Ga naar inhoud

momy

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    59

  • Registratiedatum

  • Laatst bezocht

momy's prestaties

Bijdrager

Bijdrager (5/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. momy
    nu heb ik weeral eens gedaan wat hier gezegt word en hopla ik heb terug vorige java geintaleerd omdat het niet gaat zoals u zegde en nu kan ik helemaal niks meer java versie 6update 30 die heb ik terug gezet maar als ik op facebook ga kan ik niks van games meer spelen en nu???????
  2. momy
    kweezie ik krijg meer en meer problemen nu krijg ik berichten op sommige site's een script op deze pagina kan ertoe leiden dat internet explorer langzaam wordt uitgevoerd. Als het script niet wordt gestopt reageert u pc mogelijk niet meer ik zie ook op sie's waar normaal afbeelding sta een Rood kruisje als ik java en flasch player wil veranderen welke neem ik dan of zoals u op 95 zegt hou er rekening mee dat ik windows xp home heb en internet explorer 8 waar moet ik mijn vraag stellen in verband met updates die ik dagelijks krijg van Framework 2.0 sp2 duurt nu al 14 dagen elke dag een 5 tal sorry een hele brief nu momy
  3. momy
    clarkie even ver als in begin nog zelfde probleem dus niet opgelost
  4. momy
    ik heb java verwijderd direkt uit software maar heb de zefde terug gekregen 6 update 30 wat je hier noteert over java is dit voor XP home omdat er vista in staat ook mijn probleem met AGSearshook blijf maar voor elende zorgen elke dag gebruik ik ccleaner tot 3a4 maal en dan ga pc terug beetje sneller Moet men eigenlijk invoegtoepassingen hebben en waarom daar snap ik niks van
  5. momy
    beste onlangs was had ik gedaan wat u mij zegde en ja het ging goed nu heb ik terug zelfde probleem de instrutie op 0x1007cb19 verwijst naar geheugen op 0x015c8cb0.De lees-of schrijfbewerking (read) op het geheugen is mislukt
  6. momy
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:49:28, on 11/01/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fighters\sfagent.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Fighters\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fighters\FighterSuiteService.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Zoeken - zoeken op het web R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = HP Software Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\sfagent.exe O4 - HKLM\..\Run: [Google Updater] "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -check_deprecation O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\sfus.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 6779 bytes ---------- Post toegevoegd om 10:56 ---------- Vorige post was om 10:50 ---------- kweezi vraagje ik zou graag mijn java helemaal willen vernieuwen als ook adobe flasch player gaat dit en moet ik dan eerst alles verwijderen of hoe doe ik dit deze vraag moet men invoegtoepassingen hebben en voor wat dienen die ik begrijp dat niet of kan ik ze allemaal verwijderen???
  7. momy
    ComboFix 12-01-05.01 - HP_Eigenaar 10/01/2012 11:11:26.5.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.446.182 [GMT 1:00] Gestart vanuit: c:\documents and settings\HP_Eigenaar\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\HP_Eigenaar\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Avira AntiVir PersonalEdition Classic *Enabled/Outdated* {00000000-0000-0000-0000-000000000000} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD0EC-FFA4-00DA-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD2B8-FFA4-00DA-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD2B8-FFA4-00EB-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {84371514-FFA4-00EB-0D24-347CA8A3377C} FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . - VERMINDERDE FUNCTIONALITEIT MODUS - . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-10 to 2012-01-10 )))))))))))))))))))))))))))))) . . 2012-01-09 21:32 . 2012-01-10 10:04 -------- d--h--r- c:\documents and settings\HP_Eigenaar\Onlangs geopend 2012-01-04 23:04 . 2012-01-04 23:04 -------- d-----w- c:\windows\system32\wbem\Repository 2012-01-03 22:07 . 2012-01-03 22:07 -------- d-----w- c:\documents and settings\HP_Eigenaar\Application Data\Malwarebytes 2012-01-03 22:06 . 2012-01-03 22:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-12-27 22:53 . 2012-01-04 23:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-30 21:44 . 2009-05-15 08:46 32608 ----a-w- c:\windows\king-uninstall.exe 2011-12-02 11:56 . 2011-12-02 11:54 1870 ----a-w- C:\FixitRegBackup.reg 2011-11-28 18:01 . 2011-11-23 16:06 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-11-23 16:06 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-11-23 16:06 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-11-23 16:06 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-11-23 16:06 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-11-23 16:06 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-11-23 16:06 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-11-28 17:51 . 2011-11-23 16:06 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-11-28 17:51 . 2011-11-23 16:06 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-28 17:48 . 2011-11-23 16:06 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-11-23 14:40 . 2004-08-04 04:00 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-14 08:42 . 2011-05-14 07:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-10 04:54 . 2010-04-29 17:39 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-10 02:27 . 2011-05-02 08:49 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-11-04 19:13 . 2004-08-04 04:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2004-08-04 04:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2004-08-04 04:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2004-08-04 04:00 385024 ----a-w- c:\windows\system32\html.iec 2011-11-02 21:46 . 2011-11-02 21:46 388096 ----a-r- c:\documents and settings\HP_Eigenaar\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-01 16:07 . 2004-08-04 04:00 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2004-08-04 04:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2004-08-04 11:00 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 10:50 . 2004-08-04 04:00 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-18 11:13 . 2004-08-04 04:00 186880 ----a-w- c:\windows\system32\encdec.dll 2007-06-09 16:03 . 2007-06-09 16:03 774144 ----a-w- c:\program files\RngInterstitial.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "sfagent"="c:\program files\Fighters\sfagent.exe" [2010-10-21 760968] "Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-09-12 161336] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] . c:\documents and settings\marylou\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-30 27136] . c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-30 27136] . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"= "c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [23/11/2011 17:06 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23/11/2011 17:06 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23/11/2011 17:06 20568] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\sfus.exe [21/10/2010 13:44 189064] R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [10/10/2011 10:08 1318536] S2 Application Updater;Application Updater;"c:\program files\Application Updater\ApplicationUpdater.exe" --> c:\program files\Application Updater\ApplicationUpdater.exe [?] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [30/05/2006 6:18 468768] . Inhoud van de 'Gedeelde Taken' map . 2012-01-09 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-04 09:19] . 2012-01-09 c:\windows\Tasks\User_Feed_Synchronization-{1A2B542F-36FB-4BEC-9D01-3C679AD3C858}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 03:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_BE&c=63&bd=PAVILION&pf=desktop uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/embed/hpsu/survey TCP: DhcpNameServer = 195.130.130.132 195.130.131.132 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-10 11:13 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(588) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(3152) c:\progra~1\WINDOW~1\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-01-10 11:17:16 ComboFix-quarantined-files.txt 2012-01-10 10:17 ComboFix2.txt 2012-01-08 12:19 ComboFix3.txt 2012-01-07 11:21 ComboFix4.txt 2012-01-05 14:04 . Pre-Run: 219.940.966.400 bytes beschikbaar Post-Run: 219.936.288.768 bytes beschikbaar . - - End Of File - - 76734405BEECFEB9649FF7AB504E2614 ---------- Post toegevoegd om 11:21 ---------- Vorige post was om 11:19 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:20:05, on 10/01/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Fighters\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fighters\sfagent.exe C:\Program Files\Fighters\FighterSuiteService.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Zoeken - zoeken op het web R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = HP Software Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\sfagent.exe O4 - HKLM\..\Run: [Google Updater] "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -check_deprecation O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://mary1950.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mary1950.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\sfus.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 7126 bytes ---------- Post toegevoegd om 11:24 ---------- Vorige post was om 11:21 ---------- er zijn toch problemen met die avira die mary1950.space.live mag daar ook uit
  8. momy
    1ste De opgegeven Service is geen ge'nstaleerde service sc open service FAILED 1060 2de is zelfde
  9. momy
    ik begrijp niet wat je bedoeld met Noteer de melding die op scherm komt hoe doet men dat sorry hoor
  10. momy
    deze heb ik gekregen van iemand die zegt dat je hiermee AGSearcHook kan verwijderen Maar ik begrijp hier niks van engels is niet mijn sterkste kant wil je eens kijken michien is dit oplossing aub Method 1. That's right it is associated with webshots, I may need to check in the Programs under control panel if this software or its toolbar is installed. Uninstall or change a program Uninstall or change a program One of the community users "Sassydeb" resolved this issue by uninstall the webshots software. Here is the link. Internet Explore 8 Won't Open - Microsoft Answers Method 2. a. If you suspect any virus activity I would strongly recommend you to run the Virus Scan. I would recommend you to run online Virus Scan to remove any infections, if present. Follow the link below to run the free online scan: Windows Live OneCare b. Run the Microsoft Malicious Removal Tool Start - type in Search box -> MRT find at top of list - Right Click on it - RUN AS ADMIN. Links to download this tool. Microsoft Malicious Removal Tool - 32 bit Download: Windows Malicious Software Removal Tool - Microsoft Download Center - Download Details Microsoft Malicious Removal Tool - 64 bit Download: Windows Malicious Software Removal Tool x64 - Microsoft Download Center - Download Details Method 3. If the issue still exists I would ask you to perform a clean boot to find with which program this file is associated. How to troubleshoot a problem by performing a clean boot in Windows Vista or in Windows 7 How to troubleshoot a problem by performing a clean boot in Windows Vista or in Windows 7 Note: Make sure once the troubleshooting is over you set the computer to normal startup as mentioned and explained in the article above. Hope this helps.
  11. momy
    ComboFix 12-01-05.01 - HP_Eigenaar 08/01/2012 12:59:02.4.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.446.182 [GMT 1:00] Gestart vanuit: c:\documents and settings\HP_Eigenaar\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\HP_Eigenaar\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Avira AntiVir PersonalEdition Classic *Enabled/Outdated* {00000000-0000-0000-0000-000000000000} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD0EC-FFA4-00DA-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD2B8-FFA4-00DA-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD2B8-FFA4-00EB-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {84371514-FFA4-00EB-0D24-347CA8A3377C} FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . FILE :: "c:\program files\Application Updater\ApplicationUpdater.exe" "c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_LAVASOFT_KERNEXPLORER -------\Service_Lavasoft Kernexplorer . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-08 to 2012-01-08 )))))))))))))))))))))))))))))) . . 2012-01-07 15:56 . 2012-01-08 11:50 -------- d--h--r- c:\documents and settings\HP_Eigenaar\Onlangs geopend 2012-01-04 23:04 . 2012-01-04 23:04 -------- d-----w- c:\windows\system32\wbem\Repository 2012-01-03 22:07 . 2012-01-03 22:07 -------- d-----w- c:\documents and settings\HP_Eigenaar\Application Data\Malwarebytes 2012-01-03 22:06 . 2012-01-03 22:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-12-27 22:53 . 2012-01-04 23:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-30 21:44 . 2009-05-15 08:46 32608 ----a-w- c:\windows\king-uninstall.exe 2011-12-02 11:56 . 2011-12-02 11:54 1870 ----a-w- C:\FixitRegBackup.reg 2011-11-28 18:01 . 2011-11-23 16:06 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-11-23 16:06 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-11-23 16:06 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-11-23 16:06 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-11-23 16:06 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-11-23 16:06 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-11-23 16:06 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-11-28 17:51 . 2011-11-23 16:06 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-11-28 17:51 . 2011-11-23 16:06 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-28 17:48 . 2011-11-23 16:06 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-11-23 14:40 . 2004-08-04 04:00 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-14 08:42 . 2011-05-14 07:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-10 04:54 . 2010-04-29 17:39 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-10 02:27 . 2011-05-02 08:49 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-11-04 19:13 . 2004-08-04 04:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2004-08-04 04:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2004-08-04 04:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2004-08-04 04:00 385024 ----a-w- c:\windows\system32\html.iec 2011-11-02 21:46 . 2011-11-02 21:46 388096 ----a-r- c:\documents and settings\HP_Eigenaar\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-01 16:07 . 2004-08-04 04:00 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2004-08-04 04:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2004-08-04 11:00 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 10:50 . 2004-08-04 04:00 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-18 11:13 . 2004-08-04 04:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:22 . 2004-08-04 04:00 692736 ----a-w- c:\windows\system32\inetcomm.dll 2007-06-09 16:03 . 2007-06-09 16:03 774144 ----a-w- c:\program files\RngInterstitial.dll . . ((((((((((((((((((((((((((((( SnapShot_2012-01-05_14.00.26 ))))))))))))))))))))))))))))))))))))))))) . + 2012-01-08 12:11 . 2012-01-08 12:11 16384 c:\windows\Temp\Perflib_Perfdata_148.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "sfagent"="c:\program files\Fighters\sfagent.exe" [2010-10-21 760968] "Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-09-12 161336] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] . c:\documents and settings\marylou\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-30 27136] . c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-30 27136] . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"= "c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [23/11/2011 17:06 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23/11/2011 17:06 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23/11/2011 17:06 20568] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\sfus.exe [21/10/2010 13:44 189064] R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [10/10/2011 10:08 1318536] S2 Application Updater;Application Updater;"c:\program files\Application Updater\ApplicationUpdater.exe" --> c:\program files\Application Updater\ApplicationUpdater.exe [?] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [30/05/2006 6:18 468768] . Inhoud van de 'Gedeelde Taken' map . 2012-01-06 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-04 09:19] . 2012-01-07 c:\windows\Tasks\User_Feed_Synchronization-{1A2B542F-36FB-4BEC-9D01-3C679AD3C858}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 03:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_BE&c=63&bd=PAVILION&pf=desktop uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/embed/hpsu/survey TCP: DhcpNameServer = 195.130.130.132 195.130.131.132 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-08 13:12 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(592) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(2832) c:\progra~1\WINDOW~1\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\system32\Ati2evxx.exe c:\program files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe c:\program files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe c:\program files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe . ************************************************************************** . Voltooingstijd: 2012-01-08 13:19:37 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-08 12:19 ComboFix2.txt 2012-01-07 11:21 ComboFix3.txt 2012-01-05 14:04 . Pre-Run: 220.202.123.264 bytes beschikbaar Post-Run: 220.032.491.520 bytes beschikbaar . - - End Of File - - 64A7E595F337BBC90D7036033864D325 er word nog altijd gezegt : de hoger vermelde real time scanner's zijn nog steeds actief Avira AntiVir Personal Edition class ---------- Post toegevoegd om 13:27 ---------- Vorige post was om 13:24 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:27:25, on 8/01/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Fighters\sfagent.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Fighters\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fighters\FighterSuiteService.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Zoeken - zoeken op het web R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = HP Software Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\sfagent.exe O4 - HKLM\..\Run: [Google Updater] "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -check_deprecation O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://mary1950.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mary1950.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\sfus.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 7155 bytes
  12. momy
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:07:10, on 7/01/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Fighters\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fighters\FighterSuiteService.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Fighters\sfagent.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Zoeken - zoeken op het web R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = HP Software Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\sfagent.exe O4 - HKLM\..\Run: [Google Updater] "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -check_deprecation O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://mary1950.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mary1950.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\sfus.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 7185 bytes
  13. momy
    ComboFix 12-01-05.01 - HP_Eigenaar 07/01/2012 12:08:37.3.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.446.161 [GMT 1:00] Gestart vanuit: c:\documents and settings\HP_Eigenaar\Bureaublad\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Avira AntiVir PersonalEdition Classic *Enabled/Outdated* {00000000-0000-0000-0000-000000000000} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD0EC-FFA4-00DA-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD2B8-FFA4-00DA-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD2B8-FFA4-00EB-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {84371514-FFA4-00EB-0D24-347CA8A3377C} FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-07 to 2012-01-07 )))))))))))))))))))))))))))))) . . 2012-01-06 23:19 . 2012-01-07 10:57 -------- d--h--r- c:\documents and settings\HP_Eigenaar\Onlangs geopend 2012-01-04 23:04 . 2012-01-04 23:04 -------- d-----w- c:\windows\system32\wbem\Repository 2012-01-03 22:07 . 2012-01-03 22:07 -------- d-----w- c:\documents and settings\HP_Eigenaar\Application Data\Malwarebytes 2012-01-03 22:06 . 2012-01-03 22:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-12-27 22:53 . 2012-01-04 23:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-30 21:44 . 2009-05-15 08:46 32608 ----a-w- c:\windows\king-uninstall.exe 2011-12-02 11:56 . 2011-12-02 11:54 1870 ----a-w- C:\FixitRegBackup.reg 2011-11-28 18:01 . 2011-11-23 16:06 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-11-23 16:06 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-11-23 16:06 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-11-23 16:06 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-11-23 16:06 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-11-23 16:06 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-11-23 16:06 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-11-28 17:51 . 2011-11-23 16:06 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-11-28 17:51 . 2011-11-23 16:06 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-28 17:48 . 2011-11-23 16:06 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-11-23 14:40 . 2004-08-04 04:00 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-14 08:42 . 2011-05-14 07:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-10 04:54 . 2010-04-29 17:39 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-10 02:27 . 2011-05-02 08:49 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-11-04 19:13 . 2004-08-04 04:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2004-08-04 04:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2004-08-04 04:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2004-08-04 04:00 385024 ----a-w- c:\windows\system32\html.iec 2011-11-02 21:46 . 2011-11-02 21:46 388096 ----a-r- c:\documents and settings\HP_Eigenaar\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-01 16:07 . 2004-08-04 04:00 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2004-08-04 04:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2004-08-04 11:00 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 10:50 . 2004-08-04 04:00 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-18 11:13 . 2004-08-04 04:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:22 . 2004-08-04 04:00 692736 ----a-w- c:\windows\system32\inetcomm.dll 2007-06-09 16:03 . 2007-06-09 16:03 774144 ----a-w- c:\program files\RngInterstitial.dll . . ((((((((((((((((((((((((((((( SnapShot_2012-01-05_14.00.26 ))))))))))))))))))))))))))))))))))))))))) . + 2012-01-07 09:44 . 2012-01-07 09:44 16384 c:\windows\Temp\Perflib_Perfdata_1f4.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "sfagent"="c:\program files\Fighters\sfagent.exe" [2010-10-21 760968] "Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-09-12 161336] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] . c:\documents and settings\marylou\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-30 27136] . c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-30 27136] . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"= "c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [23/11/2011 17:06 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23/11/2011 17:06 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23/11/2011 17:06 20568] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\sfus.exe [21/10/2010 13:44 189064] R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [10/10/2011 10:08 1318536] S2 Application Updater;Application Updater;"c:\program files\Application Updater\ApplicationUpdater.exe" --> c:\program files\Application Updater\ApplicationUpdater.exe [?] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [30/05/2006 6:18 468768] . Inhoud van de 'Gedeelde Taken' map . 2012-01-06 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-04 09:19] . 2012-01-06 c:\windows\Tasks\User_Feed_Synchronization-{1A2B542F-36FB-4BEC-9D01-3C679AD3C858}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 03:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_BE&c=63&bd=PAVILION&pf=desktop uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/embed/hpsu/survey TCP: DhcpNameServer = 195.130.130.132 195.130.131.132 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-07 12:18 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(580) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(1088) c:\progra~1\WINDOW~1\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-01-07 12:21:12 ComboFix-quarantined-files.txt 2012-01-07 11:21 ComboFix2.txt 2012-01-05 14:04 . Pre-Run: 220.247.261.184 bytes beschikbaar Post-Run: 220.235.534.336 bytes beschikbaar . - - End Of File - - 38F38C6FAEBCD4D2661C84FBDC8116BD ---------- Post toegevoegd om 12:27 ---------- Vorige post was om 12:24 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:26:34, on 7/01/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Fighters\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fighters\FighterSuiteService.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Fighters\sfagent.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Zoeken - zoeken op het web R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = HP Software Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\sfagent.exe O4 - HKLM\..\Run: [Google Updater] "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -check_deprecation O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://mary1950.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mary1950.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\sfus.exe O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 7125 bytes ---------- Post toegevoegd om 12:32 ---------- Vorige post was om 12:27 ---------- ook zie ik staan Lavasoft AD-Aware heb ik vroeger ook gehad ik zie nu pas
  14. momy
    iemand tijd om dit te bekijken aub momy
  15. momy
    hier scan van combofix ComboFix 12-01-05.01 - HP_Eigenaar 05/01/2012 14:50:37.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.446.203 [GMT 1:00] Gestart vanuit: c:\documents and settings\HP_Eigenaar\Bureaublad\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Avira AntiVir PersonalEdition Classic *Enabled/Outdated* {00000000-0000-0000-0000-000000000000} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD0EC-FFA4-00DA-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD2B8-FFA4-00DA-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {804FD2B8-FFA4-00EB-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {84371514-FFA4-00EB-0D24-347CA8A3377C} FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\windows\system32\SET9F.tmp c:\windows\system32\SETC5.tmp c:\windows\system32\SETC7.tmp c:\windows\system32\SETD3.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-05 to 2012-01-05 )))))))))))))))))))))))))))))) . . 2012-01-04 23:04 . 2012-01-04 23:04 -------- d-----w- c:\windows\system32\wbem\Repository 2012-01-04 23:03 . 2012-01-04 23:03 -------- d--h--r- c:\documents and settings\HP_Eigenaar\Onlangs geopend 2012-01-03 22:07 . 2012-01-03 22:07 -------- d-----w- c:\documents and settings\HP_Eigenaar\Application Data\Malwarebytes 2012-01-03 22:06 . 2012-01-03 22:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-12-27 22:53 . 2012-01-04 23:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-30 21:44 . 2009-05-15 08:46 32608 ----a-w- c:\windows\king-uninstall.exe 2011-12-02 11:56 . 2011-12-02 11:54 1870 ----a-w- C:\FixitRegBackup.reg 2011-11-28 18:01 . 2011-11-23 16:06 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-11-23 16:06 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-11-23 16:06 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-11-23 16:06 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-11-23 16:06 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-11-23 16:06 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-11-23 16:06 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-11-28 17:51 . 2011-11-23 16:06 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-11-28 17:51 . 2011-11-23 16:06 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-28 17:48 . 2011-11-23 16:06 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-11-23 14:40 . 2004-08-04 04:00 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-14 08:42 . 2011-05-14 07:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-10 04:54 . 2010-04-29 17:39 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-10 02:27 . 2011-05-02 08:49 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-11-04 19:13 . 2004-08-04 04:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2004-08-04 04:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2004-08-04 04:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2004-08-04 04:00 385024 ----a-w- c:\windows\system32\html.iec 2011-11-02 21:46 . 2011-11-02 21:46 388096 ----a-r- c:\documents and settings\HP_Eigenaar\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-01 16:07 . 2004-08-04 04:00 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2004-08-04 04:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2004-08-04 11:00 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 10:50 . 2004-08-04 04:00 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-18 11:13 . 2004-08-04 04:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:22 . 2004-08-04 04:00 692736 ----a-w- c:\windows\system32\inetcomm.dll 2007-06-09 16:03 . 2007-06-09 16:03 774144 ----a-w- c:\program files\RngInterstitial.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-11-12_12.21.06 ))))))))))))))))))))))))))))))))))))))))) . + 2011-04-18 21:51 . 2011-04-18 21:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll + 2009-07-11 23:02 . 2009-07-11 23:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll + 2011-04-18 21:51 . 2011-04-18 21:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll + 2011-04-18 21:51 . 2011-04-18 21:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll + 2011-04-18 21:51 . 2011-04-18 21:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll + 2011-04-18 21:51 . 2011-04-18 21:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll + 2011-04-18 21:51 . 2011-04-18 21:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll + 2011-04-18 21:51 . 2011-04-18 21:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll + 2011-04-18 21:51 . 2011-04-18 21:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll + 2011-04-18 21:51 . 2011-04-18 21:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll + 2011-04-18 21:51 . 2011-04-18 21:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll + 2011-04-18 21:51 . 2011-04-18 21:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll + 2011-04-18 21:51 . 2011-04-18 21:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll + 2009-07-11 23:02 . 2009-07-11 23:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll + 2009-07-11 23:02 . 2009-07-11 23:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll + 2009-07-11 23:02 . 2009-07-11 23:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll + 2009-07-11 23:02 . 2009-07-11 23:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll + 2009-07-11 23:02 . 2009-07-11 23:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll + 2009-07-11 23:02 . 2009-07-11 23:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll + 2009-07-11 23:02 . 2009-07-11 23:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll + 2009-07-11 23:02 . 2009-07-11 23:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll + 2009-07-11 23:02 . 2009-07-11 23:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll + 2009-07-11 23:02 . 2009-07-11 23:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll + 2009-07-11 23:02 . 2009-07-11 23:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll + 2011-04-18 21:51 . 2011-04-18 21:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll + 2011-04-18 21:51 . 2011-04-18 21:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll + 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll + 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll + 2006-12-01 23:46 . 2006-12-01 23:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll + 2006-12-01 23:08 . 2006-12-01 23:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 23:08 . 2006-12-01 23:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 23:08 . 2006-12-01 23:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 23:08 . 2006-12-01 23:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 23:08 . 2006-12-01 23:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 23:08 . 2006-12-01 23:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 23:08 . 2006-12-01 23:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 23:08 . 2006-12-01 23:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 23:08 . 2006-12-01 23:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 23:26 . 2006-12-01 23:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 23:25 . 2006-12-01 23:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2006-12-01 21:56 . 2006-12-01 21:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2012-01-05 04:55 . 2012-01-05 04:55 16384 c:\windows\Temp\Perflib_Perfdata_2d4.dat + 2007-01-29 08:58 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe - 2007-01-29 08:58 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe + 2011-01-18 14:52 . 2009-01-07 17:21 18464 c:\windows\system32\spmsg.dll + 2004-12-03 10:15 . 2012-01-01 15:14 97198 c:\windows\system32\perfc009.dat + 2004-08-04 04:00 . 2011-11-04 19:13 66560 c:\windows\system32\mshtmled.dll - 2004-08-04 04:00 . 2011-08-22 23:41 66560 c:\windows\system32\mshtmled.dll + 2006-11-07 20:03 . 2011-11-04 19:13 55296 c:\windows\system32\msfeedsbs.dll - 2006-11-07 20:03 . 2011-08-22 23:41 55296 c:\windows\system32\msfeedsbs.dll - 2004-08-04 04:00 . 2011-08-22 23:41 25600 c:\windows\system32\jsproxy.dll + 2004-08-04 04:00 . 2011-11-04 19:13 25600 c:\windows\system32\jsproxy.dll + 2009-06-11 08:15 . 2011-11-04 19:13 12800 c:\windows\system32\dllcache\xpshims.dll - 2009-06-11 08:15 . 2011-08-22 23:41 12800 c:\windows\system32\dllcache\xpshims.dll - 2004-08-04 04:00 . 2011-08-22 23:41 66560 c:\windows\system32\dllcache\mshtmled.dll + 2004-08-04 04:00 . 2011-11-04 19:13 66560 c:\windows\system32\dllcache\mshtmled.dll + 2007-05-09 08:33 . 2011-11-04 19:13 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2007-05-09 08:33 . 2011-08-22 23:41 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2004-08-04 04:00 . 2011-11-04 19:13 43520 c:\windows\system32\dllcache\licmgr10.dll - 2004-08-04 04:00 . 2011-08-22 23:41 43520 c:\windows\system32\dllcache\licmgr10.dll - 2004-08-04 04:00 . 2011-08-22 23:41 25600 c:\windows\system32\dllcache\jsproxy.dll + 2004-08-04 04:00 . 2011-11-04 19:13 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-12-14 07:10 . 2011-10-28 05:32 33280 c:\windows\system32\dllcache\csrsrv.dll - 2009-12-14 07:10 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll + 2011-11-22 06:09 . 2011-11-22 06:09 87901 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe + 2011-11-02 09:45 . 2011-11-02 09:45 86016 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll + 2011-11-02 09:28 . 2011-11-02 09:28 73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll + 2011-11-02 09:28 . 2011-11-02 09:28 64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll + 2011-11-02 09:47 . 2011-11-02 09:47 12800 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll - 2011-07-08 12:00 . 2011-07-08 12:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll + 2011-12-25 10:07 . 2011-12-25 10:07 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll + 2011-12-24 21:55 . 2011-12-24 21:55 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - 2011-07-07 10:04 . 2011-07-07 10:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2011-12-24 21:55 . 2011-12-24 21:55 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll - 2011-07-07 10:04 . 2011-07-07 10:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll + 2011-12-24 21:55 . 2011-12-24 21:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll - 2011-07-07 10:03 . 2011-07-07 10:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll - 2011-07-07 11:09 . 2011-07-07 11:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2011-12-24 22:49 . 2011-12-24 22:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2011-12-24 22:49 . 2011-12-24 22:49 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll - 2011-07-07 11:09 . 2011-07-07 11:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll + 2011-11-22 06:10 . 2011-11-22 06:10 10134 c:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe - 2011-08-14 08:31 . 2011-08-14 08:31 45056 c:\windows\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\ARPPRODUCTICON.exe + 2011-08-14 08:31 . 2011-12-02 08:22 45056 c:\windows\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\ARPPRODUCTICON.exe + 2011-12-15 17:31 . 2011-08-22 23:41 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll + 2011-12-15 17:31 . 2011-08-22 23:41 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll + 2011-12-15 17:31 . 2011-08-22 23:41 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll + 2011-12-15 17:31 . 2011-08-22 23:41 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll + 2011-12-15 17:31 . 2011-08-22 23:41 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll + 2011-12-02 13:02 . 2009-03-08 03:33 12288 c:\windows\ie8updates\KB2586448-IE8\xpshims.dll + 2011-12-02 13:02 . 2010-07-05 13:21 18808 c:\windows\ie8updates\KB2586448-IE8\spmsg.dll + 2011-12-02 13:02 . 2010-07-05 13:21 26488 c:\windows\ie8updates\KB2586448-IE8\spcustom.dll - 2011-10-12 11:09 . 2011-06-23 18:31 66560 c:\windows\ie8updates\KB2586448-IE8\mshtmled.dll + 2011-12-02 13:02 . 2009-03-08 03:31 66560 c:\windows\ie8updates\KB2586448-IE8\mshtmled.dll - 2011-10-12 11:09 . 2011-06-23 18:31 55296 c:\windows\ie8updates\KB2586448-IE8\msfeedsbs.dll + 2011-12-02 13:02 . 2009-03-08 03:31 55296 c:\windows\ie8updates\KB2586448-IE8\msfeedsbs.dll + 2011-12-02 13:02 . 2009-03-08 03:34 43008 c:\windows\ie8updates\KB2586448-IE8\licmgr10.dll - 2011-10-12 11:09 . 2011-06-23 18:31 25600 c:\windows\ie8updates\KB2586448-IE8\jsproxy.dll + 2011-12-02 13:02 . 2009-03-08 03:33 25600 c:\windows\ie8updates\KB2586448-IE8\jsproxy.dll + 2011-12-02 13:02 . 2010-07-05 13:21 18808 c:\windows\ie8updates\KB2544521-IE8\spmsg.dll + 2011-12-02 13:02 . 2010-07-05 13:21 26488 c:\windows\ie8updates\KB2544521-IE8\spcustom.dll + 2011-12-02 13:01 . 2010-07-05 13:21 18808 c:\windows\ie8updates\KB2510531-IE8\spmsg.dll + 2011-12-02 13:01 . 2010-07-05 13:21 26488 c:\windows\ie8updates\KB2510531-IE8\spcustom.dll - 2010-03-04 08:35 . 2009-03-08 15:32 58448 c:\windows\ie8\spuninst\iecustom.dll + 2011-12-02 12:46 . 2009-03-08 15:32 58448 c:\windows\ie8\spuninst\iecustom.dll + 2011-12-02 12:45 . 2009-02-20 17:18 44544 c:\windows\ie8\pngfilt.dll - 2010-03-04 08:34 . 2009-02-20 17:18 44544 c:\windows\ie8\pngfilt.dll - 2010-03-04 08:34 . 2006-10-17 10:28 48128 c:\windows\ie8\mshtmler.dll + 2011-12-02 12:45 . 2006-10-17 10:28 48128 c:\windows\ie8\mshtmler.dll - 2010-03-04 08:34 . 2006-10-17 10:56 45568 c:\windows\ie8\mshta.exe + 2011-12-02 12:45 . 2006-10-17 10:56 45568 c:\windows\ie8\mshta.exe - 2010-03-04 08:34 . 2006-10-17 10:58 12288 c:\windows\ie8\msfeedssync.exe + 2011-12-02 12:45 . 2006-10-17 10:58 12288 c:\windows\ie8\msfeedssync.exe - 2010-03-04 08:34 . 2009-02-20 17:18 52224 c:\windows\ie8\msfeedsbs.dll + 2011-12-02 12:45 . 2009-02-20 17:18 52224 c:\windows\ie8\msfeedsbs.dll + 2011-12-02 12:45 . 2006-10-17 11:05 40960 c:\windows\ie8\licmgr10.dll - 2010-03-04 08:34 . 2006-10-17 11:05 40960 c:\windows\ie8\licmgr10.dll - 2010-03-04 08:34 . 2009-02-20 17:18 27648 c:\windows\ie8\jsproxy.dll + 2011-12-02 12:45 . 2009-02-20 17:18 27648 c:\windows\ie8\jsproxy.dll + 2011-12-02 12:45 . 2006-11-07 02:26 92672 c:\windows\ie8\inseng.dll - 2010-03-04 08:34 . 2006-11-07 02:26 92672 c:\windows\ie8\inseng.dll - 2010-03-04 08:34 . 2006-10-17 10:57 36352 c:\windows\ie8\imgutil.dll + 2011-12-02 12:45 . 2006-10-17 10:57 36352 c:\windows\ie8\imgutil.dll - 2010-03-04 08:34 . 2006-11-07 02:26 55296 c:\windows\ie8\iesetup.dll + 2011-12-02 12:45 . 2006-11-07 02:26 55296 c:\windows\ie8\iesetup.dll + 2011-12-02 12:45 . 2009-02-20 17:18 44544 c:\windows\ie8\iernonce.dll - 2010-03-04 08:34 . 2009-02-20 17:18 44544 c:\windows\ie8\iernonce.dll - 2010-03-04 08:34 . 2009-02-20 17:18 78336 c:\windows\ie8\ieencode.dll + 2011-12-02 12:45 . 2009-02-20 17:18 78336 c:\windows\ie8\ieencode.dll + 2011-12-02 12:45 . 2009-02-20 10:20 70656 c:\windows\ie8\ie4uinit.exe - 2010-03-04 08:34 . 2009-02-20 10:20 70656 c:\windows\ie8\ie4uinit.exe + 2011-12-02 12:45 . 2009-02-20 17:18 63488 c:\windows\ie8\icardie.dll - 2010-03-04 08:34 . 2009-02-20 17:18 63488 c:\windows\ie8\icardie.dll - 2010-03-04 08:34 . 2006-10-17 10:44 60416 c:\windows\ie8\hmmapi.dll + 2011-12-02 12:45 . 2006-10-17 10:44 60416 c:\windows\ie8\hmmapi.dll - 2010-03-04 08:34 . 2008-04-14 17:02 35328 c:\windows\ie8\corpol.dll + 2011-12-02 12:45 . 2008-04-14 17:02 35328 c:\windows\ie8\corpol.dll - 2010-03-04 08:34 . 2006-11-07 02:26 71680 c:\windows\ie8\admparse.dll + 2011-12-02 12:45 . 2006-11-07 02:26 71680 c:\windows\ie8\admparse.dll + 2012-01-03 21:23 . 2012-01-03 21:23 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_eaf9d0b0\System.Drawing.Design.dll + 2012-01-03 21:23 . 2012-01-03 21:23 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_a7061a06\CustomMarshalers.dll + 2012-01-03 21:22 . 2012-01-03 21:22 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll - 2011-10-12 11:07 . 2011-10-12 11:07 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll + 2011-04-18 21:51 . 2011-04-18 21:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll + 2011-04-18 21:51 . 2011-04-18 21:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll + 2011-04-18 21:51 . 2011-04-18 21:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll + 2009-07-11 23:02 . 2009-07-11 23:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll + 2009-07-11 23:02 . 2009-07-11 23:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll + 2009-07-11 23:05 . 2009-07-11 23:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll + 2008-07-29 07:05 . 2008-07-29 07:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll + 2008-07-29 07:05 . 2008-07-29 07:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll + 2008-07-29 02:54 . 2008-07-29 02:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll + 2011-04-18 21:51 . 2011-04-18 21:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll + 2009-07-11 23:02 . 2009-07-11 23:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll - 2004-08-04 04:00 . 2011-08-22 23:41 105984 c:\windows\system32\url.dll + 2004-08-04 04:00 . 2011-11-04 19:13 105984 c:\windows\system32\url.dll + 2004-12-03 10:15 . 2012-01-01 15:14 529908 c:\windows\system32\perfh013.dat + 2004-12-03 10:15 . 2012-01-01 15:14 503660 c:\windows\system32\perfh009.dat + 2004-12-03 10:15 . 2012-01-01 15:14 124952 c:\windows\system32\perfc013.dat - 2004-08-04 04:00 . 2011-08-22 23:41 206848 c:\windows\system32\occache.dll + 2004-08-04 04:00 . 2011-11-04 19:13 206848 c:\windows\system32\occache.dll - 2004-08-04 04:00 . 2011-08-22 23:41 611840 c:\windows\system32\mstime.dll + 2004-08-04 04:00 . 2011-11-04 19:13 611840 c:\windows\system32\mstime.dll - 2006-11-07 20:03 . 2011-08-22 23:41 602112 c:\windows\system32\msfeeds.dll + 2006-11-07 20:03 . 2011-11-04 19:13 602112 c:\windows\system32\msfeeds.dll + 2011-11-14 08:42 . 2011-11-14 08:42 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe + 2011-11-14 08:42 . 2011-11-14 08:42 335520 c:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.dll - 2011-10-30 06:23 . 2011-10-03 04:06 157472 c:\windows\system32\javaws.exe + 2011-12-24 21:28 . 2011-11-10 04:54 157472 c:\windows\system32\javaws.exe + 2011-12-24 21:28 . 2011-11-10 04:54 149280 c:\windows\system32\javaw.exe + 2011-12-24 21:28 . 2011-11-10 04:54 149280 c:\windows\system32\java.exe + 2004-08-04 04:00 . 2011-11-04 19:13 184320 c:\windows\system32\iepeers.dll - 2004-08-04 04:00 . 2011-08-22 23:41 184320 c:\windows\system32\iepeers.dll - 2004-08-04 04:00 . 2011-08-22 23:41 387584 c:\windows\system32\iedkcs32.dll + 2004-08-04 04:00 . 2011-11-04 19:13 387584 c:\windows\system32\iedkcs32.dll + 2004-08-04 04:00 . 2011-11-04 11:25 174080 c:\windows\system32\ie4uinit.exe - 2004-08-04 04:00 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe - 2004-12-03 10:12 . 2011-10-12 11:57 161136 c:\windows\system32\FNTCACHE.DAT + 2004-12-03 10:12 . 2011-12-15 14:23 161136 c:\windows\system32\FNTCACHE.DAT + 2004-08-04 04:00 . 2011-11-04 19:13 916992 c:\windows\system32\dllcache\wininet.dll + 2004-08-04 04:00 . 2011-11-04 19:13 105984 c:\windows\system32\dllcache\url.dll - 2004-08-04 04:00 . 2011-08-22 23:41 105984 c:\windows\system32\dllcache\url.dll + 2004-08-04 04:00 . 2011-11-04 19:13 206848 c:\windows\system32\dllcache\occache.dll - 2004-08-04 04:00 . 2011-08-22 23:41 206848 c:\windows\system32\dllcache\occache.dll - 2004-08-04 04:00 . 2011-08-22 23:41 611840 c:\windows\system32\dllcache\mstime.dll + 2004-08-04 04:00 . 2011-11-04 19:13 611840 c:\windows\system32\dllcache\mstime.dll - 2007-05-09 08:33 . 2011-08-22 23:41 602112 c:\windows\system32\dllcache\msfeeds.dll + 2007-05-09 08:33 . 2011-11-04 19:13 602112 c:\windows\system32\dllcache\msfeeds.dll - 2009-06-11 08:15 . 2011-08-22 23:41 247808 c:\windows\system32\dllcache\ieproxy.dll + 2009-06-11 08:15 . 2011-11-04 19:13 247808 c:\windows\system32\dllcache\ieproxy.dll - 2004-08-04 04:00 . 2011-08-22 23:41 184320 c:\windows\system32\dllcache\iepeers.dll + 2004-08-04 04:00 . 2011-11-04 19:13 184320 c:\windows\system32\dllcache\iepeers.dll - 2010-06-10 14:54 . 2011-08-22 23:41 743424 c:\windows\system32\dllcache\iedvtool.dll + 2010-06-10 14:54 . 2011-11-04 19:13 743424 c:\windows\system32\dllcache\iedvtool.dll - 2004-08-04 04:00 . 2011-08-22 23:41 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2004-08-04 04:00 . 2011-11-04 19:13 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2004-08-04 04:00 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2004-08-04 04:00 . 2011-11-04 11:25 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2011-02-09 13:54 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll - 2011-02-09 13:54 . 2011-02-09 13:54 186880 c:\windows\system32\dllcache\encdec.dll + 2004-08-04 11:00 . 2008-04-14 17:02 640000 c:\windows\system32\dllcache\dbghelp.dll + 2011-11-02 09:28 . 2011-11-02 09:28 279992 c:\windows\system32\Adobe\Shockwave 11\SymCCIS.dll + 2011-11-02 09:45 . 2011-11-02 09:45 114176 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe + 2011-11-02 09:47 . 2011-11-02 09:47 434176 c:\windows\system32\Adobe\Shockwave 11\Proj.dll + 2011-11-02 09:45 . 2011-11-02 09:45 365056 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll + 2011-11-02 09:33 . 2011-11-02 09:33 990208 c:\windows\system32\Adobe\Shockwave 11\iml32.dll + 2011-11-02 09:28 . 2011-11-02 09:28 919040 c:\windows\system32\Adobe\Shockwave 11\gi.dll + 2011-11-02 09:45 . 2011-11-02 09:45 542720 c:\windows\system32\Adobe\Shockwave 11\Control.dll + 2011-11-02 09:53 . 2011-11-02 09:53 113080 c:\windows\system32\Adobe\Director\SWDNLD.EXE + 2011-11-02 09:53 . 2011-11-02 09:53 279480 c:\windows\system32\Adobe\Director\SwDir.dll + 2011-11-02 09:46 . 2011-11-02 09:46 145920 c:\windows\system32\Adobe\Director\np32dsw.dll + 2011-12-24 21:55 . 2011-12-24 21:55 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll - 2011-07-07 10:04 . 2011-07-07 10:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll + 2011-12-24 21:53 . 2011-12-24 21:53 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - 2011-07-07 10:01 . 2011-07-07 10:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - 2011-07-07 11:09 . 2011-07-07 11:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2011-12-24 22:49 . 2011-12-24 22:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2011-11-19 10:56 . 2011-11-19 10:56 337408 c:\windows\Installer\7e3e22.msi + 2011-11-18 07:22 . 2011-11-18 07:22 223744 c:\windows\Installer\71428.msi + 2011-11-22 06:10 . 2011-11-22 06:10 430592 c:\windows\Installer\5bc86.msi + 2011-11-17 22:54 . 2011-11-17 22:54 219648 c:\windows\Installer\33ef3f5.msi + 2011-12-02 08:22 . 2011-12-02 08:22 953344 c:\windows\Installer\30b0b1.msi + 2011-12-25 04:40 . 2011-12-25 04:40 819200 c:\windows\Installer\2cf6c14.msp + 2011-08-14 08:31 . 2011-12-02 08:22 102400 c:\windows\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\NewShortcut1_47F36D92E58E456DB73C3382737E4C42.exe - 2011-08-14 08:31 . 2011-08-14 08:31 102400 c:\windows\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\NewShortcut1_47F36D92E58E456DB73C3382737E4C42.exe + 2011-12-15 17:31 . 2011-08-22 23:41 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll + 2011-12-15 17:31 . 2011-08-22 23:41 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll + 2011-12-15 17:31 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll + 2011-12-15 17:31 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe + 2011-12-15 17:31 . 2011-08-22 23:41 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll + 2011-12-15 17:31 . 2011-08-22 23:41 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll + 2011-12-15 17:31 . 2011-08-22 23:41 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll + 2011-12-15 17:31 . 2011-08-22 23:41 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll + 2011-12-15 17:31 . 2011-08-22 23:41 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll + 2011-12-15 17:31 . 2011-08-22 23:41 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll + 2011-12-15 17:31 . 2011-08-22 23:41 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll + 2011-12-15 17:31 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe + 2011-12-02 13:02 . 2009-03-08 03:34 914944 c:\windows\ie8updates\KB2586448-IE8\wininet.dll + 2011-12-02 13:02 . 2009-03-08 03:34 105984 c:\windows\ie8updates\KB2586448-IE8\url.dll - 2011-10-12 11:09 . 2011-06-23 18:31 105984 c:\windows\ie8updates\KB2586448-IE8\url.dll + 2011-12-02 13:02 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2586448-IE8\updspapi.dll + 2011-12-02 13:02 . 2010-07-05 13:21 765304 c:\windows\ie8updates\KB2586448-IE8\update.exe - 2011-10-12 11:09 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll + 2011-12-02 13:02 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll + 2011-12-02 13:02 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe - 2011-10-12 11:09 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe + 2011-12-02 13:02 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2586448-IE8\spuninst.exe + 2011-12-02 13:02 . 2009-03-08 03:34 109568 c:\windows\ie8updates\KB2586448-IE8\occache.dll - 2011-10-12 11:09 . 2011-06-23 18:31 611840 c:\windows\ie8updates\KB2586448-IE8\mstime.dll + 2011-12-02 13:02 . 2009-03-08 03:32 611840 c:\windows\ie8updates\KB2586448-IE8\mstime.dll + 2011-12-02 13:02 . 2009-03-08 03:32 594432 c:\windows\ie8updates\KB2586448-IE8\msfeeds.dll + 2011-12-02 13:02 . 2009-03-08 03:33 246784 c:\windows\ie8updates\KB2586448-IE8\ieproxy.dll + 2011-12-02 13:02 . 2009-03-08 03:31 183808 c:\windows\ie8updates\KB2586448-IE8\iepeers.dll + 2011-12-02 13:02 . 2009-03-08 03:35 742912 c:\windows\ie8updates\KB2586448-IE8\iedvtool.dll + 2011-12-02 13:02 . 2009-03-08 13:09 391536 c:\windows\ie8updates\KB2586448-IE8\iedkcs32.dll + 2011-12-02 13:02 . 2009-03-08 03:32 173056 c:\windows\ie8updates\KB2586448-IE8\ie4uinit.exe - 2011-06-16 22:09 . 2009-03-08 03:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll + 2011-12-02 13:02 . 2009-03-08 03:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll + 2011-12-02 13:02 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2544521-IE8\updspapi.dll + 2011-12-02 13:02 . 2010-07-05 13:21 765304 c:\windows\ie8updates\KB2544521-IE8\update.exe - 2011-06-16 22:09 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll + 2011-12-02 13:02 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll - 2011-06-16 22:09 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe + 2011-12-02 13:02 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe + 2011-12-02 13:02 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2544521-IE8\spuninst.exe + 2011-12-02 13:01 . 2009-03-08 03:33 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll - 2011-04-14 22:10 . 2010-03-10 06:17 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll + 2011-12-02 13:01 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2510531-IE8\updspapi.dll + 2011-12-02 13:01 . 2010-07-05 13:21 765304 c:\windows\ie8updates\KB2510531-IE8\update.exe + 2011-12-02 13:01 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll - 2011-04-14 22:10 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll + 2011-12-02 13:01 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe - 2011-04-14 22:10 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe + 2011-12-02 13:01 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2510531-IE8\spuninst.exe - 2011-04-14 22:10 . 2009-12-09 05:55 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll + 2011-12-02 13:01 . 2009-03-08 03:33 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll - 2010-03-04 08:34 . 2009-03-03 00:16 826368 c:\windows\ie8\wininet.dll + 2011-12-02 12:45 . 2009-03-03 00:16 826368 c:\windows\ie8\wininet.dll - 2010-03-04 08:34 . 2006-10-17 11:05 206336 c:\windows\ie8\winfxdocobj.exe + 2011-12-02 12:45 . 2006-10-17 11:05 206336 c:\windows\ie8\winfxdocobj.exe - 2010-03-04 08:34 . 2009-02-20 17:18 233472 c:\windows\ie8\webcheck.dll + 2011-12-02 12:45 . 2009-02-20 17:18 233472 c:\windows\ie8\webcheck.dll - 2010-03-04 08:34 . 2007-07-12 23:32 765952 c:\windows\ie8\vgx.dll + 2011-12-02 12:45 . 2007-07-12 23:32 765952 c:\windows\ie8\vgx.dll + 2011-12-02 12:45 . 2008-05-09 10:56 430080 c:\windows\ie8\vbscript.dll - 2010-03-04 08:34 . 2008-05-09 10:56 430080 c:\windows\ie8\vbscript.dll - 2010-03-04 08:34 . 2009-02-20 17:18 105984 c:\windows\ie8\url.dll + 2011-12-02 12:45 . 2009-02-20 17:18 105984 c:\windows\ie8\url.dll + 2011-12-02 12:46 . 2009-01-07 17:21 400928 c:\windows\ie8\spuninst\updspapi.dll - 2010-03-04 08:35 . 2009-01-07 17:21 400928 c:\windows\ie8\spuninst\updspapi.dll - 2010-03-04 08:35 . 2009-01-07 17:21 235040 c:\windows\ie8\spuninst\spuninst.exe + 2011-12-02 12:46 . 2009-01-07 17:21 235040 c:\windows\ie8\spuninst\spuninst.exe - 2010-03-04 08:34 . 2006-09-06 15:43 216800 c:\windows\ie8\spuninst.exe + 2011-12-02 12:45 . 2006-09-06 15:43 216800 c:\windows\ie8\spuninst.exe - 2010-03-04 08:34 . 2009-02-20 17:18 102912 c:\windows\ie8\occache.dll + 2011-12-02 12:45 . 2009-02-20 17:18 102912 c:\windows\ie8\occache.dll - 2010-03-04 08:34 . 2009-02-20 17:18 671232 c:\windows\ie8\mstime.dll + 2011-12-02 12:45 . 2009-02-20 17:18 671232 c:\windows\ie8\mstime.dll + 2011-12-02 12:45 . 2009-02-20 17:18 193024 c:\windows\ie8\msrating.dll - 2010-03-04 08:34 . 2009-02-20 17:18 193024 c:\windows\ie8\msrating.dll - 2010-03-04 08:34 . 2006-11-07 20:03 156160 c:\windows\ie8\msls31.dll + 2011-12-02 12:45 . 2006-11-07 20:03 156160 c:\windows\ie8\msls31.dll - 2010-03-04 08:34 . 2009-02-20 17:18 477696 c:\windows\ie8\mshtmled.dll + 2011-12-02 12:45 . 2009-02-20 17:18 477696 c:\windows\ie8\mshtmled.dll + 2011-12-02 12:45 . 2009-02-20 17:18 459264 c:\windows\ie8\msfeeds.dll - 2010-03-04 08:34 . 2009-02-20 17:18 459264 c:\windows\ie8\msfeeds.dll + 2011-12-02 12:45 . 2008-05-09 10:56 512000 c:\windows\ie8\jscript.dll - 2010-03-04 08:34 . 2008-05-09 10:56 512000 c:\windows\ie8\jscript.dll + 2011-12-02 12:45 . 2009-02-28 04:54 636072 c:\windows\ie8\iexplore.exe - 2010-03-04 08:34 . 2009-02-28 04:54 636072 c:\windows\ie8\iexplore.exe - 2010-03-04 08:34 . 2006-11-07 20:03 180736 c:\windows\ie8\ieui.dll + 2011-12-02 12:45 . 2006-11-07 20:03 180736 c:\windows\ie8\ieui.dll + 2011-12-02 12:45 . 2009-02-20 17:18 268288 c:\windows\ie8\iertutil.dll - 2010-03-04 08:34 . 2009-02-20 17:18 268288 c:\windows\ie8\iertutil.dll + 2011-12-02 12:45 . 2006-11-07 20:03 287744 c:\windows\ie8\ieproxy.dll - 2010-03-04 08:34 . 2006-11-07 20:03 287744 c:\windows\ie8\ieproxy.dll - 2010-03-04 08:34 . 2006-11-07 20:03 191488 c:\windows\ie8\iepeers.dll + 2011-12-02 12:45 . 2006-11-07 20:03 191488 c:\windows\ie8\iepeers.dll - 2010-03-04 08:34 . 2009-02-20 17:18 385024 c:\windows\ie8\iedkcs32.dll + 2011-12-02 12:45 . 2009-02-20 17:18 385024 c:\windows\ie8\iedkcs32.dll - 2010-03-04 08:34 . 2009-02-20 17:18 383488 c:\windows\ie8\ieapfltr.dll + 2011-12-02 12:45 . 2009-02-20 17:18 383488 c:\windows\ie8\ieapfltr.dll - 2010-03-04 08:34 . 2009-02-20 05:14 161792 c:\windows\ie8\ieakui.dll + 2011-12-02 12:45 . 2009-02-20 05:14 161792 c:\windows\ie8\ieakui.dll - 2010-03-04 08:34 . 2009-02-20 17:18 230400 c:\windows\ie8\ieaksie.dll + 2011-12-02 12:45 . 2009-02-20 17:18 230400 c:\windows\ie8\ieaksie.dll + 2011-12-02 12:45 . 2009-02-20 17:18 153088 c:\windows\ie8\ieakeng.dll - 2010-03-04 08:34 . 2009-02-20 17:18 153088 c:\windows\ie8\ieakeng.dll + 2011-12-02 12:45 . 2009-02-20 17:18 214528 c:\windows\ie8\dxtrans.dll - 2010-03-04 08:34 . 2009-02-20 17:18 214528 c:\windows\ie8\dxtrans.dll + 2011-12-02 12:45 . 2009-02-20 17:18 347136 c:\windows\ie8\dxtmsft.dll - 2010-03-04 08:34 . 2009-02-20 17:18 347136 c:\windows\ie8\dxtmsft.dll - 2010-03-04 08:34 . 2009-02-20 17:18 124928 c:\windows\ie8\advpack.dll + 2011-12-02 12:45 . 2009-02-20 17:18 124928 c:\windows\ie8\advpack.dll + 2012-01-03 21:24 . 2012-01-03 21:24 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_ec99ddb3\System.Drawing.dll + 2012-01-03 21:24 . 2012-01-03 21:24 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_07bc3384\System.Drawing.Design.dll + 2012-01-03 21:24 . 2012-01-03 21:24 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_a460d6f4\CustomMarshalers.dll + 2012-01-05 05:08 . 2012-01-05 05:08 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\238152ba3443c153453266b26bb68050\System.Web.Extensions.Design.ni.dll + 2012-01-05 05:08 . 2012-01-05 05:08 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\6a5b65fe17063bf114ac501bfbfaad8e\System.Web.Entity.ni.dll + 2012-01-05 05:08 . 2012-01-05 05:08 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\6c6b00620dd3d5424a90771c3570e5b7\System.Web.Entity.Design.ni.dll + 2012-01-05 05:08 . 2012-01-05 05:08 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a569077f6816f28c36d50379e0eeff00\System.Web.DynamicData.ni.dll + 2011-04-18 21:51 . 2011-04-18 21:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll + 2011-04-18 21:51 . 2011-04-18 21:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll + 2009-07-11 23:02 . 2009-07-11 23:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll + 2009-07-11 23:02 . 2009-07-11 23:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll + 2006-12-01 23:25 . 2006-12-01 23:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 23:25 . 2006-12-01 23:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2004-08-04 04:00 . 2011-11-04 19:13 1212416 c:\windows\system32\urlmon.dll - 2004-08-04 04:00 . 2011-08-22 23:41 1212416 c:\windows\system32\urlmon.dll + 2007-09-06 15:43 . 2012-01-04 23:04 1044588 c:\windows\system32\Restore\rstrlog.dat + 2004-08-04 04:00 . 2011-11-04 19:13 5978112 c:\windows\system32\mshtml.dll + 2006-10-17 10:57 . 2011-11-04 19:13 2000384 c:\windows\system32\iertutil.dll - 2006-10-17 10:57 . 2011-08-22 23:41 2000384 c:\windows\system32\iertutil.dll + 2008-10-14 22:03 . 2011-11-23 14:40 1859712 c:\windows\system32\dllcache\win32k.sys + 2004-08-04 04:00 . 2011-11-04 19:13 1212416 c:\windows\system32\dllcache\urlmon.dll - 2004-08-04 04:00 . 2011-08-22 23:41 1212416 c:\windows\system32\dllcache\urlmon.dll + 2010-07-16 12:01 . 2011-11-01 16:07 1288192 c:\windows\system32\dllcache\ole32.dll + 2008-10-14 22:03 . 2011-10-26 10:50 2197120 c:\windows\system32\dllcache\ntoskrnl.exe - 2008-10-14 22:03 . 2010-12-09 15:14 2197120 c:\windows\system32\dllcache\ntoskrnl.exe + 2008-10-14 22:03 . 2011-10-26 10:50 2031616 c:\windows\system32\dllcache\ntkrpamp.exe - 2008-10-14 22:03 . 2010-12-09 15:14 2031616 c:\windows\system32\dllcache\ntkrpamp.exe - 2008-10-14 22:03 . 2010-12-09 15:14 2073728 c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-10-14 22:03 . 2011-10-26 10:50 2073728 c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-10-14 22:03 . 2011-10-26 10:50 2153472 c:\windows\system32\dllcache\ntkrnlmp.exe - 2008-10-14 22:03 . 2010-12-09 15:14 2153472 c:\windows\system32\dllcache\ntkrnlmp.exe + 2004-08-04 04:00 . 2011-11-04 19:13 5978112 c:\windows\system32\dllcache\mshtml.dll - 2007-05-09 08:33 . 2011-08-22 23:41 2000384 c:\windows\system32\dllcache\iertutil.dll + 2007-05-09 08:33 . 2011-11-04 19:13 2000384 c:\windows\system32\dllcache\iertutil.dll + 2011-11-02 09:52 . 2011-11-02 09:52 1040824 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1163633.exe + 2011-11-02 09:28 . 2011-11-02 09:28 2376368 c:\windows\system32\Adobe\Shockwave 11\gt.exe + 2011-11-02 09:35 . 2011-11-02 09:35 1742336 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll + 2011-12-25 10:07 . 2011-12-25 10:07 2064384 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll + 2011-12-25 10:06 . 2011-12-25 10:06 1269760 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll - 2011-07-08 11:59 . 2011-07-08 11:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll + 2011-12-25 10:06 . 2011-12-25 10:06 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll + 2011-12-24 21:54 . 2011-12-24 21:54 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - 2011-07-07 10:02 . 2011-07-07 10:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - 2011-07-07 10:02 . 2011-07-07 10:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll + 2011-12-24 21:53 . 2011-12-24 21:53 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - 2011-07-08 11:59 . 2011-07-08 11:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2011-12-25 10:06 . 2011-12-25 10:06 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2011-12-26 08:59 . 2011-12-26 08:59 4368896 c:\windows\Installer\2cf6c35.msp + 2011-12-13 07:10 . 2011-12-13 07:10 4703232 c:\windows\Installer\24b8a08.msp + 2011-12-15 17:31 . 2011-08-22 23:41 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll + 2011-12-15 17:31 . 2011-10-03 08:31 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll + 2011-12-15 17:31 . 2011-08-22 23:41 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll + 2011-12-02 13:02 . 2009-03-08 03:34 1206784 c:\windows\ie8updates\KB2586448-IE8\urlmon.dll + 2011-12-02 13:02 . 2009-03-08 03:41 5937152 c:\windows\ie8updates\KB2586448-IE8\mshtml.dll + 2011-12-02 13:02 . 2009-03-08 03:32 1985024 c:\windows\ie8updates\KB2586448-IE8\iertutil.dll + 2011-12-02 12:45 . 2009-02-20 17:18 1160192 c:\windows\ie8\urlmon.dll - 2010-03-04 08:34 . 2009-02-20 17:18 1160192 c:\windows\ie8\urlmon.dll + 2011-12-02 12:45 . 2009-02-20 17:18 3595264 c:\windows\ie8\mshtml.dll - 2010-03-04 08:34 . 2009-02-20 17:18 3595264 c:\windows\ie8\mshtml.dll + 2011-12-02 12:45 . 2009-02-20 17:18 6066176 c:\windows\ie8\ieframe.dll - 2010-03-04 08:34 . 2009-02-20 17:18 6066176 c:\windows\ie8\ieframe.dll - 2010-03-04 08:34 . 2008-07-09 14:25 2455488 c:\windows\ie8\ieapfltr.dat + 2011-12-02 12:45 . 2008-07-09 14:25 2455488 c:\windows\ie8\ieapfltr.dat - 2008-10-14 22:03 . 2010-12-09 15:14 2197120 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2008-10-14 22:03 . 2011-10-26 10:50 2197120 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2008-10-14 22:03 . 2011-10-26 10:50 2031616 c:\windows\Driver Cache\i386\ntkrpamp.exe - 2008-10-14 22:03 . 2010-12-09 15:14 2031616 c:\windows\Driver Cache\i386\ntkrpamp.exe - 2008-10-14 22:03 . 2010-12-09 15:14 2073728 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2008-10-14 22:03 . 2011-10-26 10:50 2073728 c:\windows\Driver Cache\i386\ntkrnlpa.exe - 2008-10-14 22:03 . 2010-12-09 15:14 2153472 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2008-10-14 22:03 . 2011-10-26 10:50 2153472 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2012-01-03 21:23 . 2012-01-03 21:23 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_b3ad7a68\System.dll + 2012-01-03 21:24 . 2012-01-03 21:24 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_7b91bf0f\System.dll + 2012-01-03 21:24 . 2012-01-03 21:24 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b038ae09\System.Xml.dll + 2012-01-03 21:23 . 2012-01-03 21:23 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_7c6974b8\System.Xml.dll + 2012-01-03 21:24 . 2012-01-03 21:24 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_6bce645d\System.Windows.Forms.dll + 2012-01-03 21:23 . 2012-01-03 21:23 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_29c65620\System.Windows.Forms.dll + 2012-01-03 21:25 . 2012-01-03 21:25 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_f94644b9\System.Drawing.dll + 2012-01-03 21:24 . 2012-01-03 21:24 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_b1c2a8a0\System.Design.dll + 2012-01-03 21:24 . 2012-01-03 21:24 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_2e5884de\System.Design.dll + 2012-01-03 21:24 . 2012-01-03 21:24 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a20147c9\mscorlib.dll + 2012-01-03 21:25 . 2012-01-03 21:25 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_54909986\mscorlib.dll + 2012-01-05 05:08 . 2012-01-05 05:08 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\9c68a548d4afd3cd4538b50f6d0054b2\System.Web.Extensions.ni.dll + 2012-01-05 05:07 . 2012-01-05 05:07 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\080c3ab92016cd6bf26f81b8f5ff3a36\System.ServiceModel.Web.ni.dll + 2012-01-03 21:20 . 2012-01-03 21:20 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll - 2010-10-04 15:42 . 2010-10-04 15:42 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll - 2011-10-12 11:07 . 2011-10-12 11:07 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2012-01-03 21:22 . 2012-01-03 21:22 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2012-01-03 21:22 . 2012-01-03 21:22 2064384 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-01-03 21:22 . 2012-01-03 21:22 1269760 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll + 2006-09-07 08:26 . 2011-12-07 10:44 52988224 c:\windows\system32\MRT.exe + 2006-11-07 20:03 . 2011-11-05 13:13 11081728 c:\windows\system32\ieframe.dll - 2006-11-07 20:03 . 2011-08-23 15:41 11081728 c:\windows\system32\ieframe.dll + 2007-05-09 08:33 . 2011-11-05 13:13 11081728 c:\windows\system32\dllcache\ieframe.dll - 2007-05-09 08:33 . 2011-08-23 15:41 11081728 c:\windows\system32\dllcache\ieframe.dll + 2011-12-26 16:02 . 2011-12-26 16:02 12482048 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp + 2011-12-26 08:02 . 2011-12-26 08:02 19677184 c:\windows\Installer\2cf6c2e.msp + 2011-12-15 17:31 . 2011-08-23 16:41 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll + 2011-12-02 13:02 . 2009-03-08 03:39 11063808 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll + 2012-01-04 23:21 . 2012-01-04 23:21 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll - 2011-10-12 11:23 . 2011-10-12 11:23 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-04 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "sfagent"="c:\program files\Fighters\sfagent.exe" [2010-10-21 760968] "Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-09-12 161336] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] . c:\documents and settings\marylou\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-30 27136] . c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-30 27136] . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"= "c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [23/11/2011 17:06 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23/11/2011 17:06 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23/11/2011 17:06 20568] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\sfus.exe [21/10/2010 13:44 189064] R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [10/10/2011 10:08 1318536] S2 Application Updater;Application Updater;"c:\program files\Application Updater\ApplicationUpdater.exe" --> c:\program files\Application Updater\ApplicationUpdater.exe [?] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [30/05/2006 6:18 468768] . Inhoud van de 'Gedeelde Taken' map . 2012-01-05 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-04 09:19] . 2012-01-04 c:\windows\Tasks\User_Feed_Synchronization-{1A2B542F-36FB-4BEC-9D01-3C679AD3C858}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 03:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_BE&c=63&bd=PAVILION&pf=desktop uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/embed/hpsu/survey TCP: DhcpNameServer = 195.130.130.132 195.130.131.132 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-05 15:00 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . . C:\## aswSnx private storage . Scan succesvol afgerond verborgen bestanden: 1 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(588) c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2012-01-05 15:04:13 ComboFix-quarantined-files.txt 2012-01-05 14:04 . Pre-Run: 220.340.482.048 bytes beschikbaar Post-Run: 220.346.703.872 bytes beschikbaar . - - End Of File - - 7AED2935AADA432A56DC09656078F387 ---------- Post toegevoegd om 15:11 ---------- Vorige post was om 15:08 ---------- kweezi ik kreeg de melding om Avira AntiVir PersonalEdition uit te schakelen Maar ik heb die niet ik heb Avast
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.