Ga naar inhoud

daannijsse

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    132

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door daannijsse

  1. daannijsse
    Hallo wat bedoel je met "Zoek daar naar Gele en Rode meldingen ....."? Dit is wat ik zie (zie bijlage) Daan
  2. daannijsse
    nog suggesties betreft sfc (bericht 51) en mail exporteren van windows live mail (bericht 47) Ik wil windows live mail inderdaad wel opnieuw installeren (maar geen mail verloren laten gaan) omdat ik nog sted problemen heb als ik een mail van facebook aanklik. als bijlage maar weer een (andere) melding van.......... het zegt me niks, maar de melding vermenigvuldigt een paar keer. Daan
  3. daannijsse
    Ik heb het gedaan, zonder andere programma's en zonder browser. Helaas hetzelfde resutaat; hij stopt bij 75%
  4. daannijsse
    Hallo, ik heb de sfc scan proberen uit te voeren. Hij houdt er echter mee op bij 75%. zie bijlage.
  5. daannijsse
    Helaas, helaas, ik wordt een beetje moe van alle (fout)meldingen die ik krijg. Het ene probleem is nog niet opgelost, of er dient zich al weer een nieuw probleem aan. Het heeft me 2 uur gekost voordat ik eindelijk op deze pagina terecht ben gekomen. Alleen maar meldingen en kleine blauwe rondjes over mijn beeldscherm en overal de tekst: reageert niet of werkt niet. In de bijlage een greep uit de meldingen. Ik heb riviversoft al verwijderd. Daan
  6. daannijsse
    Hallo Ik gebruik windows live mail. Als ik dat open, dan zie ik dit (zie bijlage) Daan
  7. daannijsse
    ok, maar hoe gaat dat dan? mailmappen exporteren en (later weer) importeren? Daan
  8. daannijsse
    Hallo, 1/ ik heb die reviver programma's in gebruik, omdat dit en advertentie op jullie site was. Eigenlijk niet nodig zeg je, maar ze kunnen toch ook geen kwaad? 2/ ik gebruik eigenlijk voor alles standaard internet explorer. Ik krijg ook geen melding in de trant van: "internet explorer is niet uw standaard browser" of iets dergelijks. Google chrome wordt nu gebruikt voor het opstarten van het citrixprogramma van mijn werk en google chrome wordt automatisch gebruikt als ik een link in een mail aanklik. Op zich heb ik er nog geen problemen mee (maar ook niet direct voordeel, voor zover ik kan nagaan) 3/ ik heb het niet over webmail. 4 / Ik heb windowslivemail nog niet opnieuw geinstalleerd. Dat wil ik uiteraard best doen, maar ik wil nu wel al mijn huidige mail bewaren. Blijven die bewaard, of moet ik die op een andere manier veilig stellen. Op welke manier kan ik het beste windows live mail opnieuw installeren? Zonder verlies van huidige mails. bedankt alvast Daan
  9. daannijsse
    Hallo, inmiddels een paar dagen verder. Paar vragen opmerkingen: 1/ Zoals ik vermeld had, moest ik mijn computer een maand geleden helemaal leeghalen. Ik ben toen ook een paar programma's kwijt geraakt. Programma's van reviver (destijds via een link van jullie site gehaald. Nu heb ik de gegevens weer terug gekregen en de programma's weer geïnstalleerd. Deze programma's hebben mijn computer weer gescand en tot mijn verbazing weer heel veel fouten opgespoord. En dat terwijl dat hele proces van fouten opsporen net met behulp van jullie gedaan is. Hoe is dat te verklaren? Zie bijlages 2/ Sinds een paar dagen (sinds de scans, die ik met behulp van jullie uitgevoerd heb) zit google chrome op mijn computer geïnstalleerd. Alle links naar internet lopen nu via google chrome. En ook de link naar het citrix-programma van mijn werk loopt plotseling via google chrome. Ook deze link (in mijn mail) naar jullie site. Is dat een bewuste keuze van jullie? Voor de rest gebruik ik internet explorer. 3 / Ik kan nu wel weer bijlages bijvoegen. Is dat de kracht van google chrome of is dat toeval. 4 / Nog steeds problemen met alles wat via een facebookmail binnenkomt. Als ik in zo'n facebookmail klik, werkt mijn windows live niet meer en moet ik het mailprogramma afsluiten. Hoe krijg ik dat getackeld? Daan
  10. daannijsse
    inmiddels heb ik mijn computer met de ctrl / alt / delete tot "bedaren" moeten brengen. Oftewel, ik kon niet zo veel meer. Die pagina bleef maar staan en kon ik niet weg krijgen. Kon ook niet meer reageren. Ja ik kon wel typen, maar het werd niet opgeslagen / verstuurd. Enig idee wat dat betekent / betekend heeft? Daan ---------- Post toegevoegd om 17:05 ---------- Vorige post was om 17:04 ---------- Hoi Clarkie, ik zie nu pas, dat dit bericht van jou kwam. Bedankt. Het is gelukt. Daan
  11. daannijsse
    Hallo Kape, alles is inmiddels gelukt. Ook het aanmaken van een nieuw herstelpunt. Moet ik nog wat laten zien? ik dacht:"Ik probeer even of ik al 100% beeld voor een bijllage bij te voegen" Kom ik direct in de problemen. Ik krijg nog steeds een driekwart beeld te zien, maar tevens een melding: undefined. Je hebt geen toegang om deze actie uit te voeren, Vernieuw de pagina en log je eerswt in voor je opnieuw probeert. Ik kan deze melding ook niet (op kruisje) wegklikken. Hij blijft gewoon staan. Ook als ik op ok klik. Wat is dat nou weer?
  12. daannijsse
    ok, zal ik af en toe proberen of moet ik op jouw seintje wachten? Daan
  13. daannijsse
    Hallo Kape, het duurde even en ik kreeg diverse meldingen "fout bij schrijven naar bestand" en 'u bent niet gemachtigd om deze bewerking uit te voeren", maar nadat ik avast even stil gelegd hebt is het verwijderen gelukt. Ik klik op CCleaner. Dan krijg ik ongeveer 1 seconde een site van periform te zien en vervolgens krijg ik een geheel wit vlak en gebeurt er verder niks. Ik heb het diverse malen geprobeerd, maar elke keer hetzelfde. wat kan ik doen? Daan
  14. daannijsse
    Hallo Kape, dat is een zeer aannemelijke veronderstelling. Ik zal voortaan wat voorzichtiger zijn. Dank je wel. Ik had eigenlijk niet zo veel problemen, alleen het probleem, waarmee ik de discussie gestart ben: "unicode utf reageert niet" Hallo, ik krijg regelmatig meldingen met unicode utf reageert niet. Bijvoorbeeld als ik een mailtje krijg over facebookinfo. Als ik daar dan op klik, krijg ik die code, vervolgens wordt het beeld vaag en moet ik mijn mailprgramma afsluiten omdat ik vervolgens de melding krijg: "windows mail reageert niet meer" wat betekent dit allemaal. Voorheen kon ik door te klikken in zo'n mailtje direct naar de facebookpagina. Daan Dit probleem bestaat nog steeds. Dus nog steeds de vraag, wat betekent dit en hoe kan ik dit verhelpen. Daarbij is tijdens deze discussie nog een ander probleem gekomen. Als ik in dit bericht een bijlage wil mee sturen, gaat dat niet, omdat ik rechts een kwart van mijn beeld kwijt ben. Ik mis dus de knop "bestand toevoegen" Hoe kan ik dit verhelpen? Heeft dat inderdaad met mijn beeldinstelling te maken? Daan
  15. daannijsse
    Ik vraag me echt af, waar in g....snaam al die rotzooi dan vandaan komt. Mijn computer is nog geen maand geleden helemaal leeg geweest. Dit is dus rotzooi van nog geen maand. Hoe voorkom ik dat? hierbij de log van combofix: ComboFix 12-02-24.02 - Daan Nijsse 25-02-2012 22:48:09.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3325.2015 [GMT 1:00] Gestart vanuit: c:\users\Daan Nijsse\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Daan Nijsse\Desktop\CFScript..txt AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47} SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll" "C:\user.js" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\DealPly c:\program files\DealPly\DealPly.crx c:\program files\DealPly\DealPlyUpdate.exe c:\program files\DealPly\DealPlyUpdate.log c:\program files\DealPly\DealPlyUpdateRun.exe c:\program files\DealPly\icon.ico c:\program files\DealPly\uninst.exe c:\program files\Funmoods c:\program files\Funmoods\funmoods\1.5.11.16\funmoodsApp.dll c:\program files\Funmoods\funmoods\1.5.11.16\funmoodsEng.dll c:\program files\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx c:\program files\Funmoods\funmoods\1.5.11.16\funmoodssrv.exe c:\program files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll c:\program files\Funmoods\funmoods\1.5.11.16\uninstall.exe c:\program files\Yontoo Layers Runtime C:\user.js . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-25 to 2012-02-25 )))))))))))))))))))))))))))))) . . 2012-02-25 21:54 . 2012-02-25 21:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-25 09:16 . 2012-02-25 09:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-02-25 09:16 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-24 18:27 . 2012-02-08 06:03 6552120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{0776BC3E-8FA4-4D20-95EC-AC201246F502}\mpengine.dll ERROR(0x00000005) 2012-02-23 15:03 . 2008-04-04 17:34 14208 ----a-w- c:\windows\system32\drivers\disksec.sys 2012-02-23 14:49 . 2012-02-23 14:52 -------- d-----w- c:\program files\Common Files\MAGIX Services 2012-02-23 13:49 . 2001-10-31 09:14 1581056 ----a-w- c:\windows\system32\mplvw7.dll 2012-02-23 13:49 . 2001-10-31 09:14 1122304 ----a-w- c:\windows\system32\mplvpx.dll 2012-02-23 13:49 . 2001-11-19 10:33 94208 ----a-w- c:\windows\system32\lmpgvd.ax 2012-02-23 13:49 . 2001-11-19 10:33 46592 ----a-w- c:\windows\system32\lmpgad.ax 2012-02-23 13:49 . 2001-11-19 10:33 106496 ----a-w- c:\windows\system32\lmpgspl.ax 2012-02-23 13:49 . 2001-10-31 09:14 77824 ----a-w- c:\windows\system32\mplaw7.dll 2012-02-23 13:49 . 2001-10-31 09:14 77824 ----a-w- c:\windows\system32\mplaa6.dll 2012-02-23 13:49 . 2001-10-31 09:14 65536 ----a-w- c:\windows\system32\mplapx.dll 2012-02-23 13:49 . 2001-10-31 09:14 65536 ----a-w- c:\windows\system32\mplam6.dll 2012-02-23 13:49 . 2001-10-31 09:14 1650688 ----a-w- c:\windows\system32\mplva6.dll 2012-02-23 13:49 . 2001-10-31 09:14 1552384 ----a-w- c:\windows\system32\mplvm6.dll 2012-02-23 13:49 . 2001-09-17 12:20 19968 ----a-w- c:\windows\system32\cpuinf32.dll 2012-02-23 13:48 . 2012-02-23 14:14 -------- d-----w- C:\MAGIX 2012-02-23 13:48 . 2002-09-20 23:33 1089536 ----a-w- c:\windows\system32\ROBOEX32.DLL 2012-02-23 13:48 . 1999-01-28 13:44 49152 ----a-w- c:\windows\system32\INETWH32.dll 2012-02-23 13:48 . 1998-10-15 16:28 85504 ----a-w- c:\windows\system32\HtmlWH.dll 2012-02-23 13:18 . 2012-02-23 13:18 -------- d-----w- c:\program files\Hewlett-Packard 2012-02-23 13:18 . 2012-02-23 13:18 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2012-02-23 13:17 . 2012-02-23 13:21 -------- d-----w- c:\program files\Common Files\HP 2012-02-23 13:13 . 2012-02-23 13:22 -------- d-----w- c:\program files\HP 2012-02-23 13:12 . 2006-12-16 06:19 303104 ----a-w- c:\windows\system32\hpovst01.dll 2012-02-23 13:12 . 2006-11-20 21:36 258048 ----a-w- c:\windows\system32\hpzids01.dll 2012-02-23 06:56 . 2012-02-23 06:56 -------- d-----w- c:\program files\Trend Micro 2012-02-19 17:04 . 2012-02-19 17:04 -------- d-----w- c:\program files\Free Video Converter 2012-02-11 12:21 . 2012-02-11 12:21 -------- d-----w- c:\program files\GPLGS 2012-02-11 12:20 . 2009-11-05 07:39 87552 ----a-w- c:\windows\system32\cpwmon2k.dll 2012-02-11 12:20 . 2012-02-11 12:20 -------- d-----w- c:\program files\Acro Software 2012-02-09 17:33 . 2012-02-23 15:02 -------- d-----w- c:\program files\MAGIX 2012-02-09 17:33 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll 2012-02-09 17:32 . 2012-02-23 14:14 -------- d-----w- c:\windows\system32\MAGIX 2012-02-09 17:32 . 2008-04-15 15:14 700416 ----a-w- c:\windows\system32\mgxoschk.dll 2012-02-07 19:48 . 2012-02-07 19:48 -------- d-----w- c:\program files\Microsoft Analysis Services 2012-02-07 08:09 . 2012-02-07 08:09 -------- d-----w- c:\program files\Citrix 2012-02-04 22:21 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2012-02-04 22:21 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2012-02-04 22:21 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2012-02-04 22:21 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2012-02-04 22:21 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2012-02-04 15:57 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-02-04 15:57 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-02-04 15:57 . 2011-11-28 17:54 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys 2012-02-04 15:55 . 2011-11-28 17:53 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2012-02-04 15:55 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-02-04 15:55 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-02-04 15:55 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-02-04 15:55 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-02-04 15:54 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr 2012-02-04 15:54 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe 2012-02-04 15:54 . 2011-11-28 17:26 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys 2012-02-04 15:53 . 2012-02-04 15:53 -------- d-----w- c:\program files\AVAST Software 2012-02-04 14:01 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll 2012-02-04 14:01 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll 2012-02-04 14:01 . 2009-08-24 12:16 378368 ----a-w- c:\windows\system32\winhttp.dll 2012-02-04 07:31 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2012-02-04 07:31 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2012-02-04 03:30 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax 2012-02-04 03:30 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll 2012-02-04 03:30 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax 2012-02-04 03:23 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe 2012-02-04 03:22 . 2012-02-04 03:22 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-02-04 03:13 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll 2012-02-04 03:13 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2012-02-04 03:13 . 2008-06-20 01:14 37384 ----a-w- c:\windows\system32\infocardcpl.cpl 2012-02-04 03:13 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll 2012-02-04 03:13 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe 2012-02-04 03:13 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll 2012-02-04 03:09 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll 2012-02-04 03:09 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll 2012-02-04 03:07 . 2010-02-20 23:39 24064 ----a-w- c:\windows\system32\nshhttp.dll 2012-02-04 03:07 . 2010-02-20 21:18 411136 ----a-w- c:\windows\system32\drivers\http.sys 2012-02-04 03:07 . 2010-02-20 23:37 31232 ----a-w- c:\windows\system32\httpapi.dll 2012-02-04 03:06 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll 2012-02-04 03:04 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll 2012-02-04 02:13 . 2011-02-22 12:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys 2012-02-04 02:12 . 2011-02-16 15:35 430080 ----a-w- c:\windows\system32\vbscript.dll 2012-02-04 00:43 . 2012-01-29 04:10 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-03 20:30 . 2012-02-03 20:30 -------- d-----w- c:\program files\Common Files\Deterministic Networks 2012-02-03 20:30 . 2012-02-03 20:30 -------- d-----w- c:\program files\Cisco Systems 2012-02-03 17:55 . 2012-02-03 17:55 -------- d-----w- c:\program files\Microsoft Sync Framework 2012-02-03 17:54 . 2012-02-03 17:54 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2012-02-03 17:52 . 2012-02-23 11:18 -------- d-----w- c:\program files\Microsoft 2012-02-03 17:52 . 2012-02-03 17:52 -------- d-----w- c:\program files\Windows Live SkyDrive 2012-02-03 17:52 . 2012-02-04 07:30 -------- d-----w- c:\program files\Windows Live 2012-02-03 17:46 . 2012-02-03 17:46 -------- d-----w- c:\program files\Common Files\Windows Live 2012-02-03 17:32 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll 2012-02-03 17:32 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll 2012-02-03 17:30 . 2012-02-23 13:15 -------- d-----w- c:\users\Daan Nijsse 2012-02-03 17:30 . 2006-10-05 02:42 2560 ------w- c:\windows\system32\drivers\cdralw2k.sys 2012-02-03 17:30 . 2006-10-05 02:42 2432 ------w- c:\windows\system32\drivers\cdr4_xp.sys 2012-02-03 17:30 . 2012-02-12 15:25 -------- d-----w- c:\program files\Picasa2 2012-02-03 17:29 . 2012-02-08 21:12 -------- d-----w- c:\program files\Google 2012-02-03 17:27 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2012-02-03 17:27 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2012-02-03 17:27 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2012-02-03 17:27 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2012-02-03 17:26 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2012-02-03 17:26 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2012-02-03 17:26 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2012-02-03 17:26 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2012-02-03 17:26 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Sjablonen 2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving 2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Mijn documenten 2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Menu Start 2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\AppData\Local\Geschiedenis 2012-02-03 17:20 . 2008-01-21 02:23 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-08 06:03 . 2008-11-26 13:47 6552120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll ERROR(0x00000005) 2012-01-12 00:19 . 2012-01-12 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-02-03 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-02 6695456] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-12-02 1833504] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2012-02-03 30192] "Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-10-14 20480] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-01-17 232616] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-03-10 300400] "TrayServer"="c:\program files\MAGIX\Video_deluxe_15_Plus\TrayServer.exe" [2008-09-10 90112] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - CPUZ132 *Deregistered* - cpuz132 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-02-03 17:48] . 2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-02-03 17:48] . 2012-02-25 c:\windows\Tasks\PCCT - MAGIX AG.job - c:\program files\MAGIX\PC_Check_Tuning_2010\MxTray.exe [2012-02-23 12:28] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{5FD2FEB4-DFEE-467C-928A-92DEAA948A88}: NameServer = 10.10.20.13,10.10.20.12 . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-DealPly - c:\program files\DealPly\uninst.exe AddRemove-funmoods - c:\program files\Funmoods\funmoods\1.5.11.16\uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-02-25 22:54 Windows 6.0.6001 Service Pack 1 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Windows 6.0.6001 Disk: WDC_WD64 rev.05.0 -> Harddisk0\DR0 -> \Device\00000067 . device: opened successfully user: MBR read successfully kernel: MBR read successfully user != kernel MBR !!! error: Read Er zijn onvoldoende systeembronnen beschikbaar om aan de aanvraag te voldoen. . ************************************************************************** . Voltooingstijd: 2012-02-25 22:55:34 ComboFix-quarantined-files.txt 2012-02-25 21:55 ComboFix2.txt 2012-02-25 14:18 . Pre-Run: 491.306.164.224 bytes beschikbaar Post-Run: 490.239.467.520 bytes beschikbaar . - - End Of File - - 48D0478457A9112BF791CC132C089120
  16. daannijsse
    Bij deze combofix resultaat: ComboFix 12-02-24.02 - Daan Nijsse 25-02-2012 15:03:42.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3325.1951 [GMT 1:00] Gestart vanuit: c:\users\Daan Nijsse\Desktop\ComboFix.exe AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47} SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Windows Searchqu Toolbar c:\program files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll c:\program files\Windows Searchqu Toolbar\Datamngr\datamngr.dll c:\program files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe c:\program files\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll c:\program files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\as_guid.dat c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\neterror.xhtml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\template.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ca.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\divider.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\games.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\images.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\modify.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\move.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\pop.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\reload.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\remove.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rename.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rss.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search-go.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lichen.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-about.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-separator.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\mail.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\maps.bmp c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify-save.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modifyhot.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\music.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\news.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-main.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-search.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\orange.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\pixsy.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\protect-id.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\relatedlinks.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-collapse.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-delete.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-expand.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-feed.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-found.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rssback.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rsstopback.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search-over.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_over_png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\settings.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\shopping.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\siteinfo.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-grey.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-lichen.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-orange.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-yellow.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\technorati.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\throbber.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\translate.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\video.bmp c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.css c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\weather.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\web.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\wikipedia.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yahoosearch.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yellow.gif c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\youtube.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\zoom.png c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\manifest.xml c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe c:\program files\Windows Searchqu Toolbar\sysid.ini c:\program files\Windows Searchqu Toolbar\uninstall.exe c:\windows\system32\SETFB95.tmp c:\windows\system32\SETFD6C.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-25 to 2012-02-25 )))))))))))))))))))))))))))))) . . 2012-02-25 14:12 . 2012-02-25 14:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-25 09:16 . 2012-02-25 09:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-02-25 09:16 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-24 18:27 . 2012-02-08 06:03 6552120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{0776BC3E-8FA4-4D20-95EC-AC201246F502}\mpengine.dll ERROR(0x00000005) 2012-02-23 15:03 . 2008-04-04 17:34 14208 ----a-w- c:\windows\system32\drivers\disksec.sys 2012-02-23 14:49 . 2012-02-23 14:52 -------- d-----w- c:\program files\Common Files\MAGIX Services 2012-02-23 13:49 . 2001-10-31 09:14 1581056 ----a-w- c:\windows\system32\mplvw7.dll 2012-02-23 13:49 . 2001-10-31 09:14 1122304 ----a-w- c:\windows\system32\mplvpx.dll 2012-02-23 13:49 . 2001-11-19 10:33 94208 ----a-w- c:\windows\system32\lmpgvd.ax 2012-02-23 13:49 . 2001-11-19 10:33 46592 ----a-w- c:\windows\system32\lmpgad.ax 2012-02-23 13:49 . 2001-11-19 10:33 106496 ----a-w- c:\windows\system32\lmpgspl.ax 2012-02-23 13:49 . 2001-10-31 09:14 77824 ----a-w- c:\windows\system32\mplaw7.dll 2012-02-23 13:49 . 2001-10-31 09:14 77824 ----a-w- c:\windows\system32\mplaa6.dll 2012-02-23 13:49 . 2001-10-31 09:14 65536 ----a-w- c:\windows\system32\mplapx.dll 2012-02-23 13:49 . 2001-10-31 09:14 65536 ----a-w- c:\windows\system32\mplam6.dll 2012-02-23 13:49 . 2001-10-31 09:14 1650688 ----a-w- c:\windows\system32\mplva6.dll 2012-02-23 13:49 . 2001-10-31 09:14 1552384 ----a-w- c:\windows\system32\mplvm6.dll 2012-02-23 13:49 . 2001-09-17 12:20 19968 ----a-w- c:\windows\system32\cpuinf32.dll 2012-02-23 13:48 . 2012-02-23 14:14 -------- d-----w- C:\MAGIX 2012-02-23 13:48 . 2002-09-20 23:33 1089536 ----a-w- c:\windows\system32\ROBOEX32.DLL 2012-02-23 13:48 . 1999-01-28 13:44 49152 ----a-w- c:\windows\system32\INETWH32.dll 2012-02-23 13:48 . 1998-10-15 16:28 85504 ----a-w- c:\windows\system32\HtmlWH.dll 2012-02-23 13:18 . 2012-02-23 13:18 -------- d-----w- c:\program files\Hewlett-Packard 2012-02-23 13:18 . 2012-02-23 13:18 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2012-02-23 13:17 . 2012-02-23 13:21 -------- d-----w- c:\program files\Common Files\HP 2012-02-23 13:13 . 2012-02-23 13:22 -------- d-----w- c:\program files\HP 2012-02-23 13:12 . 2006-12-16 06:19 303104 ----a-w- c:\windows\system32\hpovst01.dll 2012-02-23 13:12 . 2006-11-20 21:36 258048 ----a-w- c:\windows\system32\hpzids01.dll 2012-02-23 06:56 . 2012-02-23 06:56 -------- d-----w- c:\program files\Trend Micro 2012-02-19 17:04 . 2012-02-19 17:04 -------- d-----w- c:\program files\Free Video Converter 2012-02-19 17:04 . 2012-02-24 21:58 -------- d-----w- c:\program files\Yontoo Layers Runtime 2012-02-19 17:04 . 2012-02-19 17:04 -------- d-----w- c:\program files\Funmoods 2012-02-11 12:27 . 2012-02-25 12:27 -------- d-----w- c:\program files\DealPly 2012-02-11 12:26 . 2012-02-19 17:04 1541 ----a-w- C:\user.js 2012-02-11 12:21 . 2012-02-11 12:21 -------- d-----w- c:\program files\GPLGS 2012-02-11 12:20 . 2009-11-05 07:39 87552 ----a-w- c:\windows\system32\cpwmon2k.dll 2012-02-11 12:20 . 2012-02-11 12:20 -------- d-----w- c:\program files\Acro Software 2012-02-09 17:33 . 2012-02-23 15:02 -------- d-----w- c:\program files\MAGIX 2012-02-09 17:33 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll 2012-02-09 17:32 . 2012-02-23 14:14 -------- d-----w- c:\windows\system32\MAGIX 2012-02-09 17:32 . 2008-04-15 15:14 700416 ----a-w- c:\windows\system32\mgxoschk.dll 2012-02-07 19:48 . 2012-02-07 19:48 -------- d-----w- c:\program files\Microsoft Analysis Services 2012-02-07 08:09 . 2012-02-07 08:09 -------- d-----w- c:\program files\Citrix 2012-02-04 22:21 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2012-02-04 22:21 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2012-02-04 22:21 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2012-02-04 22:21 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2012-02-04 22:21 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2012-02-04 15:57 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-02-04 15:57 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-02-04 15:57 . 2011-11-28 17:54 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys 2012-02-04 15:55 . 2011-11-28 17:53 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2012-02-04 15:55 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-02-04 15:55 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-02-04 15:55 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-02-04 15:55 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-02-04 15:54 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr 2012-02-04 15:54 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe 2012-02-04 15:54 . 2011-11-28 17:26 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys 2012-02-04 15:53 . 2012-02-04 15:53 -------- d-----w- c:\program files\AVAST Software 2012-02-04 14:01 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll 2012-02-04 14:01 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll 2012-02-04 14:01 . 2009-08-24 12:16 378368 ----a-w- c:\windows\system32\winhttp.dll 2012-02-04 07:31 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2012-02-04 07:31 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2012-02-04 03:30 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax 2012-02-04 03:30 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll 2012-02-04 03:30 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax 2012-02-04 03:23 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe 2012-02-04 03:22 . 2012-02-04 03:22 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-02-04 03:13 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll 2012-02-04 03:13 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2012-02-04 03:13 . 2008-06-20 01:14 37384 ----a-w- c:\windows\system32\infocardcpl.cpl 2012-02-04 03:13 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll 2012-02-04 03:13 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe 2012-02-04 03:13 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll 2012-02-04 03:09 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll 2012-02-04 03:09 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll 2012-02-04 03:07 . 2010-02-20 23:39 24064 ----a-w- c:\windows\system32\nshhttp.dll 2012-02-04 03:07 . 2010-02-20 21:18 411136 ----a-w- c:\windows\system32\drivers\http.sys 2012-02-04 03:07 . 2010-02-20 23:37 31232 ----a-w- c:\windows\system32\httpapi.dll 2012-02-04 03:06 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll 2012-02-04 03:04 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll 2012-02-04 02:13 . 2011-02-22 12:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys 2012-02-04 02:12 . 2011-02-16 15:35 430080 ----a-w- c:\windows\system32\vbscript.dll 2012-02-04 00:43 . 2012-01-29 04:10 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-03 20:30 . 2012-02-03 20:30 -------- d-----w- c:\program files\Common Files\Deterministic Networks 2012-02-03 20:30 . 2012-02-03 20:30 -------- d-----w- c:\program files\Cisco Systems 2012-02-03 17:55 . 2012-02-03 17:55 -------- d-----w- c:\program files\Microsoft Sync Framework 2012-02-03 17:54 . 2012-02-03 17:54 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2012-02-03 17:52 . 2012-02-23 11:18 -------- d-----w- c:\program files\Microsoft 2012-02-03 17:52 . 2012-02-03 17:52 -------- d-----w- c:\program files\Windows Live SkyDrive 2012-02-03 17:52 . 2012-02-04 07:30 -------- d-----w- c:\program files\Windows Live 2012-02-03 17:46 . 2012-02-03 17:46 -------- d-----w- c:\program files\Common Files\Windows Live 2012-02-03 17:32 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll 2012-02-03 17:32 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll 2012-02-03 17:30 . 2012-02-23 13:15 -------- d-----w- c:\users\Daan Nijsse 2012-02-03 17:30 . 2006-10-05 02:42 2560 ------w- c:\windows\system32\drivers\cdralw2k.sys 2012-02-03 17:30 . 2006-10-05 02:42 2432 ------w- c:\windows\system32\drivers\cdr4_xp.sys 2012-02-03 17:30 . 2012-02-12 15:25 -------- d-----w- c:\program files\Picasa2 2012-02-03 17:29 . 2012-02-08 21:12 -------- d-----w- c:\program files\Google 2012-02-03 17:27 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2012-02-03 17:27 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2012-02-03 17:27 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2012-02-03 17:27 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2012-02-03 17:26 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2012-02-03 17:26 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2012-02-03 17:26 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2012-02-03 17:26 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2012-02-03 17:26 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Sjablonen 2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving 2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Mijn documenten 2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Menu Start 2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\AppData\Local\Geschiedenis 2012-02-03 17:20 . 2008-01-21 02:23 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-08 06:03 . 2008-11-26 13:47 6552120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll ERROR(0x00000005) 2012-01-12 00:19 . 2012-01-12 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-02-03 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-02 6695456] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-12-02 1833504] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2012-02-03 30192] "Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-10-14 20480] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-01-17 232616] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-03-10 300400] "TrayServer"="c:\program files\MAGIX\Video_deluxe_15_Plus\TrayServer.exe" [2008-09-10 90112] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - cpuz132 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-02-03 17:48] . 2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-02-03 17:48] . 2012-02-25 c:\windows\Tasks\PCCT - MAGIX AG.job - c:\program files\MAGIX\PC_Check_Tuning_2010\MxTray.exe [2012-02-23 12:28] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-Windows Searchqu Toolbar - c:\program files\Windows Searchqu Toolbar\uninstall.exe AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4} . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-02-25 15:13 Windows 6.0.6001 Service Pack 1 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Windows 6.0.6001 Disk: WDC_WD64 rev.05.0 -> Harddisk0\DR0 -> \Device\00000067 . device: opened successfully user: MBR read successfully kernel: MBR read successfully user != kernel MBR !!! error: Read Er zijn onvoldoende systeembronnen beschikbaar om aan de aanvraag te voldoen. . ************************************************************************** . Voltooingstijd: 2012-02-25 15:18:46 ComboFix-quarantined-files.txt 2012-02-25 14:18 . Pre-Run: 485.785.464.832 bytes beschikbaar Post-Run: 490.745.266.176 bytes beschikbaar . - - End Of File - - 20AE7AF2ED25834433B567166CD59C89
  17. daannijsse
    Ik heb opnieuw een scanlog opgeroepen met hijack en zag "R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Funmoods - web search " er niet (meer) in staan. zie meest recente log (25-2-2012 14.50: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:55:03, on 25-2-2012 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18639) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI - Hartelijk welkom bij ALDI R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI - Hartelijk welkom bij ALDI R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\17.0.963.56\npchrome_frame.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe GE O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_15_Plus\TrayServer.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\17.0.963.56\npchrome_frame.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 9542 bytes ga ik zo combofix eens proberen. Daan
  18. daannijsse
    Hallo Kape, inmiddels is het gelukt om malware te downloaden en te laten scannen. Ik heb hierna weer een hijackscan gedaan. Die kopieer ik hieronder: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:07:26, on 25-2-2012 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18639) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\MAGIX\PC_Check_Tuning_2010\MxTray.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI - Hartelijk welkom bij ALDI R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI - Hartelijk welkom bij ALDI R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Funmoods - web search results - {searchTerms} O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\17.0.963.56\npchrome_frame.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe GE O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_15_Plus\TrayServer.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\17.0.963.56\npchrome_frame.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 9844 bytes ---------- Post toegevoegd om 11:15 ---------- Vorige post was om 11:12 ---------- Hierbij mij malware log: alwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.02.25.02 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 7.0.6001.18000 Daan Nijsse :: PC_VAN_DAANNIJS [administrator] 25-2-2012 10:17:59 mbam-log-2012-02-25 (10-17-59).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 185695 Verstreken tijd: 7 minuut/minuten, 48 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Users\Daan Nijsse\AppData\Local\Temp\ICReinstall_sg[1].exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Daan Nijsse\AppData\Local\Temp\51099562.Uninstall\Uninstall.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  19. daannijsse
    Hallo Kape, Ik heb de hijack-scan nog een keer opgeroepen en het item gefixed. Daarna heb ik weer een hijackscan laten uitvoeren. Resultaat erbij gevoegd. Staat het item er nu toch nog in? Vervolgens heb ik weer eens op "malware" geklikt. Ik kom dan op een "majoorGeek-site" Zie bijlage. Is dat de bedoeling? Ik heb voor de rst nog niks hiermee gedaan; ik wacht even op jouw reactie of dit wel goed is. Daan Helaas, toen kon ik weer geen bijlages bijvoegen. Het rechterdeel van het beeld ontbreekt. Ook als ik half beeld inschakel. Bijlage invoegen gaat dus niet. Ontzettend irritant allemaal.
  20. daannijsse
    ??? Dat had ik toch al gedaan? Heb ik iets fout gedaan? Verwijderde items staan er nu weer (of nog?) in. Goed ik ga het nog een keer doen. In de veilige modus. inmiddels gedaan. Zie bijde logjes. 1 na de scan en 2 nadat ik (weer) items verwijderd heb (zoals in bericht 12 beschreven staat) hijackthis logje 24-2-2012 11.50 na fix check.txt hijackthis logje 24-2-2012 11.50.txt
  21. daannijsse
    Hallo Kape, toen ik op de link in mijn mail klikte (om naar deze discussie te gaan) kreeg ik een java-melding (zie bijlage) Ik heb opnieuw een hijack scan gemaakt. Zie bijlage. Daan hijackthis logje 24-2-2012.txt
  22. daannijsse
    Hallo Kape, geen idee wat er had moeten gebeuren, maar ik zag niks gebeuren. Ik zag niet "mvps.bat' ik zag alleen mvps. Dat heb ik als administrator laten uitvoeren. Ik zag echter niks gebeuren. Klopt dat? Ik heb vervolgens weer op malware geklikt. Ik zag nu alleen de bovenste dowloadknop. De Onderste dowloadknop zag ik nu niet. Ik heb op de dowloadknop geklikt, maar er gebeurde helemaal niks. Vervolgens kon ik hem ook niet direct met het kruisje wegklikken. Hij leek vast te zitten. Even later ging ie toch weg. Tot nu toe dus nog steds niet gelukt om malware te dowloaden. Daan
  23. daannijsse
    ja klopt helemaal. En als ik dan op "download" klik, (zowel boven als linksonder zoals aangegeven wordt) dan kom ik op de Aro site........... (?)
  24. daannijsse
    Ik kwam er achter, dat wanneer ik mijn beeld half maak (half scherm) ik wel het hele beheerscherm krijg en dus wel op deze manier een bijlage kan invoegen. Toch merkwaardig. Daan
  25. daannijsse
    Ik heb de genoemde scan verwijderd. Vervolgens heb ik op MBAM (Malwarebytes Anti-Malware) geklikt, maar wat er dan vervolgens gebeurt, is mij niet duidelijk. Ik kom dan op een site van ARO 2012. Is dat hetzelfde als malware. Ik heb het een paar keer geprobeerd, maar elke keer hetzelfde. Ik heb het gedownload, maar er staat niks over malware. Is volgens mij iets heel anders. Wat moet ik doen?
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.