc0-5fe9-4690-a957-99fa60ed9d26} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{b035ba6b-57cd-4f72-b545-65be465fcaf6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{d44fd6f0-9746-484e-b5c4-c66688393872} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{f244a744-534d-4a46-855f-c0c7e9f27daa} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{bdea95cf-f0e6-41e0-bd3d-b00f39a4e939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{258c9770-1713-4021-8d7e-1f184a2bd754} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{258c9770-1713-4021-8d7e-1f184a2bd754} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bdea95cf-f0e6-41e0-bd3d-b00f39a4e939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{db38e21a-0133-419d-92ad-ecdfd5244d6d} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb620c54-e229-4942-87ce-e717109fc8c6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{db38e21a-0133-419d-92ad-ecdfd5244d6d} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{eb620c54-e229-4942-87ce-e717109fc8c6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{db38e21a-0133-419d-92ad-ecdfd5244d6d} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{eb620c54-e229-4942-87ce-e717109fc8c6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully. Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\db (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\dwld (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\report (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\res1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\Config.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\db\Aliases.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\db\Sites.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\dwld\WhiteList.xip (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\report\aggr_storage.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\report\send_storage.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully. C:\Documents and Settings\Müjde Oruç\Application Data\ShoppingReport2\cs\res1\WhiteList.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
-
Hallo allemaal, Ik heb et logje al een paar uur eerder geplaatst. Kan iemand mij aub helpen?? Alvast bedankt.
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:58:27, on 16-10-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: ShoppingReport2 - {258C9770-1713-4021-8D7E-1F184A2BD754} - C:\Program Files\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: (no name) - {326E768D-4182-46FD-9C16-1449A49795F4} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - (no file) O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Oryte Games 1.15 - {d2f11d8b-3eb5-4b42-9511-370dbec707fb} - C:\Program Files\Oryte_Games_1.15\prxtbOry2.dll O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [MakeMarkerFile] C:\WINDOWS\system32\Drivers\Marker.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Custom Skin Clock] C:\Program Files\Custom Skin Clock\Clock.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\All Users\Documenten\Mijn muziek\iTunesHelper.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Müjde Oruç\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Global Startup: Sitecom 150N USB Wireless LAN Utility.lnk = C:\Program Files\SITECOM\150N USB Wireless LAN Utility\RtWLan.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: ShopperReports - Compare product prices - {DB38E21A-0133-419d-92AD-ECDFD5244D6D} - C:\Program Files\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ShopperReports - Compare travel rates - {EB620C54-E229-4942-87CE-E717109FC8C6} - C:\Program Files\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} (Java Plug-in 1.6.0_21) - O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} (Java Plug-in 1.6.0_22) - O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Blaze Media Pro\NMSAccess32.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 12020 bytes
-
Hai, Thanks kweezie. Ik heb kunnen herstellen maar niet uit veilige modus. Hij startte gewoon op. Maar liep daarna weer vast. En toen ik het uitzette en opnieuw eilde opstarten startte hin weer niet op Dus wat nu??
-
Nog een vraagje: kan ik herstellen in veilige modus? Want nu loopt hij vrijwel meteen vast na het opstarten ( dus na het hele proces wat ik eerder had beschreven). Mischien is dit een hele rare vraag maar, toch graag een antwoordhierop aub.
