Inhoud van GijsM - PC Helpforum

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Kape, Zodra ik de download link aanklik word er een bestand genaamd launch.exe gedownload. als ik launch.exe aanklik sluit het gehele systeem af wegens een fatale fout heb je een andere link? Gijs

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Hallo Kape Grote schoonmaak afgerond. Echter iets te vroeg gejuicht, er zijn nog/weer redirects Gijs

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Goedenavond Kape, hieronder emisoftlog: Emsisoft Emergency Kit - Versie 1.0 Laatste Update: 5-1-2012 18:43:01 Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 5-1-2012 18:44:25 c:\program files\Enigma Software Group Ontdekt: Trace.Directory.SpyHunter!A2 C:\Documents and Settings\Gijs\Application Data\Sun\Java\Deployment\cache\6.0\14\6427c24e-76fd858a/Translate.class Ontdekt: Virus.Java.Exploit!IK C:\Documents and Settings\Gijs\Mijn documenten\Documenten gijs\software\donaldduck2.exe Ontdekt: Backdoor.Win32.RShot!IK Gescand Bestanden: 152376 Sporen: 403649 Cookies: 451 Processen: 37 Gevonden Bestanden: 2 Sporen: 1 Cookies: 0 Processen: 0 Registersleutels: 0 Scan Geëindigd: 5-1-2012 21:33:57 Scantijd: 2:49:32 C:\Documents and Settings\Gijs\Mijn documenten\Documenten gijs\software\donaldduck2.exe Verwijderd Backdoor.Win32.RShot!IK C:\Documents and Settings\Gijs\Application Data\Sun\Java\Deployment\cache\6.0\14\6427c24e-76fd858a/Translate.class Verwijderd Virus.Java.Exploit!IK c:\program files\Enigma Software Group Verwijderd Trace.Directory.SpyHunter!A2 Verwijderd Bestanden: 2 Sporen: 1 Cookies: 0 Geen redirects meer

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Goedenavond Kape, was er ff een paar dagen tussen uit. genoemde actie geprobeerd in zowel veilige als normale modus echter zonder succes Gijs

Iexplorer foutmelding

GijsM reageerde op GijsM's topic in Archief Internet & Netwerk

Goedenavond Asus, Ben druk bezig in een ander subforum met Kape (virussen en spyware) Gijs

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Kape, zie log hieronder, nog steeds redirects aswMBR version 0.9.9.1124 Copyright© 2011 AVAST Software Run date: 2011-12-30 19:20:44 ----------------------------- 19:20:44.500 OS Version: Windows 5.1.2600 Service Pack 3 19:20:44.500 Number of processors: 2 586 0x1C02 19:20:44.500 ComputerName: MXXXXX UserName: Gijs 19:20:45.656 Initialze error 0 - driver not loaded 19:21:04.093 Service scanning 19:21:05.750 Modules scanning 19:21:05.750 Disk 0 trace - called modules: 19:21:05.750 19:21:05.750 Scan finished successfully 19:21:35.046 The log file has been saved successfully to "C:\Documents and Settings\Gijs\Bureaublad\aswMBR.txt"

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Nog steeds, samen met IE fout meldingen:argh:

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Laatste optie werkt, Hieronder log. This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 30-12-2011 at 11:40:51. Operating System: Microsoft Windows XP Processes terminated by Rkill or while it was running: C:\Documents and Settings\Gijs\Bureaublad\iExplore.exe Rkill completed on 30-12-2011 at 11:42:11.

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Geprobeerd met werkend prog. op stick , maar hij wil op de besmette PC niet scannen (normale en veilige modus)

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Helaas nog steeds doorverwijzingen. Daarnaast begint een ander probleem (gisteren gepost op Internet & Netwerk) steeds vervelender te worden. IE8 geeft haast continue een foutmelding en start dan opnieuw op. kan dat er (ook) mee te maken hebben?

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Kape, MBAM gedownload en geupdate. Daarna gestart (snelle scan) Na het scannen kreeg ik direct een logje, zie onder. Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Databaseversie: v2011.12.29.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Gijs :: MXXXXX [administrator] 29-12-2011 16:55:40 mbam-log-2011-12-29 (16-55-40).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 170435 Verstreken tijd: 5 minuut/minuten, 33 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Kape, Helaas beide pogingen om TDSS killer te starten (normale modus en veilige modus )zonder resultaat. Gijs

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Kape, Bijdeze het combofix log. ComboFix 11-12-28.03 - Gijs 29-12-2011 10:34:28.3.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1417 [GMT 1:00] Gestart vanuit: c:\documents and settings\Gijs\Bureaublad\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Gijs\Application Data\HPSU_48BitScanUpdate.log c:\windows\system32\SET31.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-11-28 to 2011-12-29 )))))))))))))))))))))))))))))) . . 2011-12-29 08:27 . 2011-12-29 08:27 -------- d-----w- c:\windows\LastGood 2011-12-27 20:30 . 2011-12-27 20:30 -------- d-----w- c:\documents and settings\Gijs\Local Settings\Application Data\Mozilla 2011-12-27 16:31 . 2011-12-29 09:24 -------- d--h--r- c:\documents and settings\Gijs\Onlangs geopend 2011-12-21 20:13 . 2011-12-21 20:13 -------- d-----w- c:\program files\ESET 2011-12-19 13:08 . 2011-12-19 13:09 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-27 20:39 . 2011-09-24 09:17 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-23 14:40 . 2009-03-04 01:59 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-16 19:27 . 2011-11-16 19:27 388096 ----a-r- c:\documents and settings\Gijs\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-04 19:13 . 2009-03-04 01:59 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2009-03-04 01:59 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2009-03-04 01:59 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2009-03-04 01:59 385024 ----a-w- c:\windows\system32\html.iec 2011-11-01 16:07 . 2009-03-04 01:59 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2009-03-04 01:59 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-27 17:33 . 2011-10-27 17:33 643072 ----a-w- c:\windows\AJScreensaver.scr 2011-10-18 11:13 . 2009-03-04 01:59 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:22 . 2009-03-03 17:13 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-10-07 05:23 . 2011-07-10 23:13 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2011-10-04 05:21 . 2011-07-10 23:14 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys 2011-12-21 08:02 . 2011-12-27 20:30 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2011-12-19 13:08 1574240 ----a-w- c:\program files\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll" [2011-12-19 1574240] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-31 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-12-19 892768] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Desktop Manager.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Desktop Manager.lnk backup=c:\windows\pss\Desktop Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Snagit 9.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Snagit 9.lnk backup=c:\windows\pss\Snagit 9.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate] 2009-08-31 09:25 623960 ----a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor] 2007-12-10 13:55 323584 ----a-w- c:\windows\Pixart\Pac7302\Monitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PACTray] 2009-03-23 11:12 327680 ----a-w- c:\windows\Pixart\Pac7302\PACTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-09-04 23:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMDeviceManager] 2009-08-05 20:53 1590616 ----a-w- c:\program files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-01-31 13:46 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "tmlisten"=2 (0x2) "Pml Driver HPZ12"=2 (0x2) "OfcPfwSvc"=2 (0x2) "ntrtscan"=2 (0x2) "gusvc"=3 (0x3) "gupdatem"=3 (0x3) "gupdate1ca01a04ea3943e"=2 (0x2) "ETService"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [11-7-2011 0:14 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13-9-2011 5:30 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [11-7-2011 0:13 230608] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11-7-2011 0:14 295248] R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [23-11-2011 2:36 2391832] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12-10-2011 6:25 4433248] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2-8-2011 5:09 192776] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24-8-2010 10:38 92008] R2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [19-12-2011 14:08 869216] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [23-5-2011 0:03 30944] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [11-7-2011 0:14 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [11-7-2011 0:14 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [11-7-2011 0:14 16720] S2 gupdate1ca01a04ea3943e;Google Updateservice (gupdate1ca01a04ea3943e);c:\program files\Google\Update\GoogleUpdate.exe [10-7-2009 21:52 133104] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\ambfilt.sys [3-3-2009 18:26 1684736] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [23-5-2011 0:03 30944] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10-7-2009 21:52 133104] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2011-12-29 c:\windows\Tasks\AVG PC Tuneup 2011 Integrator Start On Gijs Logon.job - c:\program files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [2011-10-26 13:58] . 2011-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-10 20:52] . 2011-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-10 20:52] . 2011-12-29 c:\windows\Tasks\User_Feed_Synchronization-{C3146E36-9EF8-4964-868D-6CACC99F4E9A}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ uInternet Connection Wizard,ShellNext = hxxp://www.kpn.com/ uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s Trusted Zone: vrhm.nl\bhmlogin TCP: DhcpNameServer = 10.0.0.138 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll FF - ProfilePath - c:\documents and settings\Gijs\Application Data\Mozilla\Firefox\Profiles\plpi6i7g.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.nu.nl/ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-12-29 12:25 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Voltooingstijd: 2011-12-29 12:42:10 ComboFix-quarantined-files.txt 2011-12-29 11:41 ComboFix2.txt 2011-11-16 21:13 . Pre-Run: 88.938.307.584 bytes beschikbaar Post-Run: 89.061.470.208 bytes beschikbaar . - - End Of File - - 217A372775A5ABF803BE8A8849AD01B1

google redirect

GijsM reageerde op GijsM's topic in Archief Bestrijding malware & virussen

Goedenavond Kape, MVPS actie uitgevoerd, TDSS gedownload en uitgepak alleen krijg hem niet gestart Gijs

google redirect

GijsM plaatste een topic in Archief Bestrijding malware & virussen

Hallo allemaal, Ik heb behoorlijk last van een Google redirect "virus?" Hier onder een HJT logje van zojuist Iemand een idee? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:46:13, on 28-12-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG2012\avgfws.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\Program Files\AVG Secure Search\vprot.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Internet, televisie, mobiel en vast bellen R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1247168174955 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1247168141080 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1ca01a04ea3943e) (gupdate1ca01a04ea3943e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe -- End of file - 7823 bytes

Iexplorer foutmelding

GijsM plaatste een topic in Archief Internet & Netwerk

Ik krijg om de haverklap een foutmelding van Iexplorer waarin de PC aangeeft dat er een bewerkingsfout is opgetreden. Zelfs krijg ik deze als ik Firefox gebruik en IE niet

bestand Normal bestaat al

GijsM reageerde op GijsM's topic in Archief Microsoft Office

Kape, Wederom bedankt vor de snelle en goede hulp! @ Kurrt, heb office 2003, maar het is al opgelost. Nogmaal bedankt.

19 november 2011
3 antwoorden
- bestaat
- bestand
- (en 6 meer)
  Getagd met:
  - bestaat
  - bestand
  - haverklap
  - krijg
  - melding
  - office
  - probleem
  - vervangen

bestand Normal bestaat al

GijsM plaatste een topic in Archief Microsoft Office

Sind een paar dagen krijg ik om de haverklap de melding: het bestand Normal bestaat al wilt u het bestaande bestand vervangen. wat kan ik daar aan doen?

18 november 2011
3 antwoorden
- bestaat
- bestand
- (en 6 meer)
  Getagd met:
  - bestaat
  - bestand
  - haverklap
  - krijg
  - melding
  - office
  - probleem
  - vervangen

Ongevraagd internet radio

GijsM reageerde op GijsM's topic in Archief Internet & Netwerk

Kape, Vandaag geen muziekjes meer gehoord, Bedankt. Gijs

Ongevraagd internet radio

GijsM reageerde op GijsM's topic in Archief Internet & Netwerk

Zo, het heeft ff geduurd maar hier is ie dan ComboFix 11-11-16.01 - Gijs 16-11-2011 21:21:25.2.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1416 [GMT 1:00] Gestart vanuit: c:\documents and settings\Gijs\Bureaublad\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-16 to 2011-11-16 )))))))))))))))))))))))))))))) . . 2011-11-16 19:27 . 2011-11-16 19:27 388096 ----a-r- c:\documents and settings\Gijs\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-10 06:20 . 2011-11-10 06:20 -------- d-----w- c:\windows\system32\cache 2011-11-03 21:04 . 2011-11-03 21:04 -------- d-----w- c:\windows\system32\wbem\Repository 2011-10-31 17:21 . 2011-11-16 19:46 -------- d--h--r- c:\documents and settings\Gijs\Onlangs geopend 2011-10-27 17:33 . 2011-10-27 17:33 643072 ----a-w- c:\windows\AJScreensaver.scr 2011-10-26 19:18 . 2011-10-26 19:22 -------- d-----w- c:\documents and settings\Gijs\Application Data\AVG 2011-10-26 19:17 . 2011-11-16 20:58 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2011-10-26 18:45 . 2011-10-26 18:45 -------- d-----w- c:\documents and settings\Nog opruimen 2011-10-26 18:05 . 2011-10-26 18:05 -------- d-----w- c:\documents and settings\Gijs\Application Data\AVG Secure Search 2011-10-26 18:05 . 2011-11-10 06:20 -------- d-----w- c:\program files\AVG Secure Search 2011-10-25 21:36 . 2011-10-31 17:18 -------- d-----w- c:\program files\CCleaner 2011-10-25 21:23 . 2011-11-16 19:18 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE 2011-10-25 20:20 . 2011-11-16 17:56 -------- d-----w- c:\windows\system32\drivers\AVG 2011-10-25 20:19 . 2011-10-26 19:16 -------- d-----w- c:\program files\AVG 2011-10-25 20:15 . 2011-11-16 17:56 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2011-10-25 20:10 . 2009-01-12 17:18 111360 ----a-w- c:\windows\system32\drivers\Rtenicxp.sys 2011-10-25 18:18 . 2011-10-25 18:18 -------- d-----w- c:\documents and settings\Gijs\Application Data\7art 2011-10-22 11:45 . 2011-10-22 11:56 -------- d-----w- c:\documents and settings\Gijs\Application Data\ElevatedDiagnostics 2011-10-21 18:12 . 2011-10-26 18:05 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2011-10-21 18:12 . 2011-10-21 18:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Common Files 2011-10-21 18:10 . 2011-10-25 20:24 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-10 14:22 . 2009-03-03 17:13 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-10-07 05:23 . 2011-07-10 23:13 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2011-10-04 05:21 . 2011-07-10 23:14 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys 2011-09-28 07:06 . 2009-03-04 01:59 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 09:41 . 2009-03-04 01:59 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41 . 2009-03-04 01:59 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-24 09:17 . 2011-09-24 09:17 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-13 04:30 . 2011-09-13 04:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2011-09-06 14:09 . 2009-03-04 01:59 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-08-31 16:00 . 2009-10-04 15:47 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-22 23:41 . 2009-03-04 01:59 916480 ----a-w- c:\windows\system32\wininet.dll 2011-08-22 23:41 . 2009-03-04 01:59 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-22 23:41 . 2009-03-04 01:59 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-08-22 11:58 . 2009-03-04 01:59 385024 ----a-w- c:\windows\system32\html.iec . . ((((((((((((((((((((((((((((( SnapShot@2011-10-25_18.47.52 ))))))))))))))))))))))))))))))))))))))))) . + 2011-04-18 20:51 . 2011-04-18 20:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll + 2009-07-11 22:02 . 2009-07-11 22:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll + 2011-04-18 20:51 . 2011-04-18 20:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll + 2011-04-18 20:51 . 2011-04-18 20:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll + 2011-04-18 20:51 . 2011-04-18 20:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll + 2011-04-18 20:51 . 2011-04-18 20:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll + 2011-04-18 20:51 . 2011-04-18 20:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll + 2011-04-18 20:51 . 2011-04-18 20:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll + 2011-04-18 20:51 . 2011-04-18 20:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll + 2011-04-18 20:51 . 2011-04-18 20:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll + 2011-04-18 20:51 . 2011-04-18 20:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll + 2011-04-18 20:51 . 2011-04-18 20:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll + 2011-04-18 20:51 . 2011-04-18 20:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll + 2009-07-11 22:02 . 2009-07-11 22:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll + 2009-07-11 22:02 . 2009-07-11 22:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll + 2009-07-11 22:02 . 2009-07-11 22:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll + 2009-07-11 22:02 . 2009-07-11 22:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll + 2009-07-11 22:02 . 2009-07-11 22:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll + 2009-07-11 22:02 . 2009-07-11 22:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll + 2009-07-11 22:02 . 2009-07-11 22:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll + 2009-07-11 22:02 . 2009-07-11 22:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll + 2009-07-11 22:02 . 2009-07-11 22:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll + 2009-07-11 22:02 . 2009-07-11 22:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll + 2009-07-11 22:02 . 2009-07-11 22:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll + 2011-04-18 20:51 . 2011-04-18 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll + 2011-04-18 20:51 . 2011-04-18 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll + 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll + 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll + 2011-11-16 16:00 . 2011-11-16 16:00 16384 c:\windows\temp\Perflib_Perfdata_464.dat - 2009-11-28 09:20 . 2011-08-12 11:51 18808 c:\windows\system32\spmsg.dll + 2009-11-28 09:20 . 2010-07-05 13:21 18808 c:\windows\system32\spmsg.dll + 2009-03-04 01:59 . 2011-10-30 09:00 94292 c:\windows\system32\perfc013.dat + 2009-03-04 01:59 . 2011-10-30 09:00 73944 c:\windows\system32\perfc009.dat + 2011-08-08 04:08 . 2011-08-08 04:08 40016 c:\windows\system32\drivers\avgmfx86.sys + 2011-07-10 23:14 . 2011-07-10 23:14 24272 c:\windows\system32\drivers\AVGIDSFilter.sys + 2011-07-10 23:14 . 2011-07-10 23:14 23120 c:\windows\system32\drivers\AVGIDSEH.sys + 2011-05-22 23:03 . 2011-05-22 23:03 30944 c:\windows\system32\drivers\avgfwdx.sys + 2011-05-22 23:03 . 2011-05-22 23:03 61280 c:\windows\system32\avgfwdx.dll + 2011-10-25 20:10 . 2009-01-12 17:18 10240 c:\windows\OPTIONS\CABS\RtNicprop64.DLL + 2011-10-25 20:10 . 2008-06-05 20:49 58368 c:\windows\OPTIONS\CABS\lansetx.exe + 2011-10-25 20:10 . 2008-06-05 20:49 60928 c:\windows\OPTIONS\CABS\lansetup.exe + 2011-10-25 20:10 . 2008-06-05 20:49 56320 c:\windows\OPTIONS\CABS\lansetm.exe + 2011-10-25 20:10 . 2008-06-05 20:50 86528 c:\windows\OPTIONS\CABS\lanset64.exe + 2011-10-27 05:55 . 2011-10-27 05:55 22016 c:\windows\Installer\1aa8a9.msi + 2009-07-09 20:00 . 2011-11-09 21:33 23040 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\unbndico.exe - 2009-07-09 20:00 . 2011-10-13 10:04 23040 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\unbndico.exe - 2009-07-09 20:00 . 2011-10-13 10:04 27136 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2009-07-09 20:00 . 2011-11-09 21:33 27136 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2009-07-09 20:00 . 2011-11-09 21:33 11264 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2009-07-09 20:00 . 2011-10-13 10:04 11264 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2009-07-09 20:00 . 2011-10-13 10:04 12288 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2009-07-09 20:00 . 2011-11-09 21:33 12288 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\cagicon.exe - 2011-09-15 21:47 . 2011-09-15 21:47 35600 c:\windows\Installer\{90120000-0020-0413-0000-0000000FF1CE}\O12ConvIcon.exe + 2011-10-25 23:05 . 2011-10-25 23:05 35600 c:\windows\Installer\{90120000-0020-0413-0000-0000000FF1CE}\O12ConvIcon.exe + 2011-06-06 10:55 . 2011-06-06 10:55 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\ViewerPS.dll + 2011-06-06 10:55 . 2011-06-06 10:55 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\reader_sl.exe + 2011-06-06 10:55 . 2011-06-06 10:55 88992 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\PDFPrevHndlr.dll + 2011-06-06 10:55 . 2011-06-06 10:55 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\eula.exe + 2011-06-06 10:55 . 2011-06-06 10:55 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\acrotextextractor.exe + 2011-06-06 10:55 . 2011-06-06 10:55 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroRd32Info.exe + 2011-06-06 10:55 . 2011-06-06 10:55 63912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\acroiehelpershim.dll + 2011-06-06 10:55 . 2011-06-06 10:55 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroIEHelper.dll + 2011-06-06 10:55 . 2011-06-06 10:55 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\Acrofx32.dll + 2007-03-05 07:20 . 2007-03-05 07:20 61110 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\XSCAN32.DAT + 2007-04-19 12:10 . 2007-04-19 12:10 71008 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\UNBIND.EXE + 2007-05-21 10:43 . 2007-05-21 10:43 77152 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\TWSTRUCT.DLL + 2007-05-21 10:43 . 2007-05-21 10:43 20320 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\TWRECS.DLL + 2007-05-21 10:43 . 2007-05-21 10:43 51552 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\TWRECE.DLL + 2007-05-21 10:43 . 2007-05-21 10:43 28000 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\TWORIENT.DLL + 2007-05-21 10:43 . 2007-05-21 10:43 58720 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\TWLAY32.DLL + 2007-05-21 10:43 . 2007-05-21 10:43 89440 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\TWCUTLIN.DLL + 2007-05-21 10:43 . 2007-05-21 10:43 30048 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\THOCRAPI.DLL + 2007-04-19 12:10 . 2007-04-19 12:10 65888 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\SEQCHK10.DLL + 2007-03-22 17:07 . 2007-03-22 17:07 69984 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\SENDTO.DLL + 2007-05-21 10:43 . 2007-05-21 10:43 20320 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\REVERSE.DLL + 2007-05-21 10:43 . 2007-05-21 10:43 72536 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\PSOM.DLL + 2007-03-22 17:07 . 2007-03-22 17:07 52576 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\OUTLWAB.DLL + 2007-04-19 11:52 . 2007-04-19 11:52 30560 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\OUTLACCT.DLL + 2007-03-22 17:30 . 2007-03-22 17:30 99672 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\OSA.EXE + 2007-03-22 17:06 . 2007-03-22 17:06 46432 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\OISCTRL.DLL + 2001-06-05 14:13 . 2001-06-05 14:13 40972 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\OCRVC.DAT + 2001-10-23 06:13 . 2001-10-23 06:13 53260 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\OCRHC.DAT + 2007-03-22 17:23 . 2007-03-22 17:23 17248 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\NPOFFICE.DLL + 2007-04-19 12:10 . 2007-04-19 12:10 80216 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\NAME.DLL + 2007-03-22 17:29 . 2007-03-22 17:29 44888 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSSH.DLL + 2007-04-09 11:23 . 2007-04-09 11:23 25992 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSPGIMME.DLL + 2007-04-19 11:57 . 2007-04-19 11:57 46432 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOXMLMF.DLL + 2007-03-22 17:13 . 2007-03-22 17:13 58720 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOXMLED.EXE + 2007-03-22 17:13 . 2007-03-22 17:13 45408 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOXEV.DLL + 2007-04-19 12:07 . 2007-04-19 12:07 45408 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOSVFBR.DLL + 2007-04-19 12:07 . 2007-04-19 12:07 58720 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOSVABW.DLL + 2007-04-19 12:07 . 2007-04-19 12:07 36192 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOSTYLE.DLL + 2007-03-22 17:16 . 2007-03-22 17:16 57696 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOMSE.DLL + 2007-04-19 12:07 . 2007-04-19 12:07 61280 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOHTMED.EXE + 2007-03-22 17:29 . 2007-03-22 17:29 31072 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSODCW.DLL + 2007-03-22 17:29 . 2007-03-22 17:29 20824 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSMH.DLL + 2007-04-30 13:11 . 2007-04-30 13:11 89440 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSENCODE.DLL + 2007-04-19 12:00 . 2007-04-19 12:00 43864 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSE7.EXE + 2007-04-09 11:23 . 2007-04-09 11:23 46472 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MDIUI.DLL + 2007-04-09 11:23 . 2007-04-09 11:23 28552 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MDIPPR.DLL + 2007-04-09 11:23 . 2007-04-09 11:23 28040 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MDIMON.DLL + 2001-06-05 14:13 . 2001-06-05 14:13 65536 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\LOOKUP.DAT + 2001-06-05 14:13 . 2001-06-05 14:13 18844 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\JFONT.DAT + 2007-05-21 10:43 . 2007-05-21 10:43 76632 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\FORM.DLL + 2007-03-22 17:06 . 2007-03-22 17:06 17248 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\FINDER.EXE + 2001-06-05 14:13 . 2001-06-05 14:13 34168 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\ENGIDX.DAT + 2007-03-22 17:23 . 2007-03-22 17:23 19800 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\DSITF.DLL + 2007-04-19 11:55 . 2007-04-19 11:55 53088 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\DFUICOM.EXE + 2007-04-19 12:07 . 2007-04-19 12:07 52064 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\BLNMGRPS.DLL + 2007-04-19 12:07 . 2007-04-19 12:07 66400 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\BLNMGR.DLL + 2007-03-22 17:29 . 2007-03-22 17:29 99160 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\AW.DLL + 2007-04-19 12:10 . 2007-04-19 12:10 45920 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\AUTHZAX.DLL + 2011-10-25 20:10 . 2009-01-12 17:18 9728 c:\windows\OPTIONS\CABS\RtNicprop32.DLL + 2009-07-09 20:00 . 2011-11-09 21:33 4096 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2009-07-09 20:00 . 2011-10-13 10:04 4096 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\opwicon.exe + 2007-03-05 07:47 . 2007-03-05 07:47 6144 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\OCRPS.DLL + 2011-04-18 20:51 . 2011-04-18 20:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll + 2011-04-18 20:51 . 2011-04-18 20:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll + 2011-04-18 20:51 . 2011-04-18 20:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll + 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll + 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll + 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll + 2011-04-18 20:51 . 2011-04-18 20:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll + 2009-07-11 22:02 . 2009-07-11 22:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll + 2009-10-04 12:07 . 2011-11-03 21:04 701880 c:\windows\system32\Restore\rstrlog.dat + 2009-03-04 01:59 . 2011-10-30 09:00 516894 c:\windows\system32\perfh013.dat + 2009-03-04 01:59 . 2011-10-30 09:00 448608 c:\windows\system32\perfh009.dat + 2011-11-01 06:27 . 2011-11-03 21:05 264616 c:\windows\system32\FNTCACHE.DAT - 2009-03-03 18:07 . 2011-10-13 10:32 264616 c:\windows\system32\FNTCACHE.DAT + 2011-07-10 23:14 . 2011-07-10 23:14 295248 c:\windows\system32\drivers\avgtdix.sys + 2011-07-10 23:14 . 2011-07-10 23:14 134608 c:\windows\system32\drivers\AVGIDSDriver.sys + 2009-03-03 17:13 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll - 2009-03-03 17:13 . 2011-05-02 15:31 692736 c:\windows\system32\dllcache\inetcomm.dll - 2009-03-04 01:59 . 2011-09-09 09:12 602624 c:\windows\system32\dllcache\crypt32.dll + 2009-03-04 01:59 . 2011-09-28 07:06 602624 c:\windows\system32\dllcache\crypt32.dll + 2011-10-25 20:10 . 2009-01-12 17:18 111360 c:\windows\OPTIONS\CABS\Rtenicxp.sys + 2011-10-25 20:10 . 2009-01-12 17:18 142336 c:\windows\OPTIONS\CABS\Rtenic64.sys + 2011-10-25 20:10 . 2009-01-12 17:18 109696 c:\windows\OPTIONS\CABS\Rtenic.sys + 2011-10-25 23:01 . 2011-10-25 23:01 223744 c:\windows\Installer\493607.msi + 2008-11-05 10:02 . 2008-11-05 10:02 119296 c:\windows\Installer\493600.msp + 2011-10-25 20:19 . 2011-10-25 20:19 219648 c:\windows\Installer\18d800.msi - 2009-07-09 20:00 . 2011-10-13 10:03 409600 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2009-07-09 20:00 . 2011-11-09 21:33 409600 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2009-07-09 20:00 . 2011-11-09 21:33 286720 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2009-07-09 20:00 . 2011-10-13 10:03 286720 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2009-07-09 20:00 . 2011-10-13 10:03 249856 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\pptico.exe + 2009-07-09 20:00 . 2011-11-09 21:33 249856 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2009-07-09 20:00 . 2011-10-13 10:04 794624 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2009-07-09 20:00 . 2011-11-09 21:33 794624 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\outicon.exe - 2009-07-09 20:00 . 2011-10-13 10:03 135168 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\misc.exe + 2009-07-09 20:00 . 2011-11-09 21:33 135168 c:\windows\Installer\{91120413-6000-11D3-8CFE-0150048383C9}\misc.exe + 2011-06-06 10:55 . 2011-06-06 10:55 249232 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\sqlite.dll + 2011-06-06 10:55 . 2011-06-06 10:55 394136 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\pdfshell.dll + 2011-06-06 10:55 . 2011-06-06 10:55 103848 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\PDFPrevHndlrShim.exe + 2011-06-06 10:55 . 2011-06-06 10:55 183696 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\nppdf32.dll + 2011-06-06 10:55 . 2011-06-06 10:55 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AiodLite.dll + 2011-06-06 10:55 . 2011-06-06 10:55 102808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroRdIF.dll + 2011-06-06 10:55 . 2011-06-06 10:55 755088 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroPDF.dll + 2011-06-06 10:55 . 2011-06-06 10:55 296344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\acrobroker.exe + 2011-06-06 10:55 . 2011-06-06 10:55 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\a3dutils.dll + 2007-05-21 10:43 . 2007-05-21 10:43 504672 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\XPAGE3C.DLL + 2007-05-21 10:43 . 2007-05-21 10:43 125280 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\TWCUTCHR.DLL + 2007-04-19 12:04 . 2007-04-19 12:04 390496 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\SETLANG.EXE + 2007-04-19 12:10 . 2007-04-19 12:10 355680 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\SELFCERT.EXE + 2007-03-22 17:09 . 2007-03-22 17:09 394080 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\RTFHTML.DLL + 2007-06-06 10:07 . 2007-06-06 10:07 100192 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\REFEDIT.DLL + 2007-03-22 17:05 . 2007-03-22 17:05 434016 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\PP4X322.DLL + 2007-03-22 17:06 . 2007-03-22 17:06 245600 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\OISGRAPH.DLL + 2007-04-19 11:50 . 2007-04-19 11:50 837472 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\OISAPP.DLL + 2007-03-22 17:06 . 2007-03-22 17:06 287576 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\OIS.EXE + 2007-04-19 12:00 . 2007-04-19 12:00 489824 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSTORES.DLL + 2007-04-19 12:00 . 2007-04-19 12:00 130912 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSTORE.EXE + 2007-04-19 12:00 . 2007-04-19 12:00 637792 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSTORDB.EXE + 2007-04-19 12:03 . 2007-04-19 12:03 648544 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSQRY32.EXE + 2007-04-09 11:24 . 2007-04-09 11:24 367496 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSPVIEW.EXE + 2007-04-09 11:23 . 2007-04-09 11:23 130952 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSPSCAN.EXE + 2007-04-09 11:24 . 2007-04-09 11:24 793480 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSPFILT.DLL + 2007-03-22 17:04 . 2007-03-22 17:04 130912 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOCFU.DLL + 2007-03-22 17:04 . 2007-03-22 17:04 109912 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOCF.DLL + 2007-04-19 12:10 . 2007-04-19 12:10 127840 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOAUTH.DLL + 2005-05-03 23:06 . 2005-05-03 23:06 199408 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL + 2005-05-03 23:06 . 2005-05-03 23:06 465640 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL + 2007-04-19 12:01 . 2007-04-19 12:01 238424 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSCDM.DLL + 2007-04-19 12:00 . 2007-04-19 12:00 476512 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MODHELP.DLL + 2007-04-09 11:24 . 2007-04-09 11:24 453512 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MDIVWCTL.DLL + 2007-04-09 11:23 . 2007-04-09 11:23 231816 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MDIINK.DLL + 2007-04-09 11:24 . 2007-04-09 11:24 758664 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MDIGRAPH.DLL + 2007-04-19 12:10 . 2007-04-19 12:10 116576 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\IEAWSDC.DLL + 2007-04-19 12:16 . 2007-04-19 12:16 807256 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\FPWEC.DLL + 2007-04-19 12:15 . 2007-04-19 12:15 192344 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\FPDTC.DLL + 2001-06-05 14:13 . 2001-06-05 14:13 289926 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\ENGDIC.DAT + 2007-05-10 11:44 . 2007-05-10 11:44 121688 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\DSSM.EXE + 2007-03-22 17:06 . 2007-03-22 17:06 355168 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\CDLMSO.DLL + 2011-04-18 20:51 . 2011-04-18 20:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll + 2011-04-18 20:51 . 2011-04-18 20:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll + 2009-07-11 22:02 . 2009-07-11 22:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll + 2009-07-11 22:02 . 2009-07-11 22:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll + 2011-11-16 19:27 . 2011-11-16 19:27 1094656 c:\windows\Installer\be1331.msi + 2011-11-03 21:14 . 2011-11-03 21:14 4671488 c:\windows\Installer\69aaf.msi + 2011-11-03 12:31 . 2011-11-03 12:31 5525504 c:\windows\Installer\34328d8.msp + 2011-10-25 20:36 . 2011-10-25 20:36 2309120 c:\windows\Installer\18d826.msi + 2011-10-25 20:19 . 2011-10-25 20:19 2185216 c:\windows\Installer\18d804.msi + 2011-06-06 10:55 . 2011-06-06 10:55 2215312 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\rt3d.dll + 2011-06-06 10:55 . 2011-06-06 10:55 6543768 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\authplay.dll + 2011-06-06 10:55 . 2011-06-06 10:55 1240992 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AdobeCollabSync.exe + 2011-06-06 10:55 . 2011-06-06 10:55 1480600 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroRd32.exe + 2007-05-21 10:43 . 2007-05-21 10:43 1209696 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\XIMAGE3B.DLL + 2007-05-10 11:42 . 2007-05-10 11:42 2839904 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\STSLIST.DLL + 2007-04-09 11:24 . 2007-04-09 11:24 1025416 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSPCORE.DLL + 2006-09-26 20:01 . 2006-09-26 20:01 2113536 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSOLAP80.DLL + 2005-05-03 23:06 . 2005-05-03 23:06 1411816 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL + 2007-04-19 11:57 . 2007-04-19 11:57 2152792 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\GRAPH.EXE + 2007-05-31 11:50 . 2007-05-31 11:50 1168736 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\FPSRVUTL.DLL + 2007-06-06 10:46 . 2007-06-06 10:46 1961312 c:\windows\Installer\$PatchCache$\Managed\3140211900063D11C8EF10054038389C\11.0.8173\FPCUTL.DLL + 2009-07-12 07:38 . 2011-11-09 21:33 50295240 c:\windows\system32\MRT.exe + 2011-09-05 22:01 . 2011-09-05 22:01 13135872 c:\windows\Installer\51600c.msp + 2011-09-15 16:42 . 2011-09-15 16:42 37952512 c:\windows\Installer\49362b.msp + 2011-06-06 10:55 . 2011-06-06 10:55 24731544 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroRd32.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2011-11-10 06:20 1451336 ----a-w- c:\program files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll" [2011-11-10 1451336] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-31 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-24 2415456] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-10-26 218440] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Desktop Manager.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Desktop Manager.lnk backup=c:\windows\pss\Desktop Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Snagit 9.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Snagit 9.lnk backup=c:\windows\pss\Snagit 9.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate] 2009-08-31 09:25 623960 ----a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor] 2007-12-10 13:55 323584 ----a-w- c:\windows\Pixart\Pac7302\Monitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PACTray] 2009-03-23 11:12 327680 ----a-w- c:\windows\Pixart\Pac7302\PACTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-09-04 23:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMDeviceManager] 2009-08-05 20:53 1590616 ----a-w- c:\program files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-01-31 13:46 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "tmlisten"=2 (0x2) "Pml Driver HPZ12"=2 (0x2) "OfcPfwSvc"=2 (0x2) "ntrtscan"=2 (0x2) "gusvc"=3 (0x3) "gupdatem"=3 (0x3) "gupdate1ca01a04ea3943e"=2 (0x2) "ETService"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [11-7-2011 0:14 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13-9-2011 5:30 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [11-7-2011 0:13 230608] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11-7-2011 0:14 295248] R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [24-10-2011 20:29 2398512] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12-10-2011 6:25 4433248] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2-8-2011 5:09 192776] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24-8-2010 10:38 92008] R2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [26-10-2011 19:05 246600] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [23-5-2011 0:03 30944] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [11-7-2011 0:14 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [11-7-2011 0:14 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [11-7-2011 0:14 16720] S2 gupdate1ca01a04ea3943e;Google Updateservice (gupdate1ca01a04ea3943e);c:\program files\Google\Update\GoogleUpdate.exe [10-7-2009 21:52 133104] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\ambfilt.sys [3-3-2009 18:26 1684736] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [23-5-2011 0:03 30944] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10-7-2009 21:52 133104] . Inhoud van de 'Gedeelde Taken' map . 2011-11-16 c:\windows\Tasks\AVG PC Tuneup 2011 Integrator Start On Gijs Logon.job - c:\program files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [2011-10-26 13:58] . 2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-10 20:52] . 2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-10 20:52] . 2011-11-16 c:\windows\Tasks\User_Feed_Synchronization-{C3146E36-9EF8-4964-868D-6CACC99F4E9A}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ uInternet Connection Wizard,ShellNext = hxxp://www.kpn.com/ uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s TCP: DhcpNameServer = 10.0.0.138 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) MSConfigStartUp-HitmanPro35 - c:\program files\Hitman Pro 3.5\HitmanPro35.exe MSConfigStartUp-OfficeScanNT Monitor - c:\program files\Trend Micro\OfficeScan Client\pccntmon.exe MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe MSConfigStartUp-UniblueRegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-11-16 21:56 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(3652) c:\program files\Bonjour\mdnsNSP.dll c:\program files\Windows Media Player\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2011-11-16 22:12:57 ComboFix-quarantined-files.txt 2011-11-16 21:12 ComboFix2.txt 2011-10-25 19:04 . Pre-Run: 88.762.998.784 bytes beschikbaar Post-Run: 89.193.934.848 bytes beschikbaar . WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - 134865112B4177BD777C9891E57B488F

Ongevraagd internet radio

GijsM reageerde op GijsM's topic in Archief Internet & Netwerk

Goedenavond Kape, MVPSA host gedownload en gedraaid, en met een kort check bij een pagina waarbij ik elke keer werd "doorgesluisd" gebeurd dit nu niet meer:-). Nu verder met combofix? Gijs

Ongevraagd internet radio

GijsM reageerde op GijsM's topic in Archief Internet & Netwerk

Asus, Merci en bedankt tot zover, Er is naast ongevraagd muziek nog wel meer aan de hand . Als ik bv een site aanklik na een zoekactie op google wordt ik eerst twee of drie keer "doorgesluist" naar reklame sites voordat ik de site die ik wil zien te zien krijg. Ben benieuwd Gijs

Ongevraagd internet radio

GijsM reageerde op GijsM's topic in Archief Internet & Netwerk

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:28:33, on 16-11-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG2012\avgfws.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\Program Files\AVG Secure Search\vprot.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Internet, televisie, mobiel en vast bellen R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1247168174955 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1247168141080 O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1ca01a04ea3943e) (gupdate1ca01a04ea3943e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- End of file - 7703 bytes

Ongevraagd internet radio

GijsM plaatste een topic in Archief Internet & Netwerk

Als ik online ben word er regelmatig verbinding gemaakt met een internet radio station (denk ik). er draait dan geen mediaplayer win amp of vlc oid en toch komt er muziek uit mijn systeem Iemand een idee?

Inloggen

Profielen

Forums

Store

Alles dat geplaatst werd door GijsM

OVER ONS

SITEMAP

Belangrijke informatie