Ga naar inhoud

celleke1613

Lid
  • Aantal items

    83
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door celleke1613

  1. werk met windows 7 ultimate enexplorer 9. Als ik inlog op facebook, duurt het enoerm lang en meestal geraak ik er niet in. Andere verbindingen werken wel vlug en normaal. Hoe op te lossen?
  2. Bedankt, Ik heb scan laten lopen en alles is hersteld , kon servicepack downloaden en installeren
  3. Ik krijg een update melding van wicrosoft voor een service pack van windows 7. Als ik het wil installeren, krijg ik de melding: kan niet geinstallerd worden wegens ontbreken van sqmap.dll op uw computer. Wat moet ik doen?
  4. Heb nieuwe pc gekocht, werkt met windows7 ultimate en office 2010. Als ik map afbeeldingen op mijn externe schijf of c schijf open dan zie ik inplaats van de foto's als pictogram,allen dezelfde pictogram van het programma waarmee ik de foto's open. Hoe kan ik dit veranderen?
  5. ja het is mijn draadloze muis en toetesebord die de oorzaak zijn. Hoe kan ik dit oplossen?
  6. Heb onlangs nieuwe PC gekocht. Werkt met windows 7 ultimate en office 2010. Als ik bij mijn energieinstellingeninstel op: Beeldscherm afsluiten na 15 min Of PC op waakstand na 20 min Blijft beelscherm en pc aan bij langere tijd niet gebruik. Wat is oorzaak? Grtn
  7. zoekprogramma heb ik ondertussen gevonden. Ik bedoel het scherm in slaapstand zetten na een aantal minuten niet gebruik.
  8. Heb nieuwe pc moeten kopen. Werkt wet windows 7 ultimate en office XP Waar kan ik de zoekfunctie terug vinden en waar kan ik de instelling voor uitschakelen van beeldscherm vinden
  9. Mijn pc heeft het begeven, kon zo niet meer antwoorden. Je mag de discussie sluite.
  10. de emergency kit is wel blijven plakken aan 66 procent, na 1/2 uur stond hij nog op hetzelfde bestand zonder verder te werken, maar dit was wel al op mijn externe schijf. Heb opnieuw avg laten lopen en trojaanse paarden zitten er nog in. Heb nu ook vastgesteld dat ik via de input zoeken geen map of bestand meer kan opsporen. Ik krijg de melding:Onverwachte fout.De bewerking kan niet uitgevoerd worden. Hoe lang dit reeds is kan ik niet weten , maar ik denk max 7 dagen. an ook niet meer herstellen via herstelpunt omdat ik bij mijn eerste avg scan de herstelpunten gewist heb om te vermijden dat virus daar zou blijven zitten. Wordt ingewikkeld hé.
  11. na het lopen van emisoftemergencykit hieronder het logbestand. mergency Kit - Versie 1.0 Laatste Update: 1/04/2012 18:36:10 Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\, D:\, F:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 1/04/2012 18:36:53 c:\program files\eGames Ontdekt: Trace.Directory.Bling-O!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Advanced --> ScanFolder Ontdekt: Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\InstantMessaging --> IgnoreAll Ontdekt: Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> adult_filter_level Ontdekt: Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> firewall_filter Ontdekt: Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Transfer --> NoUploadLimitWhenIdle Ontdekt: Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\UserDetails --> AutoConnected Ontdekt: Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\UserDetails --> CountryCode Ontdekt: Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\UserDetails --> UserName Ontdekt: Trace.Registry.Kazaa!A2 Key: HKEY_CURRENT_USER\software\kazaa Ontdekt: Trace.Registry.KaZaA!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\in --> b0 Ontdekt: Trace.Registry.KaZaA!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\in --> b1 Ontdekt: Trace.Registry.KaZaA!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\lastestimate --> b Ontdekt: Trace.Registry.KaZaA!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\lastestimate --> time Ontdekt: Trace.Registry.KaZaA!A2 Key: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo Ontdekt: Trace.Registry.KaZaA!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo --> kazaanet Ontdekt: Trace.Registry.KaZaA!A2 Key: HKEY_LOCAL_MACHINE\software\kazaa\localcontent Ontdekt: Trace.Registry.KaZaA!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> databasedir Ontdekt: Trace.Registry.KaZaA!A2 Key: HKEY_LOCAL_MACHINE\software\kazaa Ontdekt: Trace.Registry.KaZaA!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa --> listenport Ontdekt: Trace.Registry.KaZaA!A2 Value: HKEY_CLASSES_ROOT\sig2dat --> URL Protocol Ontdekt: Trace.Registry.Trustyfiles!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sig2dat --> URL Protocol Ontdekt: Trace.Registry.Trustyfiles!A2 Value: HKEY_CURRENT_USER\Software\K++ --> DebugShowRealPL Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> DisablePort1214Listen Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> FindMoreSourcesTimeLimit Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> MaxFileSources Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> NetworkName Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> No.files Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> NoKppaddon Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> NoSysTrayIcon Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> PL1000 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> PurgeSearchesOnExit Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> RemoveBadIPs Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> ScanForNewFilesTimeMilliSecs Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> SupernodeForce Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> UseBanIpFeature Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> UsersCantCutInLine Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Advanced --> MaxSearchResult Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Advanced --> SuperNode Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\InstantMessaging --> IgnoredUsers Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\k-lite --> InstallSig Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> bogus_filter Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> custom_filter_phrases Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> showDisableAdultFilter Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> virus_filter Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\SOCKS --> Enabled Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Transfer --> ConcurrentDownloads Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Transfer --> ConcurrentUploads Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Transfer --> UploadBandwidth Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\UserDetails --> Email Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\UserDetails --> Newsletter Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> AddToMainMenu Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> AskExit Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ChangeDownloadMenu Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ChangeFileManagerMenu Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ChangeSystemBtn Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ChangeToolbarBehave Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ChangeTrayMenu Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ForceCreation Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> HideAdBanner Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> IniTab Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ShowAccelSttInTray Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> StartKLInTray Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> StatusWndMode Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> ClearDownloads Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> ClearUploads Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> CyclesDelay Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> ItemDelay Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> KeepDownloads Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> MinSpeed Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> NoSearchingConnecting Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> NumDownloadsMax Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> NumDownloadsMin Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> SearchResume Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> SkipBySpeed Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> SkipPaused Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> SkipQueued Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> TimesInSearchState Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> Accelerator Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> AutoSearchMore Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> AutoSearchMoreNum Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> AutoSearchMoreUnit Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> ConfigDlg Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> SearchOptShow Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> StatusDlg Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> StatusWnd Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Cmd1 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Cmd2 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Cmd3 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Cmd4 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Cmd5 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Preview1 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Title1 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Title2 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Title3 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Title4 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Title5 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Workdir1 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Workdir2 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Workdir3 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Workdir4 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Workdir5 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K-Sig --> UseAlternateMethod Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\K++ --> UseHKEY_CURRENT_USER Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Kazaa --> DisablePort80Listen Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Kazaa\InstantMessaging --> IgnoreAll Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Kazaa\k-lite --> Installsig Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Cmd1 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Cmd2 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Cmd3 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Cmd4 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Cmd5 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Title1 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Title2 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Title3 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Title4 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Title5 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Workdir1 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Workdir2 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Workdir3 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Workdir4 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Workdir5 Ontdekt: Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\zylom\Games\29\zgw --> dgfilename Ontdekt: Trace.Registry.GameFiesta Babel Deluxe!A2 Value: HKEY_CURRENT_USER\Software\JollyBear\Big City Adventure San Francisco\3DSettings --> Driver Ontdekt: Trace.Registry.GameFiesta Big City Adventure San Francisco!A2 Value: HKEY_CURRENT_USER\Software\JollyBear\Big City Adventure San Francisco\3DSettings --> DriverDate Ontdekt: Trace.Registry.GameFiesta Big City Adventure San Francisco!A2 Value: HKEY_CURRENT_USER\Software\JollyBear\Big City Adventure San Francisco\3DSettings --> DriverDescription Ontdekt: Trace.Registry.GameFiesta Big City Adventure San Francisco!A2 C:\Program Files\Application Updater\ApplicationUpdater.exe Ontdekt: Adware.Win32.Toolbar.Dealio.AMN!A2 C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe Ontdekt: Adware.Win32.Toolbar.Dealio.AMN!A2 Gescand Bestanden: 156818 Sporen: 406617 Cookies: 5 Processen: 44 Gevonden Bestanden: 2 Sporen: 126 Cookies: 0 Processen: 0 Registersleutels: 0 Scan Geëindigd: 1/04/2012 22:16:08 Scantijd: 3:39:15 C:\Program Files\Application Updater\ApplicationUpdater.exe Verwijderd Adware.Win32.Toolbar.Dealio.AMN!A2 C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe Verwijderd Adware.Win32.Toolbar.Dealio.AMN!A2 Value: HKEY_CURRENT_USER\Software\JollyBear\Big City Adventure San Francisco\3DSettings --> Driver Verwijderd Trace.Registry.GameFiesta Big City Adventure San Francisco!A2 Value: HKEY_CURRENT_USER\Software\JollyBear\Big City Adventure San Francisco\3DSettings --> DriverDate Verwijderd Trace.Registry.GameFiesta Big City Adventure San Francisco!A2 Value: HKEY_CURRENT_USER\Software\JollyBear\Big City Adventure San Francisco\3DSettings --> DriverDescription Verwijderd Trace.Registry.GameFiesta Big City Adventure San Francisco!A2 Value: HKEY_CURRENT_USER\Software\zylom\Games\29\zgw --> dgfilename Verwijderd Trace.Registry.GameFiesta Babel Deluxe!A2 Value: HKEY_CURRENT_USER\Software\K++ --> DebugShowRealPL Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> DisablePort1214Listen Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> FindMoreSourcesTimeLimit Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> MaxFileSources Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> NetworkName Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> No.files Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> NoKppaddon Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> NoSysTrayIcon Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> PL1000 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> PurgeSearchesOnExit Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> RemoveBadIPs Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> ScanForNewFilesTimeMilliSecs Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> SupernodeForce Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> UseBanIpFeature Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K++ --> UsersCantCutInLine Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Advanced --> MaxSearchResult Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Advanced --> SuperNode Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\InstantMessaging --> IgnoredUsers Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\k-lite --> InstallSig Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> bogus_filter Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> custom_filter_phrases Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> showDisableAdultFilter Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> virus_filter Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\SOCKS --> Enabled Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Transfer --> ConcurrentDownloads Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Transfer --> ConcurrentUploads Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Transfer --> UploadBandwidth Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\UserDetails --> Email Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\UserDetails --> Newsletter Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> AddToMainMenu Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> AskExit Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ChangeDownloadMenu Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ChangeFileManagerMenu Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ChangeSystemBtn Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ChangeToolbarBehave Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ChangeTrayMenu Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ForceCreation Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> HideAdBanner Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> IniTab Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> ShowAccelSttInTray Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> StartKLInTray Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions --> StatusWndMode Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> ClearDownloads Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> ClearUploads Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> CyclesDelay Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> ItemDelay Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> KeepDownloads Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> MinSpeed Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> NoSearchingConnecting Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> NumDownloadsMax Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> NumDownloadsMin Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> SearchResume Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> SkipBySpeed Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> SkipPaused Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> SkipQueued Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Accelerator --> TimesInSearchState Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> Accelerator Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> AutoSearchMore Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> AutoSearchMoreNum Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> AutoSearchMoreUnit Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> ConfigDlg Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> SearchOptShow Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> StatusDlg Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\LastState --> StatusWnd Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Cmd1 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Cmd2 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Cmd3 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Cmd4 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Cmd5 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Preview1 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Title1 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Title2 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Title3 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Title4 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Title5 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Workdir1 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Workdir2 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Workdir3 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Workdir4 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\KLExtensions\Tools --> Workdir5 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CURRENT_USER\Software\K-Sig --> UseAlternateMethod Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\K++ --> UseHKEY_CURRENT_USER Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Kazaa --> DisablePort80Listen Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Kazaa\InstantMessaging --> IgnoreAll Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Kazaa\k-lite --> Installsig Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Cmd1 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Cmd2 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Cmd3 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Cmd4 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Cmd5 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Title1 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Title2 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Title3 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Title4 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Title5 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Workdir1 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Workdir2 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Workdir3 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Workdir4 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\KLExtensions\Tools --> Workdir5 Verwijderd Trace.Registry.Kazaa Lite Resurrection!A2 Value: HKEY_CLASSES_ROOT\sig2dat --> URL Protocol Verwijderd Trace.Registry.Trustyfiles!A2 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sig2dat --> URL Protocol Verwijderd Trace.Registry.Trustyfiles!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Advanced --> ScanFolder Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\InstantMessaging --> IgnoreAll Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> adult_filter_level Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\ResultsFilter --> firewall_filter Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\Transfer --> NoUploadLimitWhenIdle Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\UserDetails --> AutoConnected Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\UserDetails --> CountryCode Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_CURRENT_USER\Software\Kazaa\UserDetails --> UserName Verwijderd Trace.Registry.Kazaa!A2 Key: HKEY_CURRENT_USER\software\kazaa Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\in --> b0 Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\in --> b1 Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\lastestimate --> b Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\bandwidth\lastestimate --> time Verwijderd Trace.Registry.Kazaa!A2 Key: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\connectioninfo --> kazaanet Verwijderd Trace.Registry.Kazaa!A2 Key: HKEY_LOCAL_MACHINE\software\kazaa\localcontent Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa\localcontent --> databasedir Verwijderd Trace.Registry.Kazaa!A2 Key: HKEY_LOCAL_MACHINE\software\kazaa Verwijderd Trace.Registry.Kazaa!A2 Value: HKEY_LOCAL_MACHINE\software\kazaa --> listenport Verwijderd Trace.Registry.Kazaa!A2 c:\program files\eGames Verwijderd Trace.Directory.Bling-O!A2
  12. Heb nu bijkomende fout, kan echter al een paar dagen zijn omdat ik deze functie niet alle dagen gebruik. Als ik via "zoeken" een bestand wil opzoeken zowel op mijn C, en f schijf op mijn externe D schijf, krijg ik volgende melding: Onverwachte fout. De bewerking kan niet worden voltooid. Ik kan niet via Systeemherstel werken omdat ik het had uitgeschakeld alvorens te proberen virus te verwijderen. Dus nog geen herstelûnt.
  13. Heb na het lopen can combifix 2e maal nu ook aVG laten lopen en virussen nog altijd aanwezig zie onderstaand protocol. "";"F:\Program Files\Advanced SystemCare 5\ASCService.exe (1080)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\WINDOWS\system32\wuauclt.exe (5188)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\WINDOWS\system32\winlogon.exe (832)";"Trojaans paard PSW.Agent.AUET";"Verwijderd" "";"C:\WINDOWS\system32\svchost.exe (5896)";"Trojaans paard PSW.Agent.AUET";"Verwijderd" "";"C:\WINDOWS\system32\svchost.exe (460)";"Trojaans paard PSW.Agent.AUET";"Verwijderd" "";"C:\WINDOWS\system32\svchost.exe (1312)";"Trojaans paard PSW.Agent.AUET";"Verwijderd" "";"C:\WINDOWS\system32\svchost.exe (1272)";"Trojaans paard PSW.Agent.AUET";"Verwijderd" "";"C:\WINDOWS\system32\svchost.exe (1156)";"Trojaans paard PSW.Agent.AUET";"Verwijderd" "";"C:\WINDOWS\system32\services.exe (880)";"Trojaans paard PSW.Agent.ASJX";"Verwijderd" "";"C:\WINDOWS\explorer.exe (3200)";"Trojaans paard PSW.Agent.AUET";"Verwijderd" "";"C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe (3532)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (3216)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\iTunes\iTunesHelper.exe (3168)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\iPod\bin\iPodService.exe (4084)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (1772)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (1620)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE (1368)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (308)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\Common Files\Java\Java Update\jusched.exe (3204)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (3680)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\Bonjour\mDNSResponder.exe (3872)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (2024)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\AVG\AVG2012\avgui.exe (5232)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\AVG\AVG2012\avgtray.exe (3056)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (2820)";"Trojaans paard PSW.Agent.ARMW";"Verwijderd" "";"F:\Program Files\Advanced SystemCare 5\ASCService.exe (1080):\memory_038a0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\WINDOWS\system32\wuauclt.exe (5188):\memory_00d60000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\WINDOWS\system32\winlogon.exe (832):\memory_01470000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd" "";"C:\WINDOWS\system32\svchost.exe (5896):\memory_00db0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\WINDOWS\system32\svchost.exe (5896):\memory_00ce0000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd" "";"C:\WINDOWS\system32\svchost.exe (460):\memory_00bb0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\WINDOWS\system32\svchost.exe (460):\memory_009f0000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd" "";"C:\WINDOWS\system32\svchost.exe (1312):\memory_00a50000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\WINDOWS\system32\svchost.exe (1312):\memory_00640000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd" "";"C:\WINDOWS\system32\svchost.exe (1272):\memory_01ca0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\WINDOWS\system32\svchost.exe (1272):\memory_01c10000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd" "";"C:\WINDOWS\system32\svchost.exe (1156):\memory_00c00000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\WINDOWS\system32\svchost.exe (1156):\memory_00a70000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd" "";"C:\WINDOWS\system32\services.exe (880):\memory_012c0000";"Trojaans paard PSW.Generic9.RDX";"Geïnfecteerd" "";"C:\WINDOWS\system32\services.exe (880):\memory_00df0000";"Trojaans paard PSW.Agent.ASJX";"Geïnfecteerd" "";"C:\WINDOWS\explorer.exe (3200):\memory_00fe0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\WINDOWS\explorer.exe (3200):\memory_00f20000";"Trojaans paard PSW.Agent.AUET";"Geïnfecteerd" "";"C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe (3532):\memory_010e0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (3216):\memory_01950000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\iTunes\iTunesHelper.exe (3168):\memory_020f0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\iPod\bin\iPodService.exe (4084):\memory_00b20000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (1772):\memory_022f0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (1620):\memory_00dc0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE (1368):\memory_008f0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (308):\memory_00ef0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\Common Files\Java\Java Update\jusched.exe (3204):\memory_00b90000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (3680):\memory_01b20000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\Bonjour\mDNSResponder.exe (3872):\memory_008a0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (2024):\memory_036c0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\AVG\AVG2012\avgui.exe (5232):\memory_01d00000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\AVG\AVG2012\avgtray.exe (3056):\memory_01aa0000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd" "";"C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (2820):\memory_01930000";"Trojaans paard PSW.Agent.ARMW";"Geïnfecteerd"
  14. Heb combofix laten lopen. Heironder logje ComboFix 12-03-30.06 - User 01/04/2012 15:09:06.7.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.542 [GMT 2:00] Gestart vanuit: c:\documents and settings\User\Bureaublad\Ongebruikte bureaubladpictogrammen\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\User\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_xcpip . . (((((((((((((((((((( Bestanden Gemaakt van 2012-03-01 to 2012-04-01 )))))))))))))))))))))))))))))) . . 2012-03-30 18:00 . 2012-03-30 18:00 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes 2012-03-30 18:00 . 2012-03-30 18:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-03-30 07:58 . 2012-03-30 07:59 -------- dc-h--w- c:\windows\ie8 2012-03-25 13:10 . 2012-03-25 13:10 -------- d-----w- c:\windows\system32\wbem\Repository 2012-03-09 15:50 . 2012-03-09 15:50 -------- d-----w- c:\program files\Common Files\Java 2012-03-09 15:49 . 2012-03-09 15:49 73728 ----a-w- c:\windows\system32\javacpl.cpl . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-09 15:49 . 2012-01-05 13:21 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-16 19:25 . 2009-08-06 21:33 47360 ----a-w- c:\documents and settings\User\Application Data\pcouffin.sys 2012-02-03 09:57 . 2002-09-11 12:00 1860224 ----a-w- c:\windows\system32\win32k.sys 2012-01-11 19:07 . 2012-02-14 19:18 3072 ------w- c:\windows\system32\iacenc.dll 2012-01-09 16:20 . 2003-01-10 12:54 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-03-31_07.49.21 ))))))))))))))))))))))))))))))))))))))))) . + 2002-09-11 12:00 . 2012-04-01 11:00 87426 c:\windows\system32\perfc009.dat - 2002-09-11 12:00 . 2012-03-31 07:09 87426 c:\windows\system32\perfc009.dat + 2002-09-11 12:00 . 2012-04-01 11:00 636964 c:\windows\system32\perfh013.dat - 2002-09-11 12:00 . 2012-03-31 07:09 636964 c:\windows\system32\perfh013.dat + 2002-09-11 12:00 . 2012-04-01 11:00 517002 c:\windows\system32\perfh009.dat - 2002-09-11 12:00 . 2012-03-31 07:09 517002 c:\windows\system32\perfh009.dat + 2002-09-11 12:00 . 2012-04-01 11:00 128622 c:\windows\system32\perfc013.dat - 2002-09-11 12:00 . 2012-03-31 07:09 128622 c:\windows\system32\perfc013.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-14 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-14 7630848] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ SMCWUSB-G 802.11g Wireless USB Utility.lnk - c:\program files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe [2006-1-18 442368] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "gxwhdduwemzlaowntsfaTaskMgr"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) "NoFileAssociate"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Exif Launcher S.lnk] backup=c:\windows\pss\Exif Launcher S.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "AVG Security Toolbar Service"=3 (0x3) "avg9wd"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"= "c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services "3389:TCP"= 3389:TCP:Remote Desktop . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22/02/2011 8:13 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [19/01/2011 4:32 32592] R0 DiskSec;Magix Volume Filter Driver;c:\windows\system32\drivers\disksec.sys [2/02/2010 17:11 14208] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7/01/2011 6:41 230608] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [10/02/2011 7:54 295248] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;f:\program files\Advanced SystemCare 5\ASCService.exe [3/12/2011 14:55 913752] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12/10/2011 7:25 4433248] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/08/2011 7:09 192776] R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27/08/2009 18:09 1253376] R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [7/06/2011 17:23 821080] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [30/03/2011 17:17 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10/02/2011 7:53 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/02/2011 7:53 16720] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?] S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?] S2 gupdate;Google Updateservice (gupdate); [x] S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [21/05/2008 13:42 64000] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7/08/2008 12:10 3276800] S3 gupdatem;Google Update-service (gupdatem); [x] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [12/06/2011 11:15 31125880] S3 NEOWATCH;NEOWATCH;c:\windows\system32\Drivers\NWatch22.sys --> c:\windows\system32\Drivers\NWatch22.sys [?] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9/01/2010 22:37 4640000] S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6/08/2009 23:33 47360] S3 RegFilter;RegFilter; [x] S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\drivers\SMCWGU.sys [16/08/2007 20:54 408064] S3 TfNetMon;TfNetMon; [x] S3 UrlFilter;UrlFilter; [x] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [11/09/2002 14:00 14336] S4 FileMonitor;FileMonitor; [x] . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - xcpip . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc WINRM REG_MULTI_SZ WINRM . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-04-01 c:\windows\Tasks\ASC5_AutoClean.job - f:\program files\Advanced SystemCare 5\AutoSweep.exe [2011-12-03 09:49] . 2012-03-31 c:\windows\Tasks\ASC5_AutoUpdate.job - f:\program files\Advanced SystemCare 5\AutoUpdate.exe [2011-12-03 18:13] . 2012-03-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-606747145-839522115-1004Core.job - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-14 20:42] . 2012-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-606747145-839522115-1004UA.job - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-14 20:42] . 2012-03-30 c:\windows\Tasks\NeroLiveEpgUpdate-USER-DJ4XE9X5VR_User.job - c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-10-27 07:59] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyServer = proxy.pandora.be:8080 uInternet Settings,ProxyOverride = 127.0.0.1 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s TCP: DhcpNameServer = 192.168.2.1 DPF: DirectAnimation Java Classes DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB DPF: Microsoft XML Parser for Java DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-04-01 15:23 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(3200) c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~2\Office14\1043\GrooveIntlResource.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_dut.nlr c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\progra~1\AVG\AVG2012\avgrsx.exe c:\program files\AVG\AVG2012\avgcsrvx.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Creative\Shared Files\CTDevSrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\program files\AVG\AVG2012\avgnsx.exe c:\program files\AVG\AVG2012\avgemcx.exe c:\windows\system32\nvsvc32.exe c:\program files\Nero\Nero BackItUp 4\IoctlSvc.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2012-04-01 15:29:00 - machine werd herstart ComboFix-quarantined-files.txt 2012-04-01 13:28 ComboFix2.txt 2012-03-31 07:57 ComboFix3.txt 2012-01-17 14:03 ComboFix4.txt 2011-12-15 15:27 ComboFix5.txt 2012-04-01 13:04 . Pre-Run: 16.269.942.784 bytes beschikbaar Post-Run: 16.248.233.984 bytes beschikbaar . - - End Of File - - C19A2B7339F87EB1A4E2858A9027764C
  15. Hallo, Heb combofix laten lopen. Kreeg volgende melding: "Bootpartitie kan niet correct opgeteld worden", heb op ok gerukt en programma is gestart. Hieronder het logje 012 9:37.6.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.443 [GMT 2:00] Gestart vanuit: c:\documents and settings\User\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Voorgaande Run ------- . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\User\Application Data\inst.exe C:\RECYCLER(2) c:\recycler(2)\S-1-5-21-1177238915-606747145-839522115-1004(2)\INFO2 c:\windows\system32\dllcache\wmpvis.dll c:\windows\system32\roboot.exe c:\windows\system32\sycd5.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_xcpip -------\Service_xcpip . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-28 to 2012-03-31 )))))))))))))))))))))))))))))) . . 2012-03-30 18:00 . 2012-03-30 18:00 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes 2012-03-30 18:00 . 2012-03-30 18:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-03-30 07:58 . 2012-03-30 07:59 -------- dc-h--w- c:\windows\ie8 2012-03-25 13:10 . 2012-03-25 13:10 -------- d-----w- c:\windows\system32\wbem\Repository 2012-03-09 15:50 . 2012-03-09 15:50 -------- d-----w- c:\program files\Common Files\Java 2012-03-09 15:49 . 2012-03-09 15:49 73728 ----a-w- c:\windows\system32\javacpl.cpl . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-09 15:49 . 2012-01-05 13:21 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-16 19:25 . 2009-08-06 21:33 47360 ----a-w- c:\documents and settings\User\Application Data\pcouffin.sys 2012-02-03 09:57 . 2002-09-11 12:00 1860224 ----a-w- c:\windows\system32\win32k.sys 2012-01-11 19:07 . 2012-02-14 19:18 3072 ------w- c:\windows\system32\iacenc.dll 2012-01-09 16:20 . 2003-01-10 12:54 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-14 39408] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-14 7630848] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ SMCWUSB-G 802.11g Wireless USB Utility.lnk - c:\program files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe [2006-1-18 442368] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "gxwhdduwemzlaowntsfaTaskMgr"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) "NoFileAssociate"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Exif Launcher S.lnk] backup=c:\windows\pss\Exif Launcher S.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "AVG Security Toolbar Service"=3 (0x3) "avg9wd"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"= "c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services "3389:TCP"= 3389:TCP:Remote Desktop . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22/02/2011 8:13 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [19/01/2011 4:32 32592] R0 DiskSec;Magix Volume Filter Driver;c:\windows\system32\drivers\disksec.sys [2/02/2010 17:11 14208] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7/01/2011 6:41 230608] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [10/02/2011 7:54 295248] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;f:\program files\Advanced SystemCare 5\ASCService.exe [3/12/2011 14:55 913752] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12/10/2011 7:25 4433248] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/08/2011 7:09 192776] R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27/08/2009 18:09 1253376] R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [7/06/2011 17:23 821080] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [30/03/2011 17:17 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10/02/2011 7:53 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/02/2011 7:53 16720] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?] S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?] S2 gupdate;Google Updateservice (gupdate); [x] S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992] S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?] S3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [21/05/2008 13:42 64000] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7/08/2008 12:10 3276800] S3 gupdatem;Google Update-service (gupdatem); [x] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [12/06/2011 11:15 31125880] S3 NEOWATCH;NEOWATCH;c:\windows\system32\Drivers\NWatch22.sys --> c:\windows\system32\Drivers\NWatch22.sys [?] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9/01/2010 22:37 4640000] S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6/08/2009 23:33 47360] S3 RegFilter;RegFilter; [x] S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\drivers\SMCWGU.sys [16/08/2007 20:54 408064] S3 TfNetMon;TfNetMon; [x] S3 UrlFilter;UrlFilter; [x] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [11/09/2002 14:00 14336] S4 FileMonitor;FileMonitor; [x] . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - xcpip . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc WINRM REG_MULTI_SZ WINRM . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-03-31 c:\windows\Tasks\ASC5_AutoClean.job - f:\program files\Advanced SystemCare 5\AutoSweep.exe [2011-12-03 09:49] . 2012-03-30 c:\windows\Tasks\ASC5_AutoUpdate.job - f:\program files\Advanced SystemCare 5\AutoUpdate.exe [2011-12-03 18:13] . 2012-03-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-606747145-839522115-1004Core.job - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-14 20:42] . 2012-03-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-606747145-839522115-1004UA.job - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-14 20:42] . 2012-03-30 c:\windows\Tasks\NeroLiveEpgUpdate-USER-DJ4XE9X5VR_User.job - c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-10-27 07:59] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyServer = proxy.pandora.be:8080 uInternet Settings,ProxyOverride = 127.0.0.1 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s TCP: DhcpNameServer = 192.168.2.1 DPF: DirectAnimation Java Classes DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB DPF: Microsoft XML Parser for Java DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-03-31 09:51 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(4564) c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~2\Office14\1043\GrooveIntlResource.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_dut.nlr c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\progra~1\AVG\AVG2012\avgrsx.exe c:\program files\AVG\AVG2012\avgcsrvx.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Creative\Shared Files\CTDevSrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\system32\nvsvc32.exe c:\program files\Nero\Nero BackItUp 4\IoctlSvc.exe c:\program files\AVG\AVG2012\avgnsx.exe c:\program files\AVG\AVG2012\avgemcx.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2012-03-31 09:57:33 - machine werd herstart ComboFix-quarantined-files.txt 2012-03-31 07:57 ComboFix2.txt 2012-01-17 14:03 ComboFix3.txt 2011-12-15 15:27 ComboFix4.txt 2011-11-12 09:16 ComboFix5.txt 2012-03-31 06:45 . Pre-Run: 16.315.453.440 bytes beschikbaar Post-Run: 16.275.865.600 bytes beschikbaar . - - End Of File - - 49D2963E83E82879CAFA940EC9939AC1
  16. Heb nadat mbam gelopen is ook AVG virusscan laten lopen en alle infecties zijn nog aanwezig. Dus is er waarschijnlijk iets mislukt?
  17. Malwarebytes Anti-Malware 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.03.30.06 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 User :: PCMARCEL [administrator] 30/03/2012 20:01:22 mbam-log-2012-03-30 (20-01-22).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 194517 Verstreken tijd: 7 minuut/minuten, 49 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Heb Mbam laten lopen en melding gekregen dat er niets geinfecteerd was.Hierbij het log bestand
  18. Assus, Heb hitjack laten lopen, hieronder het resultaat. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:30:21, on 30/03/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe F:\Program Files\Advanced SystemCare 5\ASCService.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\spoolsv.exe C:\windows\Explorer.EXE C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Creative\Shared Files\CTDevSrv.exe C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe C:\windows\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\windows\System32\svchost.exe C:\windows\system32\nvsvc32.exe C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe C:\windows\System32\svchost.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\windows\system32\ctfmon.exe C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe C:\Program Files\iPod\bin\iPodService.exe C:\windows\system32\wuauclt.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\windows\System32\svchost.exe F:\Documenten F\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.pandora.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - Global Startup: SMCWUSB-G 802.11g Wireless USB Utility.lnk = C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - http://www.new.facebook.com/controls/contactx.dll O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} - http://downloads.telenet.be/tisp/ols/fscax.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.smartphoto.be/ExtraFilmUploader6.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/sj/en/check/qdiagh.cab?326 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\System32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - F:\Program Files\Advanced SystemCare 5\ASCService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 11501 bytes
  19. Heb trojaans paard PWX.agent.ARMW, zit op diverse plaatsen in fysteem en krijg die niet weg. Werk met AVG. Hoe komt dit paard toch binnen. Hoe kan ik het wegkrijgen
  20. Clarkie, Heb gisteren geprobeerd, maar is nog niet gelukt.
  21. als ik sc stop "Aplication Updater" intik krijg ik volgede melding: Unrecognized comment cs is a command line programm used for communicating with the NT service controler services usage: sc<server><command><servicename><option><option> Na het sarten van de Query recovery Console krijg ik volgende melding: Bootpartitie kan niet correct opgeteld worden. Dan heb ik op ok gedrukkt en combifix is bginnen lopen , zie hierbij her resultaat ComboFix 12-01-17.01 - User 17/01/2012 14:48:31.5.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.512 [GMT 1:00] Gestart vanuit: c:\documents and settings\User\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-17 to 2012-01-17 )))))))))))))))))))))))))))))) . . 2012-01-17 13:28 . 2012-01-17 13:28 -------- d-----w- C:\Configuration 2012-01-08 15:18 . 2011-10-19 21:16 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-01-05 13:21 . 2012-01-05 13:21 -------- d-----w- c:\program files\Common Files\Java 2012-01-05 13:21 . 2011-11-10 04:54 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-10 14:24 . 2011-08-18 15:02 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-25 21:57 . 2002-09-11 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 14:40 . 2002-09-11 12:00 1859712 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 06:12 . 2002-09-11 12:00 60928 ----a-w- c:\windows\system32\packager.exe 2011-11-10 02:27 . 2009-12-19 15:58 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-11-04 19:13 . 2002-09-11 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:13 . 2002-09-11 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:13 . 2002-09-11 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:25 . 2007-03-18 13:18 385024 ----a-w- c:\windows\system32\html.iec 2011-11-03 15:29 . 2002-09-11 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll 2011-11-03 15:29 . 2002-09-11 12:00 1296384 ----a-w- c:\windows\system32\quartz.dll 2011-11-01 16:07 . 2002-09-11 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:32 . 2002-09-11 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2002-09-11 12:00 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 10:50 . 2002-09-09 13:17 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe . . ((((((((((((((((((((((((((((( SnapShot_2011-12-15_15.21.41 ))))))))))))))))))))))))))))))))))))))))) . + 2012-01-17 06:45 . 2012-01-17 06:45 16384 c:\windows\Temp\Perflib_Perfdata_fb8.dat + 2007-01-29 08:58 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe - 2007-01-29 08:58 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe + 2002-09-11 12:00 . 2012-01-08 15:24 87304 c:\windows\system32\perfc009.dat - 2002-09-11 12:00 . 2011-11-25 19:17 87304 c:\windows\system32\perfc009.dat + 2002-09-11 12:00 . 2011-11-04 19:13 66560 c:\windows\system32\mshtmled.dll - 2002-09-11 12:00 . 2011-08-22 23:41 66560 c:\windows\system32\mshtmled.dll - 2009-03-08 02:31 . 2011-08-22 23:41 55296 c:\windows\system32\msfeedsbs.dll + 2009-03-08 02:31 . 2011-11-04 19:13 55296 c:\windows\system32\msfeedsbs.dll + 2002-09-11 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll - 2002-09-11 12:00 . 2008-04-14 17:02 23040 c:\windows\system32\mciseq.dll + 2002-09-11 12:00 . 2011-11-04 19:13 25600 c:\windows\system32\jsproxy.dll - 2002-09-11 12:00 . 2011-08-22 23:41 25600 c:\windows\system32\jsproxy.dll + 2009-08-01 13:47 . 2011-11-04 19:13 12800 c:\windows\system32\dllcache\xpshims.dll - 2009-08-01 13:47 . 2011-08-22 23:41 12800 c:\windows\system32\dllcache\xpshims.dll + 2011-11-20 06:12 . 2011-11-20 06:12 60928 c:\windows\system32\dllcache\packager.exe + 2009-03-08 02:31 . 2011-11-04 19:13 66560 c:\windows\system32\dllcache\mshtmled.dll - 2009-03-08 02:31 . 2011-08-22 23:41 66560 c:\windows\system32\dllcache\mshtmled.dll + 2009-08-01 13:47 . 2011-11-04 19:13 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2009-08-01 13:47 . 2011-08-22 23:41 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll + 2009-03-08 02:34 . 2011-11-04 19:13 43520 c:\windows\system32\dllcache\licmgr10.dll - 2009-03-08 02:34 . 2011-08-22 23:41 43520 c:\windows\system32\dllcache\licmgr10.dll - 2009-03-08 02:33 . 2011-08-22 23:41 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-03-08 02:33 . 2011-11-04 19:13 25600 c:\windows\system32\dllcache\jsproxy.dll - 2009-12-14 07:10 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll + 2009-12-14 07:10 . 2011-10-28 05:32 33280 c:\windows\system32\dllcache\csrsrv.dll + 2011-12-25 02:49 . 2011-12-25 02:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2010-11-03 17:05 . 2012-01-14 23:04 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2010-11-03 17:05 . 2011-12-14 20:53 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2010-11-03 17:05 . 2012-01-14 23:04 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe - 2010-11-03 17:05 . 2011-12-14 20:53 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe + 2010-11-03 17:05 . 2012-01-14 23:04 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe - 2010-11-03 17:05 . 2011-12-14 20:53 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe - 2011-09-18 09:18 . 2011-09-18 09:18 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe + 2011-12-19 23:39 . 2011-12-19 23:39 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe + 2011-12-19 23:43 . 2011-08-22 23:41 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll + 2011-12-19 23:43 . 2011-08-22 23:41 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll + 2011-12-19 23:43 . 2011-08-22 23:41 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll + 2011-12-19 23:43 . 2011-08-22 23:41 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll + 2011-12-19 23:43 . 2011-08-22 23:41 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll + 2012-01-08 18:47 . 2012-01-08 18:47 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\750de53f30e516eb2c62de9bab7954e9\System.Web.DynamicData.Design.ni.dll - 2011-11-04 22:58 . 2011-11-04 22:58 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2012-01-08 15:23 . 2012-01-08 15:23 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2011-11-04 22:58 . 2011-11-04 22:58 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2012-01-08 15:23 . 2012-01-08 15:23 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2012-01-08 15:24 . 2012-01-08 15:24 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2011-11-04 22:59 . 2011-11-04 22:59 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2011-11-04 22:58 . 2011-11-04 22:58 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2012-01-08 15:24 . 2012-01-08 15:24 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2011-11-04 22:58 . 2011-11-04 22:58 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2012-01-08 15:24 . 2012-01-08 15:24 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2011-11-04 22:58 . 2011-11-04 22:58 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2012-01-08 15:24 . 2012-01-08 15:24 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2011-11-04 22:59 . 2011-11-04 22:59 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2012-01-08 15:24 . 2012-01-08 15:24 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2012-01-08 15:24 . 2012-01-08 15:24 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2011-11-04 22:59 . 2011-11-04 22:59 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2012-01-08 15:24 . 2012-01-08 15:24 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2011-11-04 22:58 . 2011-11-04 22:58 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2011-11-04 22:58 . 2011-11-04 22:58 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2012-01-08 15:23 . 2012-01-08 15:23 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2012-01-08 15:24 . 2012-01-08 15:24 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2011-11-04 22:58 . 2011-11-04 22:58 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2011-11-04 22:58 . 2011-11-04 22:58 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2012-01-08 15:24 . 2012-01-08 15:24 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2012-01-08 15:23 . 2012-01-08 15:23 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2011-11-04 22:58 . 2011-11-04 22:58 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-01-08 15:24 . 2012-01-08 15:24 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2011-11-04 22:58 . 2011-11-04 22:58 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2011-11-04 22:58 . 2011-11-04 22:58 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2012-01-08 15:24 . 2012-01-08 15:24 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2012-01-08 15:24 . 2012-01-08 15:24 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2011-11-04 22:59 . 2011-11-04 22:59 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2011-11-04 22:58 . 2011-11-04 22:58 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2012-01-08 15:24 . 2012-01-08 15:24 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2012-01-08 15:24 . 2012-01-08 15:24 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2011-11-04 22:59 . 2011-11-04 22:59 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2012-01-08 15:24 . 2012-01-08 15:24 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2011-11-04 22:59 . 2011-11-04 22:59 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2012-01-08 15:24 . 2012-01-08 15:24 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2002-09-11 12:00 . 2011-10-14 14:47 179200 c:\windows\system32\winmm.dll - 2002-09-11 12:00 . 2008-04-14 17:02 179200 c:\windows\system32\winmm.dll + 2002-09-11 12:00 . 2011-11-04 19:13 105984 c:\windows\system32\url.dll - 2002-09-11 12:00 . 2011-08-22 23:41 105984 c:\windows\system32\url.dll - 2002-09-11 12:00 . 2011-11-25 19:17 636530 c:\windows\system32\perfh013.dat + 2002-09-11 12:00 . 2012-01-08 15:24 636530 c:\windows\system32\perfh013.dat + 2002-09-11 12:00 . 2012-01-08 15:24 516688 c:\windows\system32\perfh009.dat - 2002-09-11 12:00 . 2011-11-25 19:17 516688 c:\windows\system32\perfh009.dat - 2002-09-11 12:00 . 2011-11-25 19:17 128456 c:\windows\system32\perfc013.dat + 2002-09-11 12:00 . 2012-01-08 15:24 128456 c:\windows\system32\perfc013.dat + 2002-09-11 12:00 . 2011-11-04 19:13 206848 c:\windows\system32\occache.dll - 2002-09-11 12:00 . 2011-08-22 23:41 206848 c:\windows\system32\occache.dll + 2002-09-11 12:00 . 2011-11-04 19:13 611840 c:\windows\system32\mstime.dll - 2002-09-11 12:00 . 2011-08-22 23:41 611840 c:\windows\system32\mstime.dll - 2009-03-08 02:32 . 2011-08-22 23:41 602112 c:\windows\system32\msfeeds.dll + 2009-03-08 02:32 . 2011-11-04 19:13 602112 c:\windows\system32\msfeeds.dll + 2012-01-05 13:21 . 2011-11-10 04:54 157472 c:\windows\system32\javaws.exe + 2012-01-05 13:21 . 2011-11-10 04:54 149280 c:\windows\system32\javaw.exe + 2012-01-05 13:21 . 2011-11-10 04:54 149280 c:\windows\system32\java.exe + 2002-09-11 12:00 . 2011-11-04 19:13 184320 c:\windows\system32\iepeers.dll - 2002-09-11 12:00 . 2011-08-22 23:41 184320 c:\windows\system32\iepeers.dll - 2002-09-11 12:00 . 2011-08-22 23:41 387584 c:\windows\system32\iedkcs32.dll + 2002-09-11 12:00 . 2011-11-04 19:13 387584 c:\windows\system32\iedkcs32.dll - 2002-09-11 12:00 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe + 2002-09-11 12:00 . 2011-11-04 11:25 174080 c:\windows\system32\ie4uinit.exe + 2010-05-31 14:23 . 2011-12-20 08:01 384016 c:\windows\system32\FNTCACHE.DAT - 2010-05-31 14:23 . 2011-11-05 08:55 384016 c:\windows\system32\FNTCACHE.DAT + 2002-09-11 12:00 . 2011-10-18 11:13 186880 c:\windows\system32\encdec.dll - 2002-09-11 12:00 . 2011-02-09 13:54 186880 c:\windows\system32\encdec.dll - 2010-06-18 17:47 . 2011-06-20 17:44 293888 c:\windows\system32\dllcache\winsrv.dll + 2010-06-18 17:47 . 2011-11-25 21:57 293888 c:\windows\system32\dllcache\winsrv.dll + 2011-10-14 14:47 . 2011-10-14 14:47 179200 c:\windows\system32\dllcache\winmm.dll + 2008-04-21 06:57 . 2011-11-04 19:13 916992 c:\windows\system32\dllcache\wininet.dll - 2009-03-08 02:34 . 2011-08-22 23:41 105984 c:\windows\system32\dllcache\url.dll + 2009-03-08 02:34 . 2011-11-04 19:13 105984 c:\windows\system32\dllcache\url.dll + 2010-01-25 15:46 . 2011-11-03 15:29 386560 c:\windows\system32\dllcache\qdvd.dll + 2009-03-08 02:34 . 2011-11-04 19:13 206848 c:\windows\system32\dllcache\occache.dll - 2009-03-08 02:34 . 2011-08-22 23:41 206848 c:\windows\system32\dllcache\occache.dll - 2009-03-08 02:32 . 2011-08-22 23:41 611840 c:\windows\system32\dllcache\mstime.dll + 2009-03-08 02:32 . 2011-11-04 19:13 611840 c:\windows\system32\dllcache\mstime.dll + 2009-08-01 13:47 . 2011-11-04 19:13 602112 c:\windows\system32\dllcache\msfeeds.dll - 2009-08-01 13:47 . 2011-08-22 23:41 602112 c:\windows\system32\dllcache\msfeeds.dll + 2009-08-01 13:47 . 2011-11-04 19:13 247808 c:\windows\system32\dllcache\ieproxy.dll - 2009-08-01 13:47 . 2011-08-22 23:41 247808 c:\windows\system32\dllcache\ieproxy.dll + 2009-03-08 02:31 . 2011-11-04 19:13 184320 c:\windows\system32\dllcache\iepeers.dll - 2009-03-08 02:31 . 2011-08-22 23:41 184320 c:\windows\system32\dllcache\iepeers.dll + 2010-11-03 17:40 . 2011-11-04 19:13 743424 c:\windows\system32\dllcache\iedvtool.dll - 2010-11-03 17:40 . 2011-08-22 23:41 743424 c:\windows\system32\dllcache\iedvtool.dll - 2009-03-08 12:09 . 2011-08-22 23:41 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2009-03-08 12:09 . 2011-11-04 19:13 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2009-03-08 02:32 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2009-03-08 02:32 . 2011-11-04 11:25 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2011-02-09 13:54 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll - 2011-02-09 13:54 . 2011-02-09 13:54 186880 c:\windows\system32\dllcache\encdec.dll + 2012-01-05 13:21 . 2012-01-05 13:21 262144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat + 2011-12-25 02:49 . 2011-12-25 02:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2011-10-26 21:46 . 2011-10-26 21:46 794112 c:\windows\Installer\355ab0b.msp + 2011-12-25 04:40 . 2011-12-25 04:40 819200 c:\windows\Installer\174480b.msp + 2012-01-05 13:21 . 2012-01-05 13:21 203776 c:\windows\Installer\12a5b35.msi - 2010-11-03 17:05 . 2011-12-14 20:53 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2010-11-03 17:05 . 2012-01-14 23:04 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2010-11-03 17:05 . 2012-01-14 23:04 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2010-11-03 17:05 . 2011-12-14 20:53 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2010-11-03 17:05 . 2011-12-14 20:53 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe + 2010-11-03 17:05 . 2012-01-14 23:04 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe + 2010-11-03 17:05 . 2012-01-14 23:04 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe - 2010-11-03 17:05 . 2011-12-14 20:53 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe - 2010-11-03 17:05 . 2011-12-14 20:53 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2010-11-03 17:05 . 2012-01-14 23:04 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2010-11-03 17:05 . 2011-12-14 20:53 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe + 2010-11-03 17:05 . 2012-01-14 23:04 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe + 2010-12-21 00:30 . 2010-12-21 00:30 579968 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\VPREVIEW.EXE + 2011-12-19 23:43 . 2011-08-22 23:41 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll + 2011-12-19 23:43 . 2011-08-22 23:41 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll + 2011-12-19 23:43 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll + 2011-12-19 23:43 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe + 2011-12-19 23:43 . 2011-08-22 23:41 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll + 2011-12-19 23:43 . 2011-08-22 23:41 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll + 2011-12-19 23:43 . 2011-08-22 23:41 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll + 2011-12-19 23:43 . 2011-08-22 23:41 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll + 2011-12-19 23:43 . 2011-08-22 23:41 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll + 2011-12-19 23:43 . 2011-08-22 23:41 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll + 2011-12-19 23:43 . 2011-08-22 23:41 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll + 2011-12-19 23:43 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe + 2012-01-08 18:47 . 2012-01-08 18:47 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\0bda7bdfaf440d5dd4bc6a1dea7ffa39\System.Web.Routing.ni.dll + 2012-01-08 18:47 . 2012-01-08 18:47 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6e29f9faa74a48b83a13a3413b826295\System.Web.Extensions.Design.ni.dll + 2012-01-08 18:47 . 2012-01-08 18:47 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\be8965fe859bc53dff61579bf626858b\System.Web.Entity.ni.dll + 2012-01-08 18:47 . 2012-01-08 18:47 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\8441b3eb247e0344fede848337ee911c\System.Web.Entity.Design.ni.dll + 2012-01-08 18:47 . 2012-01-08 18:47 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\09c6a41f187ba483486cdb92dad714a1\System.Web.DynamicData.ni.dll + 2012-01-08 18:47 . 2012-01-08 18:47 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5efb726d424b9712632eff749411fa89\System.Web.Abstractions.ni.dll + 2012-01-08 15:25 . 2012-01-08 15:25 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3c272cad7afb127e2a2bdb8a5a808512\System.Runtime.Remoting.ni.dll + 2012-01-08 18:47 . 2012-01-08 18:47 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\f374e8e7849a72d1470b4a6a0771a137\System.Data.Entity.Design.ni.dll + 2012-01-08 18:45 . 2012-01-08 18:45 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\439732479756e0f6df88d29e50a402bf\ServiceModelReg.ni.exe + 2012-01-08 16:38 . 2012-01-08 16:38 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\bfcea15c95909860c4f4ac19bd7a2d6c\AspNetMMCExt.ni.dll - 2011-11-04 22:58 . 2011-11-04 22:58 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-01-08 15:23 . 2012-01-08 15:23 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2011-11-04 22:58 . 2011-11-04 22:58 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2012-01-08 15:23 . 2012-01-08 15:23 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2012-01-08 15:24 . 2012-01-08 15:24 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2011-11-04 22:58 . 2011-11-04 22:58 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2011-11-04 22:59 . 2011-11-04 22:59 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2012-01-08 15:24 . 2012-01-08 15:24 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2012-01-08 15:24 . 2012-01-08 15:24 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2011-11-04 22:59 . 2011-11-04 22:59 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2011-11-04 22:59 . 2011-11-04 22:59 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2012-01-08 15:24 . 2012-01-08 15:24 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2011-11-04 22:59 . 2011-11-04 22:59 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-01-08 15:24 . 2012-01-08 15:24 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2011-11-04 22:59 . 2011-11-04 22:59 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-01-08 15:24 . 2012-01-08 15:24 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-01-08 15:24 . 2012-01-08 15:24 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2011-11-04 22:59 . 2011-11-04 22:59 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-01-08 15:24 . 2012-01-08 15:24 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2011-11-04 22:58 . 2011-11-04 22:58 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2011-11-04 22:58 . 2011-11-04 22:58 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2012-01-08 15:23 . 2012-01-08 15:23 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2011-11-04 22:59 . 2011-11-04 22:59 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2012-01-08 15:24 . 2012-01-08 15:24 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2011-11-04 22:59 . 2011-11-04 22:59 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-01-08 15:24 . 2012-01-08 15:24 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-01-08 15:24 . 2012-01-08 15:24 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2011-11-04 22:59 . 2011-11-04 22:59 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2012-01-08 15:24 . 2012-01-08 15:24 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2011-11-04 22:59 . 2011-11-04 22:59 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2011-11-04 22:58 . 2011-11-04 22:58 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2012-01-08 15:24 . 2012-01-08 15:24 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2011-11-04 22:58 . 2011-11-04 22:58 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2012-01-08 15:24 . 2012-01-08 15:24 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2011-11-04 22:58 . 2011-11-04 22:58 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2012-01-08 15:24 . 2012-01-08 15:24 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2012-01-08 15:24 . 2012-01-08 15:24 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2011-11-04 22:58 . 2011-11-04 22:58 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2012-01-08 15:24 . 2012-01-08 15:24 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2011-11-04 22:59 . 2011-11-04 22:59 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2012-01-08 15:24 . 2012-01-08 15:24 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2011-11-04 22:59 . 2011-11-04 22:59 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2012-01-08 15:23 . 2012-01-08 15:23 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2011-11-04 22:58 . 2011-11-04 22:58 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2011-11-04 22:58 . 2011-11-04 22:58 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2012-01-08 15:24 . 2012-01-08 15:24 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2012-01-08 15:24 . 2012-01-08 15:24 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-01-08 15:24 . 2012-01-08 15:24 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-01-08 15:24 . 2012-01-08 15:24 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2011-11-04 22:59 . 2011-11-04 22:59 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2002-09-11 12:00 . 2011-11-04 19:13 1212416 c:\windows\system32\urlmon.dll - 2002-09-11 12:00 . 2011-08-22 23:41 1212416 c:\windows\system32\urlmon.dll + 2002-09-11 12:00 . 2011-11-04 19:13 5978112 c:\windows\system32\mshtml.dll - 2009-03-08 02:32 . 2011-08-22 23:41 2000384 c:\windows\system32\iertutil.dll + 2009-03-08 02:32 . 2011-11-04 19:13 2000384 c:\windows\system32\iertutil.dll + 2008-10-16 10:27 . 2011-11-23 14:40 1859712 c:\windows\system32\dllcache\win32k.sys + 2008-06-26 08:14 . 2011-11-04 19:13 1212416 c:\windows\system32\dllcache\urlmon.dll - 2008-06-26 08:14 . 2011-08-22 23:41 1212416 c:\windows\system32\dllcache\urlmon.dll + 2008-05-07 05:12 . 2011-11-03 15:29 1296384 c:\windows\system32\dllcache\quartz.dll + 2010-07-16 12:01 . 2011-11-01 16:07 1288192 c:\windows\system32\dllcache\ole32.dll - 2008-10-16 10:27 . 2010-12-09 15:14 2197120 c:\windows\system32\dllcache\ntoskrnl.exe + 2008-10-16 10:27 . 2011-10-26 10:50 2197120 c:\windows\system32\dllcache\ntoskrnl.exe - 2008-10-16 10:27 . 2010-12-09 15:14 2031616 c:\windows\system32\dllcache\ntkrpamp.exe + 2008-10-16 10:27 . 2011-10-26 10:50 2031616 c:\windows\system32\dllcache\ntkrpamp.exe + 2008-10-16 10:27 . 2011-10-26 10:50 2073728 c:\windows\system32\dllcache\ntkrnlpa.exe - 2008-10-16 10:27 . 2010-12-09 15:14 2073728 c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-10-16 10:27 . 2011-10-26 10:50 2153472 c:\windows\system32\dllcache\ntkrnlmp.exe - 2008-10-16 10:27 . 2010-12-09 15:14 2153472 c:\windows\system32\dllcache\ntkrnlmp.exe + 2008-04-21 06:57 . 2011-11-04 19:13 5978112 c:\windows\system32\dllcache\mshtml.dll + 2009-08-01 13:47 . 2011-11-04 19:13 2000384 c:\windows\system32\dllcache\iertutil.dll - 2009-08-01 13:47 . 2011-08-22 23:41 2000384 c:\windows\system32\dllcache\iertutil.dll + 2011-12-25 02:50 . 2011-12-25 02:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2011-12-20 08:09 . 2011-12-20 08:09 2186240 c:\windows\Installer\6c56e.msi + 2011-12-23 08:48 . 2011-12-23 08:48 4683264 c:\windows\Installer\4932da.msi + 2011-10-16 13:45 . 2011-10-16 13:45 4966912 c:\windows\Installer\355ab5d.msp + 2011-10-16 13:28 . 2011-10-16 13:28 1138688 c:\windows\Installer\355ab45.msp + 2011-12-01 15:16 . 2011-12-01 15:16 3464704 c:\windows\Installer\355ab2d.msp + 2011-11-01 12:34 . 2011-11-01 12:34 2531840 c:\windows\Installer\355ab15.msp + 2011-10-26 21:46 . 2011-10-26 21:46 1833472 c:\windows\Installer\355aaf3.msp + 2011-10-26 21:47 . 2011-10-26 21:47 5275136 c:\windows\Installer\355aadb.msp + 2011-12-12 15:13 . 2011-12-12 15:13 3461120 c:\windows\Installer\30c90f9.msp + 2012-01-14 19:08 . 2012-01-14 19:08 3970560 c:\windows\Installer\2328ce3.msi + 2011-12-26 08:59 . 2011-12-26 08:59 4368896 c:\windows\Installer\1744817.msp + 2010-11-03 17:05 . 2012-01-14 23:04 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2010-11-03 17:05 . 2011-12-14 20:53 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2010-11-03 17:05 . 2012-01-14 23:04 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2010-11-03 17:05 . 2011-12-14 20:53 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2010-11-03 17:05 . 2011-12-14 20:53 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2010-11-03 17:05 . 2012-01-14 23:04 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2010-11-03 17:05 . 2011-12-14 20:53 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2010-11-03 17:05 . 2012-01-14 23:04 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2010-10-20 11:35 . 2010-10-20 11:35 1479520 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\XLICONS.EXE + 2011-02-04 12:41 . 2011-02-04 12:41 2672456 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\VBE7.DLL + 2010-10-20 12:35 . 2010-10-20 12:35 3792736 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\PPTICO.EXE + 2011-04-06 20:09 . 2011-04-06 20:09 9701736 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\PPCORE.DLL + 2010-10-22 13:55 . 2010-10-22 13:55 2162024 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\POWERPNT.EXE + 2011-12-19 23:43 . 2011-08-22 23:41 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll + 2011-12-19 23:43 . 2011-10-03 08:31 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll + 2011-12-19 23:43 . 2011-08-22 23:41 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll - 2008-10-16 10:27 . 2010-12-09 15:14 2197120 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2008-10-16 10:27 . 2011-10-26 10:50 2197120 c:\windows\Driver Cache\i386\ntoskrnl.exe - 2008-10-16 10:27 . 2010-12-09 15:14 2031616 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2008-10-16 10:27 . 2011-10-26 10:50 2031616 c:\windows\Driver Cache\i386\ntkrpamp.exe - 2008-10-16 10:27 . 2010-12-09 15:14 2073728 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2008-10-16 10:27 . 2011-10-26 10:50 2073728 c:\windows\Driver Cache\i386\ntkrnlpa.exe - 2008-10-16 10:27 . 2010-12-09 15:14 2153472 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2008-10-16 10:27 . 2011-10-26 10:50 2153472 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2012-01-08 18:48 . 2012-01-08 18:48 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\05c29118462056cf810df0b6aa660d05\System.WorkflowServices.ni.dll + 2012-01-08 18:48 . 2012-01-08 18:48 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\26b3258c559dc0ab6bdce481ffd458b3\System.Workflow.Runtime.ni.dll + 2012-01-08 18:48 . 2012-01-08 18:48 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1642d1b72cd84caf24cbe7c5e8fd8368\System.Workflow.ComponentModel.ni.dll + 2012-01-08 18:48 . 2012-01-08 18:48 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\32ce12c3c2049f2df94c44c94b052e16\System.Workflow.Activities.ni.dll + 2012-01-08 15:25 . 2012-01-08 15:25 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f63ae1310e004777e880f28377bcddd2\System.Web.Services.ni.dll + 2012-01-08 18:47 . 2012-01-08 18:47 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\c99b02434e71ca9898bebbc08d63e885\System.Web.Mobile.ni.dll + 2012-01-08 18:47 . 2012-01-08 18:47 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c8f78b9e94857fdf6c2a378dd1629ee0\System.Web.Extensions.ni.dll + 2012-01-08 18:47 . 2012-01-08 18:47 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ae749b024162e9ac79110c633b5ce6be\System.ServiceModel.Web.ni.dll + 2012-01-08 17:55 . 2012-01-08 17:55 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\23eb4618c9d171be9fb551a13a475a32\System.IdentityModel.ni.dll + 2012-01-08 18:47 . 2012-01-08 18:47 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\f35064c125799df650c1a959d8fa450b\System.Data.Services.ni.dll + 2012-01-08 18:46 . 2012-01-08 18:46 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a86c12788293105a0d9fda1bc90c90bc\Microsoft.VisualBasic.ni.dll + 2012-01-08 18:46 . 2012-01-08 18:46 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6c46eade19e6f222f8b233ab0065d84a\Microsoft.PowerShell.Commands.Utility.ni.dll + 2012-01-08 18:46 . 2012-01-08 18:46 3237376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\91b75a482fd67405900f32c96a43c9df\Microsoft.Office.BusinessData.ni.dll - 2011-11-04 22:59 . 2011-11-04 22:59 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2012-01-08 15:24 . 2012-01-08 15:24 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2012-01-08 15:24 . 2012-01-08 15:24 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2011-11-04 22:59 . 2011-11-04 22:59 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2012-01-08 15:23 . 2012-01-08 15:23 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2011-11-04 22:58 . 2011-11-04 22:58 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-01-08 15:20 . 2012-01-08 15:20 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll - 2010-11-04 07:37 . 2010-11-04 07:37 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll + 2012-01-08 15:23 . 2012-01-08 15:23 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2011-11-04 22:58 . 2011-11-04 22:58 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-01-08 15:23 . 2012-01-08 15:23 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2011-11-04 22:59 . 2011-11-04 22:59 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2012-01-08 15:24 . 2012-01-08 15:24 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2012-01-08 15:24 . 2012-01-08 15:24 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2011-11-04 22:59 . 2011-11-04 22:59 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2007-03-18 14:16 . 2012-01-14 23:00 52128560 c:\windows\system32\MRT.exe - 2009-03-08 02:39 . 2011-08-23 16:41 11081728 c:\windows\system32\ieframe.dll + 2009-03-08 02:39 . 2011-11-05 13:13 11081728 c:\windows\system32\ieframe.dll + 2009-08-01 13:47 . 2011-11-05 13:13 11081728 c:\windows\system32\dllcache\ieframe.dll - 2009-08-01 13:47 . 2011-08-23 16:41 11081728 c:\windows\system32\dllcache\ieframe.dll + 2011-10-26 21:45 . 2011-10-26 21:45 66426368 c:\windows\Installer\355ab76.msp + 2011-10-26 21:49 . 2011-10-26 21:49 16245760 c:\windows\Installer\355aad3.msp + 2011-10-26 21:50 . 2011-10-26 21:50 14504448 c:\windows\Installer\355aaca.msp + 2011-10-26 21:49 . 2011-10-26 21:49 10427392 c:\windows\Installer\355aac1.msp + 2011-12-19 23:43 . 2011-08-23 16:41 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll + 2012-01-08 15:25 . 2012-01-08 15:25 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\62e34cfb5a8b233667c7c5a47a32ad93\System.Web.ni.dll + 2012-01-08 18:45 . 2012-01-08 18:45 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2dac4fc006596760cd4988d0bfd52ff0\System.ServiceModel.ni.dll + 2012-01-08 15:26 . 2012-01-08 15:26 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\9e15d80ffb037e9171fa4bd2e0233497\System.Design.ni.dll + 2011-10-16 13:38 . 2011-10-16 13:38 100966912 c:\windows\Installer\355aab8.msp . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720] "Advanced SystemCare 5"="f:\program files\Advanced SystemCare 5\ASCTray.exe" [2011-12-10 619352] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-14 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-14 7630848] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-12 421736] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ SMCWUSB-G 802.11g Wireless USB Utility.lnk - c:\program files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe [2006-1-18 442368] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "gxwhdduwemzlaowntsfaTaskMgr"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) "NoFileAssociate"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Exif Launcher S.lnk] backup=c:\windows\pss\Exif Launcher S.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "AVG Security Toolbar Service"=3 (0x3) "avg9wd"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"= "c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services "3389:TCP"= 3389:TCP:Remote Desktop . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22/02/2011 7:13 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [19/01/2011 3:32 32592] R0 DiskSec;Magix Volume Filter Driver;c:\windows\system32\drivers\disksec.sys [2/02/2010 16:11 14208] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7/01/2011 5:41 230608] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [10/02/2011 6:54 295248] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;f:\program files\Advanced SystemCare 5\ASCService.exe [3/12/2011 13:55 494424] R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [15/11/2011 14:22 746392] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/08/2011 6:09 192776] R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27/08/2009 17:09 1253376] R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [7/06/2011 16:23 821080] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [30/03/2011 16:17 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10/02/2011 6:53 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10/02/2011 6:53 16720] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9/01/2010 21:37 4640000] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6/08/2009 22:33 47360] R3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?] S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12/10/2011 6:25 4433248] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?] S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 13:44 580992] S3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [21/05/2008 12:42 64000] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7/08/2008 11:10 3276800] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe /medsvc --> c:\program files\Google\Update\GoogleUpdate.exe [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [12/06/2011 10:15 31125880] S3 NEOWATCH;NEOWATCH;c:\windows\system32\Drivers\NWatch22.sys --> c:\windows\system32\Drivers\NWatch22.sys [?] S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?] S3 RegFilter;RegFilter;\??\c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys --> c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys [?] S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\drivers\SMCWGU.sys [16/08/2007 19:54 408064] S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?] S3 UrlFilter;UrlFilter;\??\c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys --> c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys [?] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [11/09/2002 13:00 14336] S4 FileMonitor;FileMonitor;\??\c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys --> c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [?] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc WINRM REG_MULTI_SZ WINRM . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-606747145-839522115-1004Core.job - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-14 20:42] . 2012-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-606747145-839522115-1004UA.job - c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-14 20:42] . 2012-01-14 c:\windows\Tasks\NeroLiveEpgUpdate-USER-DJ4XE9X5VR_User.job - c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-10-27 07:59] . 2012-01-17 c:\windows\Tasks\User_Feed_Synchronization-{73E18E08-8680-4446-AFFB-60BE6B8452A4}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyServer = proxy.pandora.be:8080 uInternet Settings,ProxyOverride = 127.0.0.1;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s TCP: DhcpNameServer = 192.168.2.1 DPF: DirectAnimation Java Classes DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB DPF: Microsoft XML Parser for Java DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-17 14:57 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(4712) c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~2\Office14\1043\GrooveIntlResource.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-01-17 15:03:21 ComboFix-quarantined-files.txt 2012-01-17 14:03 ComboFix2.txt 2011-12-15 15:27 ComboFix3.txt 2011-11-12 09:16 ComboFix4.txt 2011-11-11 00:22 ComboFix5.txt 2012-01-17 13:45 . Pre-Run: 16.529.223.680 bytes beschikbaar Post-Run: 16.528.265.216 bytes beschikbaar . - - End Of File - - 05AD4F068171411B9536D4C13173B3CE
  22. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:47:05, on 17/01/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe F:\Program Files\Advanced SystemCare 5\ASCService.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\spoolsv.exe C:\windows\Explorer.EXE C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE F:\Program Files\Advanced SystemCare 5\ASCTray.exe C:\windows\system32\ctfmon.exe C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Creative\Shared Files\CTDevSrv.exe C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe C:\windows\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\windows\System32\svchost.exe C:\windows\system32\nvsvc32.exe C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe C:\windows\System32\svchost.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe F:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\windows\system32\msfeedssync.exe C:\windows\System32\svchost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.pandora.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [Advanced SystemCare 5] "F:\Program Files\Advanced SystemCare 5\ASCTray.exe" /Manual O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - Global Startup: SMCWUSB-G 802.11g Wireless USB Utility.lnk = C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - http://www.new.facebook.com/controls/contactx.dll O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} - http://downloads.telenet.be/tisp/ols/fscax.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.smartphoto.be/ExtraFilmUploader6.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/sj/en/check/qdiagh.cab?326 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\System32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - F:\Program Files\Advanced SystemCare 5\ASCService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 11961 bytes
  23. Heb PC gescand met AVG en krijg in qurantaine volgende melding: Geinfecteerd: c:/windows/system32/services.exe(880):memory_012c000 met trojaans paard PSW.Generic.RDX niet verwijderd. Andere besmettingen staan geamrkeerd als verwijderd. Kan dit nog kwaad als het in Quarataine staat. Hoe kan ik dit zelf verwijderen?
  24. Hallo, Wie kan mij helpen. Ik wil etikeeten afdrukken met als bron een excel bestand. Ik kon dit met office XP, maar heb nu office 2010 en geraak er niet.
  25. werk met office 2010. Wil in min werkblad de bovenste en linke titelrij vast zetten, zodat bij scrollen deze altijd zichtbaar blijven. Ook wil ik de bovenste titelrij bij het afdrukken op ieder blad afgedrukt hebben. Hoe doe ik dat.
×
×
  • Nieuwe aanmaken...