Ga naar inhoud

potlood1

Lid
  • Items

    7
  • Registratiedatum

  • Laatst bezocht

potlood1's prestaties

  1. Ik heb een een support aangevraagd bij AVG, bij Jotti wordt hij door geen enkele herkend Kape. Bedankt voor je hulp en ik meld me bij je wat zij aandragen:-). groet Ron
  2. C:\user.js was niet te verwijderen met een code de andere wel verwijderd. Hierna Tdds Killer gedraaid. met bijgaand log report. 21:47:07.0890 2176 TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26 21:47:08.0140 2176 ============================================================ 21:47:08.0140 2176 Current date / time: 2012/01/12 21:47:08.0140 21:47:08.0140 2176 SystemInfo: 21:47:08.0140 2176 21:47:08.0140 2176 OS Version: 5.1.2600 ServicePack: 3.0 21:47:08.0140 2176 Product type: Workstation 21:47:08.0140 2176 ComputerName: NVT-62704836F9A 21:47:08.0140 2176 UserName: nvt 21:47:08.0140 2176 Windows directory: C:\WINDOWS 21:47:08.0140 2176 System windows directory: C:\WINDOWS 21:47:08.0140 2176 Processor architecture: Intel x86 21:47:08.0140 2176 Number of processors: 2 21:47:08.0140 2176 Page size: 0x1000 21:47:08.0140 2176 Boot type: Normal boot 21:47:08.0140 2176 ============================================================ 21:47:09.0437 2176 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000, SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054 21:47:09.0531 2176 Initialize success 21:47:46.0390 4184 ============================================================ 21:47:46.0390 4184 Scan started 21:47:46.0390 4184 Mode: Manual; SigCheck; TDLFS; 21:47:46.0390 4184 ============================================================ 21:47:46.0625 4184 Abiosdsk - ok 21:47:46.0640 4184 abp480n5 - ok 21:47:46.0687 4184 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 21:47:46.0843 4184 ACPI - ok 21:47:46.0906 4184 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 21:47:46.0984 4184 ACPIEC - ok 21:47:47.0000 4184 adpu160m - ok 21:47:47.0000 4184 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 21:47:47.0125 4184 aec - ok 21:47:47.0171 4184 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 21:47:47.0187 4184 AFD - ok 21:47:47.0203 4184 Aha154x - ok 21:47:47.0203 4184 aic78u2 - ok 21:47:47.0218 4184 aic78xx - ok 21:47:47.0234 4184 AliIde - ok 21:47:47.0234 4184 amsint - ok 21:47:47.0250 4184 asc - ok 21:47:47.0250 4184 asc3350p - ok 21:47:47.0265 4184 asc3550 - ok 21:47:47.0296 4184 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 21:47:47.0390 4184 AsyncMac - ok 21:47:47.0390 4184 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 21:47:56.0546 4184 atapi - ok 21:47:56.0781 4184 Atdisk - ok 21:47:56.0859 4184 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 21:47:58.0734 4184 Atmarpc - ok 21:47:58.0875 4184 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 21:48:00.0734 4184 audstub - ok 21:48:00.0953 4184 AVGIDSDriver (2d18221aab3db2d408d6c55c0f23090a) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 21:48:01.0562 4184 AVGIDSDriver - ok 21:48:01.0687 4184 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys 21:48:01.0859 4184 AVGIDSEH - ok 21:48:02.0031 4184 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 21:48:02.0218 4184 AVGIDSFilter - ok 21:48:02.0312 4184 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 21:48:02.0484 4184 AVGIDSShim - ok 21:48:02.0609 4184 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys 21:48:02.0906 4184 Avgldx86 - ok 21:48:02.0953 4184 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 21:48:03.0140 4184 Avgmfx86 - ok 21:48:03.0203 4184 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 21:48:03.0390 4184 Avgrkx86 - ok 21:48:03.0531 4184 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys 21:48:03.0843 4184 Avgtdix - ok 21:48:04.0046 4184 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 21:48:05.0703 4184 Beep - ok 21:48:05.0906 4184 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys 21:48:06.0234 4184 BrScnUsb - ok 21:48:06.0281 4184 BrSerIf (3a9d55d28f61749a4564afd1d660c050) C:\WINDOWS\system32\DRIVERS\BrSerIf.sys 21:48:06.0296 4184 BrSerIf - ok 21:48:06.0312 4184 BrUsbSer (a24c7b39602218f8dbdb2b6704325fc7) C:\WINDOWS\system32\DRIVERS\BrUsbSer.sys 21:48:06.0328 4184 BrUsbSer - ok 21:48:06.0406 4184 catchme - ok 21:48:06.0437 4184 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 21:48:06.0531 4184 cbidf2k - ok 21:48:06.0546 4184 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 21:48:06.0656 4184 CCDECODE - ok 21:48:06.0656 4184 cd20xrnt - ok 21:48:06.0671 4184 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 21:48:06.0765 4184 Cdaudio - ok 21:48:06.0796 4184 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 21:48:06.0875 4184 Cdfs - ok 21:48:06.0890 4184 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 21:48:06.0984 4184 Cdrom - ok 21:48:07.0031 4184 Changer - ok 21:48:07.0062 4184 CmdIde - ok 21:48:07.0109 4184 Cpqarray - ok 21:48:07.0140 4184 dac2w2k - ok 21:48:07.0171 4184 dac960nt - ok 21:48:07.0281 4184 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 21:48:07.0390 4184 Disk - ok 21:48:07.0437 4184 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 21:48:07.0546 4184 dmboot - ok 21:48:07.0578 4184 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 21:48:07.0671 4184 dmio - ok 21:48:07.0703 4184 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 21:48:07.0812 4184 dmload - ok 21:48:07.0828 4184 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 21:48:07.0921 4184 DMusic - ok 21:48:07.0937 4184 dpti2o - ok 21:48:07.0953 4184 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 21:48:08.0000 4184 drmkaud - ok 21:48:08.0046 4184 e.dentifier2 (30e8affed744ec4c79b4961f5fe10134) C:\WINDOWS\system32\DRIVERS\aabed2.sys 21:48:08.0046 4184 e.dentifier2 - ok 21:48:08.0109 4184 esgiguard - ok 21:48:08.0125 4184 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 21:48:08.0218 4184 Fastfat - ok 21:48:08.0250 4184 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 21:48:08.0359 4184 Fdc - ok 21:48:08.0375 4184 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 21:48:08.0453 4184 Fips - ok 21:48:08.0468 4184 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 21:48:08.0546 4184 Flpydisk - ok 21:48:08.0578 4184 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 21:48:08.0671 4184 FltMgr - ok 21:48:08.0671 4184 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 21:48:08.0765 4184 Fs_Rec - ok 21:48:08.0781 4184 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 21:48:08.0890 4184 Ftdisk - ok 21:48:08.0921 4184 GEARAspiWDM (df6e37b27a9a1a498c6d9f29995b7a03) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 21:48:08.0937 4184 GEARAspiWDM - ok 21:48:08.0953 4184 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 21:48:09.0046 4184 Gpc - ok 21:48:09.0062 4184 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 21:48:09.0140 4184 HDAudBus - ok 21:48:09.0156 4184 hpn - ok 21:48:09.0187 4184 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys 21:48:09.0203 4184 HTCAND32 - ok 21:48:09.0234 4184 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys 21:48:09.0250 4184 htcnprot - ok 21:48:09.0281 4184 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 21:48:09.0296 4184 HTTP - ok 21:48:09.0312 4184 i2omgmt - ok 21:48:09.0328 4184 i2omp - ok 21:48:09.0328 4184 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 21:48:09.0421 4184 i8042prt - ok 21:48:09.0437 4184 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 21:48:09.0531 4184 Imapi - ok 21:48:09.0546 4184 ini910u - ok 21:48:09.0656 4184 IntcAzAudAddService (1ebde650d97a8eccdc1cc4a0804647cd) C:\WINDOWS\system32\drivers\RtkHDAud.sys 21:48:09.0781 4184 IntcAzAudAddService - ok 21:48:09.0781 4184 IntelIde - ok 21:48:09.0812 4184 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 21:48:09.0906 4184 Ip6Fw - ok 21:48:09.0937 4184 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 21:48:10.0031 4184 IpFilterDriver - ok 21:48:10.0046 4184 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 21:48:10.0140 4184 IpInIp - ok 21:48:10.0156 4184 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 21:48:10.0234 4184 IpNat - ok 21:48:10.0250 4184 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 21:48:10.0328 4184 IPSec - ok 21:48:10.0343 4184 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 21:48:10.0406 4184 IRENUM - ok 21:48:10.0421 4184 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 21:48:10.0515 4184 isapnp - ok 21:48:10.0546 4184 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 21:48:10.0625 4184 Kbdclass - ok 21:48:10.0656 4184 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 21:48:10.0734 4184 kmixer - ok 21:48:10.0765 4184 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 21:48:10.0781 4184 KSecDD - ok 21:48:10.0843 4184 Lavasoft Kernexplorer - ok 21:48:10.0859 4184 lbrtfdc - ok 21:48:10.0890 4184 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 21:48:11.0000 4184 mnmdd - ok 21:48:11.0031 4184 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 21:48:11.0109 4184 Modem - ok 21:48:11.0109 4184 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 21:48:11.0203 4184 Mouclass - ok 21:48:11.0203 4184 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 21:48:11.0296 4184 MountMgr - ok 21:48:11.0312 4184 mraid35x - ok 21:48:11.0328 4184 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 21:48:11.0406 4184 MRxDAV - ok 21:48:11.0437 4184 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 21:48:11.0484 4184 MRxSmb - ok 21:48:11.0500 4184 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 21:48:11.0562 4184 Msfs - ok 21:48:11.0593 4184 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 21:48:11.0687 4184 MSKSSRV - ok 21:48:11.0718 4184 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 21:48:11.0796 4184 MSPCLOCK - ok 21:48:11.0812 4184 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 21:48:11.0906 4184 MSPQM - ok 21:48:11.0921 4184 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 21:48:12.0015 4184 mssmbios - ok 21:48:12.0046 4184 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 21:48:12.0140 4184 MSTEE - ok 21:48:12.0171 4184 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys 21:48:12.0187 4184 MTsensor - ok 21:48:12.0218 4184 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 21:48:12.0265 4184 Mup - ok 21:48:12.0296 4184 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 21:48:13.0828 4184 NABTSFEC - ok 21:48:13.0984 4184 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 21:48:15.0953 4184 NDIS - ok 21:48:16.0484 4184 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 21:48:18.0593 4184 NdisIP - ok 21:48:18.0718 4184 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 21:48:18.0968 4184 NdisTapi - ok 21:48:19.0046 4184 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 21:48:21.0031 4184 Ndisuio - ok 21:48:21.0093 4184 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 21:48:23.0109 4184 NdisWan - ok 21:48:23.0234 4184 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 21:48:23.0437 4184 NDProxy - ok 21:48:23.0500 4184 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 21:48:25.0156 4184 NetBIOS - ok 21:48:25.0250 4184 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 21:48:27.0078 4184 NetBT - ok 21:48:27.0515 4184 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 21:48:28.0703 4184 Npfs - ok 21:48:28.0734 4184 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 21:48:28.0843 4184 Ntfs - ok 21:48:28.0890 4184 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 21:48:28.0968 4184 Null - ok 21:48:29.0078 4184 nv (eb2858f920b8135b807b5ccaa3ed73dc) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 21:48:29.0187 4184 nv - ok 21:48:29.0203 4184 NVENETFD (24336267df2a52e2785d50f41b9cf9b8) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 21:48:29.0218 4184 NVENETFD - ok 21:48:29.0234 4184 nvnetbus (fea32e16bd1dda896a647a6e19216fca) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 21:48:29.0250 4184 nvnetbus - ok 21:48:29.0296 4184 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 21:48:29.0390 4184 NwlnkFlt - ok 21:48:29.0406 4184 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 21:48:29.0484 4184 NwlnkFwd - ok 21:48:29.0531 4184 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys 21:48:29.0609 4184 Parport - ok 21:48:29.0625 4184 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 21:48:29.0718 4184 PartMgr - ok 21:48:29.0734 4184 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 21:48:29.0812 4184 ParVdm - ok 21:48:29.0828 4184 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 21:48:29.0921 4184 PCI - ok 21:48:29.0937 4184 PCIDump - ok 21:48:29.0968 4184 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 21:48:30.0046 4184 PCIIde - ok 21:48:30.0078 4184 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys 21:48:30.0171 4184 Pcmcia - ok 21:48:30.0171 4184 PDCOMP - ok 21:48:30.0187 4184 PDFRAME - ok 21:48:30.0187 4184 PDRELI - ok 21:48:30.0203 4184 PDRFRAME - ok 21:48:30.0218 4184 perc2 - ok 21:48:30.0218 4184 perc2hib - ok 21:48:30.0234 4184 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 21:48:30.0328 4184 PptpMiniport - ok 21:48:30.0343 4184 PQNTDrv (474543751522111dd7c0cf09e17f6d9f) C:\WINDOWS\system32\drivers\PQNTDrv.sys 21:48:30.0359 4184 PQNTDrv ( UnsignedFile.Multi.Generic ) - warning 21:48:30.0359 4184 PQNTDrv - detected UnsignedFile.Multi.Generic (1) 21:48:30.0375 4184 Processor (82a17eca34d801590a67c0a2244965ed) C:\WINDOWS\system32\DRIVERS\processr.sys 21:48:30.0453 4184 Processor - ok 21:48:30.0468 4184 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 21:48:30.0562 4184 PSched - ok 21:48:30.0578 4184 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 21:48:30.0640 4184 Ptilink - ok 21:48:30.0656 4184 ql1080 - ok 21:48:30.0656 4184 Ql10wnt - ok 21:48:30.0671 4184 ql12160 - ok 21:48:30.0671 4184 ql1240 - ok 21:48:30.0687 4184 ql1280 - ok 21:48:30.0703 4184 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 21:48:30.0796 4184 RasAcd - ok 21:48:30.0796 4184 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 21:48:30.0875 4184 Rasl2tp - ok 21:48:30.0890 4184 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 21:48:30.0984 4184 RasPppoe - ok 21:48:30.0984 4184 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 21:48:31.0062 4184 Raspti - ok 21:48:31.0093 4184 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 21:48:31.0156 4184 Rdbss - ok 21:48:31.0171 4184 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 21:48:31.0250 4184 RDPCDD - ok 21:48:31.0296 4184 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 21:48:31.0343 4184 RDPWD - ok 21:48:31.0359 4184 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 21:48:31.0437 4184 redbook - ok 21:48:31.0468 4184 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys 21:48:31.0562 4184 ROOTMODEM - ok 21:48:31.0625 4184 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 21:48:31.0656 4184 Secdrv - ok 21:48:31.0671 4184 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 21:48:31.0750 4184 serenum - ok 21:48:31.0781 4184 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys 21:48:31.0875 4184 Serial - ok 21:48:31.0906 4184 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 21:48:32.0000 4184 Sfloppy - ok 21:48:32.0000 4184 Simbad - ok 21:48:32.0031 4184 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 21:48:32.0125 4184 SLIP - ok 21:48:32.0125 4184 Sparrow - ok 21:48:32.0140 4184 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 21:48:32.0203 4184 splitter - ok 21:48:32.0250 4184 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 21:48:32.0296 4184 sr - ok 21:48:32.0343 4184 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 21:48:32.0359 4184 Srv - ok 21:48:32.0390 4184 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 21:48:32.0484 4184 streamip - ok 21:48:32.0500 4184 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 21:48:32.0578 4184 swenum - ok 21:48:32.0593 4184 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 21:48:32.0687 4184 swmidi - ok 21:48:32.0734 4184 symc810 - ok 21:48:32.0750 4184 symc8xx - ok 21:48:32.0750 4184 sym_hi - ok 21:48:32.0765 4184 sym_u3 - ok 21:48:32.0796 4184 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 21:48:32.0875 4184 sysaudio - ok 21:48:32.0921 4184 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 21:48:32.0953 4184 Tcpip - ok 21:48:32.0984 4184 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 21:48:33.0078 4184 TDPIPE - ok 21:48:33.0093 4184 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 21:48:33.0187 4184 TDTCP - ok 21:48:33.0187 4184 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 21:48:33.0281 4184 TermDD - ok 21:48:33.0296 4184 TosIde - ok 21:48:33.0343 4184 tosporte (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys 21:48:33.0343 4184 tosporte - ok 21:48:33.0375 4184 tosrfbd (a594dbd80ca5426e2e558bf79195a110) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys 21:48:33.0375 4184 tosrfbd - ok 21:48:33.0390 4184 tosrfbnp (90c8525bc578aaffe87c2d0ed4379e9e) C:\WINDOWS\system32\Drivers\tosrfbnp.sys 21:48:33.0406 4184 tosrfbnp - ok 21:48:33.0421 4184 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys 21:48:33.0437 4184 Tosrfcom - ok 21:48:33.0453 4184 Tosrfhid (28099a4e52148319afa685d93a2244d0) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys 21:48:33.0468 4184 Tosrfhid - ok 21:48:33.0468 4184 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys 21:48:33.0484 4184 tosrfnds - ok 21:48:33.0500 4184 TosRfSnd (1ff09b64d1e0c82ee81026718d8d47c2) C:\WINDOWS\system32\drivers\tosrfsnd.sys 21:48:33.0515 4184 TosRfSnd - ok 21:48:33.0562 4184 tosrfusb (20cc46c5d3326122e1a0a8c9dad00e0d) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys 21:48:33.0562 4184 tosrfusb - ok 21:48:33.0593 4184 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 21:48:33.0671 4184 Udfs - ok 21:48:33.0687 4184 ultra - ok 21:48:33.0703 4184 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 21:48:33.0781 4184 Update - ok 21:48:33.0843 4184 USBAU (858de6637cbf913fe07dfb260e52c8cf) C:\WINDOWS\system32\drivers\CM102.sys 21:48:33.0875 4184 USBAU ( UnsignedFile.Multi.Generic ) - warning 21:48:33.0875 4184 USBAU - detected UnsignedFile.Multi.Generic (1) 21:48:33.0921 4184 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 21:48:34.0015 4184 usbaudio - ok 21:48:34.0015 4184 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 21:48:34.0125 4184 usbccgp - ok 21:48:34.0125 4184 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 21:48:34.0218 4184 usbehci - ok 21:48:34.0218 4184 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 21:48:34.0281 4184 usbhub - ok 21:48:34.0281 4184 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 21:48:34.0390 4184 usbohci - ok 21:48:34.0406 4184 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 21:48:36.0078 4184 usbprint - ok 21:48:36.0156 4184 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 21:48:38.0000 4184 usbscan - ok 21:48:38.0140 4184 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 21:48:40.0000 4184 USBSTOR - ok 21:48:40.0078 4184 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 21:48:41.0718 4184 usbvideo - ok 21:48:41.0828 4184 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys 21:48:43.0500 4184 usb_rndisx - ok 21:48:43.0578 4184 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 21:48:45.0484 4184 VgaSave - ok 21:48:45.0546 4184 ViaIde - ok 21:48:45.0687 4184 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 21:48:47.0546 4184 VolSnap - ok 21:48:47.0968 4184 VX3000 (3d96ef51524e99680e89929e953a5495) C:\WINDOWS\system32\DRIVERS\VX3000.sys 21:48:48.0828 4184 VX3000 - ok 21:48:49.0000 4184 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 21:48:50.0171 4184 Wanarp - ok 21:48:50.0312 4184 Wdf01000 (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\Drivers\wdf01000.sys 21:48:50.0343 4184 Wdf01000 - ok 21:48:50.0359 4184 WDICA - ok 21:48:50.0406 4184 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 21:48:50.0484 4184 wdmaud - ok 21:48:50.0546 4184 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 21:48:50.0640 4184 WS2IFSL - ok 21:48:50.0671 4184 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 21:48:50.0765 4184 WSTCODEC - ok 21:48:50.0796 4184 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 21:48:50.0828 4184 WudfPf - ok 21:48:50.0859 4184 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 21:48:50.0875 4184 WudfRd - ok 21:48:50.0890 4184 xcpip - ok 21:48:50.0890 4184 xpsec - ok 21:48:50.0906 4184 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0 21:48:50.0906 4184 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - infected 21:48:50.0906 4184 \Device\Harddisk0\DR0 - detected Backdoor.Win32.Sinowal.knf (0) 21:48:50.0984 4184 Boot (0x1200) (378b5702d35146296ecd645b1fe37df4) \Device\Harddisk0\DR0\Partition0 21:48:50.0984 4184 \Device\Harddisk0\DR0\Partition0 - ok 21:48:50.0984 4184 Boot (0x1200) (bf67d91643ce2c41ece728ab3de51951) \Device\Harddisk0\DR0\Partition1 21:48:51.0000 4184 \Device\Harddisk0\DR0\Partition1 - ok 21:48:51.0000 4184 ============================================================ 21:48:51.0000 4184 Scan finished 21:48:51.0000 4184 ============================================================ 21:48:51.0109 5560 Detected object count: 3 21:48:51.0109 5560 Actual detected object count: 3 21:49:37.0859 5560 C:\WINDOWS\system32\drivers\PQNTDrv.sys - copied to quarantine 21:49:37.0859 5560 PQNTDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:49:37.0968 5560 C:\WINDOWS\system32\drivers\CM102.sys - copied to quarantine 21:49:37.0968 5560 USBAU ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:49:38.0312 5560 \Device\Harddisk0\DR0\# - copied to quarantine 21:49:38.0312 5560 \Device\Harddisk0\DR0 - copied to quarantine 21:49:38.0312 5560 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - User select action: Quarantine ---------- Post toegevoegd om 22:20 ---------- Vorige post was om 22:06 ---------- Kape het is om moedeloos van te worden:rofl: het paard zit er nog steeds vlgens avg. """De hele computer scannen"" is gestopt voordat de scan was voltooid." "Infecties";"2";"2";"0" "Voor scan geselecteerde mappen:";"De hele computer scannen" "Scan is gestart:";"maandag 9 januari 2012, 14:25:33" "Scan voltooid:";"maandag 9 januari 2012, 14:27:07 (1 min. 34 seconde (n))" "Totaal gescande objecten:";"668" "Gebruiker die de scan heeft gestart:";"nvt" "Infecties" "";"Bestand";"Infectie";"Resultaat" "";"C:\WINDOWS\system32\services.exe (1936):\memory_010a0000";"Trojaans paard PSW.Generic9.RDX";"Object is niet toegankelijk" "";"C:\WINDOWS\system32\services.exe (1936)";"Trojaans paard PSW.Generic9.RDX";"" Groet Ron ---------- Post toegevoegd om 22:22 ---------- Vorige post was om 22:20 ---------- Sorry Kape het wordt later ik bedoel natuurlijk deze scan. """De hele computer scannen"" is gestopt voordat de scan was voltooid." "Infecties";"2";"2";"0" "Voor scan geselecteerde mappen:";"De hele computer scannen" "Scan is gestart:";"donderdag 12 januari 2012, 22:08:27" "Scan voltooid:";"donderdag 12 januari 2012, 22:09:52 (1 min. 24 seconde (n))" "Totaal gescande objecten:";"1193" "Gebruiker die de scan heeft gestart:";"nvt" "Infecties" "";"Bestand";"Infectie";"Resultaat" "";"C:\WINDOWS\system32\services.exe (1588):\memory_01170000";"Trojaans paard PSW.Generic9.RDX";"Object is niet toegankelijk" "";"C:\WINDOWS\system32\services.exe (1588)";"Trojaans paard PSW.Generic9.RDX";"" Groet, Ron
  3. Bij deze met het script de log van Combofix ben benieuwd:-) ComboFix 12-01-12.04 - nvt 12-01-2012 20:34:23.4.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1919.988 [GMT 1:00] Gestart vanuit: c:\documents and settings\nvt\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\nvt\Bureaublad\CFScript.txt AV: AVG Anti-Virus 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . FILE :: "C:\user.js" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\Babylon c:\documents and settings\nvt\AppData c:\documents and settings\nvt\Application Data\Babylon c:\documents and settings\nvt\Application Data\Babylon\log_file.txt c:\documents and settings\nvt\Local Settings\Application Data\Babylon c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\bab033.tbinst.dat c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\bab091.norecovericon.dat c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\Babylon.dat c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\common.js c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\eula.html c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.css c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.html c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.js c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2Lrg.css c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page9.html c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\pBar.gif c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\title2.png c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\toolBar.jpg c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\Setup-tbmntr903-9.0.3.19.zpb c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\Setup.exe c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\SetupStrings.dat c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\sqlite3.dll c:\program files\BrowserCompanion c:\program files\BrowserCompanion\BCHelper.exe c:\program files\BrowserCompanion\blabbers-ch.crx c:\program files\BrowserCompanion\logo.ico c:\program files\BrowserCompanion\sqlite3.dll c:\program files\BrowserCompanion\updatebhoWin32.dll_1 . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-12 to 2012-01-12 )))))))))))))))))))))))))))))) . . 2012-01-12 19:08 . 2012-01-12 19:08 -------- d-----w- C:\found.001 2012-01-12 18:30 . 2012-01-12 18:32 -------- dc-h--w- c:\windows\ie8 2012-01-12 11:39 . 2012-01-12 11:39 -------- d-----w- c:\documents and settings\nvt\Local Settings\Application Data\adaware 2012-01-12 09:54 . 2012-01-12 09:54 -------- d-----w- C:\found.000 2012-01-12 09:06 . 2012-01-12 16:05 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE 2012-01-11 19:40 . 2012-01-11 19:40 -------- d-----w- C:\bureaublad 2012-01-10 20:23 . 2012-01-10 20:23 -------- d-----w- c:\documents and settings\nvt\vorus 2012-01-10 20:23 . 2012-01-10 20:23 -------- d-----w- c:\documents and settings\nvt\virus 2012-01-09 16:21 . 2012-01-09 16:21 -------- d-----w- c:\program files\7-Zip 2012-01-09 13:23 . 2012-01-12 19:20 -------- d--h--r- c:\documents and settings\nvt\Onlangs geopend 2012-01-09 11:19 . 2012-01-09 13:51 -------- d-----w- C:\sh4ldr 2012-01-09 11:19 . 2012-01-09 11:19 -------- d-----w- c:\program files\Enigma Software Group 2012-01-09 11:17 . 2012-01-09 13:50 -------- d-----w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP 2012-01-06 15:37 . 2012-01-06 15:37 388096 ----a-r- c:\documents and settings\nvt\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-06 15:37 . 2012-01-06 15:37 -------- d-----w- c:\program files\Trend Micro 2012-01-05 12:26 . 2012-01-05 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2012-01-05 11:20 . 2012-01-05 11:20 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2012-01-02 17:32 . 2012-01-02 17:32 -------- d-----w- c:\documents and settings\nvt\Application Data\QuickScan 2012-01-02 16:36 . 2012-01-02 16:36 -------- d-----w- c:\program files\Bonjour 2012-01-02 10:22 . 2012-01-02 10:22 -------- d-----w- c:\program files\Toolbar Cleaner 2012-01-02 10:20 . 2012-01-02 10:20 -------- d-----w- c:\program files\Lavasoft 2012-01-02 10:20 . 2012-01-10 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2011-12-29 10:21 . 2012-01-06 14:46 474 ----a-w- C:\user.js 2011-12-22 09:27 . 2012-01-12 19:12 -------- d-----w- c:\documents and settings\nvt\Local Settings\Application Data\Htc . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-25 21:57 . 2006-03-02 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:40 . 2006-03-02 12:00 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2006-03-02 12:00 60928 ----a-w- c:\windows\system32\packager.exe 2011-11-16 14:22 . 2006-03-02 12:00 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:22 . 2006-03-02 12:00 152064 ----a-w- c:\windows\system32\schannel.dll 2011-11-04 19:13 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2006-03-02 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll 2011-11-03 15:29 . 2006-03-02 12:00 1296384 ----a-w- c:\windows\system32\quartz.dll 2011-11-01 16:07 . 2006-03-02 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2006-03-02 12:00 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 10:50 . 2004-08-04 00:58 2031616 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-18 11:13 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-11-09 09:04 . 2011-09-28 08:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-01-10_20.31.59 ))))))))))))))))))))))))))))))))))))))))) . + 2012-01-12 19:11 . 2012-01-12 19:11 16384 c:\windows\Temp\Perflib_Perfdata_c4c.dat + 2008-05-22 13:40 . 2009-01-07 17:21 26144 c:\windows\system32\spupdsvc.exe - 2008-05-22 13:40 . 2009-01-07 16:21 26144 c:\windows\system32\spupdsvc.exe + 2011-09-17 01:06 . 2009-01-07 17:21 18464 c:\windows\system32\spmsg.dll + 2006-03-02 12:00 . 2009-03-08 03:31 46592 c:\windows\system32\pngfilt.dll - 2006-03-02 12:00 . 2009-03-08 02:31 46592 c:\windows\system32\pngfilt.dll + 2006-06-29 06:05 . 2009-01-07 17:20 23552 c:\windows\system32\normaliz.dll - 2006-06-29 06:05 . 2009-01-07 16:20 23552 c:\windows\system32\normaliz.dll - 2006-06-28 15:59 . 2009-01-07 16:20 24576 c:\windows\system32\nlsdl.dll + 2006-06-28 15:59 . 2009-01-07 17:20 24576 c:\windows\system32\nlsdl.dll - 2006-03-02 12:00 . 2009-03-08 02:31 48128 c:\windows\system32\mshtmler.dll + 2006-03-02 12:00 . 2009-03-08 03:31 48128 c:\windows\system32\mshtmler.dll + 2006-03-02 12:00 . 2009-03-08 03:31 45568 c:\windows\system32\mshta.exe - 2006-03-02 12:00 . 2009-03-08 02:31 45568 c:\windows\system32\mshta.exe + 2007-08-13 16:36 . 2009-03-08 03:31 13312 c:\windows\system32\msfeedssync.exe - 2007-08-13 16:36 . 2009-03-08 02:31 13312 c:\windows\system32\msfeedssync.exe - 2006-03-02 12:00 . 2008-04-14 17:02 23040 c:\windows\system32\mciseq.dll + 2006-03-02 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll + 2006-03-02 12:00 . 2009-03-08 03:32 94720 c:\windows\system32\inseng.dll - 2006-03-02 12:00 . 2009-03-08 02:32 94720 c:\windows\system32\inseng.dll + 2006-03-02 12:00 . 2009-03-08 03:31 34816 c:\windows\system32\imgutil.dll - 2006-03-02 12:00 . 2009-03-08 02:31 34816 c:\windows\system32\imgutil.dll + 2007-08-13 16:39 . 2009-03-08 03:32 36864 c:\windows\system32\ieudinit.exe - 2007-08-13 16:39 . 2009-03-08 02:32 36864 c:\windows\system32\ieudinit.exe - 2006-03-02 12:00 . 2009-03-08 02:32 71680 c:\windows\system32\iesetup.dll + 2006-03-02 12:00 . 2009-03-08 03:32 71680 c:\windows\system32\iesetup.dll + 2006-03-02 12:00 . 2009-03-08 03:32 55808 c:\windows\system32\iernonce.dll - 2006-03-02 12:00 . 2009-03-08 02:32 55808 c:\windows\system32\iernonce.dll + 2006-06-29 06:05 . 2009-01-07 17:20 26112 c:\windows\system32\idndl.dll - 2006-06-29 06:05 . 2009-01-07 16:20 26112 c:\windows\system32\idndl.dll - 2007-08-13 16:36 . 2009-03-08 02:31 59904 c:\windows\system32\icardie.dll + 2007-08-13 16:36 . 2009-03-08 03:31 59904 c:\windows\system32\icardie.dll + 2006-03-02 12:00 . 2009-03-08 03:31 46592 c:\windows\system32\dllcache\pngfilt.dll - 2006-03-02 12:00 . 2009-03-08 02:31 46592 c:\windows\system32\dllcache\pngfilt.dll + 2011-11-20 06:12 . 2011-11-20 06:12 60928 c:\windows\system32\dllcache\packager.exe - 2006-03-02 12:00 . 2009-03-08 02:31 48128 c:\windows\system32\dllcache\mshtmler.dll + 2006-03-02 12:00 . 2009-03-08 03:31 48128 c:\windows\system32\dllcache\mshtmler.dll + 2006-03-02 12:00 . 2009-03-08 03:31 45568 c:\windows\system32\dllcache\mshta.exe - 2006-03-02 12:00 . 2009-03-08 02:31 45568 c:\windows\system32\dllcache\mshta.exe + 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll - 2006-03-02 12:00 . 2009-03-08 02:32 94720 c:\windows\system32\dllcache\inseng.dll + 2006-03-02 12:00 . 2009-03-08 03:32 94720 c:\windows\system32\dllcache\inseng.dll - 2006-03-02 12:00 . 2009-03-08 02:31 34816 c:\windows\system32\dllcache\imgutil.dll + 2006-03-02 12:00 . 2009-03-08 03:31 34816 c:\windows\system32\dllcache\imgutil.dll + 2006-03-02 12:00 . 2009-03-08 03:32 71680 c:\windows\system32\dllcache\iesetup.dll - 2006-03-02 12:00 . 2009-03-08 02:32 71680 c:\windows\system32\dllcache\iesetup.dll - 2006-03-02 12:00 . 2009-03-08 02:32 55808 c:\windows\system32\dllcache\iernonce.dll + 2006-03-02 12:00 . 2009-03-08 03:32 55808 c:\windows\system32\dllcache\iernonce.dll - 2008-05-22 15:34 . 2009-03-08 02:31 59904 c:\windows\system32\dllcache\icardie.dll + 2008-05-22 15:34 . 2009-03-08 03:31 59904 c:\windows\system32\dllcache\icardie.dll + 2008-05-22 13:23 . 2009-03-08 03:24 68608 c:\windows\system32\dllcache\hmmapi.dll - 2008-05-22 13:23 . 2009-03-08 02:24 68608 c:\windows\system32\dllcache\hmmapi.dll - 2009-03-08 02:33 . 2009-03-08 02:33 18944 c:\windows\system32\dllcache\corpol.dll + 2009-03-08 03:33 . 2009-03-08 03:33 18944 c:\windows\system32\dllcache\corpol.dll - 2006-03-02 12:00 . 2009-03-08 02:32 72704 c:\windows\system32\dllcache\admparse.dll + 2006-03-02 12:00 . 2009-03-08 03:32 72704 c:\windows\system32\dllcache\admparse.dll + 2006-03-02 12:00 . 2009-03-08 03:33 18944 c:\windows\system32\corpol.dll - 2006-03-02 12:00 . 2009-03-08 02:33 18944 c:\windows\system32\corpol.dll + 2008-05-22 13:27 . 2012-01-12 09:26 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2008-05-22 13:27 . 2012-01-09 14:14 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-05-22 13:27 . 2012-01-12 09:26 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat - 2008-05-22 13:27 . 2012-01-09 14:14 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat + 2006-03-02 12:00 . 2009-03-08 03:32 72704 c:\windows\system32\admparse.dll - 2006-03-02 12:00 . 2009-03-08 02:32 72704 c:\windows\system32\admparse.dll + 2012-01-12 09:27 . 2012-01-12 09:27 28160 c:\windows\Installer\8ad11.msi + 2009-02-02 20:46 . 2012-01-11 20:46 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2009-02-02 20:46 . 2011-12-14 14:16 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2009-02-02 20:46 . 2011-12-14 14:16 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2009-02-02 20:46 . 2012-01-11 20:46 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2009-02-02 20:46 . 2011-12-14 14:16 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2009-02-02 20:46 . 2012-01-11 20:46 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2012-01-12 18:33 . 2009-03-08 03:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll + 2012-01-12 18:33 . 2008-07-08 13:07 18808 c:\windows\ie8updates\KB982381-IE8\spmsg.dll + 2012-01-12 18:33 . 2008-07-08 13:07 26488 c:\windows\ie8updates\KB982381-IE8\spcustom.dll + 2012-01-12 18:33 . 2009-03-08 03:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll - 2010-06-11 01:16 . 2010-02-25 06:20 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll - 2010-06-11 01:16 . 2010-02-25 06:20 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll + 2012-01-12 18:33 . 2009-03-08 03:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll + 2012-01-12 18:34 . 2010-05-06 10:37 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll - 2011-12-14 14:13 . 2011-08-22 23:41 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll + 2012-01-12 18:34 . 2010-07-05 13:21 18808 c:\windows\ie8updates\KB2618444-IE8\spmsg.dll + 2012-01-12 18:34 . 2010-07-05 13:21 26488 c:\windows\ie8updates\KB2618444-IE8\spcustom.dll - 2011-12-14 14:13 . 2011-08-22 23:41 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll + 2012-01-12 18:34 . 2009-03-08 03:31 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll - 2011-12-14 14:13 . 2011-08-22 23:41 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll + 2012-01-12 18:34 . 2010-05-06 10:36 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll + 2012-01-12 18:34 . 2009-03-08 03:34 43008 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll - 2011-12-14 14:13 . 2011-08-22 23:41 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll + 2012-01-12 18:34 . 2010-05-06 10:36 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll - 2009-06-27 10:09 . 2009-03-08 14:32 58448 c:\windows\ie8\spuninst\iecustom.dll + 2012-01-12 18:31 . 2009-03-08 15:32 58448 c:\windows\ie8\spuninst\iecustom.dll + 2012-01-12 18:30 . 2009-04-29 04:49 44544 c:\windows\ie8\pngfilt.dll - 2009-06-27 10:08 . 2009-04-29 04:49 44544 c:\windows\ie8\pngfilt.dll - 2009-06-27 10:08 . 2007-08-13 16:01 48128 c:\windows\ie8\mshtmler.dll + 2012-01-12 18:30 . 2007-08-13 16:01 48128 c:\windows\ie8\mshtmler.dll - 2009-06-27 10:08 . 2007-08-13 16:32 45568 c:\windows\ie8\mshta.exe + 2012-01-12 18:30 . 2007-08-13 16:32 45568 c:\windows\ie8\mshta.exe - 2009-06-27 10:08 . 2007-08-13 16:36 12288 c:\windows\ie8\msfeedssync.exe + 2012-01-12 18:30 . 2007-08-13 16:36 12288 c:\windows\ie8\msfeedssync.exe - 2009-06-27 10:08 . 2009-04-29 04:49 52224 c:\windows\ie8\msfeedsbs.dll + 2012-01-12 18:30 . 2009-04-29 04:49 52224 c:\windows\ie8\msfeedsbs.dll - 2009-06-27 10:08 . 2007-08-13 16:44 40960 c:\windows\ie8\licmgr10.dll + 2012-01-12 18:30 . 2007-08-13 16:44 40960 c:\windows\ie8\licmgr10.dll + 2012-01-12 18:30 . 2009-04-29 04:49 27648 c:\windows\ie8\jsproxy.dll - 2009-06-27 10:08 . 2009-04-29 04:49 27648 c:\windows\ie8\jsproxy.dll + 2012-01-12 18:30 . 2007-08-13 16:39 92672 c:\windows\ie8\inseng.dll - 2009-06-27 10:08 . 2007-08-13 16:39 92672 c:\windows\ie8\inseng.dll - 2009-06-27 10:08 . 2007-08-13 16:36 36352 c:\windows\ie8\imgutil.dll + 2012-01-12 18:30 . 2007-08-13 16:36 36352 c:\windows\ie8\imgutil.dll - 2009-06-27 10:08 . 2007-08-13 16:39 55296 c:\windows\ie8\iesetup.dll + 2012-01-12 18:30 . 2007-08-13 16:39 55296 c:\windows\ie8\iesetup.dll - 2009-06-27 10:08 . 2009-04-29 04:49 44544 c:\windows\ie8\iernonce.dll + 2012-01-12 18:30 . 2009-04-29 04:49 44544 c:\windows\ie8\iernonce.dll - 2009-06-27 10:08 . 2009-04-29 04:49 78336 c:\windows\ie8\ieencode.dll + 2012-01-12 18:30 . 2009-04-29 04:49 78336 c:\windows\ie8\ieencode.dll - 2009-06-27 10:08 . 2009-04-28 09:07 70656 c:\windows\ie8\ie4uinit.exe + 2012-01-12 18:30 . 2009-04-28 09:07 70656 c:\windows\ie8\ie4uinit.exe + 2012-01-12 18:30 . 2009-04-29 04:49 63488 c:\windows\ie8\icardie.dll - 2009-06-27 10:08 . 2009-04-29 04:49 63488 c:\windows\ie8\icardie.dll + 2012-01-12 18:30 . 2007-08-13 16:18 60416 c:\windows\ie8\hmmapi.dll - 2009-06-27 10:08 . 2007-08-13 16:18 60416 c:\windows\ie8\hmmapi.dll - 2009-06-27 10:08 . 2008-04-14 17:02 35328 c:\windows\ie8\corpol.dll + 2012-01-12 18:30 . 2008-04-14 17:02 35328 c:\windows\ie8\corpol.dll - 2009-06-27 10:08 . 2007-08-13 16:39 71680 c:\windows\ie8\admparse.dll + 2012-01-12 18:30 . 2007-08-13 16:39 71680 c:\windows\ie8\admparse.dll + 2009-06-27 10:10 . 2011-08-16 10:45 6144 c:\windows\system32\dllcache\iecompat.dll + 2012-01-12 18:34 . 2009-03-08 03:35 2048 c:\windows\ie8updates\KB2598845-IE8\iecompat.dll + 2008-05-22 15:33 . 2009-01-07 17:21 121856 c:\windows\system32\xmllite.dll - 2008-05-22 15:33 . 2009-01-07 16:21 121856 c:\windows\system32\xmllite.dll - 2006-03-02 12:00 . 2008-04-14 17:02 179200 c:\windows\system32\winmm.dll + 2006-03-02 12:00 . 2011-10-14 14:47 179200 c:\windows\system32\winmm.dll + 2007-08-13 16:45 . 2009-03-08 03:34 208384 c:\windows\system32\WinFXDocObj.exe - 2007-08-13 16:45 . 2009-03-08 02:34 208384 c:\windows\system32\WinFXDocObj.exe - 2006-03-02 12:00 . 2009-03-08 02:34 236544 c:\windows\system32\webcheck.dll + 2006-03-02 12:00 . 2009-03-08 03:34 236544 c:\windows\system32\webcheck.dll + 2006-03-02 12:00 . 2009-03-08 03:33 420352 c:\windows\system32\vbscript.dll + 2006-03-02 12:00 . 2009-03-08 03:34 193536 c:\windows\system32\msrating.dll - 2006-03-02 12:00 . 2009-03-08 02:34 193536 c:\windows\system32\msrating.dll - 2006-03-02 12:00 . 2009-03-08 02:22 156160 c:\windows\system32\msls31.dll + 2006-03-02 12:00 . 2009-03-08 03:22 156160 c:\windows\system32\msls31.dll + 2009-01-07 16:20 . 2009-01-07 17:20 265720 c:\windows\system32\msdbg2.dll - 2009-01-07 16:20 . 2009-01-07 16:20 265720 c:\windows\system32\msdbg2.dll - 2006-03-02 12:00 . 2011-03-04 06:36 726528 c:\windows\system32\jscript.dll + 2006-03-02 12:00 . 2009-03-08 03:33 726528 c:\windows\system32\jscript.dll - 2007-08-13 16:54 . 2009-03-08 02:22 164352 c:\windows\system32\ieui.dll + 2007-08-13 16:54 . 2009-03-08 03:22 164352 c:\windows\system32\ieui.dll - 2007-07-11 10:27 . 2009-03-08 02:11 445952 c:\windows\system32\ieapfltr.dll + 2007-07-11 10:27 . 2009-03-08 03:11 445952 c:\windows\system32\ieapfltr.dll + 2006-03-02 12:00 . 2009-03-08 03:32 163840 c:\windows\system32\ieakui.dll - 2006-03-02 12:00 . 2009-03-08 02:32 163840 c:\windows\system32\ieakui.dll + 2006-03-02 12:00 . 2009-03-08 03:33 229376 c:\windows\system32\ieaksie.dll - 2006-03-02 12:00 . 2009-03-08 02:33 229376 c:\windows\system32\ieaksie.dll - 2006-03-02 12:00 . 2009-03-08 02:33 125952 c:\windows\system32\ieakeng.dll + 2006-03-02 12:00 . 2009-03-08 03:33 125952 c:\windows\system32\ieakeng.dll + 2008-05-22 21:10 . 2012-01-12 16:03 304416 c:\windows\system32\FNTCACHE.DAT - 2006-03-02 12:00 . 2009-03-08 02:31 216064 c:\windows\system32\dxtrans.dll + 2006-03-02 12:00 . 2009-03-08 03:31 216064 c:\windows\system32\dxtrans.dll + 2006-03-02 12:00 . 2009-03-08 03:31 348160 c:\windows\system32\dxtmsft.dll - 2006-03-02 12:00 . 2009-03-08 02:31 348160 c:\windows\system32\dxtmsft.dll - 2010-06-18 17:47 . 2011-06-20 17:44 293888 c:\windows\system32\dllcache\winsrv.dll + 2010-06-18 17:47 . 2011-11-25 21:57 293888 c:\windows\system32\dllcache\winsrv.dll + 2011-10-14 14:47 . 2011-10-14 14:47 179200 c:\windows\system32\dllcache\winmm.dll + 2008-12-16 12:33 . 2011-11-16 14:22 354816 c:\windows\system32\dllcache\winhttp.dll - 2008-12-16 12:33 . 2009-08-25 09:20 354816 c:\windows\system32\dllcache\winhttp.dll - 2006-03-02 12:00 . 2009-03-08 02:34 236544 c:\windows\system32\dllcache\webcheck.dll + 2006-03-02 12:00 . 2009-03-08 03:34 236544 c:\windows\system32\dllcache\webcheck.dll + 2008-05-22 13:23 . 2009-03-08 03:33 759296 c:\windows\system32\dllcache\VGX.dll + 2008-05-09 10:56 . 2009-03-08 03:33 420352 c:\windows\system32\dllcache\vbscript.dll + 2009-01-07 17:20 . 2009-01-07 17:20 134144 c:\windows\system32\dllcache\sqmapi.dll - 2009-01-07 16:20 . 2009-01-07 16:20 134144 c:\windows\system32\dllcache\sqmapi.dll + 2009-01-07 17:21 . 2009-01-07 17:21 474624 c:\windows\system32\dllcache\shlwapi.dll - 2009-01-07 16:21 . 2009-12-08 09:25 474624 c:\windows\system32\dllcache\shlwapi.dll + 2008-12-05 06:58 . 2011-11-16 14:22 152064 c:\windows\system32\dllcache\schannel.dll + 2011-11-03 15:29 . 2011-11-03 15:29 386560 c:\windows\system32\dllcache\qdvd.dll - 2006-03-02 12:00 . 2009-03-08 02:34 193536 c:\windows\system32\dllcache\msrating.dll + 2006-03-02 12:00 . 2009-03-08 03:34 193536 c:\windows\system32\dllcache\msrating.dll - 2006-03-02 12:00 . 2009-03-08 02:22 156160 c:\windows\system32\dllcache\msls31.dll + 2006-03-02 12:00 . 2009-03-08 03:22 156160 c:\windows\system32\dllcache\msls31.dll + 2008-05-09 10:56 . 2009-03-08 03:33 726528 c:\windows\system32\dllcache\jscript.dll - 2008-05-09 10:56 . 2011-03-04 06:36 726528 c:\windows\system32\dllcache\jscript.dll + 2008-05-22 13:23 . 2009-03-08 13:09 638816 c:\windows\system32\dllcache\iexplore.exe - 2008-05-22 13:23 . 2009-03-08 12:09 638816 c:\windows\system32\dllcache\iexplore.exe + 2008-05-22 15:34 . 2009-03-08 03:11 445952 c:\windows\system32\dllcache\ieapfltr.dll - 2008-05-22 15:34 . 2009-03-08 02:11 445952 c:\windows\system32\dllcache\ieapfltr.dll - 2006-03-02 12:00 . 2009-03-08 02:32 163840 c:\windows\system32\dllcache\ieakui.dll + 2006-03-02 12:00 . 2009-03-08 03:32 163840 c:\windows\system32\dllcache\ieakui.dll + 2006-03-02 12:00 . 2009-03-08 03:33 229376 c:\windows\system32\dllcache\ieaksie.dll - 2006-03-02 12:00 . 2009-03-08 02:33 229376 c:\windows\system32\dllcache\ieaksie.dll + 2006-03-02 12:00 . 2009-03-08 03:33 125952 c:\windows\system32\dllcache\ieakeng.dll - 2006-03-02 12:00 . 2009-03-08 02:33 125952 c:\windows\system32\dllcache\ieakeng.dll + 2006-03-02 12:00 . 2009-03-08 03:31 216064 c:\windows\system32\dllcache\dxtrans.dll - 2006-03-02 12:00 . 2009-03-08 02:31 216064 c:\windows\system32\dllcache\dxtrans.dll + 2006-03-02 12:00 . 2009-03-08 03:31 348160 c:\windows\system32\dllcache\dxtmsft.dll - 2006-03-02 12:00 . 2009-03-08 02:31 348160 c:\windows\system32\dllcache\dxtmsft.dll + 2006-03-02 12:00 . 2009-03-08 03:32 128512 c:\windows\system32\dllcache\advpack.dll - 2006-03-02 12:00 . 2009-03-08 02:32 128512 c:\windows\system32\dllcache\advpack.dll - 2006-03-02 12:00 . 2009-03-08 02:32 128512 c:\windows\system32\advpack.dll + 2006-03-02 12:00 . 2009-03-08 03:32 128512 c:\windows\system32\advpack.dll - 2009-02-02 20:46 . 2011-12-14 14:16 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2009-02-02 20:46 . 2012-01-11 20:46 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2009-02-02 20:46 . 2011-12-14 14:16 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2009-02-02 20:46 . 2012-01-11 20:46 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2009-02-02 20:46 . 2011-12-14 14:15 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2009-02-02 20:46 . 2012-01-11 20:46 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2009-02-02 20:46 . 2011-12-14 14:15 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-02-02 20:46 . 2012-01-11 20:46 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-02-02 20:46 . 2012-01-11 20:46 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-02-02 20:46 . 2011-12-14 14:15 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2009-02-02 20:46 . 2012-01-11 20:46 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2009-02-02 20:46 . 2011-12-14 14:15 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2009-02-02 20:46 . 2011-12-14 14:15 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2009-02-02 20:46 . 2012-01-11 20:46 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2012-01-12 18:33 . 2009-03-08 03:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll + 2012-01-12 18:33 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB982381-IE8\updspapi.dll + 2012-01-12 18:33 . 2009-05-26 11:41 765304 c:\windows\ie8updates\KB982381-IE8\update.exe + 2012-01-12 18:33 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll - 2010-06-11 01:17 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll + 2012-01-12 18:33 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe - 2010-06-11 01:17 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe + 2012-01-12 18:33 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB982381-IE8\spuninst.exe + 2012-01-12 18:33 . 2009-03-08 03:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll + 2012-01-12 18:33 . 2009-03-08 03:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll - 2010-06-11 01:16 . 2010-02-25 06:20 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll + 2012-01-12 18:33 . 2009-03-08 03:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll - 2010-06-11 01:16 . 2010-02-25 06:20 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll + 2012-01-12 18:33 . 2009-03-08 03:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll + 2012-01-12 18:33 . 2009-03-08 03:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll - 2010-06-11 01:16 . 2009-03-08 02:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll + 2012-01-12 18:33 . 2009-03-08 03:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll + 2012-01-12 18:33 . 2009-03-08 13:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll + 2012-01-12 18:33 . 2009-03-08 03:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe - 2010-06-11 01:16 . 2010-02-24 09:56 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe - 2011-12-14 14:13 . 2011-08-22 23:41 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll + 2012-01-12 18:34 . 2010-05-06 10:37 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll - 2011-12-14 14:13 . 2011-08-22 23:41 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll + 2012-01-12 18:34 . 2009-03-08 03:34 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll + 2012-01-12 18:34 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2618444-IE8\updspapi.dll + 2012-01-12 18:34 . 2010-07-05 13:21 765304 c:\windows\ie8updates\KB2618444-IE8\update.exe - 2011-12-14 14:13 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll + 2012-01-12 18:34 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll - 2011-12-14 14:13 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe + 2012-01-12 18:34 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe + 2012-01-12 18:34 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2618444-IE8\spuninst.exe - 2011-12-14 14:13 . 2011-08-22 23:41 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll + 2012-01-12 18:34 . 2010-05-06 10:37 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll + 2012-01-12 18:34 . 2010-05-06 10:37 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll - 2011-12-14 14:13 . 2011-08-22 23:41 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll + 2012-01-12 18:34 . 2010-05-06 10:36 599040 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll - 2011-12-14 14:13 . 2011-08-22 23:41 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll + 2012-01-12 18:34 . 2010-05-06 10:36 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll + 2012-01-12 18:34 . 2010-05-06 10:36 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll - 2011-12-14 14:13 . 2011-08-22 23:41 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll - 2011-12-14 14:13 . 2011-08-22 23:41 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll + 2012-01-12 18:34 . 2010-05-06 10:36 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll + 2012-01-12 18:34 . 2010-05-06 10:36 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll - 2011-12-14 14:13 . 2011-08-22 23:41 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll + 2012-01-12 18:34 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe + 2012-01-12 18:34 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB2598845-IE8\spuninst\updspapi.dll + 2012-01-12 18:34 . 2010-02-22 14:29 234872 c:\windows\ie8updates\KB2598845-IE8\spuninst\spuninst.exe - 2009-06-27 10:08 . 2009-04-29 04:49 827392 c:\windows\ie8\wininet.dll + 2012-01-12 18:30 . 2009-04-29 04:49 827392 c:\windows\ie8\wininet.dll + 2012-01-12 18:30 . 2007-08-13 16:45 206336 c:\windows\ie8\winfxdocobj.exe - 2009-06-27 10:08 . 2007-08-13 16:45 206336 c:\windows\ie8\winfxdocobj.exe + 2012-01-12 18:30 . 2009-04-29 04:49 233472 c:\windows\ie8\webcheck.dll - 2009-06-27 10:08 . 2009-04-29 04:49 233472 c:\windows\ie8\webcheck.dll + 2012-01-12 18:30 . 2007-07-12 23:32 765952 c:\windows\ie8\vgx.dll - 2009-06-27 10:08 . 2007-07-12 23:32 765952 c:\windows\ie8\vgx.dll - 2009-06-27 10:08 . 2008-05-09 10:56 430080 c:\windows\ie8\vbscript.dll + 2012-01-12 18:30 . 2008-05-09 10:56 430080 c:\windows\ie8\vbscript.dll + 2012-01-12 18:30 . 2009-04-29 04:49 105984 c:\windows\ie8\url.dll - 2009-06-27 10:08 . 2009-04-29 04:49 105984 c:\windows\ie8\url.dll + 2012-01-12 18:31 . 2009-01-07 17:21 400928 c:\windows\ie8\spuninst\updspapi.dll - 2009-06-27 10:09 . 2009-01-07 16:21 400928 c:\windows\ie8\spuninst\updspapi.dll + 2012-01-12 18:31 . 2009-01-07 17:21 235040 c:\windows\ie8\spuninst\spuninst.exe - 2009-06-27 10:09 . 2009-01-07 16:21 235040 c:\windows\ie8\spuninst\spuninst.exe - 2009-06-27 10:08 . 2006-09-06 15:43 216800 c:\windows\ie8\spuninst.exe + 2012-01-12 18:30 . 2006-09-06 15:43 216800 c:\windows\ie8\spuninst.exe - 2009-06-27 10:08 . 2009-04-29 04:49 102912 c:\windows\ie8\occache.dll + 2012-01-12 18:30 . 2009-04-29 04:49 102912 c:\windows\ie8\occache.dll - 2009-06-27 10:08 . 2009-04-29 04:49 671232 c:\windows\ie8\mstime.dll + 2012-01-12 18:30 . 2009-04-29 04:49 671232 c:\windows\ie8\mstime.dll + 2012-01-12 18:30 . 2009-04-29 04:49 193024 c:\windows\ie8\msrating.dll - 2009-06-27 10:08 . 2009-04-29 04:49 193024 c:\windows\ie8\msrating.dll - 2009-06-27 10:08 . 2007-08-13 16:54 156160 c:\windows\ie8\msls31.dll + 2012-01-12 18:30 . 2007-08-13 16:54 156160 c:\windows\ie8\msls31.dll + 2012-01-12 18:30 . 2009-04-29 04:49 477696 c:\windows\ie8\mshtmled.dll - 2009-06-27 10:08 . 2009-04-29 04:49 477696 c:\windows\ie8\mshtmled.dll + 2012-01-12 18:30 . 2009-04-29 04:49 459264 c:\windows\ie8\msfeeds.dll - 2009-06-27 10:08 . 2009-04-29 04:49 459264 c:\windows\ie8\msfeeds.dll + 2012-01-12 18:30 . 2008-05-09 10:56 512000 c:\windows\ie8\jscript.dll - 2009-06-27 10:08 . 2008-05-09 10:56 512000 c:\windows\ie8\jscript.dll + 2012-01-12 18:30 . 2009-04-25 05:27 636088 c:\windows\ie8\iexplore.exe - 2009-06-27 10:08 . 2009-04-25 05:27 636088 c:\windows\ie8\iexplore.exe - 2009-06-27 10:08 . 2007-08-13 16:54 180736 c:\windows\ie8\ieui.dll + 2012-01-12 18:30 . 2007-08-13 16:54 180736 c:\windows\ie8\ieui.dll - 2009-06-27 10:08 . 2009-04-29 04:49 268288 c:\windows\ie8\iertutil.dll + 2012-01-12 18:30 . 2009-04-29 04:49 268288 c:\windows\ie8\iertutil.dll + 2012-01-12 18:30 . 2007-08-13 16:54 287744 c:\windows\ie8\ieproxy.dll - 2009-06-27 10:08 . 2007-08-13 16:54 287744 c:\windows\ie8\ieproxy.dll - 2009-06-27 10:08 . 2007-08-13 16:54 191488 c:\windows\ie8\iepeers.dll + 2012-01-12 18:30 . 2007-08-13 16:54 191488 c:\windows\ie8\iepeers.dll + 2012-01-12 18:30 . 2009-04-29 04:49 385024 c:\windows\ie8\iedkcs32.dll - 2009-06-27 10:08 . 2009-04-29 04:49 385024 c:\windows\ie8\iedkcs32.dll - 2009-06-27 10:08 . 2009-04-29 04:49 383488 c:\windows\ie8\ieapfltr.dll + 2012-01-12 18:30 . 2009-04-29 04:49 383488 c:\windows\ie8\ieapfltr.dll - 2009-06-27 10:08 . 2009-04-25 05:26 161792 c:\windows\ie8\ieakui.dll + 2012-01-12 18:30 . 2009-04-25 05:26 161792 c:\windows\ie8\ieakui.dll + 2012-01-12 18:30 . 2009-04-29 04:49 230400 c:\windows\ie8\ieaksie.dll - 2009-06-27 10:08 . 2009-04-29 04:49 230400 c:\windows\ie8\ieaksie.dll - 2009-06-27 10:08 . 2009-04-29 04:49 153088 c:\windows\ie8\ieakeng.dll + 2012-01-12 18:30 . 2009-04-29 04:49 153088 c:\windows\ie8\ieakeng.dll - 2009-06-27 10:08 . 2009-04-29 04:49 214528 c:\windows\ie8\dxtrans.dll + 2012-01-12 18:30 . 2009-04-29 04:49 214528 c:\windows\ie8\dxtrans.dll + 2012-01-12 18:30 . 2009-04-29 04:49 347136 c:\windows\ie8\dxtmsft.dll - 2009-06-27 10:08 . 2009-04-29 04:49 347136 c:\windows\ie8\dxtmsft.dll - 2009-06-27 10:08 . 2009-04-29 04:49 124928 c:\windows\ie8\advpack.dll + 2012-01-12 18:30 . 2009-04-29 04:49 124928 c:\windows\ie8\advpack.dll + 2007-02-12 14:10 . 2009-02-06 20:07 3698584 c:\windows\system32\ieapfltr.dat - 2007-02-12 14:10 . 2009-02-06 19:07 3698584 c:\windows\system32\ieapfltr.dat + 2009-01-07 17:21 . 2009-01-07 17:21 1497088 c:\windows\system32\dllcache\shdocvw.dll - 2009-01-07 16:21 . 2009-01-07 16:21 1497088 c:\windows\system32\dllcache\shdocvw.dll + 2008-05-07 05:12 . 2011-11-03 15:29 1296384 c:\windows\system32\dllcache\quartz.dll - 2008-05-22 15:34 . 2009-02-06 19:07 3698584 c:\windows\system32\dllcache\ieapfltr.dat + 2008-05-22 15:34 . 2009-02-06 20:07 3698584 c:\windows\system32\dllcache\ieapfltr.dat + 2009-01-07 17:21 . 2009-01-07 17:21 1022976 c:\windows\system32\dllcache\browseui.dll - 2009-01-07 16:21 . 2009-01-07 16:21 1022976 c:\windows\system32\dllcache\browseui.dll + 2011-12-08 18:24 . 2011-12-08 18:24 4989952 c:\windows\Installer\21fc78a.msp + 2009-02-02 20:46 . 2012-01-11 20:46 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - 2009-02-02 20:46 . 2011-12-14 14:15 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - 2009-02-02 20:46 . 2011-12-14 14:15 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2009-02-02 20:46 . 2012-01-11 20:46 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2012-01-12 18:33 . 2009-03-08 03:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll + 2012-01-12 18:33 . 2009-03-08 03:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll + 2012-01-12 18:33 . 2009-03-08 03:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll + 2012-01-12 18:34 . 2010-05-06 10:37 1209344 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll + 2012-01-12 18:34 . 2010-05-06 10:37 5950976 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll + 2012-01-12 18:34 . 2010-05-06 10:36 1985536 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll + 2012-01-12 18:30 . 2009-04-29 04:49 1159680 c:\windows\ie8\urlmon.dll - 2009-06-27 10:08 . 2009-04-29 04:49 1159680 c:\windows\ie8\urlmon.dll - 2009-06-27 10:08 . 2009-04-29 04:49 3596288 c:\windows\ie8\mshtml.dll + 2012-01-12 18:30 . 2009-04-29 04:49 3596288 c:\windows\ie8\mshtml.dll + 2012-01-12 18:30 . 2009-04-29 04:49 6066176 c:\windows\ie8\ieframe.dll - 2009-06-27 10:08 . 2009-04-29 04:49 6066176 c:\windows\ie8\ieframe.dll + 2012-01-12 18:30 . 2008-07-09 14:25 2455488 c:\windows\ie8\ieapfltr.dat - 2009-06-27 10:08 . 2008-07-09 14:25 2455488 c:\windows\ie8\ieapfltr.dat + 2008-05-22 14:42 . 2012-01-11 20:47 52128560 c:\windows\system32\MRT.exe + 2012-01-03 17:58 . 2012-01-03 17:58 15929344 c:\windows\Installer\14c10e7.msp + 2012-01-12 18:33 . 2009-03-08 03:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll + 2012-01-12 18:34 . 2010-05-06 10:36 11076096 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2011-12-07 08:17 1547104 ----a-w- c:\program files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll" [2011-12-07 1547104] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-07-18 451872] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-28 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416] "SkyTel"="SkyTel.EXE" [2007-06-15 1826816] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-30 7634944] "nwiz"="nwiz.exe" [2006-10-30 1622016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-30 86016] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "eFax 4.3"="c:\program files\eFax Messenger 4.3\J2GDllCmd.exe" [2007-03-06 116224] "UPC"="c:\program files\UPC\bin\sprtcmd.exe" [2005-08-16 192512] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-25 1159168] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2009-01-08 114688] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2008-08-04 160800] "VX3000"="c:\windows\vVX3000.exe" [2008-08-04 721936] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-12-07 827232] "HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-11-01 593920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\nvt\Menu Start\Programma's\Opstarten\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ eFax 4.3.lnk - c:\program files\eFax Messenger 4.3\J2GTray.exe [2008-8-12 629248] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Hypobox\\Bin\\bbx\\fl\\ip\\bin\\IllustratePlus.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Hypobox\\Bin\\HypoboxUpdate.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"= "c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgam.exe"= "c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13-9-2010 15:27 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7-9-2010 3:48 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8-12-2010 4:12 248656] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [12-11-2010 13:19 297168] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8-2-2011 4:33 269520] R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [12-8-2011 17:13 87040] R2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [7-12-2011 9:17 855904] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [3-8-2010 15:23 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [3-8-2010 15:23 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [3-8-2010 15:23 27216] R3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [18-8-2011 0:33 7390560] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6-1-2010 18:28 135664] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [9-5-2011 8:42 167264] S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\drivers\aabed2.sys [20-6-2011 13:07 21888] S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6-1-2010 18:28 135664] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [29-6-2010 15:10 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22-6-2010 18:01 21248] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2-3-2006 13:00 14336] S3 USBAU;USB Audio Device Interface;c:\windows\system32\drivers\CM102.sys [20-11-2009 16:44 1400832] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-07-18 15:53 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-01-06 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2012-01-12 c:\windows\Tasks\AVG PC Tuneup 2011 Integrator Start On nvt Logon.job - c:\program files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [2011-08-04 13:58] . 2012-01-12 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-28 17:57] . 2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 17:28] . 2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 17:28] . 2012-01-12 c:\windows\Tasks\User_Feed_Synchronization-{C04875A5-890B-4A57-A257-615900806454}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll DPF: {708C978C-BBF5-4038-8DC1-64FF22BCFFB6} - hxxp://www.barracuda.com/ns/products/spyware-removal-tool/tool/BarracudaSpyRemoval.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\documents and settings\nvt\Application Data\Mozilla\Firefox\Profiles\3qzklc25.default\ FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-12 20:44 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2012-01-12 20:47:51 ComboFix-quarantined-files.txt 2012-01-12 19:47 ComboFix2.txt 2012-01-12 13:15 ComboFix3.txt 2012-01-11 20:06 ComboFix4.txt 2012-01-10 20:35 . Pre-Run: 125.137.035.264 bytes beschikbaar Post-Run: 125.128.142.848 bytes beschikbaar . - - End Of File - - 588D19243E787D21ED9F3FA99AA6441C Groet Ron ---------- Post toegevoegd om 21:03 ---------- Vorige post was om 20:55 ---------- Het paard zit er volgens AVG nog in dezelfde extensie als het report dat hier al staat.
  4. Mako en of Kape, Zijn jullie al in de gelegenheid geweest om naar het log te kijken? Groet Ron
  5. bijgaand het logje van Combifix. ComboFix 12-01-12.02 - nvt 12-01-2012 14:01:12.3.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1919.845 [GMT 1:00] Gestart vanuit: c:\documents and settings\nvt\Mijn documenten\Downloads\ComboFix.exe AV: AVG Anti-Virus 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-12 to 2012-01-12 )))))))))))))))))))))))))))))) . . 2012-01-12 11:39 . 2012-01-12 11:39 -------- d-----w- c:\documents and settings\nvt\Local Settings\Application Data\adaware 2012-01-12 09:54 . 2012-01-12 09:54 -------- d-----w- C:\found.000 2012-01-12 09:06 . 2012-01-12 11:18 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE 2012-01-11 19:40 . 2012-01-11 19:40 -------- d-----w- C:\bureaublad 2012-01-10 20:23 . 2012-01-10 20:23 -------- d-----w- c:\documents and settings\nvt\vorus 2012-01-10 20:23 . 2012-01-10 20:23 -------- d-----w- c:\documents and settings\nvt\virus 2012-01-09 16:21 . 2012-01-09 16:21 -------- d-----w- c:\program files\7-Zip 2012-01-09 13:23 . 2012-01-12 12:27 -------- d--h--r- c:\documents and settings\nvt\Onlangs geopend 2012-01-09 11:19 . 2012-01-09 13:51 -------- d-----w- C:\sh4ldr 2012-01-09 11:19 . 2012-01-09 11:19 -------- d-----w- c:\program files\Enigma Software Group 2012-01-09 11:17 . 2012-01-09 13:50 -------- d-----w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP 2012-01-06 15:37 . 2012-01-06 15:37 388096 ----a-r- c:\documents and settings\nvt\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-06 15:37 . 2012-01-06 15:37 -------- d-----w- c:\program files\Trend Micro 2012-01-05 12:26 . 2012-01-05 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2012-01-05 11:20 . 2012-01-05 11:20 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-01-02 17:32 . 2012-01-02 17:32 -------- d-----w- c:\documents and settings\nvt\Application Data\QuickScan 2012-01-02 16:36 . 2012-01-02 16:36 -------- d-----w- c:\program files\Bonjour 2012-01-02 10:22 . 2012-01-12 10:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection 2012-01-02 10:22 . 2012-01-02 10:22 -------- d-----w- c:\program files\Toolbar Cleaner 2012-01-02 10:20 . 2012-01-02 10:20 -------- d-----w- c:\program files\Lavasoft 2012-01-02 10:20 . 2012-01-10 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2011-12-29 10:21 . 2012-01-06 14:46 474 ----a-w- C:\user.js 2011-12-29 10:21 . 2012-01-12 10:51 -------- d-----w- c:\program files\BrowserCompanion 2011-12-29 10:21 . 2011-12-29 10:21 -------- d-----w- c:\documents and settings\nvt\Local Settings\Application Data\Babylon 2011-12-29 10:21 . 2011-12-29 10:21 -------- d-----w- c:\documents and settings\nvt\AppData 2011-12-29 10:21 . 2011-12-29 10:21 -------- d-----w- c:\documents and settings\nvt\Application Data\Babylon 2011-12-29 10:21 . 2011-12-29 10:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2011-12-22 09:27 . 2012-01-12 10:01 -------- d-----w- c:\documents and settings\nvt\Local Settings\Application Data\Htc . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-10 14:24 . 2009-01-19 13:35 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-25 21:57 . 2006-03-02 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:40 . 2006-03-02 12:00 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2006-03-02 12:00 60928 ----a-w- c:\windows\system32\packager.exe 2011-11-16 14:22 . 2006-03-02 12:00 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:22 . 2006-03-02 12:00 152064 ----a-w- c:\windows\system32\schannel.dll 2011-11-04 19:13 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2006-03-02 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll 2011-11-03 15:29 . 2006-03-02 12:00 1296384 ----a-w- c:\windows\system32\quartz.dll 2011-11-01 16:07 . 2006-03-02 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2006-03-02 12:00 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 10:50 . 2004-08-04 00:58 2031616 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-18 11:13 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-14 14:47 . 2006-03-02 12:00 23040 ----a-w- c:\windows\system32\mciseq.dll 2011-10-14 14:47 . 2006-03-02 12:00 179200 ----a-w- c:\windows\system32\winmm.dll 2011-11-09 09:04 . 2011-09-28 08:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-01-10_20.31.59 ))))))))))))))))))))))))))))))))))))))))) . + 2012-01-12 09:59 . 2012-01-12 09:59 16384 c:\windows\Temp\Perflib_Perfdata_c64.dat + 2011-11-20 06:12 . 2011-11-20 06:12 60928 c:\windows\system32\dllcache\packager.exe + 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll - 2008-05-22 13:27 . 2012-01-09 14:14 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-05-22 13:27 . 2012-01-12 09:26 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2008-05-22 13:27 . 2012-01-09 14:14 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat + 2008-05-22 13:27 . 2012-01-12 09:26 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat - 2008-05-22 13:27 . 2012-01-09 14:14 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2012-01-12 09:27 . 2012-01-12 09:26 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2012-01-12 09:27 . 2012-01-12 09:27 28160 c:\windows\Installer\8ad11.msi - 2009-02-02 20:46 . 2011-12-14 14:16 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2009-02-02 20:46 . 2012-01-11 20:46 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2009-02-02 20:46 . 2011-12-14 14:16 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2009-02-02 20:46 . 2012-01-11 20:46 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2009-02-02 20:46 . 2012-01-11 20:46 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - 2009-02-02 20:46 . 2011-12-14 14:16 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2010-06-18 17:47 . 2011-11-25 21:57 293888 c:\windows\system32\dllcache\winsrv.dll - 2010-06-18 17:47 . 2011-06-20 17:44 293888 c:\windows\system32\dllcache\winsrv.dll + 2011-10-14 14:47 . 2011-10-14 14:47 179200 c:\windows\system32\dllcache\winmm.dll - 2008-12-16 12:33 . 2009-08-25 09:20 354816 c:\windows\system32\dllcache\winhttp.dll + 2008-12-16 12:33 . 2011-11-16 14:22 354816 c:\windows\system32\dllcache\winhttp.dll + 2008-12-05 06:58 . 2011-11-16 14:22 152064 c:\windows\system32\dllcache\schannel.dll + 2011-11-03 15:29 . 2011-11-03 15:29 386560 c:\windows\system32\dllcache\qdvd.dll - 2009-02-02 20:46 . 2011-12-14 14:16 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2009-02-02 20:46 . 2012-01-11 20:46 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2009-02-02 20:46 . 2011-12-14 14:16 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2009-02-02 20:46 . 2012-01-11 20:46 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2009-02-02 20:46 . 2011-12-14 14:15 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2009-02-02 20:46 . 2012-01-11 20:46 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2009-02-02 20:46 . 2012-01-11 20:46 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2009-02-02 20:46 . 2011-12-14 14:15 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-02-02 20:46 . 2012-01-11 20:46 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-02-02 20:46 . 2011-12-14 14:15 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-02-02 20:46 . 2011-12-14 14:15 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2009-02-02 20:46 . 2012-01-11 20:46 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2009-02-02 20:46 . 2011-12-14 14:15 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2009-02-02 20:46 . 2012-01-11 20:46 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2008-05-07 05:12 . 2011-11-03 15:29 1296384 c:\windows\system32\dllcache\quartz.dll + 2011-12-08 18:24 . 2011-12-08 18:24 4989952 c:\windows\Installer\21fc78a.msp + 2009-02-02 20:46 . 2012-01-11 20:46 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - 2009-02-02 20:46 . 2011-12-14 14:15 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2009-02-02 20:46 . 2012-01-11 20:46 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2009-02-02 20:46 . 2011-12-14 14:15 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2008-05-22 14:42 . 2012-01-11 20:47 52128560 c:\windows\system32\MRT.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2011-12-07 08:17 1547104 ----a-w- c:\program files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll" [2011-12-07 1547104] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-07-18 451872] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-28 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416] "SkyTel"="SkyTel.EXE" [2007-06-15 1826816] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-30 7634944] "nwiz"="nwiz.exe" [2006-10-30 1622016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-30 86016] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "eFax 4.3"="c:\program files\eFax Messenger 4.3\J2GDllCmd.exe" [2007-03-06 116224] "UPC"="c:\program files\UPC\bin\sprtcmd.exe" [2005-08-16 192512] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-25 1159168] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2009-01-08 114688] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2008-08-04 160800] "VX3000"="c:\windows\vVX3000.exe" [2008-08-04 721936] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-12-07 827232] "HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-11-01 593920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "adaware"="reg.exe delete HKCU\Software\AppDataLow\Software\adaware" [X] "adaware_XP"="reg.exe delete HKCU\Software\adaware" [X] . c:\documents and settings\nvt\Menu Start\Programma's\Opstarten\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ eFax 4.3.lnk - c:\program files\eFax Messenger 4.3\J2GTray.exe [2008-8-12 629248] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Hypobox\\Bin\\bbx\\fl\\ip\\bin\\IllustratePlus.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Hypobox\\Bin\\HypoboxUpdate.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"= "c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgam.exe"= "c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13-9-2010 15:27 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7-9-2010 3:48 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8-12-2010 4:12 248656] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [12-11-2010 13:19 297168] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8-2-2011 4:33 269520] R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [12-8-2011 17:13 87040] R2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [7-12-2011 9:17 855904] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [3-8-2010 15:23 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [3-8-2010 15:23 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [3-8-2010 15:23 27216] R3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [18-8-2011 0:33 7390560] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6-1-2010 18:28 135664] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [9-5-2011 8:42 167264] S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\drivers\aabed2.sys [20-6-2011 13:07 21888] S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6-1-2010 18:28 135664] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [29-6-2010 15:10 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22-6-2010 18:01 21248] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2-3-2006 13:00 14336] S3 USBAU;USB Audio Device Interface;c:\windows\system32\drivers\CM102.sys [20-11-2009 16:44 1400832] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-07-18 15:53 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-01-06 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2012-01-12 c:\windows\Tasks\AVG PC Tuneup 2011 Integrator Start On nvt Logon.job - c:\program files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [2011-08-04 13:58] . 2012-01-12 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-28 17:57] . 2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 17:28] . 2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 17:28] . 2012-01-12 c:\windows\Tasks\User_Feed_Synchronization-{C04875A5-890B-4A57-A257-615900806454}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll DPF: {708C978C-BBF5-4038-8DC1-64FF22BCFFB6} - hxxp://www.barracuda.com/ns/products/spyware-removal-tool/tool/BarracudaSpyRemoval.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\documents and settings\nvt\Application Data\Mozilla\Firefox\Profiles\3qzklc25.default\ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=adbartrp&affID=101240&mntrId=dcae01620000000000000016930001c7&q= FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_ss&affID=101240&mntrId=dcae01620000000000000016930001c7 FF - prefs.js: browser.search.selectedEngine - Search the Web FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/?rlz=1V1IPYX FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.BabylonToolbar_i.id - dcae01620000000000000016930001c7 FF - user.js: extensions.BabylonToolbar_i.hardId - dcae01620000000000000016930001c7 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15345 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:45 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101240 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-12 14:11 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(1312) c:\program files\Windows Desktop Search\deskbar.dll c:\program files\Windows Desktop Search\nl-nl\dbres.dll.mui c:\program files\Windows Desktop Search\dbres.dll c:\program files\Windows Desktop Search\wordwheel.dll c:\program files\Windows Desktop Search\nl-nl\msnlExtRes.dll.mui c:\program files\Windows Desktop Search\msnlExtRes.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-01-12 14:14:59 ComboFix-quarantined-files.txt 2012-01-12 13:14 ComboFix2.txt 2012-01-11 20:06 ComboFix3.txt 2012-01-10 20:35 . Pre-Run: 125.661.544.448 bytes beschikbaar Post-Run: 125.704.945.664 bytes beschikbaar . - - End Of File - - 0CD47030DAAD4A9BD8E0FE3882B48149 Weet niet iemand met een heel ander IP adres heeft de geprobeerd in te loggen. Groet, Ron
  6. hier het log report van AVG "Scan ""De hele computer scannen"" is voltooid." "Infecties";"2";"2";"0" "Informatie";"1" "Voor scan geselecteerde mappen:";"De hele computer scannen" "Scan is gestart:";"donderdag 12 januari 2012, 11:48:20" "Scan voltooid:";"donderdag 12 januari 2012, 12:44:08 (55 min. 47 seconde (n))" "Totaal gescande objecten:";"1141717" "Gebruiker die de scan heeft gestart:";"nvt" "Infecties" "";"Bestand";"Infectie";"Resultaat" "";"C:\WINDOWS\system32\services.exe (1612):\memory_01170000";"Trojaans paard PSW.Generic9.RDX";"Object is niet toegankelijk" "";"C:\WINDOWS\system32\services.exe (1612)";"Trojaans paard PSW.Generic9.RDX";"" "Informatie" "";"Bestand";"Informatie";"Resultaat" "";"C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe";"Het bestand is ondertekend met een beschadigd certificaat, uitgegeven door: Malwarebytes Corporation.";"" daar gaat mijn volgende potlood
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.