suunto

1 juni 2014

ik zou niet weten of ze illegaal zijn heb ze gekregen op een USB stick van een vriend. Maar wist dit niet zal ik niet verder vragen stellen over dit onderwerp.

Zal dit dan ook direct markeren als opgelost

1 juni 2014

Ik ben hier nu al 2 weken mee bezig ik heb beneden een Samsung SmartTV staan waar ik via een netwerk contact heb met mijn computer waar ik films op heb gedownload. Nou komt het kijk in deze films op mijn computer dan zie ik gewoon de Nederlandse ondertiteling, kijk ik via de Samsung TV dan is er geen ondertiteling te vinden? ook niet als ik Tools indruk op de afstandbediening. Nou ben ik het hele internet over geweest om te kijken waar het probleen in zit maar kom niet dan deze uitleg: je heb dus twee files een MKV matroeska en een SRT.nfo nou staat er in deze nfo file de ondertiteling maar kan daar niet bij komen.

Maar het vreemde blijft kijk ik de MKV file op mijn pc dan zit de ondertiteling ingebakken.

Kijk ik hem op mijn Samsung TV dan is hij nergens te vinden.

Nou ben ik als bezig geweest met MKVToolnix maar als ik dan de MKV file daarin zet gaat alles goed, maar de SRT.nfo word niet herkend door dit tooltje dus kan ze ook niet samen voegen.

Heeft iemand een suggestie voor mij om van dit probleem op te lossen

23 mei 2014

Volgens mij is dit probleem nu opgelost heb een film gekeken en is niet uitgeschakeld, heerlijk . Zal deze ook markeren als opgelost bedank voor jullie hulp.

4 mei 2014

Clarkie, dank je voor je antwoord heb nou ook de vaste schijf bij geavanceerde energie-instellingen op nooit gezet laten we afwachten of dit het probleem was.

Ik laat het zo snel mogelijk weten:top:

3 mei 2014

Ik zit met een probleem heb nu enige maanden een nieuwe computer met Windows 8.1 erop, als ik nu film zit te kijken op mijn TV via de computer (streamen via PS3 Media Server) sluit mijn computer na 1 1/2 uur automatisch af . Heb de slaapstand voor het beeldscherm en de computer al op nooit gezet maar hij blijft het doen, en waat niet waar het aan ligt. Heb Bullguard Internet security erop draaien dus geen virus aanwezig, zou iemand mij hier mee kunnen helpen het is zo vervelend als ik halverwegen de film mijn pc opnieuw moet opstarten.

13 januari 2013

Hartelijk dank voor je hulp, maar ik krijg ComboFix er niet af.

Ik ga in Vista naar start dan vul in bij zoekopdracht starten in Uitvoeren/Zoekopdracht/Programma’s en bestanden naar er gebeurt niets.

Als ik combofix Uninstall opgeef begint hij weer alles opnieuw uit te voeren, zou je voor mij een stappen plan kunnen laten zien om in Vista dit programma te verwijderen. Thanks

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall (met spatie voor de /). Ik weet niet hoe dit werkt??????

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

11 januari 2013

Nee, kom niets meer tegen. Helemaal te gek dank je wel.

11 januari 2013

hier is het logje:

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Databaseversie: v2013.01.10.04

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Ron :: PC_VAN_RON [administrator]

11-1-2013 16:45:43

mbam-log-2013-01-11 (16-45-43).txt

Scan type: Snelle scan

Uitgeschakelde scan opties: P2P

Objecten gescand: 261634

Verstreken tijd: 17 minuut/minuten, 13 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

10 januari 2013

Ik val dus ook in de prijzen,

zou iemand mij kunnen helpen dit op te lossen bvd:

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:30:35, on 10-1-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\tsnpstd3.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Windows\vsnpstd3.exe

C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\CyberLink\Shared Files\brs.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files\Samsung\AllShare\AllShareAgent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files\Java\jre6\bin\javaw.exe

C:\Users\Ron\Hijackthis\HijackThis.exe

C:\Windows\System32\mobsync.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121114172502.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe

O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"

O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [instantOn] "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe /c "

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe

O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)

O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--

End of file - 12256 bytes

combo fix:

ComboFix 13-01-08.01 - Ron 10-01-2013 19:46:18.5.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3070.1521 [GMT 1:00]

Gestart vanuit: c:\users\Ron\Hijackthis\ComboFix.exe

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: McAfee Antivirus en antispyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: McAfee Antivirus en antispyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Aanwezig AV is actief

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Ron\AppData\Local\temp\jna5731.dll

c:\users\Ron\AppData\Roaming\Gite

c:\users\Ron\AppData\Roaming\Gite\uscag.meu

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-12-10 to 2013-01-10 ))))))))))))))))))))))))))))))

.

2013-01-10 19:02 . 2013-01-10 19:02 -------- d-----w- c:\users\Public\AppData\Local\temp

2013-01-10 19:02 . 2013-01-10 19:02 -------- d-----w- c:\users\Nancy\AppData\Local\temp

2013-01-10 19:02 . 2013-01-10 19:02 -------- d-----w- c:\users\Mitchell\AppData\Local\temp

2013-01-10 19:02 . 2013-01-10 19:02 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-28 17:02 . 2012-12-28 17:03 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1(233)

2012-12-22 11:06 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-22 11:06 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll

2012-12-16 09:44 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-12-16 09:44 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-12-16 09:44 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-12-16 09:44 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-12-16 09:44 . 2009-07-13 23:51 34944 ----a-w- c:\windows\system32\drivers\winusb.sys

2012-12-15 19:48 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll

2012-12-15 19:48 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe

2012-12-15 19:47 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys

17 juli 2012

PC is nog steeds erg traag voor het WWW moet ik gemiddeld 5 Minuten wachten voor ik toegang krijg.

Heb mijn PC ook uitgezogen met de stofzuiger was haast geen stof te vinden maar de Temp blijft hoog zie Speccy File:

http://speccy.piriform.com/results/JeZumreWNyyX4o21XnyODKe

17 juli 2012

Hier is de nieuwe file van CombiFix:

ComboFix 12-07-16.01 - Ron 17-07-2012 13:32:21.3.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3070.2070 [GMT 2:00]

Gestart vanuit: c:\users\Ron\Hijackthis\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Ron\Desktop\CFScript.txt

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\1ClickDownload

c:\program files\1ClickDownload\IMAX_Under_The_Sea_3D_(2010)_USB3DTV_Eng-Fra-Esp_1080p_MKV.torrent

c:\program files\1ClickDownload\mainpackfa.exe

c:\program files\1ClickDownload\mainpacklt.exe

c:\program files\1ClickDownload\Priest_3D_(Stereoscopic_Side-by-Side_MKV)_-_dman474_(PRM3).torrent

c:\program files\Conduit

c:\program files\Conduit\Community Alerts\Alert.dll

c:\users\Ron\AppData\Local\Conduit

.

Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\combofix\HarddiskVolumeShadowCopy1_!Windows!System32!userinit.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-17 to 2012-07-17 ))))))))))))))))))))))))))))))

.

2012-07-17 11:43 . 2012-07-17 11:48 -------- d-----w- c:\users\Ron\AppData\Local\temp

2012-07-17 11:43 . 2012-07-17 11:43 -------- d-----w- c:\users\Nancy\AppData\Local\temp

2012-07-17 11:43 . 2012-07-17 11:43 -------- d-----w- c:\users\Mitchell\AppData\Local\temp

2012-07-17 11:43 . 2012-07-17 11:43 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-07-15 18:32 . 2012-07-15 18:32 -------- d-----w- c:\program files\Speccy

2012-07-15 10:14 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-15 09:23 . 2012-07-17 10:40 -------- d-----w- c:\users\Ron\Hijackthis

2012-07-11 12:53 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2012-07-11 12:53 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-07-10 12:20 . 2012-07-10 12:20 -------- d-----w- c:\users\Ron\AppData\Local\CRE

2012-07-04 14:50 . 2012-07-04 14:50 -------- d-----w- c:\users\Ron\AppData\Local\MPlayer

2012-07-04 14:43 . 2012-07-04 14:46 -------- d-----w- c:\programdata\PMS

2012-06-29 20:14 . 2012-07-13 18:03 -------- d-----w- c:\users\Ron\AppData\Local\813CD990-54BF-4D72-9D7C-DD61C095F77A.aplzod

2012-06-29 19:24 . 2012-05-25 15:09 29312 ----a-w- c:\program files\Mozilla Firefox\ScriptFF.dll

2012-06-29 18:01 . 2012-06-29 18:01 -------- d-----w- c:\program files\Common Files\Skype

2012-06-29 07:24 . 2012-06-29 07:24 -------- d-----w- c:\windows\nl

2012-06-29 07:17 . 2012-06-29 07:17 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-06-27 17:06 . 2012-06-27 17:06 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\3add568f1cd548702\DSETUP.dll

2012-06-27 17:06 . 2012-06-27 17:06 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\3add568f1cd548702\DXSETUP.exe

2012-06-27 17:06 . 2012-06-27 17:06 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\3add568f1cd548702\dsetup32.dll

2012-06-25 16:53 . 2012-06-25 16:53 -------- d-----w- C:\Download

2012-06-25 16:53 . 2012-06-25 16:53 -------- d-----w- C:\AllShare

2012-06-25 16:27 . 2012-06-25 16:27 -------- d-----w- c:\users\Ron\AppData\Local\Downloaded Installations

2012-06-20 11:57 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll

2012-06-20 11:57 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll

2012-06-20 11:57 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll

2012-06-20 11:56 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-11 18:35 . 2012-03-30 14:32 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-11 18:35 . 2011-06-16 14:07 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-13 13:40 . 2012-07-11 15:39 2047488 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 16:47 . 2012-07-11 12:53 1401856 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 16:47 . 2012-07-11 12:53 1248768 ----a-w- c:\windows\system32\msxml3.dll

2012-06-02 22:19 . 2012-06-21 19:23 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 19:23 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 19:22 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 19:22 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:19 . 2012-06-21 19:23 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:12 . 2012-06-21 19:23 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:12 . 2012-06-21 19:22 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-21 19:22 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:12 . 2012-06-21 19:22 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 08:25 . 2012-07-11 15:26 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 00:04 . 2012-07-11 12:53 278528 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 00:03 . 2012-07-11 12:53 204288 ----a-w- c:\windows\system32\ncrypt.dll

2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\system32\QuickTime.qts

2012-03-13 04:38 . 2012-04-19 10:31 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

2011-10-21 09:10 87440 ----a-w- c:\program files\adawaretb\adawareDx.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files\adawaretb\adawareDx.dll" [2011-10-21 87440]

.

[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]

"ApplePhotoStreams"="c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-02-24 59240]

"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]

"com.apple.dav.bookmarks.daemon"="c:\program files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [2012-02-23 59240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]

"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdc.exe" [2007-01-24 563080]

"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-30 262144]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-11-05 185632]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-26 136600]

"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]

"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 4349952]

"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]

"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1318816]

"InstantOn"="c:\program files\CyberLink\PowerCinema Linux\ion_install.exe" [2007-02-13 94212]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 1983816]

"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2008-12-03 75048]

"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]

"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]

"AllShareAgent"="c:\users\Ron\Desktop\AllShare\AllShareAgent.exe" [2012-03-01 285072]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3199624407-2966965130-2433954294-1000]

"EnableNotificationsRef"=dword:00000001

.

R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-17 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-11-03 11:06]

.

2012-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 18:35]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://google.nl/

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 192.168.2.254

FF - ProfilePath - c:\users\Ron\AppData\Roaming\Mozilla\Firefox\Profiles\zs9gespq.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - prefs.js: network.proxy.type - 0

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-07-17 13:47

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]

"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(276)

c:\programdata\Ad-Aware Browsing Protection\adawarebp.dll

c:\program files\McAfee\SiteAdvisor\saHook.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\program files\Lavasoft\Ad-Aware\AAWService.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\McAfee\SiteAdvisor\McSACore.exe

c:\windows\system32\mfevtps.exe

c:\windows\system32\rundll32.exe

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\progra~1\COMMON~1\X10\Common\x10nets.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\Common Files\McAfee\SystemCore\mcshield.exe

c:\program files\Common Files\McAfee\SystemCore\mfefire.exe

c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe

c:\windows\system32\WUDFHost.exe

c:\windows\system32\wbem\unsecapp.exe

c:\windows\system32\conime.exe

c:\program files\Lavasoft\Ad-Aware\AAWTray.exe

c:\windows\ehome\ehmsas.exe

c:\windows\ehome\ehsched.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Windows Media Player\wmpnscfg.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\windows\ehome\ehRecvr.exe

c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe

c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

c:\users\Ron\Desktop\AllShare\AllShareDMS\AllShareDMS.exe

c:\windows\servicing\TrustedInstaller.exe

c:\windows\system32\RacAgent.exe

.

**************************************************************************

.

Voltooingstijd: 2012-07-17 14:00:29 - machine werd herstart

ComboFix-quarantined-files.txt 2012-07-17 11:59

.

Pre-Run: 30.185.058.304 bytes beschikbaar

Post-Run: 29.956.079.616 bytes beschikbaar

.

- - End Of File - - C1D9F074B8228244BF6D2A221B0096E3

17 juli 2012

Hoe sla ik dit bestand op op mijn Bureaublad? ben hier een leek in.

Sla dit bestand op je bureaublad op als CFScript en CFScript.txt in ComboFix.exe

Graag een uitleg hierover Thanks.

16 juli 2012

Hier is de file van ComboFix,

ComboFix 12-07-14.01 - Ron 16-07-2012 13:47:26.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3070.1896 [GMT 2:00]

Gestart vanuit: c:\users\Ron\Hijackthis\ComboFix.exe

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

ADS - Windows: deleted 24 bytes in 1 streams.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\programdata\SPL124A.tmp

c:\programdata\SPL54F1.tmp

c:\programdata\SPL6613.tmp

c:\programdata\SPL7E34.tmp

c:\programdata\SPL7FEE.tmp

c:\programdata\SPLB025.tmp

c:\programdata\SPLB640.tmp

c:\programdata\windows

c:\programdata\windows\dsdd.dat

c:\programdata\windows\nudr.dat

c:\users\Ron\AppData\Local\assembly\tmp

c:\users\Ron\AppData\Roaming\inst.exe

c:\users\Ron\AppData\Roaming\vso_ts_preview.xml

c:\windows\crosof~1

c:\windows\crosof~1\??crosoft\ctxad-563.0000

c:\windows\crosof~1\??crosoft\ctxad-563.0001

c:\windows\crosof~1\??crosoft\ctxad-563.0002

c:\windows\crosof~1\??crosoft\ctxad-563.0003

c:\windows\crosof~1\??crosoft\ctxad-563.0004

c:\windows\crosof~1\??crosoft\ctxad-563.0005

c:\windows\IsUn0413.exe

c:\windows\system32\system

c:\windows\UA000079.DLL

H:\Autorun.inf

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-16 to 2012-07-16 ))))))))))))))))))))))))))))))

.

2012-07-16 12:01 . 2012-07-16 12:01 -------- d-----w- c:\users\Mitchell\AppData\Local\temp

2012-07-16 12:01 . 2012-07-16 12:02 -------- d-----w- c:\users\Ron\AppData\Local\temp

2012-07-16 12:01 . 2012-07-16 12:01 -------- d-----w- c:\users\Nancy\AppData\Local\temp

2012-07-16 12:01 . 2012-07-16 12:01 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-07-15 18:32 . 2012-07-15 18:32 -------- d-----w- c:\program files\Speccy

2012-07-15 10:14 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-15 09:23 . 2012-07-16 11:53 -------- d-----w- c:\users\Ron\Hijackthis

2012-07-11 15:39 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys

2012-07-11 12:53 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2012-07-11 12:53 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll

2012-07-11 12:53 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll

2012-07-11 12:53 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-07-11 12:53 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll

2012-07-11 12:53 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll

2012-07-10 12:20 . 2012-07-10 12:20 -------- d-----w- c:\users\Ron\AppData\Local\CRE

2012-07-10 12:19 . 2012-07-10 12:19 -------- d-----w- c:\program files\Conduit

2012-07-10 12:19 . 2012-07-10 15:09 -------- d-----w- c:\users\Ron\AppData\Local\Conduit